www.handpickedhotels.co.uk Open in urlscan Pro
172.67.7.133 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
Submission: On September 13 via api (September 13th 2024, 1:06:16 am UTC) from US — Scanned from CA

Summary HTTP 90 Redirects Links 39 Behaviour Indicators

Summary

This website contacted 18 IPs in 4 countries across 12 domains to perform 90 HTTP transactions. The main IP is 172.67.7.133, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.handpickedhotels.co.uk.
TLS certificate: Issued by WE1 on September 1st 2024. Valid for: 3 months.

This is the only time www.handpickedhotels.co.uk was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
59	172.67.7.133 172.67.7.133	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	23.203.188.68 23.203.188.68	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2600:141b:1c0... 2600:141b:1c00:f::172c:c9cc	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2606:4700:10:... 2606:4700:10::6816:3668	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2607:f8b0:400... 2607:f8b0:4006:809::200a	15169 (GOOGLE) (GOOGLE)
1	2600:141b:1c0... 2600:141b:1c00:f::172c:c9cf	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2607:f8b0:400... 2607:f8b0:4006:820::2008	15169 (GOOGLE) (GOOGLE)
6	23.44.111.72 23.44.111.72	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2600:141b:1c0... 2600:141b:1c00:16::17c4:30f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	142.251.32.98 142.251.32.98	15169 (GOOGLE) (GOOGLE)
1	2606:4700:303... 2606:4700:3035::6815:53e6	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	172.217.165.138 172.217.165.138	15169 (GOOGLE) (GOOGLE)
2	2600:141b:1c0... 2600:141b:1c00:258b::f09	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	178.128.139.113 178.128.139.113	14061 (DIGITALOC...) (DIGITALOCEAN-ASN)
1	142.251.40.136 142.251.40.136	15169 (GOOGLE) (GOOGLE)
1	34.251.78.200 34.251.78.200	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:38::178	15169 (GOOGLE) (GOOGLE)
90	18

59 172.67.7.133 (United States)

ASN13335 (CLOUDFLARENET, US)

www.handpickedhotels.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.203.188.68 (Piscataway, United States) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-203-188-68.deploy.static.akamaitechnologies.com

cloud.typography.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:141b:1c00:f::172c:c9cc (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3668 (United States)

ASN13335 (CLOUDFLARENET, US)

rum-static.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:809::200a (United States)

ASN15169 (GOOGLE, US)

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:141b:1c00:f::172c:c9cf (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2607:f8b0:4006:820::2008 (United States)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 23.44.111.72 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-44-111-72.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:1c00:16::17c4:30f (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

consent.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.32.98 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s77-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3035::6815:53e6 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.omniconvert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.165.138 (United States)

ASN15169 (GOOGLE, US)
PTR: lax30s03-in-f10.1e100.net

maps.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:141b:1c00:258b::f09 (Secaucus, United States)

ASN20940 (AKAMAI-ASN1, NL)

consentcdn.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
imgsct.cookiebot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.128.139.113 (Amsterdam, Netherlands)

ASN14061 (DIGITALOCEAN-ASN, US)

app.omniconvert.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.251.40.136 (Queens, United States)

ASN15169 (GOOGLE, US)
PTR: lga25s80-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.251.78.200 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-78-200.eu-west-1.compute.amazonaws.com

rum-collector-2.pingdom.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:38::178 (United States)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
59	handpickedhotels.co.uk www.handpickedhotels.co.uk	1 MB
6	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 963	141 KB
4	cookiebot.com consent.cookiebot.com — Cisco Umbrella Rank: 6421 consentcdn.cookiebot.com — Cisco Umbrella Rank: 7143 imgsct.cookiebot.com — Cisco Umbrella Rank: 8045	136 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 112	398 KB
4	googleapis.com maps.googleapis.com — Cisco Umbrella Rank: 567	197 KB
4	typekit.net use.typekit.net — Cisco Umbrella Rank: 1178 p.typekit.net — Cisco Umbrella Rank: 1499	85 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 104
2	omniconvert.com cdn.omniconvert.com — Cisco Umbrella Rank: 89880 app.omniconvert.com — Cisco Umbrella Rank: 85306	103 KB
2	pingdom.net rum-static.pingdom.net — Cisco Umbrella Rank: 11368 rum-collector-2.pingdom.net — Cisco Umbrella Rank: 10581	3 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 157	64 B
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 336	4 KB
1	typography.com 1 redirects cloud.typography.com — Cisco Umbrella Rank: 14479	456 B
90	12

	Domain	Requested by
59	www.handpickedhotels.co.uk	www.handpickedhotels.co.uk
6	analytics.tiktok.com	www.handpickedhotels.co.uk analytics.tiktok.com
4	www.googletagmanager.com	www.handpickedhotels.co.uk www.googletagmanager.com
4	maps.googleapis.com	www.handpickedhotels.co.uk maps.googleapis.com
3	use.typekit.net	www.handpickedhotels.co.uk use.typekit.net
2	www.google-analytics.com	www.googletagmanager.com
2	consent.cookiebot.com	www.googletagmanager.com consent.cookiebot.com
1	rum-collector-2.pingdom.net	rum-static.pingdom.net
1	imgsct.cookiebot.com
1	app.omniconvert.com	cdn.omniconvert.com
1	consentcdn.cookiebot.com	consent.cookiebot.com
1	cdn.omniconvert.com	www.googletagmanager.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	cdnjs.cloudflare.com	www.handpickedhotels.co.uk
1	p.typekit.net	use.typekit.net
1	rum-static.pingdom.net	www.handpickedhotels.co.uk
1	cloud.typography.com	1 redirects
90	17

This site contains links to these domains. Also see Links.

Domain
www.cookiebot.com
www.criteo.com
business.safety.google
www.id5.io
www.linkedin.com
matterport.com
www.nativo.com
sales.resdiary.com
www.sojern.com
www.solarwinds.com
stripe.com
www.hotjar.com
www.media.net
www.tiktok.com
www.facebook.com
site.adform.com
www.adobe.com
www.appnexus.com
www.casalemedia.com
improvedigital.com
www.teads.com
www.magnite.com
www.thetradedesk.com
triplelift.com
www.twiago.com
www.omniconvert.com
shop.handpickedhotels.co.uk
my.matterport.com
membership.handpickedhotels.co.uk
twitter.com
uk.pinterest.com
www.youtube.com
www.instagram.com
www.360ss.com
handpickedmagazine.co.uk

Subject Issuer	Validity	Valid
handpickedhotels.co.uk WE1	`2024-09-01` - `2024-11-30`	3 months	crt.sh
use.typekit.net DigiCert Global G2 TLS RSA SHA256 2020 CA1	`2024-08-27` - `2025-09-27`	a year	crt.sh
pingdom.net WE1	`2024-09-12` - `2024-12-12`	3 months	crt.sh
upload.video.google.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.google-analytics.com WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
*.tiktok.com RapidSSL TLS ECC CA G1	`2024-07-15` - `2025-07-15`	a year	crt.sh
consent.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-28` - `2025-02-27`	a year	crt.sh
cdnjs.cloudflare.com WE1	`2024-07-31` - `2024-10-29`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-08-12` - `2024-11-04`	3 months	crt.sh
cdn.omniconvert.com WE1	`2024-08-16` - `2024-11-14`	3 months	crt.sh
*.cookiebot.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-26` - `2025-02-26`	a year	crt.sh
app.omniconvert.com Sectigo RSA Domain Validation Secure Server CA	`2023-10-09` - `2024-10-09`	a year	crt.sh
*.pingdom.net Amazon RSA 2048 M03	`2023-11-06` - `2024-12-03`	a year	crt.sh

This page contains 2 frames:

Primary Page: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
Frame ID: 72DF1E69B0F69A61177D4FED4363C9A5
Requests: 94 HTTP requests in this frame

Frame: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Frame ID: 6BBAC22BA91B1AF882957BF8E8B2B2F3
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Spa Late Availability in Edinburgh | Norton House Hotel & Spa | Hand Picked Hotels

Detected technologies

Google Maps (Maps) Expand

Overall confidence: 100%
Detected patterns

//maps\.google(?:apis)?\.com/maps/api/js

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Laravel (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

UIKit (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

uikit.*\.js

Cookiebot (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.cookiebot\.com

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

Slick (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

<link [^>]+(?:/([\d.]+)/)?slick-theme\.css
(?:/([\d.]+))?/slick(?:\.min)?\.js

Typekit (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*href="[^"]+use\.typekit\.(?:net|com)

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

90
Requests

98 %
HTTPS

50 %
IPv6

12
Domains

17
Subdomains

18
IPs

4
Countries

2609 kB
Transfer

6091 kB
Size

7
Cookies

39 Outgoing links

These are links going to different origins than the main page.

URL: https://www.cookiebot.com/en/what-is-behind-powered-by-cookiebot/

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/goto/privacy-policy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.criteo.com/privacy/corporate-privacy-policy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://business.safety.google/privacy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.id5.io/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/legal/privacy-policy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://matterport.com/legal/privacy-policy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.nativo.com/privacy-policy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://sales.resdiary.com/privacy-statement
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.sojern.com/privacy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.solarwinds.com/legal/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://stripe.com/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.hotjar.com/legal/policies/privacy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.media.net/privacy-policy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/legal/privacy-policy?lang=en
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.facebook.com/policy.php/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://site.adform.com/privacy-center/platform-privacy/opt-out/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.adobe.com/privacy.html
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.appnexus.com/corporate-privacy-policy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: http://www.casalemedia.com/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://improvedigital.com/privacy-policy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.teads.com/privacy-policy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.magnite.com/legal/advertising-technology-privacy-policy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.thetradedesk.com/general/website-privacy-policy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://triplelift.com/privacy/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.twiago.com/datenschutz/
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.omniconvert.com/privacy
Title: Learn more about this provider

Search URL Search Domain Scan URL

URL: https://www.cookiebot.com/
Title: Cookiebot

Search URL Search Domain Scan URL

URL: https://shop.handpickedhotels.co.uk/collections/villa-saletta
Title: Villa Saletta Wines

Search URL Search Domain Scan URL

URL: https://my.matterport.com/show/?m=gEfRWN4UUTS
Title: Virtual Tour

Search URL Search Domain Scan URL

URL: https://my.matterport.com/show/?m=kiAf1SuDwQq
Title: Virtual Tour

Search URL Search Domain Scan URL

URL: https://membership.handpickedhotels.co.uk/CCE/ClassCalendar.aspx
Title: Browse & Book Classes

Search URL Search Domain Scan URL

URL: https://www.facebook.com/handpickedhotels?fref=ts

Search URL Search Domain Scan URL

URL: https://twitter.com/hp_hotels

Search URL Search Domain Scan URL

URL: https://uk.pinterest.com/hphotels/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/handpickedhotels

Search URL Search Domain Scan URL

URL: https://www.instagram.com/handpickedhotels/

Search URL Search Domain Scan URL

URL: http://www.360ss.com/
Title: 360

Search URL Search Domain Scan URL

URL: https://handpickedmagazine.co.uk/
Title: Hand Picked Magazine

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

https://cloud.typography.com/7136872/7605032/css/fonts.css HTTP 302
https://www.handpickedhotels.co.uk/fonts/863108/8127192BB9FA88C89.css

90 HTTP transactions
5 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H3 200 Primary Request late-availability Show response
www.handpickedhotels.co.uk/nortonhouse/spa/ 77 KB
17 KB 394ms
352ms Document
text/html 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f9a2393005f6a7cdc2c81ad71cabdb211d7fd9d563fb8b59a50aea494e61c8b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

alt-svc: h3=":443"; ma=86400
cache-control: no-cache max-age=0
cf-cache-status: DYNAMIC
cf-ray: 8c243ba439abac7b-YYZ
content-encoding: br
content-security-policy-report-only: upgrade-insecure-requests; #report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://*.ibosscloud.com https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
content-type: text/html; charset=UTF-8
date: Fri, 13 Sep 2024 01:06:09 GMT
expires: Fri, 13 Sep 2024 01:06:08 GMT
server: cloudflare
strict-transport-security: max-age=31536000;
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H3

200

8127192BB9FA88C89.css
www.handpickedhotels.co.uk/fonts/863108/
Redirect Chain

https://cloud.typography.com/7136872/7605032/css/fonts.css
https://www.handpickedhotels.co.uk/fonts/863108/8127192BB9FA88C89.css

238 KB
184 KB

375ms
374ms

Stylesheet
text/css

172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/fonts/863108/8127192BB9FA88C89.css

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5f7039b5677144325e44d4f236a709d5731b0a37fae61491cbcab2fe61988635

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-security-policy-report-only: upgrade-insecure-requests; #report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://*.ibosscloud.com https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Thu, 01 Jun 2023 14:35:48 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 8c243ba7dd24ac7b-YYZ
expires: Sat, 13 Sep 2025 01:06:09 GMT

Redirect headers

Date: Fri, 13 Sep 2024 01:06:09 GMT
Last-Modified: Thu, 01 Jun 2023 14:38:46 GMT
Server: AkamaiNetStorage
X-HCo-pid: 19
ETag: "33ee0a2df31b8df409ae2d7f2a02a1d0:1685630326.041961"
Content-Type: text/html
Location: https://www.handpickedhotels.co.uk/fonts/863108/8127192BB9FA88C89.css
Cache-Control: must-revalidate, private
Connection: keep-alive
Content-Length: 154
Expires: Fri, 13 September 2024 01:06:09 GMT

GET
H3 200 fontawesome-all.css
www.handpickedhotels.co.uk/fonts/FontAwesome5Pro/ 39 KB
13 KB 39ms
36ms Stylesheet
text/css 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/fonts/FontAwesome5Pro/fontawesome-all.css

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e2b85b0650b9e5ddc915903ce5083aa93aa1d486299aa66c9c50a736c8567ed

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://assets.pinterest.com https://connect.facebook.net .hotjar.com https://.cookiebot.com https://www.gstatic.com https://.google.com https://.doubleclick.net .google-analytics.com .googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://.googlesyndication.com https://.freedompay.com https://.cardinalcommerce.com https://.amazonaws.com https://.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://.hotjar.io wss://.hotjar.com https://www.facebook.com https://.triptease.io https://.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://.alicdn.com https://cdn.honey.io .gstatic.com https://use.typekit.net; frame-src 'self' https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://.3ds.modirum.com https://3dsecure-vrp.de https://.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://.emea.citibank.com https://acs.mercurypaymentservices.it https://.googletagmanager.com https://.rabobank.nl https://.lloydsbankinggroup.com https://.zscloud.net https://.googlesyndication.com https://.americanexpress.com https://.arcot.com https://.doubleclick.net https://www.rsa3dsauth.co.uk https://.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://.cardinalcommerce.com https://.freedompay.com https://.resdiary.com https://.cookiebot.com https://.triptease.io https://www.google.com; img-src 'self' data: https://.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://.facebook.net https://.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net .googleapis.com https://adservice.google.com https://.ytimg.com https://googletraveladservices.com https://.googletraveladservices.com https://secure-hotel-tracker.com https://.bing.com https://bat.bing.com https://track.linksynergy.com .doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl .googletagmanager.com https://.googletagmanager.com https://www.google.co.uk https://www.google.com .google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://.cloudflare.com https://.typography.com https://cloud.typography.com .googleapis.com http://.googleapis.com https://.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://.kaspersky-labs.com https://.hirizasune.com https://www.gstatic.com https://.googlesyndication.com https://assets.pinterest.com https://.googleapis.com https://www.googleadservices.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://.triptease.io https://connect.facebook.net https://.hotjar.com https://static.sojern.com https://.cookiebot.com https://consent.cookiebot.com https://.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
content-security-policy: upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
age: 17040923
cf-polished: origSize=49826
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 27 Sep 2022 21:40:33 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000
cf-ray: 8c243ba6ac04ac7b-YYZ
expires: Thu, 27 Feb 2025 19:30:46 GMT

GET
H3 200 slick.css
www.handpickedhotels.co.uk/css/slick/ 1 KB
5 KB 65ms
59ms Stylesheet
text/css 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/css/slick/slick.css

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a87598f4bb6fee8fa8a3725732d90daa1fa9fd3d514986e8efe419c67928211c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://assets.pinterest.com https://connect.facebook.net .hotjar.com https://.cookiebot.com https://www.gstatic.com https://.google.com https://.doubleclick.net .google-analytics.com .googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://.googlesyndication.com https://.freedompay.com https://.cardinalcommerce.com https://.amazonaws.com https://.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://.hotjar.io wss://.hotjar.com https://www.facebook.com https://.triptease.io https://.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://.alicdn.com https://cdn.honey.io .gstatic.com https://use.typekit.net; frame-src 'self' https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://.3ds.modirum.com https://3dsecure-vrp.de https://.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://.emea.citibank.com https://acs.mercurypaymentservices.it https://.googletagmanager.com https://.rabobank.nl https://.lloydsbankinggroup.com https://.zscloud.net https://.googlesyndication.com https://.americanexpress.com https://.arcot.com https://.doubleclick.net https://www.rsa3dsauth.co.uk https://.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://.cardinalcommerce.com https://.freedompay.com https://.resdiary.com https://.cookiebot.com https://.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://.facebook.net https://.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net .googleapis.com https://adservice.google.com https://.ytimg.com https://googletraveladservices.com https://.googletraveladservices.com https://secure-hotel-tracker.com https://.bing.com https://bat.bing.com https://track.linksynergy.com .doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl .googletagmanager.com https://.googletagmanager.com https://www.google.co.uk https://www.google.com .google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://.cloudflare.com https://.typography.com https://cloud.typography.com .googleapis.com http://.googleapis.com https://.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://.kaspersky-labs.com https://.hirizasune.com https://www.gstatic.com https://.googlesyndication.com https://assets.pinterest.com https://.googleapis.com https://www.googleadservices.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://.triptease.io https://connect.facebook.net https://.hotjar.com https://static.sojern.com https://.cookiebot.com https://consent.cookiebot.com https://.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
content-security-policy: upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
age: 11782466
cf-polished: origSize=1767
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 27 Sep 2022 21:41:52 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000
cf-ray: 8c243ba6bc09ac7b-YYZ
expires: Tue, 29 Apr 2025 16:11:43 GMT

GET
H3 200 slick-theme.css
www.handpickedhotels.co.uk/css/slick/ 2 KB
6 KB 63ms
57ms Stylesheet
text/css 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/css/slick/slick-theme.css

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88156b916c892ca7d755e19188db1f4d92ddcd638e8f5c183c495c8251f425c1

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://assets.pinterest.com https://connect.facebook.net .hotjar.com https://.cookiebot.com https://www.gstatic.com https://.google.com https://.doubleclick.net .google-analytics.com .googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://.googlesyndication.com https://.freedompay.com https://.cardinalcommerce.com https://.amazonaws.com https://.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://.hotjar.io wss://.hotjar.com https://www.facebook.com https://.triptease.io https://.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://.alicdn.com https://cdn.honey.io .gstatic.com https://use.typekit.net; frame-src 'self' https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://.3ds.modirum.com https://3dsecure-vrp.de https://.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://.emea.citibank.com https://acs.mercurypaymentservices.it https://.googletagmanager.com https://.rabobank.nl https://.lloydsbankinggroup.com https://.zscloud.net https://.googlesyndication.com https://.americanexpress.com https://.arcot.com https://.doubleclick.net https://www.rsa3dsauth.co.uk https://.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://.cardinalcommerce.com https://.freedompay.com https://.resdiary.com https://.cookiebot.com https://.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://.facebook.net https://.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net .googleapis.com https://adservice.google.com https://.ytimg.com https://googletraveladservices.com https://.googletraveladservices.com https://secure-hotel-tracker.com https://.bing.com https://bat.bing.com https://track.linksynergy.com .doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl .googletagmanager.com https://.googletagmanager.com https://www.google.co.uk https://www.google.com .google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://.cloudflare.com https://.typography.com https://cloud.typography.com .googleapis.com http://.googleapis.com https://.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://.kaspersky-labs.com https://.hirizasune.com https://www.gstatic.com https://.googlesyndication.com https://assets.pinterest.com https://.googleapis.com https://www.googleadservices.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://.triptease.io https://connect.facebook.net https://.hotjar.com https://static.sojern.com https://.cookiebot.com https://consent.cookiebot.com https://.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
content-security-policy: upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
age: 11785255
cf-polished: origSize=3155
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 27 Sep 2022 21:41:52 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000
cf-ray: 8c243ba6bc0dac7b-YYZ
expires: Tue, 29 Apr 2025 15:25:14 GMT

GET
H3 200 jquery.timepicker.css
www.handpickedhotels.co.uk/css/ 1 KB
5 KB 88ms
82ms Stylesheet
text/css 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/css/jquery.timepicker.css

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

182a9664ab114e075562e6db7f6f1e294e6488115de1a241316ae3eb40037208

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 3042610
cf-polished: origSize=1584
content-security-policy-report-only: upgrade-insecure-requests; #report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://*.ibosscloud.com https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 27 Sep 2022 21:41:54 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000
cf-ray: 8c243ba6bc0fac7b-YYZ
expires: Fri, 08 Aug 2025 19:55:59 GMT

GET
H3 200 datepicker.css
www.handpickedhotels.co.uk/css/ 2 KB
6 KB 93ms
87ms Stylesheet
text/css 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/css/datepicker.css

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5873f3f4c8fd18e494022eb43435e6c855f6fef95d5de97becdc70da72b4d174

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 601801
cf-polished: origSize=3157
content-security-policy-report-only: upgrade-insecure-requests; #report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://*.ibosscloud.com https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 27 Sep 2022 21:41:52 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000
cf-ray: 8c243ba6bc11ac7b-YYZ
expires: Sat, 06 Sep 2025 01:56:08 GMT

GET
H3 200 chosen.min.css
www.handpickedhotels.co.uk/css/ 11 KB
7 KB 92ms
86ms Stylesheet
text/css 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/css/chosen.min.css

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ecac93f7e02055f6e1a12624bf774ebbcb7e95a7d0efb537c369accf30cec266

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://assets.pinterest.com https://connect.facebook.net .hotjar.com https://.cookiebot.com https://www.gstatic.com https://.google.com https://.doubleclick.net .google-analytics.com .googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://.googlesyndication.com https://.freedompay.com https://.cardinalcommerce.com https://.amazonaws.com https://.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://.hotjar.io wss://.hotjar.com https://www.facebook.com https://.triptease.io https://.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://.alicdn.com https://cdn.honey.io .gstatic.com https://use.typekit.net; frame-src 'self' https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://.3ds.modirum.com https://3dsecure-vrp.de https://.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://.emea.citibank.com https://acs.mercurypaymentservices.it https://.googletagmanager.com https://.rabobank.nl https://.lloydsbankinggroup.com https://.zscloud.net https://.googlesyndication.com https://.americanexpress.com https://.arcot.com https://.doubleclick.net https://www.rsa3dsauth.co.uk https://.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://.cardinalcommerce.com https://.freedompay.com https://.resdiary.com https://.cookiebot.com https://.triptease.io https://www.google.com; img-src 'self' data: https://.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://.facebook.net https://.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net .googleapis.com https://adservice.google.com https://.ytimg.com https://googletraveladservices.com https://.googletraveladservices.com https://secure-hotel-tracker.com https://.bing.com https://bat.bing.com https://track.linksynergy.com .doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl .googletagmanager.com https://.googletagmanager.com https://www.google.co.uk https://www.google.com .google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://.cloudflare.com https://.typography.com https://cloud.typography.com .googleapis.com http://.googleapis.com https://.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://.kaspersky-labs.com https://.hirizasune.com https://www.gstatic.com https://.googlesyndication.com https://assets.pinterest.com https://.googleapis.com https://www.googleadservices.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://.triptease.io https://connect.facebook.net https://.hotjar.com https://static.sojern.com https://.cookiebot.com https://consent.cookiebot.com https://.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
cf-cache-status: HIT
content-encoding: gzip
age: 17037865
alt-svc: h3=":443"; ma=86400
content-length: 2201
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 21:41:52 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8c243ba6bc12ac7b-YYZ
expires: Thu, 27 Feb 2025 20:21:43 GMT

GET
H3 200 magnific-popup.css
www.handpickedhotels.co.uk/css/ 5 KB
7 KB 93ms
88ms Stylesheet
text/css 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/css/magnific-popup.css

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

65ab95b0a57d4fa12ccb83a19088bfc1a593c982dc9fe6f1e7ecc1eb8ab313d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 5401586
cf-polished: origSize=6951
content-security-policy-report-only: upgrade-insecure-requests; #report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://*.ibosscloud.com https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 27 Sep 2022 21:41:54 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000
cf-ray: 8c243ba6bc13ac7b-YYZ
expires: Sat, 12 Jul 2025 12:39:43 GMT

GET
H3 200 jquery.bxslider.css
www.handpickedhotels.co.uk/css/ 3 KB
6 KB 89ms
84ms Stylesheet
text/css 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/css/jquery.bxslider.css

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3213344f44259aceaab954f0bd7d5d769ef33ae3eedc3e6f8fb731d3671bf709

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://assets.pinterest.com https://connect.facebook.net .hotjar.com https://.cookiebot.com https://www.gstatic.com https://.google.com https://.doubleclick.net .google-analytics.com .googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://.googlesyndication.com https://.freedompay.com https://.cardinalcommerce.com https://.amazonaws.com https://.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://.hotjar.io wss://.hotjar.com https://www.facebook.com https://.triptease.io https://.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://.alicdn.com https://cdn.honey.io .gstatic.com https://use.typekit.net; frame-src 'self' https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://.3ds.modirum.com https://3dsecure-vrp.de https://.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://.emea.citibank.com https://acs.mercurypaymentservices.it https://.googletagmanager.com https://.rabobank.nl https://.lloydsbankinggroup.com https://.zscloud.net https://.googlesyndication.com https://.americanexpress.com https://.arcot.com https://.doubleclick.net https://www.rsa3dsauth.co.uk https://.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://.cardinalcommerce.com https://.freedompay.com https://.resdiary.com https://.cookiebot.com https://.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://.facebook.net https://.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net .googleapis.com https://adservice.google.com https://.ytimg.com https://googletraveladservices.com https://.googletraveladservices.com https://secure-hotel-tracker.com https://.bing.com https://bat.bing.com https://track.linksynergy.com .doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl .googletagmanager.com https://.googletagmanager.com https://www.google.co.uk https://www.google.com .google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://.cloudflare.com https://.typography.com https://cloud.typography.com .googleapis.com http://.googleapis.com https://.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://.kaspersky-labs.com https://.hirizasune.com https://www.gstatic.com https://.googlesyndication.com https://assets.pinterest.com https://.googleapis.com https://www.googleadservices.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://.triptease.io https://connect.facebook.net https://.hotjar.com https://static.sojern.com https://.cookiebot.com https://consent.cookiebot.com https://.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
content-security-policy: upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
age: 11785255
cf-polished: origSize=3836
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 27 Sep 2022 21:41:52 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000
cf-ray: 8c243ba6bc14ac7b-YYZ
expires: Tue, 29 Apr 2025 15:25:14 GMT

GET
H3 200 bootstrap3.3.7.css
www.handpickedhotels.co.uk/css/ 118 KB
25 KB 95ms
91ms Stylesheet
text/css 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/css/bootstrap3.3.7.css

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4a25afd5419088026f9ca71b22e12a1d59294a1e25c508eaf64328d1dbfa7a98

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://assets.pinterest.com https://connect.facebook.net .hotjar.com https://.cookiebot.com https://www.gstatic.com https://.google.com https://.doubleclick.net .google-analytics.com .googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://.googlesyndication.com https://.freedompay.com https://.cardinalcommerce.com https://.amazonaws.com https://.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://.hotjar.io wss://.hotjar.com https://www.facebook.com https://.triptease.io https://.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://.alicdn.com https://cdn.honey.io .gstatic.com https://use.typekit.net; frame-src 'self' https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://.3ds.modirum.com https://3dsecure-vrp.de https://.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://.emea.citibank.com https://acs.mercurypaymentservices.it https://.googletagmanager.com https://.rabobank.nl https://.lloydsbankinggroup.com https://.zscloud.net https://.googlesyndication.com https://.americanexpress.com https://.arcot.com https://.doubleclick.net https://www.rsa3dsauth.co.uk https://.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://.cardinalcommerce.com https://.freedompay.com https://.resdiary.com https://.cookiebot.com https://.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://.facebook.net https://.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net .googleapis.com https://adservice.google.com https://.ytimg.com https://googletraveladservices.com https://.googletraveladservices.com https://secure-hotel-tracker.com https://.bing.com https://bat.bing.com https://track.linksynergy.com .doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl .googletagmanager.com https://.googletagmanager.com https://www.google.co.uk https://www.google.com .google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://.cloudflare.com https://.typography.com https://cloud.typography.com .googleapis.com http://.googleapis.com https://.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://.kaspersky-labs.com https://.hirizasune.com https://www.gstatic.com https://.googlesyndication.com https://assets.pinterest.com https://.googleapis.com https://www.googleadservices.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://.triptease.io https://connect.facebook.net https://.hotjar.com https://static.sojern.com https://.cookiebot.com https://consent.cookiebot.com https://.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
content-security-policy: upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
age: 11782466
cf-polished: origSize=121200
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Mon, 24 Jul 2023 07:22:32 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000
cf-ray: 8c243ba6bc15ac7b-YYZ
expires: Tue, 29 Apr 2025 16:11:43 GMT

GET
H3 200 bootstrap-select.css
www.handpickedhotels.co.uk/css/ 6 KB
6 KB 105ms
101ms Stylesheet
text/css 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/css/bootstrap-select.css

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f054065e70c4e1783a6c2140cbf57650566a25267dc62483e717f93d8b06b6b8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://assets.pinterest.com https://connect.facebook.net .hotjar.com https://.cookiebot.com https://www.gstatic.com https://.google.com https://.doubleclick.net .google-analytics.com .googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://.googlesyndication.com https://.freedompay.com https://.cardinalcommerce.com https://.amazonaws.com https://.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://.hotjar.io wss://.hotjar.com https://www.facebook.com https://.triptease.io https://.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://.alicdn.com https://cdn.honey.io .gstatic.com https://use.typekit.net; frame-src 'self' https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://.3ds.modirum.com https://3dsecure-vrp.de https://.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://.emea.citibank.com https://acs.mercurypaymentservices.it https://.googletagmanager.com https://.rabobank.nl https://.lloydsbankinggroup.com https://.zscloud.net https://.googlesyndication.com https://.americanexpress.com https://.arcot.com https://.doubleclick.net https://www.rsa3dsauth.co.uk https://.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://.cardinalcommerce.com https://.freedompay.com https://.resdiary.com https://.cookiebot.com https://.triptease.io https://www.google.com; img-src 'self' data: https://.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://.facebook.net https://.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net .googleapis.com https://adservice.google.com https://.ytimg.com https://googletraveladservices.com https://.googletraveladservices.com https://secure-hotel-tracker.com https://.bing.com https://bat.bing.com https://track.linksynergy.com .doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl .googletagmanager.com https://.googletagmanager.com https://www.google.co.uk https://www.google.com .google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://.cloudflare.com https://.typography.com https://cloud.typography.com .googleapis.com http://.googleapis.com https://.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://.kaspersky-labs.com https://.hirizasune.com https://www.gstatic.com https://.googlesyndication.com https://assets.pinterest.com https://.googleapis.com https://www.googleadservices.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://.triptease.io https://connect.facebook.net https://.hotjar.com https://static.sojern.com https://.cookiebot.com https://consent.cookiebot.com https://.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
content-security-policy: upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
age: 17046816
cf-polished: origSize=7761
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 27 Sep 2022 21:41:54 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000
cf-ray: 8c243ba6bc17ac7b-YYZ
expires: Thu, 27 Feb 2025 17:52:33 GMT

GET
H3 200 flipclock.css
www.handpickedhotels.co.uk/css/ 6 KB
6 KB 111ms
107ms Stylesheet
text/css 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/css/flipclock.css

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

678cca19c47839fd3abc2dd716372ff2f3aaa1097ddb399a605e130e230e3164

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://assets.pinterest.com https://connect.facebook.net .hotjar.com https://.cookiebot.com https://www.gstatic.com https://.google.com https://.doubleclick.net .google-analytics.com .googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://.googlesyndication.com https://.freedompay.com https://.cardinalcommerce.com https://.amazonaws.com https://.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://.hotjar.io wss://.hotjar.com https://www.facebook.com https://.triptease.io https://.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://.alicdn.com https://cdn.honey.io .gstatic.com https://use.typekit.net; frame-src 'self' https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://.3ds.modirum.com https://3dsecure-vrp.de https://.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://.emea.citibank.com https://acs.mercurypaymentservices.it https://.googletagmanager.com https://.rabobank.nl https://.lloydsbankinggroup.com https://.zscloud.net https://.googlesyndication.com https://.americanexpress.com https://.arcot.com https://.doubleclick.net https://www.rsa3dsauth.co.uk https://.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://.cardinalcommerce.com https://.freedompay.com https://.resdiary.com https://.cookiebot.com https://.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://.facebook.net https://.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net .googleapis.com https://adservice.google.com https://.ytimg.com https://googletraveladservices.com https://.googletraveladservices.com https://secure-hotel-tracker.com https://.bing.com https://bat.bing.com https://track.linksynergy.com .doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl .googletagmanager.com https://.googletagmanager.com https://www.google.co.uk https://www.google.com .google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://.cloudflare.com https://.typography.com https://cloud.typography.com .googleapis.com http://.googleapis.com https://.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://.kaspersky-labs.com https://.hirizasune.com https://www.gstatic.com https://.googlesyndication.com https://assets.pinterest.com https://.googleapis.com https://www.googleadservices.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://.triptease.io https://connect.facebook.net https://.hotjar.com https://static.sojern.com https://.cookiebot.com https://consent.cookiebot.com https://.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
content-security-policy: upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
age: 11785255
cf-polished: origSize=9654
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 27 Sep 2022 21:41:51 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000
cf-ray: 8c243ba6bc19ac7b-YYZ
expires: Tue, 29 Apr 2025 15:25:14 GMT

GET
H3 200 scratch.css
www.handpickedhotels.co.uk/css/ 318 B
5 KB 126ms
122ms Stylesheet
text/css 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/css/scratch.css

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0931c24d7f43c99432544c9ae1ecc648f0ef35ef8881c6ed01693d83f82b22b2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://assets.pinterest.com https://connect.facebook.net .hotjar.com https://.cookiebot.com https://www.gstatic.com https://.google.com https://.doubleclick.net .google-analytics.com .googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://.googlesyndication.com https://.freedompay.com https://.cardinalcommerce.com https://.amazonaws.com https://.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://.hotjar.io wss://.hotjar.com https://www.facebook.com https://.triptease.io https://.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://.alicdn.com https://cdn.honey.io .gstatic.com https://use.typekit.net; frame-src 'self' https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://.3ds.modirum.com https://3dsecure-vrp.de https://.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://.emea.citibank.com https://acs.mercurypaymentservices.it https://.googletagmanager.com https://.rabobank.nl https://.lloydsbankinggroup.com https://.zscloud.net https://.googlesyndication.com https://.americanexpress.com https://.arcot.com https://.doubleclick.net https://www.rsa3dsauth.co.uk https://.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://.cardinalcommerce.com https://.freedompay.com https://.resdiary.com https://.cookiebot.com https://.triptease.io https://www.google.com; img-src 'self' data: https://.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://.facebook.net https://.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net .googleapis.com https://adservice.google.com https://.ytimg.com https://googletraveladservices.com https://.googletraveladservices.com https://secure-hotel-tracker.com https://.bing.com https://bat.bing.com https://track.linksynergy.com .doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl .googletagmanager.com https://.googletagmanager.com https://www.google.co.uk https://www.google.com .google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://.cloudflare.com https://.typography.com https://cloud.typography.com .googleapis.com http://.googleapis.com https://.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://.kaspersky-labs.com https://.hirizasune.com https://www.gstatic.com https://.googlesyndication.com https://assets.pinterest.com https://.googleapis.com https://www.googleadservices.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://.triptease.io https://connect.facebook.net https://.hotjar.com https://static.sojern.com https://.cookiebot.com https://consent.cookiebot.com https://.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
content-security-policy: upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
age: 17037865
cf-polished: origSize=422
content-encoding: br
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
cf-bgj: minify
last-modified: Tue, 27 Sep 2022 21:41:51 GMT
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=31536000
cf-ray: 8c243ba6bc1bac7b-YYZ
expires: Thu, 27 Feb 2025 20:21:43 GMT

GET
H3 200 mobiscroll.jquery.min.css
www.handpickedhotels.co.uk/css/mobiscroll/ 75 KB
16 KB 127ms
123ms Stylesheet
text/css 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/css/mobiscroll/mobiscroll.jquery.min.css?v=5283

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

80ef468abb3244f9759e3554973c27def34058e024c851010e56854cfcaef398

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 5531717
content-security-policy-report-only: upgrade-insecure-requests; #report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://*.ibosscloud.com https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
alt-svc: h3=":443"; ma=86400
content-length: 11096
x-xss-protection: 1; mode=block
last-modified: Wed, 31 Jan 2024 09:21:47 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8c243ba6bc1cac7b-YYZ
expires: Fri, 11 Jul 2025 00:30:52 GMT

GET
H2 200 hri3euw.css
use.typekit.net/ 4 KB
978 B 135ms
31ms Stylesheet
text/css 2600:141b:1c00:f::172c:c9cc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/hri3euw.css

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2600:141b:1c00:f::172c:c9cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

70f49a358af95357bb8b1eb85b648bb3813655a8b6836dd57d1452e854031a31

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

Referer: https://www.handpickedhotels.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Fri, 13 Sep 2024 01:06:09 GMT
server: nginx
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 755

GET
H3 200 main_vi.css
www.handpickedhotels.co.uk/css/ 497 KB
77 KB 406ms
403ms Stylesheet
text/css 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/css/main_vi.css?v=22024091302

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e42b2e5089575dc8d2635ad094bd36434fed8b2fe6ca2e14cbf757fb7c29bf58

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-security-policy-report-only: upgrade-insecure-requests; #report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://*.ibosscloud.com https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Fri, 23 Aug 2024 10:10:51 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
cf-ray: 8c243ba6bc1fac7b-YYZ
expires: Sat, 13 Sep 2025 01:06:09 GMT

GET
H3 200 main_nav_vi.css
www.handpickedhotels.co.uk/css/ 28 KB
10 KB 381ms
379ms Stylesheet
text/css 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/css/main_nav_vi.css?v=22024091302

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2de3129c25969c6c7d5f7641594dc8af6e03002532879f24fb032e8122d09322

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-security-policy-report-only: upgrade-insecure-requests; #report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://*.ibosscloud.com https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
alt-svc: h3=":443"; ma=86400
content-length: 5216
x-xss-protection: 1; mode=block
last-modified: Tue, 30 Apr 2024 13:06:55 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8c243ba6bc20ac7b-YYZ
expires: Sat, 13 Sep 2025 01:06:09 GMT

GET
H3 200 currency_converter.css
www.handpickedhotels.co.uk/css/ 3 KB
6 KB 304ms
301ms Stylesheet
text/css 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/css/currency_converter.css?v=2024091302

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

34e124b3a1a03fe1457d7bf2b9c1a4ff49aa710b91a825889b92df05df0438e9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-security-policy-report-only: upgrade-insecure-requests; #report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://*.ibosscloud.com https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
alt-svc: h3=":443"; ma=86400
content-length: 894
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Aug 2023 13:50:57 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 8c243ba6bc21ac7b-YYZ
expires: Sat, 13 Sep 2025 01:06:09 GMT

GET
H2 200 pa-6486fe9139b8d30012000066.js Show response
rum-static.pingdom.net/ 6 KB
3 KB 498ms
437ms Script
application/javascript 2606:4700:10::6816:3668
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-static.pingdom.net/pa-6486fe9139b8d30012000066.js
Requested by: Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:3668 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 14240c16c9b3422c50f3575eff33b56d2cb00ee26f1dcd06abd383abd157cd82

Request headers

Referer: https://www.handpickedhotels.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:10 GMT
content-encoding: gzip
cf-cache-status: REVALIDATED
last-modified: Fri, 14 Oct 2022 06:22:28 GMT
server: cloudflare
etag: W/"63490024-1852"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=86400
cf-ray: 8c243bac3cb339c9-YYZ
expires: Fri, 13 Sep 2024 01:11:10 GMT

GET
H3 200 jquery3.6.4.min.js Show response
www.handpickedhotels.co.uk/js/ 88 KB
35 KB 131ms
128ms Script
application/javascript 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/js/jquery3.6.4.min.js

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://assets.pinterest.com https://connect.facebook.net .hotjar.com https://.cookiebot.com https://www.gstatic.com https://.google.com https://.doubleclick.net .google-analytics.com .googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://.googlesyndication.com https://.freedompay.com https://.cardinalcommerce.com https://.amazonaws.com https://.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://.hotjar.io wss://.hotjar.com https://www.facebook.com https://.triptease.io https://.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://.alicdn.com https://cdn.honey.io .gstatic.com https://use.typekit.net; frame-src 'self' https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://.3ds.modirum.com https://3dsecure-vrp.de https://.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://.emea.citibank.com https://acs.mercurypaymentservices.it https://.googletagmanager.com https://.rabobank.nl https://.lloydsbankinggroup.com https://.zscloud.net https://.googlesyndication.com https://.americanexpress.com https://.arcot.com https://.doubleclick.net https://www.rsa3dsauth.co.uk https://.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://.cardinalcommerce.com https://.freedompay.com https://.resdiary.com https://.cookiebot.com https://.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://.facebook.net https://.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net .googleapis.com https://adservice.google.com https://.ytimg.com https://googletraveladservices.com https://.googletraveladservices.com https://secure-hotel-tracker.com https://.bing.com https://bat.bing.com https://track.linksynergy.com .doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl .googletagmanager.com https://.googletagmanager.com https://www.google.co.uk https://www.google.com .google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://.cloudflare.com https://.typography.com https://cloud.typography.com .googleapis.com http://.googleapis.com https://.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://.kaspersky-labs.com https://.hirizasune.com https://www.gstatic.com https://.googlesyndication.com https://assets.pinterest.com https://.googleapis.com https://www.googleadservices.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://.triptease.io https://connect.facebook.net https://.hotjar.com https://static.sojern.com https://.cookiebot.com https://consent.cookiebot.com https://.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
cf-cache-status: HIT
content-encoding: gzip
age: 1406060
alt-svc: h3=":443"; ma=86400
content-length: 31043
x-xss-protection: 1; mode=block
last-modified: Mon, 24 Jul 2023 07:23:17 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243ba6bc22ac7b-YYZ
expires: Thu, 26 Sep 2024 18:31:49 GMT

GET
H3 200 68691_4c96af528860c45e5386483d19e855b1.svg
www.handpickedhotels.co.uk/images_navigation/ 10 KB
9 KB 152ms
150ms Image
image/svg+xml 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.handpickedhotels.co.uk/images_navigation/68691_4c96af528860c45e5386483d19e855b1.svg

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f424dfbf5efc859a4500a90911ceb4a3e6b8d20d4c2da78624b72c453888ca33

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 265516
content-security-policy-report-only: upgrade-insecure-requests; #report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://*.ibosscloud.com https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
alt-svc: h3=":443"; ma=86400
content-length: 3724
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 20:24:36 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243ba6bc23ac7b-YYZ
expires: Wed, 09 Oct 2024 23:20:53 GMT

GET
H3 200 hph_blank.png
www.handpickedhotels.co.uk/img/ 97 B
5 KB 112ms
111ms Image
image/png 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.handpickedhotels.co.uk/img/hph_blank.png

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d305915423bad8a04f94a048cd4b28a6c916ddd5594c9f61061cfe8ceef72f33

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://assets.pinterest.com https://connect.facebook.net .hotjar.com https://.cookiebot.com https://www.gstatic.com https://.google.com https://.doubleclick.net .google-analytics.com .googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://.googlesyndication.com https://.freedompay.com https://.cardinalcommerce.com https://.amazonaws.com https://.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://.hotjar.io wss://.hotjar.com https://www.facebook.com https://.triptease.io https://.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://.alicdn.com https://cdn.honey.io .gstatic.com https://use.typekit.net; frame-src 'self' https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://.3ds.modirum.com https://3dsecure-vrp.de https://.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://.emea.citibank.com https://acs.mercurypaymentservices.it https://.googletagmanager.com https://.rabobank.nl https://.lloydsbankinggroup.com https://.zscloud.net https://.googlesyndication.com https://.americanexpress.com https://.arcot.com https://.doubleclick.net https://www.rsa3dsauth.co.uk https://.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://.cardinalcommerce.com https://.freedompay.com https://.resdiary.com https://.cookiebot.com https://.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://.facebook.net https://.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net .googleapis.com https://adservice.google.com https://.ytimg.com https://googletraveladservices.com https://.googletraveladservices.com https://secure-hotel-tracker.com https://.bing.com https://bat.bing.com https://track.linksynergy.com .doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl .googletagmanager.com https://.googletagmanager.com https://www.google.co.uk https://www.google.com .google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://.cloudflare.com https://.typography.com https://cloud.typography.com .googleapis.com http://.googleapis.com https://.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://.kaspersky-labs.com https://.hirizasune.com https://www.gstatic.com https://.googlesyndication.com https://assets.pinterest.com https://.googleapis.com https://www.googleadservices.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://.triptease.io https://connect.facebook.net https://.hotjar.com https://static.sojern.com https://.cookiebot.com https://consent.cookiebot.com https://.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
content-security-policy: upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
x-content-type-options: nosniff
strict-transport-security: max-age=31536000;
cf-cache-status: HIT
age: 2394912
cf-polished: origSize=47092, status=webp_bigger
alt-svc: h3=":443"; ma=86400
content-length: 97
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 27 Sep 2022 21:38:26 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2692000
accept-ranges: bytes
cf-ray: 8c243ba70c64ac7b-YYZ
expires: Sun, 15 Sep 2024 07:50:57 GMT

GET
H3 200 spinner.gif
www.handpickedhotels.co.uk/simgs-reskin/ 75 KB
80 KB 461ms
457ms Image
image/gif 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.handpickedhotels.co.uk/simgs-reskin/spinner.gif

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

164c452472691ea317740b085ad02b161c6635eec71b4289039395d491f1ecb6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:10 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
content-security-policy-report-only: upgrade-insecure-requests; #report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://*.ibosscloud.com https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
alt-svc: h3=":443"; ma=86400
content-length: 77131
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 21:38:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/gif
cache-control: public, max-age=2692000
accept-ranges: bytes
cf-ray: 8c243babd954ac7b-YYZ
expires: Sun, 13 Oct 2024 01:06:10 GMT

GET
H3 200 hph_logo_vertical_black.svg
www.handpickedhotels.co.uk/simgs-reskin/ 12 KB
8 KB 44ms
40ms Image
image/svg+xml 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.handpickedhotels.co.uk/simgs-reskin/hph_logo_vertical_black.svg

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

aa9a31cd594a14dd99fb9f13aea5e9ed1a0230007fe7e41d037abe0ec30b6879

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://assets.pinterest.com https://connect.facebook.net .hotjar.com https://.cookiebot.com https://www.gstatic.com https://.google.com https://.doubleclick.net .google-analytics.com .googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://.googlesyndication.com https://.freedompay.com https://.cardinalcommerce.com https://.amazonaws.com https://.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://.hotjar.io wss://.hotjar.com https://www.facebook.com https://.triptease.io https://.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://.alicdn.com https://cdn.honey.io .gstatic.com https://use.typekit.net; frame-src 'self' https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://.3ds.modirum.com https://3dsecure-vrp.de https://.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://.emea.citibank.com https://acs.mercurypaymentservices.it https://.googletagmanager.com https://.rabobank.nl https://.lloydsbankinggroup.com https://.zscloud.net https://.googlesyndication.com https://.americanexpress.com https://.arcot.com https://.doubleclick.net https://www.rsa3dsauth.co.uk https://.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://.cardinalcommerce.com https://.freedompay.com https://.resdiary.com https://.cookiebot.com https://.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://.facebook.net https://.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net .googleapis.com https://adservice.google.com https://.ytimg.com https://googletraveladservices.com https://.googletraveladservices.com https://secure-hotel-tracker.com https://.bing.com https://bat.bing.com https://track.linksynergy.com .doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl .googletagmanager.com https://.googletagmanager.com https://www.google.co.uk https://www.google.com .google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://.cloudflare.com https://.typography.com https://cloud.typography.com .googleapis.com http://.googleapis.com https://.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://.kaspersky-labs.com https://.hirizasune.com https://www.gstatic.com https://.googlesyndication.com https://assets.pinterest.com https://.googleapis.com https://www.googleadservices.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://.triptease.io https://connect.facebook.net https://.hotjar.com https://static.sojern.com https://.cookiebot.com https://consent.cookiebot.com https://.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
cf-cache-status: HIT
content-encoding: gzip
age: 128559
alt-svc: h3=":443"; ma=86400
content-length: 3697
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 21:38:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243babd955ac7b-YYZ
expires: Fri, 11 Oct 2024 13:23:30 GMT

GET
H3 200 preloader@2x.png
www.handpickedhotels.co.uk/simgs-reskin/ 24 KB
29 KB 42ms
39ms Image
image/png 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.handpickedhotels.co.uk/simgs-reskin/preloader@2x.png

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2b28a95a3617edf71797e3e0989e44e6bf2f6d97756de5ef337168297a3fb192

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 601800
cf-polished: status=cannot_optimize
content-security-policy-report-only: upgrade-insecure-requests; #report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://*.ibosscloud.com https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
alt-svc: h3=":443"; ma=86400
content-length: 24995
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 27 Sep 2022 21:38:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: public, max-age=2692000
accept-ranges: bytes
cf-ray: 8c243babd956ac7b-YYZ
expires: Sun, 06 Oct 2024 01:56:09 GMT

GET
H3 200 hph_logo_vertical_white.svg
www.handpickedhotels.co.uk/simgs-reskin/ 9 KB
8 KB 37ms
34ms Image
image/svg+xml 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.handpickedhotels.co.uk/simgs-reskin/hph_logo_vertical_white.svg

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf48cada2810e4ddc497216376ec6d1b67a3040ff85b87cce0f3cee37e1a00f2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://assets.pinterest.com https://connect.facebook.net .hotjar.com https://.cookiebot.com https://www.gstatic.com https://.google.com https://.doubleclick.net .google-analytics.com .googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://.googlesyndication.com https://.freedompay.com https://.cardinalcommerce.com https://.amazonaws.com https://.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://.hotjar.io wss://.hotjar.com https://www.facebook.com https://.triptease.io https://.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://.alicdn.com https://cdn.honey.io .gstatic.com https://use.typekit.net; frame-src 'self' https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://.3ds.modirum.com https://3dsecure-vrp.de https://.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://.emea.citibank.com https://acs.mercurypaymentservices.it https://.googletagmanager.com https://.rabobank.nl https://.lloydsbankinggroup.com https://.zscloud.net https://.googlesyndication.com https://.americanexpress.com https://.arcot.com https://.doubleclick.net https://www.rsa3dsauth.co.uk https://.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://.cardinalcommerce.com https://.freedompay.com https://.resdiary.com https://.cookiebot.com https://.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://.facebook.net https://.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net .googleapis.com https://adservice.google.com https://.ytimg.com https://googletraveladservices.com https://.googletraveladservices.com https://secure-hotel-tracker.com https://.bing.com https://bat.bing.com https://track.linksynergy.com .doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl .googletagmanager.com https://.googletagmanager.com https://www.google.co.uk https://www.google.com .google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://.cloudflare.com https://.typography.com https://cloud.typography.com .googleapis.com http://.googleapis.com https://.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://.kaspersky-labs.com https://.hirizasune.com https://www.gstatic.com https://.googlesyndication.com https://assets.pinterest.com https://.googleapis.com https://www.googleadservices.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://.triptease.io https://connect.facebook.net https://.hotjar.com https://static.sojern.com https://.cookiebot.com https://consent.cookiebot.com https://.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
cf-cache-status: HIT
content-encoding: gzip
age: 31224
alt-svc: h3=":443"; ma=86400
content-length: 2837
x-xss-protection: 1; mode=block
last-modified: Tue, 06 Jun 2023 10:31:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243babd957ac7b-YYZ
expires: Sat, 12 Oct 2024 16:25:45 GMT

GET
H3 200 email-decode.min.js Show response
www.handpickedhotels.co.uk/cdn-cgi/scripts/5c5dd728/cloudflare-static/ 1 KB
835 B 26ms
26ms Script
application/javascript 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/cdn-cgi/scripts/5c5dd728/cloudflare-static/email-decode.min.js

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Sun, 08 Sep 2024 16:12:37 GMT
server: cloudflare
etag: W/"66ddccf5-4d7"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
cf-ray: 8c243ba7bd08ac7b-YYZ
expires: Sun, 15 Sep 2024 01:06:09 GMT

GET
H3 200 jquery.validate.min.js Show response
www.handpickedhotels.co.uk/js/ 23 KB
12 KB 35ms
34ms Script
application/javascript 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/js/jquery.validate.min.js

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://assets.pinterest.com https://connect.facebook.net .hotjar.com https://.cookiebot.com https://www.gstatic.com https://.google.com https://.doubleclick.net .google-analytics.com .googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://.googlesyndication.com https://.freedompay.com https://.cardinalcommerce.com https://.amazonaws.com https://.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://.hotjar.io wss://.hotjar.com https://www.facebook.com https://.triptease.io https://.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://.alicdn.com https://cdn.honey.io .gstatic.com https://use.typekit.net; frame-src 'self' https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://.3ds.modirum.com https://3dsecure-vrp.de https://.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://.emea.citibank.com https://acs.mercurypaymentservices.it https://.googletagmanager.com https://.rabobank.nl https://.lloydsbankinggroup.com https://.zscloud.net https://.googlesyndication.com https://.americanexpress.com https://.arcot.com https://.doubleclick.net https://www.rsa3dsauth.co.uk https://.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://.cardinalcommerce.com https://.freedompay.com https://.resdiary.com https://.cookiebot.com https://.triptease.io https://www.google.com; img-src 'self' data: https://.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://.facebook.net https://.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net .googleapis.com https://adservice.google.com https://.ytimg.com https://googletraveladservices.com https://.googletraveladservices.com https://secure-hotel-tracker.com https://.bing.com https://bat.bing.com https://track.linksynergy.com .doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl .googletagmanager.com https://.googletagmanager.com https://www.google.co.uk https://www.google.com .google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://.cloudflare.com https://.typography.com https://cloud.typography.com .googleapis.com http://.googleapis.com https://.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://.kaspersky-labs.com https://.hirizasune.com https://www.gstatic.com https://.googlesyndication.com https://assets.pinterest.com https://.googleapis.com https://www.googleadservices.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://.triptease.io https://connect.facebook.net https://.hotjar.com https://static.sojern.com https://.cookiebot.com https://consent.cookiebot.com https://.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
cf-cache-status: HIT
content-encoding: gzip
age: 1479494
alt-svc: h3=":443"; ma=86400
content-length: 7446
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 21:38:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243ba7cd15ac7b-YYZ
expires: Wed, 25 Sep 2024 22:07:55 GMT

GET
H3 200 slick.min.js Show response
www.handpickedhotels.co.uk/js/slick/ 40 KB
14 KB 36ms
36ms Script
application/javascript 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/js/slick/slick.min.js

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4fc7a9c6dd1051ab261a550db0b16147da4236dedfb2efc6311ebff48a045350

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://assets.pinterest.com https://connect.facebook.net .hotjar.com https://.cookiebot.com https://www.gstatic.com https://.google.com https://.doubleclick.net .google-analytics.com .googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://.googlesyndication.com https://.freedompay.com https://.cardinalcommerce.com https://.amazonaws.com https://.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://.hotjar.io wss://.hotjar.com https://www.facebook.com https://.triptease.io https://.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://.alicdn.com https://cdn.honey.io .gstatic.com https://use.typekit.net; frame-src 'self' https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://.3ds.modirum.com https://3dsecure-vrp.de https://.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://.emea.citibank.com https://acs.mercurypaymentservices.it https://.googletagmanager.com https://.rabobank.nl https://.lloydsbankinggroup.com https://.zscloud.net https://.googlesyndication.com https://.americanexpress.com https://.arcot.com https://.doubleclick.net https://www.rsa3dsauth.co.uk https://.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://.cardinalcommerce.com https://.freedompay.com https://.resdiary.com https://.cookiebot.com https://.triptease.io https://www.google.com; img-src 'self' data: https://.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://.facebook.net https://.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net .googleapis.com https://adservice.google.com https://.ytimg.com https://googletraveladservices.com https://.googletraveladservices.com https://secure-hotel-tracker.com https://.bing.com https://bat.bing.com https://track.linksynergy.com .doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl .googletagmanager.com https://.googletagmanager.com https://www.google.co.uk https://www.google.com .google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://.cloudflare.com https://.typography.com https://cloud.typography.com .googleapis.com http://.googleapis.com https://.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://.kaspersky-labs.com https://.hirizasune.com https://www.gstatic.com https://.googlesyndication.com https://assets.pinterest.com https://.googleapis.com https://www.googleadservices.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://.triptease.io https://connect.facebook.net https://.hotjar.com https://static.sojern.com https://.cookiebot.com https://consent.cookiebot.com https://.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
cf-cache-status: HIT
content-encoding: gzip
age: 1479494
alt-svc: h3=":443"; ma=86400
content-length: 9736
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 21:38:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243ba7ed35ac7b-YYZ
expires: Wed, 25 Sep 2024 22:07:55 GMT

GET
H3 200 jquery.timepicker.min.js Show response
www.handpickedhotels.co.uk/js/jquery-timepicker-master/ 15 KB
9 KB 34ms
33ms Script
application/javascript 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/js/jquery-timepicker-master/jquery.timepicker.min.js

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b5c628f7acc78e425e3ac7b8fbe7b68287a5e0d24ab116d492a0775c7e7a3535

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://assets.pinterest.com https://connect.facebook.net .hotjar.com https://.cookiebot.com https://www.gstatic.com https://.google.com https://.doubleclick.net .google-analytics.com .googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://.googlesyndication.com https://.freedompay.com https://.cardinalcommerce.com https://.amazonaws.com https://.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://.hotjar.io wss://.hotjar.com https://www.facebook.com https://.triptease.io https://.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://.alicdn.com https://cdn.honey.io .gstatic.com https://use.typekit.net; frame-src 'self' https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://.3ds.modirum.com https://3dsecure-vrp.de https://.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://.emea.citibank.com https://acs.mercurypaymentservices.it https://.googletagmanager.com https://.rabobank.nl https://.lloydsbankinggroup.com https://.zscloud.net https://.googlesyndication.com https://.americanexpress.com https://.arcot.com https://.doubleclick.net https://www.rsa3dsauth.co.uk https://.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://.cardinalcommerce.com https://.freedompay.com https://.resdiary.com https://.cookiebot.com https://.triptease.io https://www.google.com; img-src 'self' data: https://.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://.facebook.net https://.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net .googleapis.com https://adservice.google.com https://.ytimg.com https://googletraveladservices.com https://.googletraveladservices.com https://secure-hotel-tracker.com https://.bing.com https://bat.bing.com https://track.linksynergy.com .doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl .googletagmanager.com https://.googletagmanager.com https://www.google.co.uk https://www.google.com .google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://.cloudflare.com https://.typography.com https://cloud.typography.com .googleapis.com http://.googleapis.com https://.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://.kaspersky-labs.com https://.hirizasune.com https://www.gstatic.com https://.googlesyndication.com https://assets.pinterest.com https://.googleapis.com https://www.googleadservices.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://.triptease.io https://connect.facebook.net https://.hotjar.com https://static.sojern.com https://.cookiebot.com https://consent.cookiebot.com https://.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
cf-cache-status: HIT
content-encoding: gzip
age: 1479494
alt-svc: h3=":443"; ma=86400
content-length: 5017
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 21:38:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243ba80d45ac7b-YYZ
expires: Wed, 25 Sep 2024 22:07:55 GMT

GET
H3 200 uikit.min.js Show response
www.handpickedhotels.co.uk/js/ 53 KB
19 KB 42ms
41ms Script
application/javascript 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/js/uikit.min.js

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3635bbd5fedba0e1fe7d2825c97a3b7e48478fe43989336f4a04a0bcd41ac8f3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://assets.pinterest.com https://connect.facebook.net .hotjar.com https://.cookiebot.com https://www.gstatic.com https://.google.com https://.doubleclick.net .google-analytics.com .googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://.googlesyndication.com https://.freedompay.com https://.cardinalcommerce.com https://.amazonaws.com https://.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://.hotjar.io wss://.hotjar.com https://www.facebook.com https://.triptease.io https://.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://.alicdn.com https://cdn.honey.io .gstatic.com https://use.typekit.net; frame-src 'self' https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://.3ds.modirum.com https://3dsecure-vrp.de https://.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://.emea.citibank.com https://acs.mercurypaymentservices.it https://.googletagmanager.com https://.rabobank.nl https://.lloydsbankinggroup.com https://.zscloud.net https://.googlesyndication.com https://.americanexpress.com https://.arcot.com https://.doubleclick.net https://www.rsa3dsauth.co.uk https://.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://.cardinalcommerce.com https://.freedompay.com https://.resdiary.com https://.cookiebot.com https://.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://.facebook.net https://.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net .googleapis.com https://adservice.google.com https://.ytimg.com https://googletraveladservices.com https://.googletraveladservices.com https://secure-hotel-tracker.com https://.bing.com https://bat.bing.com https://track.linksynergy.com .doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl .googletagmanager.com https://.googletagmanager.com https://www.google.co.uk https://www.google.com .google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://.cloudflare.com https://.typography.com https://cloud.typography.com .googleapis.com http://.googleapis.com https://.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://.kaspersky-labs.com https://.hirizasune.com https://www.gstatic.com https://.googlesyndication.com https://assets.pinterest.com https://.googleapis.com https://www.googleadservices.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://.triptease.io https://connect.facebook.net https://.hotjar.com https://static.sojern.com https://.cookiebot.com https://consent.cookiebot.com https://.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
cf-cache-status: HIT
content-encoding: gzip
age: 1406059
alt-svc: h3=":443"; ma=86400
content-length: 14758
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 21:38:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243ba82d6fac7b-YYZ
expires: Thu, 26 Sep 2024 18:31:50 GMT

GET
H3 200 datepicker.min.js Show response
www.handpickedhotels.co.uk/js/ 37 KB
17 KB 36ms
35ms Script
application/javascript 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/js/datepicker.min.js

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2903b07a9c868c2468d8aa9dd052492cee03051a408c0d0fdd20aafb1c4e7c2b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://assets.pinterest.com https://connect.facebook.net .hotjar.com https://.cookiebot.com https://www.gstatic.com https://.google.com https://.doubleclick.net .google-analytics.com .googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://.googlesyndication.com https://.freedompay.com https://.cardinalcommerce.com https://.amazonaws.com https://.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://.hotjar.io wss://.hotjar.com https://www.facebook.com https://.triptease.io https://.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://.alicdn.com https://cdn.honey.io .gstatic.com https://use.typekit.net; frame-src 'self' https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://.3ds.modirum.com https://3dsecure-vrp.de https://.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://.emea.citibank.com https://acs.mercurypaymentservices.it https://.googletagmanager.com https://.rabobank.nl https://.lloydsbankinggroup.com https://.zscloud.net https://.googlesyndication.com https://.americanexpress.com https://.arcot.com https://.doubleclick.net https://www.rsa3dsauth.co.uk https://.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://.cardinalcommerce.com https://.freedompay.com https://.resdiary.com https://.cookiebot.com https://.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://.facebook.net https://.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net .googleapis.com https://adservice.google.com https://.ytimg.com https://googletraveladservices.com https://.googletraveladservices.com https://secure-hotel-tracker.com https://.bing.com https://bat.bing.com https://track.linksynergy.com .doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl .googletagmanager.com https://.googletagmanager.com https://www.google.co.uk https://www.google.com .google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://.cloudflare.com https://.typography.com https://cloud.typography.com .googleapis.com http://.googleapis.com https://.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://.kaspersky-labs.com https://.hirizasune.com https://www.gstatic.com https://.googlesyndication.com https://assets.pinterest.com https://.googleapis.com https://www.googleadservices.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://.triptease.io https://connect.facebook.net https://.hotjar.com https://static.sojern.com https://.cookiebot.com https://consent.cookiebot.com https://.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
cf-cache-status: HIT
content-encoding: gzip
age: 1406059
alt-svc: h3=":443"; ma=86400
content-length: 12877
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 21:38:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243ba84d96ac7b-YYZ
expires: Thu, 26 Sep 2024 18:31:50 GMT

GET
H3 200 uikit-xs.min.js Show response
www.handpickedhotels.co.uk/mini-js/ 53 KB
19 KB 41ms
40ms Script
application/javascript 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/mini-js/uikit-xs.min.js

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4148a21d6139fd0b55461579a8a551e166816871fb2bf6428d9b37fcb1559ce3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://assets.pinterest.com https://connect.facebook.net .hotjar.com https://.cookiebot.com https://www.gstatic.com https://.google.com https://.doubleclick.net .google-analytics.com .googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://.googlesyndication.com https://.freedompay.com https://.cardinalcommerce.com https://.amazonaws.com https://.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://.hotjar.io wss://.hotjar.com https://www.facebook.com https://.triptease.io https://.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://.alicdn.com https://cdn.honey.io .gstatic.com https://use.typekit.net; frame-src 'self' https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://.3ds.modirum.com https://3dsecure-vrp.de https://.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://.emea.citibank.com https://acs.mercurypaymentservices.it https://.googletagmanager.com https://.rabobank.nl https://.lloydsbankinggroup.com https://.zscloud.net https://.googlesyndication.com https://.americanexpress.com https://.arcot.com https://.doubleclick.net https://www.rsa3dsauth.co.uk https://.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://.cardinalcommerce.com https://.freedompay.com https://.resdiary.com https://.cookiebot.com https://.triptease.io https://www.google.com; img-src 'self' data: https://.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://.facebook.net https://.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net .googleapis.com https://adservice.google.com https://.ytimg.com https://googletraveladservices.com https://.googletraveladservices.com https://secure-hotel-tracker.com https://.bing.com https://bat.bing.com https://track.linksynergy.com .doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl .googletagmanager.com https://.googletagmanager.com https://www.google.co.uk https://www.google.com .google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://.cloudflare.com https://.typography.com https://cloud.typography.com .googleapis.com http://.googleapis.com https://.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://.kaspersky-labs.com https://.hirizasune.com https://www.gstatic.com https://.googlesyndication.com https://assets.pinterest.com https://.googleapis.com https://www.googleadservices.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://.triptease.io https://connect.facebook.net https://.hotjar.com https://static.sojern.com https://.cookiebot.com https://consent.cookiebot.com https://.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
cf-cache-status: HIT
content-encoding: gzip
age: 1479494
alt-svc: h3=":443"; ma=86400
content-length: 14700
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 21:38:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243ba87ddfac7b-YYZ
expires: Wed, 25 Sep 2024 22:07:55 GMT

GET
H3 200 datepicker-xs.min.js Show response
www.handpickedhotels.co.uk/mini-js/ 36 KB
17 KB 35ms
35ms Script
application/javascript 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/mini-js/datepicker-xs.min.js

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3973f7ae134c2a8d76fa9651a6e74511b8195f415971cbad872e142337699174

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://assets.pinterest.com https://connect.facebook.net .hotjar.com https://.cookiebot.com https://www.gstatic.com https://.google.com https://.doubleclick.net .google-analytics.com .googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://.googlesyndication.com https://.freedompay.com https://.cardinalcommerce.com https://.amazonaws.com https://.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://.hotjar.io wss://.hotjar.com https://www.facebook.com https://.triptease.io https://.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://.alicdn.com https://cdn.honey.io .gstatic.com https://use.typekit.net; frame-src 'self' https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://.3ds.modirum.com https://3dsecure-vrp.de https://.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://.emea.citibank.com https://acs.mercurypaymentservices.it https://.googletagmanager.com https://.rabobank.nl https://.lloydsbankinggroup.com https://.zscloud.net https://.googlesyndication.com https://.americanexpress.com https://.arcot.com https://.doubleclick.net https://www.rsa3dsauth.co.uk https://.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://.cardinalcommerce.com https://.freedompay.com https://.resdiary.com https://.cookiebot.com https://.triptease.io https://www.google.com; img-src 'self' data: https://.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://.facebook.net https://.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net .googleapis.com https://adservice.google.com https://.ytimg.com https://googletraveladservices.com https://.googletraveladservices.com https://secure-hotel-tracker.com https://.bing.com https://bat.bing.com https://track.linksynergy.com .doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl .googletagmanager.com https://.googletagmanager.com https://www.google.co.uk https://www.google.com .google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://.cloudflare.com https://.typography.com https://cloud.typography.com .googleapis.com http://.googleapis.com https://.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://.kaspersky-labs.com https://.hirizasune.com https://www.gstatic.com https://.googlesyndication.com https://assets.pinterest.com https://.googleapis.com https://www.googleadservices.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://.triptease.io https://connect.facebook.net https://.hotjar.com https://static.sojern.com https://.cookiebot.com https://consent.cookiebot.com https://.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
cf-cache-status: HIT
content-encoding: gzip
age: 2289579
alt-svc: h3=":443"; ma=86400
content-length: 12680
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 21:38:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243ba89dfdac7b-YYZ
expires: Mon, 16 Sep 2024 13:06:30 GMT

GET
H3 200 chosen.jquery.min.js Show response
www.handpickedhotels.co.uk/js/ 28 KB
11 KB 38ms
38ms Script
application/javascript 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/js/chosen.jquery.min.js

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

394299a913cb2249adec7bc2be6e910ee921fdb8c4e321b45091276f5e633d79

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://assets.pinterest.com https://connect.facebook.net .hotjar.com https://.cookiebot.com https://www.gstatic.com https://.google.com https://.doubleclick.net .google-analytics.com .googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://.googlesyndication.com https://.freedompay.com https://.cardinalcommerce.com https://.amazonaws.com https://.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://.hotjar.io wss://.hotjar.com https://www.facebook.com https://.triptease.io https://.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://.alicdn.com https://cdn.honey.io .gstatic.com https://use.typekit.net; frame-src 'self' https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://.3ds.modirum.com https://3dsecure-vrp.de https://.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://.emea.citibank.com https://acs.mercurypaymentservices.it https://.googletagmanager.com https://.rabobank.nl https://.lloydsbankinggroup.com https://.zscloud.net https://.googlesyndication.com https://.americanexpress.com https://.arcot.com https://.doubleclick.net https://www.rsa3dsauth.co.uk https://.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://.cardinalcommerce.com https://.freedompay.com https://.resdiary.com https://.cookiebot.com https://.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://.facebook.net https://.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net .googleapis.com https://adservice.google.com https://.ytimg.com https://googletraveladservices.com https://.googletraveladservices.com https://secure-hotel-tracker.com https://.bing.com https://bat.bing.com https://track.linksynergy.com .doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl .googletagmanager.com https://.googletagmanager.com https://www.google.co.uk https://www.google.com .google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://.cloudflare.com https://.typography.com https://cloud.typography.com .googleapis.com http://.googleapis.com https://.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://.kaspersky-labs.com https://.hirizasune.com https://www.gstatic.com https://.googlesyndication.com https://assets.pinterest.com https://.googleapis.com https://www.googleadservices.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://.triptease.io https://connect.facebook.net https://.hotjar.com https://static.sojern.com https://.cookiebot.com https://consent.cookiebot.com https://.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
cf-cache-status: HIT
content-encoding: gzip
age: 1406059
alt-svc: h3=":443"; ma=86400
content-length: 6618
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 21:38:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243ba8ce51ac7b-YYZ
expires: Thu, 26 Sep 2024 18:31:50 GMT

GET
H3 200 bootstrap3.3.7.min.js Show response
www.handpickedhotels.co.uk/js/ 36 KB
15 KB 35ms
34ms Script
application/javascript 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/js/bootstrap3.3.7.min.js

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 83178
content-security-policy-report-only: upgrade-insecure-requests; #report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://*.ibosscloud.com https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
alt-svc: h3=":443"; ma=86400
content-length: 9833
x-xss-protection: 1; mode=block
last-modified: Mon, 24 Jul 2023 07:23:16 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243ba8ee69ac7b-YYZ
expires: Sat, 12 Oct 2024 01:59:51 GMT

GET
H3 200 jquery.mixitup.min.js Show response
www.handpickedhotels.co.uk/mini-js/ 28 KB
13 KB 36ms
35ms Script
application/javascript 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/mini-js/jquery.mixitup.min.js

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1a9f209f5a03483daafb79df2310038e0c167eb27479317c886b95bb14865fd

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://assets.pinterest.com https://connect.facebook.net .hotjar.com https://.cookiebot.com https://www.gstatic.com https://.google.com https://.doubleclick.net .google-analytics.com .googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://.googlesyndication.com https://.freedompay.com https://.cardinalcommerce.com https://.amazonaws.com https://.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://.hotjar.io wss://.hotjar.com https://www.facebook.com https://.triptease.io https://.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://.alicdn.com https://cdn.honey.io .gstatic.com https://use.typekit.net; frame-src 'self' https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://.3ds.modirum.com https://3dsecure-vrp.de https://.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://.emea.citibank.com https://acs.mercurypaymentservices.it https://.googletagmanager.com https://.rabobank.nl https://.lloydsbankinggroup.com https://.zscloud.net https://.googlesyndication.com https://.americanexpress.com https://.arcot.com https://.doubleclick.net https://www.rsa3dsauth.co.uk https://.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://.cardinalcommerce.com https://.freedompay.com https://.resdiary.com https://.cookiebot.com https://.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://.facebook.net https://.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net .googleapis.com https://adservice.google.com https://.ytimg.com https://googletraveladservices.com https://.googletraveladservices.com https://secure-hotel-tracker.com https://.bing.com https://bat.bing.com https://track.linksynergy.com .doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl .googletagmanager.com https://.googletagmanager.com https://www.google.co.uk https://www.google.com .google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://.cloudflare.com https://.typography.com https://cloud.typography.com .googleapis.com http://.googleapis.com https://.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://.kaspersky-labs.com https://.hirizasune.com https://www.gstatic.com https://.googlesyndication.com https://assets.pinterest.com https://.googleapis.com https://www.googleadservices.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://.triptease.io https://connect.facebook.net https://.hotjar.com https://static.sojern.com https://.cookiebot.com https://consent.cookiebot.com https://.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
cf-cache-status: HIT
content-encoding: gzip
age: 1406059
alt-svc: h3=":443"; ma=86400
content-length: 7903
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 21:38:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243ba90e99ac7b-YYZ
expires: Thu, 26 Sep 2024 18:31:50 GMT

GET
H3 200 jquery.magnific-popup.min.js Show response
www.handpickedhotels.co.uk/js/ 20 KB
12 KB 34ms
34ms Script
application/javascript 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/js/jquery.magnific-popup.min.js

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b872edebe491dfad119a97bc9888aa99978f68489af0f73dc955a063553172f2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://assets.pinterest.com https://connect.facebook.net .hotjar.com https://.cookiebot.com https://www.gstatic.com https://.google.com https://.doubleclick.net .google-analytics.com .googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://.googlesyndication.com https://.freedompay.com https://.cardinalcommerce.com https://.amazonaws.com https://.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://.hotjar.io wss://.hotjar.com https://www.facebook.com https://.triptease.io https://.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://.alicdn.com https://cdn.honey.io .gstatic.com https://use.typekit.net; frame-src 'self' https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://.3ds.modirum.com https://3dsecure-vrp.de https://.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://.emea.citibank.com https://acs.mercurypaymentservices.it https://.googletagmanager.com https://.rabobank.nl https://.lloydsbankinggroup.com https://.zscloud.net https://.googlesyndication.com https://.americanexpress.com https://.arcot.com https://.doubleclick.net https://www.rsa3dsauth.co.uk https://.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://.cardinalcommerce.com https://.freedompay.com https://.resdiary.com https://.cookiebot.com https://.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://.facebook.net https://.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net .googleapis.com https://adservice.google.com https://.ytimg.com https://googletraveladservices.com https://.googletraveladservices.com https://secure-hotel-tracker.com https://.bing.com https://bat.bing.com https://track.linksynergy.com .doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl .googletagmanager.com https://.googletagmanager.com https://www.google.co.uk https://www.google.com .google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://.cloudflare.com https://.typography.com https://cloud.typography.com .googleapis.com http://.googleapis.com https://.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://.kaspersky-labs.com https://.hirizasune.com https://www.gstatic.com https://.googlesyndication.com https://assets.pinterest.com https://.googleapis.com https://www.googleadservices.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://.triptease.io https://connect.facebook.net https://.hotjar.com https://static.sojern.com https://.cookiebot.com https://consent.cookiebot.com https://.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
cf-cache-status: HIT
content-encoding: gzip
age: 1406059
alt-svc: h3=":443"; ma=86400
content-length: 7352
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 21:38:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243ba92eaaac7b-YYZ
expires: Thu, 26 Sep 2024 18:31:50 GMT

GET
H3 200 jquery.bxslider.min.js Show response
www.handpickedhotels.co.uk/js/ 19 KB
10 KB 35ms
35ms Script
application/javascript 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/js/jquery.bxslider.min.js

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://assets.pinterest.com https://connect.facebook.net .hotjar.com https://.cookiebot.com https://www.gstatic.com https://.google.com https://.doubleclick.net .google-analytics.com .googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://.googlesyndication.com https://.freedompay.com https://.cardinalcommerce.com https://.amazonaws.com https://.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://.hotjar.io wss://.hotjar.com https://www.facebook.com https://.triptease.io https://.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://.alicdn.com https://cdn.honey.io .gstatic.com https://use.typekit.net; frame-src 'self' https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://.3ds.modirum.com https://3dsecure-vrp.de https://.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://.emea.citibank.com https://acs.mercurypaymentservices.it https://.googletagmanager.com https://.rabobank.nl https://.lloydsbankinggroup.com https://.zscloud.net https://.googlesyndication.com https://.americanexpress.com https://.arcot.com https://.doubleclick.net https://www.rsa3dsauth.co.uk https://.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://.cardinalcommerce.com https://.freedompay.com https://.resdiary.com https://.cookiebot.com https://.triptease.io https://www.google.com; img-src 'self' data: https://.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://.facebook.net https://.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net .googleapis.com https://adservice.google.com https://.ytimg.com https://googletraveladservices.com https://.googletraveladservices.com https://secure-hotel-tracker.com https://.bing.com https://bat.bing.com https://track.linksynergy.com .doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl .googletagmanager.com https://.googletagmanager.com https://www.google.co.uk https://www.google.com .google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://.cloudflare.com https://.typography.com https://cloud.typography.com .googleapis.com http://.googleapis.com https://.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://.kaspersky-labs.com https://.hirizasune.com https://www.gstatic.com https://.googlesyndication.com https://assets.pinterest.com https://.googleapis.com https://www.googleadservices.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://.triptease.io https://connect.facebook.net https://.hotjar.com https://static.sojern.com https://.cookiebot.com https://consent.cookiebot.com https://.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
cf-cache-status: HIT
content-encoding: gzip
age: 1468182
alt-svc: h3=":443"; ma=86400
content-length: 5162
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 21:38:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243ba96ed9ac7b-YYZ
expires: Thu, 26 Sep 2024 01:16:27 GMT

GET
H3 200 moment.min.js Show response
www.handpickedhotels.co.uk/js/ 46 KB
20 KB 39ms
38ms Script
application/javascript 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/js/moment.min.js

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4e411c99fe4a486db34e801a53392ae86f8659eccc438944b5a062c9aaba25be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 601801
content-security-policy-report-only: upgrade-insecure-requests; #report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://*.ibosscloud.com https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
alt-svc: h3=":443"; ma=86400
content-length: 15265
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 21:38:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243ba96ee5ac7b-YYZ
expires: Sun, 06 Oct 2024 01:56:08 GMT

GET
H3 200 velocity.min.js Show response
www.handpickedhotels.co.uk/js/ 34 KB
17 KB 51ms
50ms Script
application/javascript 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/js/velocity.min.js

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

211393b09ab7fdfba9ddb5f6135625e6674613fd89b872d258ab535a348d2adb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 2241656
content-security-policy-report-only: upgrade-insecure-requests; #report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://*.ibosscloud.com https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
alt-svc: h3=":443"; ma=86400
content-length: 12403
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 21:38:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243ba9af34ac7b-YYZ
expires: Tue, 17 Sep 2024 02:25:12 GMT

GET
H3 200 healthupcomingclasses.min.js Show response
www.handpickedhotels.co.uk/mini-js/healthClub/ 4 KB
6 KB 59ms
59ms Script
application/javascript 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/mini-js/healthClub/healthupcomingclasses.min.js

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

72b46ee3879fa1430a025b5cde2e57de54cb318dd767b526652a622421b499af

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://assets.pinterest.com https://connect.facebook.net .hotjar.com https://.cookiebot.com https://www.gstatic.com https://.google.com https://.doubleclick.net .google-analytics.com .googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://.googlesyndication.com https://.freedompay.com https://.cardinalcommerce.com https://.amazonaws.com https://.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://.hotjar.io wss://.hotjar.com https://www.facebook.com https://.triptease.io https://.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://.alicdn.com https://cdn.honey.io .gstatic.com https://use.typekit.net; frame-src 'self' https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://.3ds.modirum.com https://3dsecure-vrp.de https://.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://.emea.citibank.com https://acs.mercurypaymentservices.it https://.googletagmanager.com https://.rabobank.nl https://.lloydsbankinggroup.com https://.zscloud.net https://.googlesyndication.com https://.americanexpress.com https://.arcot.com https://.doubleclick.net https://www.rsa3dsauth.co.uk https://.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://.cardinalcommerce.com https://.freedompay.com https://.resdiary.com https://.cookiebot.com https://.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://.facebook.net https://.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net .googleapis.com https://adservice.google.com https://.ytimg.com https://googletraveladservices.com https://.googletraveladservices.com https://secure-hotel-tracker.com https://.bing.com https://bat.bing.com https://track.linksynergy.com .doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl .googletagmanager.com https://.googletagmanager.com https://www.google.co.uk https://www.google.com .google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://.cloudflare.com https://.typography.com https://cloud.typography.com .googleapis.com http://.googleapis.com https://.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://.kaspersky-labs.com https://.hirizasune.com https://www.gstatic.com https://.googlesyndication.com https://assets.pinterest.com https://.googleapis.com https://www.googleadservices.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://.triptease.io https://connect.facebook.net https://.hotjar.com https://static.sojern.com https://.cookiebot.com https://consent.cookiebot.com https://.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
cf-cache-status: HIT
content-encoding: gzip
age: 1406059
alt-svc: h3=":443"; ma=86400
content-length: 1427
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 21:38:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243ba9bf44ac7b-YYZ
expires: Thu, 26 Sep 2024 18:31:50 GMT

GET
H3 200 healthclasscategory.min.js Show response
www.handpickedhotels.co.uk/mini-js/healthClub/ 5 KB
7 KB 41ms
40ms Script
application/javascript 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/mini-js/healthClub/healthclasscategory.min.js

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c94979c6da24a7b2741546d85b784bced95e1738b2889d958951773864a3ac1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 660010
content-security-policy-report-only: upgrade-insecure-requests; #report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://*.ibosscloud.com https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
alt-svc: h3=":443"; ma=86400
content-length: 1751
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 21:38:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243baa1f98ac7b-YYZ
expires: Sat, 05 Oct 2024 09:45:59 GMT

GET
H3 200 bootstrap-select.min.js Show response
www.handpickedhotels.co.uk/mini-js/ 33 KB
14 KB 35ms
34ms Script
application/javascript 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/mini-js/bootstrap-select.min.js

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a794fdf7e47230d9b6083ca593156ae4e85fbcb521c4151844507a7aed5398e2

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://assets.pinterest.com https://connect.facebook.net .hotjar.com https://.cookiebot.com https://www.gstatic.com https://.google.com https://.doubleclick.net .google-analytics.com .googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://.googlesyndication.com https://.freedompay.com https://.cardinalcommerce.com https://.amazonaws.com https://.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://.hotjar.io wss://.hotjar.com https://www.facebook.com https://.triptease.io https://.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://.alicdn.com https://cdn.honey.io .gstatic.com https://use.typekit.net; frame-src 'self' https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://.3ds.modirum.com https://3dsecure-vrp.de https://.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://.emea.citibank.com https://acs.mercurypaymentservices.it https://.googletagmanager.com https://.rabobank.nl https://.lloydsbankinggroup.com https://.zscloud.net https://.googlesyndication.com https://.americanexpress.com https://.arcot.com https://.doubleclick.net https://www.rsa3dsauth.co.uk https://.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://.cardinalcommerce.com https://.freedompay.com https://.resdiary.com https://.cookiebot.com https://.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://.facebook.net https://.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net .googleapis.com https://adservice.google.com https://.ytimg.com https://googletraveladservices.com https://.googletraveladservices.com https://secure-hotel-tracker.com https://.bing.com https://bat.bing.com https://track.linksynergy.com .doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl .googletagmanager.com https://.googletagmanager.com https://www.google.co.uk https://www.google.com .google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://.cloudflare.com https://.typography.com https://cloud.typography.com .googleapis.com http://.googleapis.com https://.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://.kaspersky-labs.com https://.hirizasune.com https://www.gstatic.com https://.googlesyndication.com https://assets.pinterest.com https://.googleapis.com https://www.googleadservices.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://.triptease.io https://connect.facebook.net https://.hotjar.com https://static.sojern.com https://.cookiebot.com https://consent.cookiebot.com https://.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
cf-cache-status: HIT
content-encoding: gzip
age: 1406059
alt-svc: h3=":443"; ma=86400
content-length: 9644
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 21:38:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243baa1fa2ac7b-YYZ
expires: Thu, 26 Sep 2024 18:31:50 GMT

GET
H3 200 scratch.min.js Show response
www.handpickedhotels.co.uk/mini-js/ 6 KB
9 KB 394ms
393ms Script
application/javascript 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/mini-js/scratch.min.js?ver=2024091302

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1d3ba2af209b7f90aafbedab6b5c5edfedc6326b8225ae693453306075dd4412

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:10 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-security-policy-report-only: upgrade-insecure-requests; #report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://*.ibosscloud.com https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
alt-svc: h3=":443"; ma=86400
content-length: 4210
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 21:38:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243baa6fdeac7b-YYZ
expires: Sun, 13 Oct 2024 01:06:09 GMT

GET
H3 200 tour.min.js Show response
www.handpickedhotels.co.uk/mini-js/ 389 B
5 KB 36ms
35ms Script
application/javascript 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/mini-js/tour.min.js

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a0bb4b40a76d9e30ab7678303c0aee5e7d9833351a7f3354c364eec1b0866c18

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 562013
content-security-policy-report-only: upgrade-insecure-requests; #report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://*.ibosscloud.com https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
alt-svc: h3=":443"; ma=86400
content-length: 261
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 21:38:15 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243baa6fdfac7b-YYZ
expires: Sun, 06 Oct 2024 12:59:16 GMT

GET
H3 200 jquery.matchHeight-min.js Show response
www.handpickedhotels.co.uk/js/matchheight/ 3 KB
6 KB 37ms
36ms Script
application/javascript 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/js/matchheight/jquery.matchHeight-min.js

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 562013
content-security-policy-report-only: upgrade-insecure-requests; #report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://*.ibosscloud.com https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
alt-svc: h3=":443"; ma=86400
content-length: 1383
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 21:38:41 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243baaa825ac7b-YYZ
expires: Sun, 06 Oct 2024 12:59:16 GMT

GET
H3 200 flipclock.min.js Show response
www.handpickedhotels.co.uk/js/ 21 KB
10 KB 37ms
37ms Script
application/javascript 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/js/flipclock.min.js

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3af373b35bac7f113a07b59e3b87916a722438ff02350590920ea7e6acd55045

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://assets.pinterest.com https://connect.facebook.net .hotjar.com https://.cookiebot.com https://www.gstatic.com https://.google.com https://.doubleclick.net .google-analytics.com .googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://.googlesyndication.com https://.freedompay.com https://.cardinalcommerce.com https://.amazonaws.com https://.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://.hotjar.io wss://.hotjar.com https://www.facebook.com https://.triptease.io https://.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://.alicdn.com https://cdn.honey.io .gstatic.com https://use.typekit.net; frame-src 'self' https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://.3ds.modirum.com https://3dsecure-vrp.de https://.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://.emea.citibank.com https://acs.mercurypaymentservices.it https://.googletagmanager.com https://.rabobank.nl https://.lloydsbankinggroup.com https://.zscloud.net https://.googlesyndication.com https://.americanexpress.com https://.arcot.com https://.doubleclick.net https://www.rsa3dsauth.co.uk https://.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://.cardinalcommerce.com https://.freedompay.com https://.resdiary.com https://.cookiebot.com https://.triptease.io https://www.google.com; img-src 'self' data: https://.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://.facebook.net https://.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net .googleapis.com https://adservice.google.com https://.ytimg.com https://googletraveladservices.com https://.googletraveladservices.com https://secure-hotel-tracker.com https://.bing.com https://bat.bing.com https://track.linksynergy.com .doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl .googletagmanager.com https://.googletagmanager.com https://www.google.co.uk https://www.google.com .google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://.cloudflare.com https://.typography.com https://cloud.typography.com .googleapis.com http://.googleapis.com https://.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://.kaspersky-labs.com https://.hirizasune.com https://www.gstatic.com https://.googlesyndication.com https://assets.pinterest.com https://.googleapis.com https://www.googleadservices.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://.triptease.io https://connect.facebook.net https://.hotjar.com https://static.sojern.com https://.cookiebot.com https://consent.cookiebot.com https://.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
cf-cache-status: HIT
content-encoding: gzip
age: 1462567
alt-svc: h3=":443"; ma=86400
content-length: 5462
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 21:38:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243baae864ac7b-YYZ
expires: Thu, 26 Sep 2024 02:50:02 GMT

GET
H3 200 mobiscroll.jquery.min.js Show response
www.handpickedhotels.co.uk/js/mobiscroll/ 220 KB
71 KB 91ms
90ms Script
application/javascript 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/js/mobiscroll/mobiscroll.jquery.min.js?v=5283

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26f4ebf0d249f9442f2a72289951e4e24f982a83352abc5cb7a693bb49e35f8a

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://assets.pinterest.com https://connect.facebook.net .hotjar.com https://.cookiebot.com https://www.gstatic.com https://.google.com https://.doubleclick.net .google-analytics.com .googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://.googlesyndication.com https://.freedompay.com https://.cardinalcommerce.com https://.amazonaws.com https://.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://.hotjar.io wss://.hotjar.com https://www.facebook.com https://.triptease.io https://.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://.alicdn.com https://cdn.honey.io .gstatic.com https://use.typekit.net; frame-src 'self' https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://.3ds.modirum.com https://3dsecure-vrp.de https://.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://.emea.citibank.com https://acs.mercurypaymentservices.it https://.googletagmanager.com https://.rabobank.nl https://.lloydsbankinggroup.com https://.zscloud.net https://.googlesyndication.com https://.americanexpress.com https://.arcot.com https://.doubleclick.net https://www.rsa3dsauth.co.uk https://.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://.cardinalcommerce.com https://.freedompay.com https://.resdiary.com https://.cookiebot.com https://.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://.facebook.net https://.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net .googleapis.com https://adservice.google.com https://.ytimg.com https://googletraveladservices.com https://.googletraveladservices.com https://secure-hotel-tracker.com https://.bing.com https://bat.bing.com https://track.linksynergy.com .doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl .googletagmanager.com https://.googletagmanager.com https://www.google.co.uk https://www.google.com .google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://.cloudflare.com https://.typography.com https://cloud.typography.com .googleapis.com http://.googleapis.com https://.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://.kaspersky-labs.com https://.hirizasune.com https://www.gstatic.com https://.googlesyndication.com https://assets.pinterest.com https://.googleapis.com https://www.googleadservices.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://.triptease.io https://connect.facebook.net https://.hotjar.com https://static.sojern.com https://.cookiebot.com https://consent.cookiebot.com https://.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
cf-cache-status: HIT
content-encoding: gzip
age: 1406059
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
last-modified: Wed, 31 Jan 2024 09:22:10 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 8c243bab28acac7b-YYZ
expires: Thu, 26 Sep 2024 18:31:50 GMT

GET
H3 200 com_vouchers.js Show response
www.handpickedhotels.co.uk/js/vouchers/ 16 KB
8 KB 295ms
287ms Script
application/javascript 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/js/vouchers/com_vouchers.js?ver=32024091302

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dfa2220faf05e0bff101e38a6b01371d2af185d6f680cf8e96de319d3b2d102d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:10 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-security-policy-report-only: upgrade-insecure-requests; #report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://*.ibosscloud.com https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
alt-svc: h3=":443"; ma=86400
content-length: 3491
x-xss-protection: 1; mode=block
last-modified: Tue, 20 Aug 2024 12:31:35 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243babd94eac7b-YYZ
expires: Sun, 13 Oct 2024 01:06:10 GMT

GET
H3 200 main_jquery3.js Show response
www.handpickedhotels.co.uk/js/ 118 KB
29 KB 379ms
371ms Script
application/javascript 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/js/main_jquery3.js?v=22024091302

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0033033d20c03db07e87796930b0a65682037c33c43edb7fe45e97e2ec52d5c2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:10 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-security-policy-report-only: upgrade-insecure-requests; #report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://*.ibosscloud.com https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
alt-svc: h3=":443"; ma=86400
content-length: 24476
x-xss-protection: 1; mode=block
last-modified: Wed, 04 Sep 2024 10:25:54 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243babd950ac7b-YYZ
expires: Sun, 13 Oct 2024 01:06:10 GMT

GET
H3 200 main_nav_vi.js Show response
www.handpickedhotels.co.uk/js/ 11 KB
8 KB 300ms
292ms Script
application/javascript 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/js/main_nav_vi.js?v=22024091302

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

229e8ac05641c2375d8e1c0bd445e4e1bdbf6abc75cabb89e30f192c31e74b1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:10 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-security-policy-report-only: upgrade-insecure-requests; #report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://*.ibosscloud.com https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
alt-svc: h3=":443"; ma=86400
content-length: 2976
x-xss-protection: 1; mode=block
last-modified: Mon, 05 Aug 2024 10:41:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243babd951ac7b-YYZ
expires: Sun, 13 Oct 2024 01:06:10 GMT

GET
H2 200 js Show response
maps.googleapis.com/maps/api/ 232 KB
80 KB 132ms
65ms Script
text/javascript 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/js?key=AIzaSyCBxkktwGRi6Y7Ky9WERVu7Qps_lnD8Z60&v=3.exp

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

5b0552fcba4b1c3e82348d223c8ddf20072a3752b51035a54021c6c372cb105b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.handpickedhotels.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Accept-Language, Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 81147
x-xss-protection: 0

GET
H3 200 currency_converter.js Show response
www.handpickedhotels.co.uk/js/ 9 KB
7 KB 302ms
295ms Script
application/javascript 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/js/currency_converter.js?v=2024091302

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b1e17b84fbf7fcd9255eaaa1daaa07de664889129f24c402177abcc5908fcd9d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:10 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-security-policy-report-only: upgrade-insecure-requests; #report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://*.ibosscloud.com https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
alt-svc: h3=":443"; ma=86400
content-length: 2365
x-xss-protection: 1; mode=block
last-modified: Mon, 29 Apr 2024 07:29:28 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243babd952ac7b-YYZ
expires: Sun, 13 Oct 2024 01:06:10 GMT

GET
H3 200 com_reservations_spalate.min.js Show response
www.handpickedhotels.co.uk/mini-js/reservations/ 4 KB
6 KB 350ms
343ms Script
application/javascript 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/mini-js/reservations/com_reservations_spalate.min.js?v=3

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

756c7cdba28dd8a12aed3250bd60c96ac6643ab48fa66f192ac862ed98ba9b5a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:10 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: MISS
content-encoding: gzip
content-security-policy-report-only: upgrade-insecure-requests; #report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://*.ibosscloud.com https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
alt-svc: h3=":443"; ma=86400
content-length: 1493
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 21:38:12 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243babd953ac7b-YYZ
expires: Sun, 13 Oct 2024 01:06:10 GMT

GET
H2 200 p.css
p.typekit.net/ 5 B
172 B 123ms
24ms Stylesheet
text/css 2600:141b:1c00:f::172c:c9cf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://p.typekit.net/p.css?s=1&k=hri3euw&ht=tk&f=15665.15666.15667.15668.15669&a=86886659&app=typekit&e=css
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hri3euw.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:f::172c:c9cf Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb

Request headers

Referer: https://use.typekit.net/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
last-modified: Sun, 10 Mar 2024 12:44:13 GMT
server: nginx
etag: "65edab1d-5"
content-type: text/css
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 5

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 443 KB
124 KB 139ms
75ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PWSLWB

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

97af00e37770f620e9186f337d206314c5cd6d7b56e9a50a460a8741b544471e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.handpickedhotels.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 126537
x-xss-protection: 0
last-modified: Fri, 13 Sep 2024 00:34:26 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 13 Sep 2024 01:06:09 GMT

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 6 KB
3 KB 126ms
49ms Script
application/javascript 23.44.111.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CKILLNJC77UA008MUPJG&lib=ttq
Requested by: Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.72 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-72.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e0ff55964f9bf6c1b80e46387efabbe6e41d7989a0b81e84ee84dc94a5a3e410

Request headers

Referer: https://www.handpickedhotels.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 2db0823b.33814f6
date: Fri, 13 Sep 2024 01:06:09 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24091301060949A5EE60945C16F17F06-54D12AAC3C8A14F5-00
x-cache: TCP_MISS from a23-44-200-194.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
x-parent-response-time: 18,23.44.200.194
server-timing: cdn-cache; desc=MISS, edge; dur=11, origin; dur=8, inner; dur=5
content-length: 2211
pragma: no-cache
server: nginx
x-tt-logid: 2024091301060949A5EE60945C16F17F06
x-cache-remote: TCP_MISS from a23-220-106-208.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 8,23.220.106.208
x-tt-trace-host: 01c6924f8812bfc1a214d7532ab5d943863db4bfa4330a12e1a338ca040abef5afb1dc0849c3883cdb2129715fb3a80772bc5c50d5423230acfaaff47734fb9c55d3c5d112d9c1a5250b0dad3e911f95e9ff3fd9c50d3d8d08d54f738320e0dfacf24329608c6a28ef784317ce02606e3f
expires: Fri, 13 Sep 2024 01:06:09 GMT

GET
DATA 200
OK truncated
/ 12 KB
12 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 3905726cae4d547cb2e292cde22c3af6e34bdeedf89e26aaa5e3c0d239e64cfb

Request headers

Referer
Origin: https://www.handpickedhotels.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
H2 200 l
use.typekit.net/af/6799c3/000000000000000000012e92/27/ 39 KB
39 KB 102ms
25ms Font
application/font-woff2 2600:141b:1c00:f::172c:c9cc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/6799c3/000000000000000000012e92/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n4&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hri3euw.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:f::172c:c9cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2aa4afc11c9d7a606d9d9697bf302736df839525aa7a74cf7456d0eb777d0920

Request headers

Referer: https://use.typekit.net/hri3euw.css
Origin: https://www.handpickedhotels.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:10 GMT
server: nginx
etag: "ff390f132f568633fed790cb146933639ec26802"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 39704

GET
H3 200 fa-light-300.woff2
www.handpickedhotels.co.uk/fonts/FontAwesome5Pro/ 54 KB
59 KB 64ms
62ms Font
font/woff2 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/fonts/FontAwesome5Pro/fa-light-300.woff2

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/fonts/FontAwesome5Pro/fontawesome-all.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1fcbd93fb35765f4d68e0807e889e54281886a76870cc47252fe4a68a418049d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/fonts/FontAwesome5Pro/fontawesome-all.css
Origin: https://www.handpickedhotels.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 31222
content-security-policy-report-only: upgrade-insecure-requests; #report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://*.ibosscloud.com https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
alt-svc: h3=":443"; ma=86400
content-length: 55064
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 21:40:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243bac49b6ac7b-YYZ
expires: Sat, 12 Oct 2024 16:25:47 GMT

GET
H3 200 fa-brands-400.woff2
www.handpickedhotels.co.uk/fonts/FontAwesome5Pro/ 51 KB
56 KB 36ms
34ms Font
font/woff2 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/fonts/FontAwesome5Pro/fa-brands-400.woff2

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/fonts/FontAwesome5Pro/fontawesome-all.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6c5cc528f47f52157cad3851e058df90be953c91fe455566ad35d69e361b5f62

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://assets.pinterest.com https://connect.facebook.net .hotjar.com https://.cookiebot.com https://www.gstatic.com https://.google.com https://.doubleclick.net .google-analytics.com .googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://.googlesyndication.com https://.freedompay.com https://.cardinalcommerce.com https://.amazonaws.com https://.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://.hotjar.io wss://.hotjar.com https://www.facebook.com https://.triptease.io https://.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://.alicdn.com https://cdn.honey.io .gstatic.com https://use.typekit.net; frame-src 'self' https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://.3ds.modirum.com https://3dsecure-vrp.de https://.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://.emea.citibank.com https://acs.mercurypaymentservices.it https://.googletagmanager.com https://.rabobank.nl https://.lloydsbankinggroup.com https://.zscloud.net https://.googlesyndication.com https://.americanexpress.com https://.arcot.com https://.doubleclick.net https://www.rsa3dsauth.co.uk https://.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://.cardinalcommerce.com https://.freedompay.com https://.resdiary.com https://.cookiebot.com https://.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://.facebook.net https://.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net .googleapis.com https://adservice.google.com https://.ytimg.com https://googletraveladservices.com https://.googletraveladservices.com https://secure-hotel-tracker.com https://.bing.com https://bat.bing.com https://track.linksynergy.com .doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl .googletagmanager.com https://.googletagmanager.com https://www.google.co.uk https://www.google.com .google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://.cloudflare.com https://.typography.com https://cloud.typography.com .googleapis.com http://.googleapis.com https://.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://.kaspersky-labs.com https://.hirizasune.com https://www.gstatic.com https://.googlesyndication.com https://assets.pinterest.com https://.googleapis.com https://www.googleadservices.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://.triptease.io https://connect.facebook.net https://.hotjar.com https://static.sojern.com https://.cookiebot.com https://consent.cookiebot.com https://.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/fonts/FontAwesome5Pro/fontawesome-all.css
Origin: https://www.handpickedhotels.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
content-security-policy: upgrade-insecure-requests; report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
cf-cache-status: HIT
age: 2518095
alt-svc: h3=":443"; ma=86400
content-length: 52660
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 21:40:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243bac49b9ac7b-YYZ
expires: Fri, 13 Sep 2024 21:37:54 GMT

GET
H3 200 fa-solid-900.woff2
www.handpickedhotels.co.uk/fonts/FontAwesome5Pro/ 43 KB
48 KB 108ms
106ms Font
font/woff2 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/fonts/FontAwesome5Pro/fa-solid-900.woff2

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/fonts/FontAwesome5Pro/fontawesome-all.css

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b79e8679035799290c213b82e019210146ad515f1022020f3714439acebaec16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/fonts/FontAwesome5Pro/fontawesome-all.css
Origin: https://www.handpickedhotels.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:09 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 83178
content-security-policy-report-only: upgrade-insecure-requests; #report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://*.ibosscloud.com https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
alt-svc: h3=":443"; ma=86400
content-length: 44428
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 21:40:33 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: font/woff2
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243bac49bbac7b-YYZ
expires: Sat, 12 Oct 2024 01:59:51 GMT

GET
H2 200 l
use.typekit.net/af/bdb813/000000000000000000012e91/27/ 44 KB
45 KB 106ms
31ms Font
application/font-woff2 2600:141b:1c00:f::172c:c9cc
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/bdb813/000000000000000000012e91/27/l?primer=7cdcb44be4a7db8877ffa5c0007b8dd865b3bbc383831fe2ea177f62257a9191&fvd=n3&v=3
Requested by: Host: use.typekit.net
URL: https://use.typekit.net/hri3euw.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:f::172c:c9cc Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2765f2f52a392bbf23ea4e6a2a866eba023ce690ce89d23461d13a41385f5815

Request headers

Referer: https://use.typekit.net/hri3euw.css
Origin: https://www.handpickedhotels.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:10 GMT
server: nginx
etag: "4ebecb551ddbcc51f330d40746593e1d6304c88a"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 45496

GET
DATA 200
OK truncated
/ 12 KB
12 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0106f314b23ace616393c7a2bec49cdd576ddd2dfc713dd8f16bb24e7c00f1e8

Request headers

Referer
Origin: https://www.handpickedhotels.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
DATA 200
OK truncated
/ 12 KB
12 KB Font
application/x-font-woff2

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4f2b62aa3a66cbbd89ab53e77076d8f31b286450fc67a7665538270d57d93799

Request headers

Referer
Origin: https://www.handpickedhotels.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: application/x-font-woff2

GET
H2 200 main.MTkzZDVlN2M0MQ.js Show response
analytics.tiktok.com/i18n/pixel/static/ 340 KB
96 KB 35ms
28ms Script
application/javascript 23.44.111.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTkzZDVlN2M0MQ.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CKILLNJC77UA008MUPJG&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.72 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-72.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 864072a3229468b4abd5debaf97f3ed17b77f098513c523746cb825ee183e68f

Request headers

Referer: https://www.handpickedhotels.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 3381545
date: Fri, 13 Sep 2024 01:06:10 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202409121306130B912EF2B23A6EB508EB
x-tt-trace-id: 00-2409121306130B912EF2B23A6EB508EB-770C526B564FFB44-00
vary: Accept-Encoding
x-cache: TCP_HIT from a23-44-200-194.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01131beb85092262ee7fdee4e833bf8a01e91b0fff8880aeebdac2f096ed6662197c60608cf58897ebfb824a35084961a9571d5e51302933e8063a3b28d601bb7caf9e5a9afeba94b01dec64e737e3bab4598a391e54b4f88f3d4a9321544d6dce
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=3
content-length: 97317

GET
H2 200 uc.js Show response
consent.cookiebot.com/ 110 KB
34 KB 116ms
28ms Script
application/javascript 2600:141b:1c00:16::17c4:30f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/uc.js?cbid=9812b456-0fe6-4c73-bb74-003c23bc69d0&implementation=gtm&consentmode-dataredaction=dynamic
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWSLWB
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:16::17c4:30f Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 4468064aa41fba7041cd47536ec0497845cc87de6704b1eef2c57ddd067c917c

Request headers

Referer: https://www.handpickedhotels.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

expires: Fri, 13 Sep 2024 01:13:48 GMT
date: Fri, 13 Sep 2024 01:06:10 GMT
content-encoding: gzip
last-modified: Thu, 12 Sep 2024 10:44:44 GMT
etag: "0f655c705db1:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-expose-headers: Request-Context
cache-control: public, max-age=458
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 34369
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef

GET
H3 200 sha256.min.js Show response
cdnjs.cloudflare.com/ajax/libs/js-sha256/0.9.0/ 9 KB
4 KB 122ms
42ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/js-sha256/0.9.0/sha256.min.js

Requested by

Host: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.handpickedhotels.co.uk/
Origin: https://www.handpickedhotels.co.uk
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:10 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 1836964
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 2977
last-modified: Mon, 04 May 2020 16:11:50 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec6-2339"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=Y1sRs64PNn7s4PrKtXAHA2wm98sdD3L%2BQiJw4HHdp3jWKD1vXZtPDaauxBnJijL9M7mKSohcFO3YFFwaqVZPvM11YDzsMTfavvdQpENwunl3fRDapGdojosdMyOcmi9PRUkPxEiq"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 8c243bae2d5d36b4-YYZ
expires: Wed, 03 Sep 2025 01:06:10 GMT

POST
H3 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
64 B 152ms
52ms Ping
image/gif 142.251.32.98
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3l3l5l1&tag_exp=0&rnd=1551847394.1726189570&url=https%3A%2F%2Fwww.handpickedhotels.co.uk%2Fnortonhouse%2Fspa%2Flate-availability&dma=0&npa=0&gtm=45He49b0n71PWSLWBv71233370za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWSLWB

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.32.98 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s77-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.handpickedhotels.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Sep 2024 01:06:10 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 265 KB
92 KB 86ms
58ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-1018768318&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWSLWB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c77c6a2d3db39575e74de16eb7f963f954de37a4575dfa74b3d05eaca03ad79d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.handpickedhotels.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 93747
x-xss-protection: 0
last-modified: Fri, 13 Sep 2024 00:34:26 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 13 Sep 2024 01:06:10 GMT

GET
H2 200 destination Show response
www.googletagmanager.com/gtag/ 231 KB
83 KB 81ms
61ms Script
application/javascript 2607:f8b0:4006:820::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-826941651&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWSLWB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:820::2008 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d20f6c729837cf4c15f4484818bf82dc1f627393584f02a67bafac8a2629cd57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.handpickedhotels.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 85039
x-xss-protection: 0
last-modified: Fri, 13 Sep 2024 00:34:26 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 13 Sep 2024 01:06:10 GMT

GET
H2 200 n3c9876.js Show response
cdn.omniconvert.com/js/ 283 KB
102 KB 261ms
160ms Script
text/javascript 2606:4700:3035::6815:53e6
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.omniconvert.com/js/n3c9876.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWSLWB
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3035::6815:53e6 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e8a5441c90b16922151c420d307ec0316e0442b7ba8425528c4828ddfcda767

Request headers

Referer: https://www.handpickedhotels.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:10 GMT
content-encoding: gzip
cf-cache-status: BYPASS
x-env: JProd
x-cache-sr-miss: 0
last-modified: Fri, 13 Sep 2024 01:06:10 GMT
x-cache-cr-hit: 0
server: cloudflare
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: text/javascript;charset=UTF-8
x-cache-sr-hit: 10
access-control-allow-origin: *
cache-control: private, max-age=300
access-control-allow-credentials: true
x-machine: Tracking-PROD-3
x-cache-cr-miss: 0
cf-ray: 8c243bae89feac57-YYZ
access-control-allow-headers: origin,accept,accept-encoding,accept-language,access-control-request-method,access-control-request-private-network,referer,sec-fetch-dest,sec-fetch-mode,sec-fetch-site,user-agent,x-cache-bypass,x-requested-with,x-omni-tool-auth,sentry-trace,baggage,dnt,if-modified-since,cache-control,content-type,range,authority

GET
H2 200 identify_7bf75739.js Show response
analytics.tiktok.com/i18n/pixel/static/ 146 KB
40 KB 29ms
29ms Script
application/javascript 23.44.111.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_7bf75739.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTkzZDVlN2M0MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.72 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-72.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4

Request headers

Referer: https://www.handpickedhotels.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

x-akamai-request-id: 33815fc
date: Fri, 13 Sep 2024 01:06:10 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 2024083002252667B2AFF60668D8848B5C
x-tt-trace-id: 00-24083002252667B2AFF60668D8848B5C-70C862117F52435C-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a23-44-200-194.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 01592650e253ccbddaf9de0384ae8def16a7820e2aea0707b91e036b389ad4aa97e74bde155d0159c4a14f159efe6eacd5934c8d91ab89ec56cc7653d2202ba696dd2c9dc5ea03dd9ccbc742c713cafb769157c109890207b371e9a1660229e41c
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=11
content-length: 39837

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
882 B 463ms
461ms Ping
text/plain 23.44.111.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTkzZDVlN2M0MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.72 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-72.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.handpickedhotels.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 23d9d14a.3381615
date: Fri, 13 Sep 2024 01:06:10 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-24091301061050C815977FA548C9BF66-3CA5A1A47B9CC834-00
x-cache: TCP_MISS from a23-44-200-194.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
x-parent-response-time: 420,23.44.200.194
server-timing: cdn-cache; desc=MISS, edge; dur=35, origin; dur=394, inner; dur=391
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 2024091301061050C815977FA548C9BF66
x-cache-remote: TCP_MISS from a23-220-104-211.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 394,23.220.104.211
x-tt-trace-host: 01c6924f8812bfc1a214d7532ab5d943863db4bfa4330a12e1a338ca040abef5afa674c75eb29e404f480a7cd419bd7218b7f65f2a18f58e8f7ba504f8916340098fd6938ef77bd40adc9e53db48018efbecd46c1775c4d73cc6a8bb6bcd0c200c651496e87b95d5ce6b3d3e20fe83d6ab
access-control-allow-headers: Authorization,*
expires: Fri, 13 Sep 2024 01:06:10 GMT

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
716 B 68ms
66ms Ping
text/plain 23.44.111.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTkzZDVlN2M0MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.72 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-72.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.handpickedhotels.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 338161a
date: Fri, 13 Sep 2024 01:06:10 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240913010610B51793F56F780EE92DDF-28E16B5A50FD8D14-00
x-cache: TCP_MISS from a23-44-200-194.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
server-timing: inner; dur=20, cdn-cache; desc=MISS, edge; dur=8, origin; dur=30
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240913010610B51793F56F780EE92DDF
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 31,23.44.200.194
x-tt-trace-host: 01c6924f8812bfc1a214d7532ab5d943863db4bfa4330a12e1a338ca040abef5af481604008e2184a7d93f930a24f8fd3b6f32e1d821bb76dc32f0ec92740a0962f6ce6a343b7a4f2b542215fd23a8b72b870cdeac5a828f73bbedb4ec07174f70
access-control-allow-headers: Authorization,*
expires: Fri, 13 Sep 2024 01:06:10 GMT

GET
H3 200 gen_204 Show response
maps.googleapis.com/maps/api/mapsjs/ 3 B
45 B 104ms
52ms XHR
application/json 172.217.165.138
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps/api/mapsjs/gen_204?csp_test=true

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCBxkktwGRi6Y7Ky9WERVu7Qps_lnD8Z60&v=3.exp

Protocol

Security

QUIC, , AES_128_GCM

Server

172.217.165.138 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

lax30s03-in-f10.1e100.net

Software

scaffolding on HTTPServer2 /

Resource Hash

ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.handpickedhotels.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
vary: Origin, X-Origin, Referer
x-frame-options: SAMEORIGIN
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.handpickedhotels.co.uk
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 23
x-xss-protection: 0

GET
H2 200 bc-v4.min.html
consentcdn.cookiebot.com/sdk/ Frame 6BBA 0
0 92ms
26ms Document
text/html 2600:141b:1c00:258b::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consentcdn.cookiebot.com/sdk/bc-v4.min.html
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=9812b456-0fe6-4c73-bb74-003c23bc69d0&implementation=gtm&consentmode-dataredaction=dynamic
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:258b::f09 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash

Request headers

Referer: https://www.handpickedhotels.co.uk/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

accept-ranges: bytes
cache-control: max-age=31536000
content-encoding: gzip
content-length: 392
content-type: text/html
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 13 Sep 2024 01:06:10 GMT
etag: "3d08665fa4c7bcf9fa2dcbbc7efe1d0f:1649057029.895163"
expires: Sat, 13 Sep 2025 01:06:10 GMT
last-modified: Mon, 04 Apr 2022 07:23:49 GMT
server: AkamaiNetStorage
server-timing: cdn-cache; desc=HIT edge; dur=1 ak_p; desc="1726189570519_399550063_656658103_15_503_22_26_255";dur=1
vary: Accept-Encoding
x-akamai-transformed: 9 - 0 pmb=mRUM,1

GET
H2 200 cc.js Show response
consent.cookiebot.com/9812b456-0fe6-4c73-bb74-003c23bc69d0/ 369 KB
101 KB 229ms
229ms Script
application/x-javascript 2600:141b:1c00:16::17c4:30f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://consent.cookiebot.com/9812b456-0fe6-4c73-bb74-003c23bc69d0/cc.js?renew=false&referer=www.handpickedhotels.co.uk&dnt=false&init=false
Requested by: Host: consent.cookiebot.com
URL: https://consent.cookiebot.com/uc.js?cbid=9812b456-0fe6-4c73-bb74-003c23bc69d0&implementation=gtm&consentmode-dataredaction=dynamic
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:16::17c4:30f Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: ac5e38c6e012a7615b7a63854f8abe5de72dc5ebcf4e4f94ba60ec2dfee0544c

Request headers

Referer: https://www.handpickedhotels.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:10 GMT
content-encoding: gzip
last-modified: Fri, 13 Sep 2024 01:06:10 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-expose-headers: Request-Context
cache-control: private, max-age=1200
cross-origin-resource-policy: cross-origin
content-length: 103340
request-context: appId=cid-v1:89f47f4b-bed0-4db8-956b-d6e6dfac3fef

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
876 B 74ms
71ms Ping
text/plain 23.44.111.72
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MTkzZDVlN2M0MQ.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 23.44.111.72 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a23-44-111-72.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.handpickedhotels.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 66731455.338172a
date: Fri, 13 Sep 2024 01:06:10 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-2409130106106CE6F20DC28E29EF6308-0EC12AAC629D4A02-00
x-cache: TCP_MISS from a23-44-200-194.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
x-parent-response-time: 33,23.44.200.194
server-timing: cdn-cache; desc=MISS, edge; dur=19, origin; dur=23, inner; dur=20
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 202409130106106CE6F20DC28E29EF6308
x-cache-remote: TCP_MISS from a23-220-105-86.deploy.akamaitechnologies.com (AkamaiGHost/11.6.3-e8c44af76fbf2725bc66e35706b8e3bb) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 23,23.220.105.86
x-tt-trace-host: 01c6924f8812bfc1a214d7532ab5d943863db4bfa4330a12e1a338ca040abef5af9cf6d4d8c9b51c53ab9e63887916002d341505744a238933af347dccf96edbef51b027badf9f50f710fbcb20afc44ca9b9f08aef257d9feedbd946ba6e09bd0157692bdcca749f244dce2847a63c52bc
access-control-allow-headers: Authorization,*
expires: Fri, 13 Sep 2024 01:06:10 GMT

GET spalateavailability
www.handpickedhotels.co.uk/reservations/ 0
0

POST
H/1.1 204
No Content mktzsave
app.omniconvert.com/ 0
374 B 320ms
105ms Ping
text/html 178.128.139.113
DIGITALOCEAN-ASN

General

Check archive.org

Show headers Download Go to

Full URL: https://app.omniconvert.com/mktzsave?event=view&uid=1196252499211023400&session=sess.2.1723113928.1726189570682&id_website=24444&page_url=https%3A%2F%2Fwww.handpickedhotels.co.uk%2Fnortonhouse%2Fspa%2Flate-availability&svo=0&time=2024-09-12T18%3A06%3A10-0-7%3A00&version=t13.8.0&versionTimestamp=1726189570&browser=Chrome+128&resolution=1600x1200&device_type=desktop&referer_type=direct&visitor_type=new&ga4_session_id=null&ga4_client_id=null&os=Linux
Requested by: Host: cdn.omniconvert.com
URL: https://cdn.omniconvert.com/js/n3c9876.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 178.128.139.113 Amsterdam, Netherlands, ASN14061 (DIGITALOCEAN-ASN, US),
Reverse DNS
Software: nginx/1.14.0 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.handpickedhotels.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 13 Sep 2024 01:06:10 GMT
Server: nginx/1.14.0
Access-Control-Allow-Methods: GET
Content-Type: text/html; charset=UTF-8
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Machine: Tracking-PROD-1
Access-Control-Allow-Headers: origin,accept,accept-encoding,user-agent,x-requested-with

GET
DATA 200
OK truncated
/ 3 KB
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f4994586b1bc7d1040d610772a1d446f3cc4efd38f82fdb64a4760b6851b79d5

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 293 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979

Request headers

Referer
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Content-Type: image/png

GET
H/1.1 200
OK 1.gif
imgsct.cookiebot.com/ 35 B
744 B 81ms
26ms Image
image/gif 2600:141b:1c00:258b::f09
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://imgsct.cookiebot.com/1.gif?dgi=9812b456-0fe6-4c73-bb74-003c23bc69d0
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2600:141b:1c00:258b::f09 Secaucus, United States, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: UploadServer /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

Referer: https://www.handpickedhotels.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Date: Fri, 13 Sep 2024 01:06:10 GMT
X-GUploader-UploadID: AD-8ljsbdfnEPnCAJ2eyX-emrkyzBbsnIBWR2Pio8q4HXQXGGMhTerE15OAKWKuIhnZInTcmEJdGgW762A
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
Connection: keep-alive
Content-Length: 35
Last-Modified: Mon, 23 Oct 2023 11:39:32 GMT
Server: UploadServer
ETag: "c2196de8ba412c60c22ab491af7b1409"
x-goog-generation: 1698061172769999
x-goog-hash: crc32c=rX4K2g==, md5=whlt6LpBLGDCKrSRr3sUCQ==
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: *
Cache-Control: public,max-age=1800
x-goog-stored-content-length: 35
Accept-Ranges: bytes
Content-Type: image/gif

GET
H3 200 Dynamic%20Earth%20-%20the%20site.JPG
www.handpickedhotels.co.uk/images/hotels/norton-house/things-to-do/dynamic-earth/ 78 KB
83 KB 60ms
59ms Image
image/jpeg 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.handpickedhotels.co.uk/images/hotels/norton-house/things-to-do/dynamic-earth/Dynamic%20Earth%20-%20the%20site.JPG

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

962f9913f0957d8b73d1ff254b8a4e80654fd14d09f36351bd9d1569abe587c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:10 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 265516
cf-polished: origSize=100245
content-security-policy-report-only: upgrade-insecure-requests; #report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://*.ibosscloud.com https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
alt-svc: h3=":443"; ma=86400
content-length: 79541
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 27 Sep 2022 21:37:18 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
cf-ray: 8c243bb21fa6ac7b-YYZ
expires: Wed, 09 Oct 2024 23:20:54 GMT

GET
H3 200 HPHNortonMay202263.jpg
www.handpickedhotels.co.uk/images/hotels/norton-house/medium/Sim%20Canetty-Clarke_May22/ 274 KB
279 KB 37ms
36ms Image
image/jpeg 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.handpickedhotels.co.uk/images/hotels/norton-house/medium/Sim%20Canetty-Clarke_May22/HPHNortonMay202263.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b513b51755d1f50be867bd1d6ef503c0b03a054c924787be3b7517fb413edc0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:10 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
age: 265516
cf-polished: origSize=280859
content-security-policy-report-only: upgrade-insecure-requests; #report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://*.ibosscloud.com https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
alt-svc: h3=":443"; ma=86400
content-length: 280851
x-xss-protection: 1; mode=block
cf-bgj: imgq:100,h2pri
last-modified: Tue, 27 Sep 2022 21:36:30 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/jpeg
cache-control: public, max-age=2692000
accept-ranges: bytes
cf-ray: 8c243bb21fa8ac7b-YYZ
expires: Wed, 09 Oct 2024 23:20:54 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 292 KB
99 KB 69ms
68ms Script
application/javascript 142.251.40.136
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-6ZNXEVNMRD&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWSLWB

Protocol

Security

QUIC, , AES_128_GCM

Server

142.251.40.136 Queens, United States, ASN15169 (GOOGLE, US),

Reverse DNS

lga25s80-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

340a4d13aa10312d4b78dfa6ba4d02265d4a4e8930b0d99307911a5e01db38ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.handpickedhotels.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:10 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 101346
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 13 Sep 2024 01:06:10 GMT

GET
H3 200 favicon.ico
www.handpickedhotels.co.uk/favicons/ 15 KB
7 KB 211ms
211ms Other
image/x-icon 172.67.7.133
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.handpickedhotels.co.uk/favicons/favicon.ico

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.7.133 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

70b4f53f3ea5095aeeed56b374f70553b2e1fc8a297d036896cd581f7e87946c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Fri, 13 Sep 2024 01:06:10 GMT
strict-transport-security: max-age=31536000;
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: gzip
age: 544966
content-security-policy-report-only: upgrade-insecure-requests; #report-uri /cspreport; default-src 'self'; script-src 'self' 'unsafe-inline' 'unsafe-eval' https://*navisperformance.com https://maps.googleapis.com https://www.googleadservices.com https://static.sojern.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://assets.pinterest.com https://connect.facebook.net *.hotjar.com https://*.cookiebot.com https://www.gstatic.com https://*.google.com https://*.doubleclick.net *.google-analytics.com *.googletagmanager.com http://ajax.googleapis.com https://www.googleoptimize.com https://rum-static.pingdom.net http://rum-static.pingdom.net https://*.triptease.io; style-src 'self' 'unsafe-inline' https://cloud.typography.com https://*.typekit.net https://fonts.googleapis.com https://cdn.honey.io; object-src 'none'; base-uri 'self'; connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://*.googlesyndication.com https://*.freedompay.com https://*.cardinalcommerce.com https://*.amazonaws.com https://*.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://*.hotjar.io wss://*.hotjar.com https://www.facebook.com https://*.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com; font-src 'self' data: https://*.alicdn.com https://cdn.honey.io *.gstatic.com https://use.typekit.net; frame-src 'self' https://*.ibosscloud.com https://3ds.sebkort.com https://3ds.ntctr.acs.danskebank.com https://www.concertopayserve.com https://3dsecure.starlingbank.com https://3ds-a.live.ext.prod.enfuce.com https://clients.smartsecure.tsys.co.uk https://mycardsecure.com https://acs2.mpts.modirum.com https://gumi.criteo.com https://static.criteo.net https://acs.apata.io https://fledge.eu.criteo.com https://gum.criteo.com https://acs.capitalone.com https://acs.revolut.com https://acs2-3dsecure.creditmutuel.fr https://secure.dkb.de https://acs2.edb.com https://acs.swisscard.ch https://verify.monzo.com https://*.3ds.modirum.com https://3dsecure-vrp.de https://*.cic.fr https://3dsec.cardcenter.ch https://gbemv3dsecure.garanti.com.tr https://3ds.nexigroup.com https://*.3dsecure.no https://3ds.redsys.es https://acs1-3dsecure.creditmutuel.fr https://www.rsa3dsauth.com https://3debspay.boc.cn https://*.emea.citibank.com https://acs.mercurypaymentservices.it https://*.googletagmanager.com https://*.rabobank.nl https://*.lloydsbankinggroup.com https://*.zscloud.net https://*.googlesyndication.com https://*.americanexpress.com https://*.arcot.com https://*.doubleclick.net https://www.rsa3dsauth.co.uk https://*.wlp-acs.com https://www.youtube.com https://www.facebook.com https://static.sojern.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.resdiary.com https://*.cookiebot.com https://*.triptease.io https://www.google.com; img-src 'self' data: https://criteo-partners.tremorhub.com https://sync-criteo.ads.yieldmo.com https://criteo-sync.teads.tv https://gum.criteo.com https://dis.criteo.com https://*.cookiebot.com https://code.jquery.com https://analytics.tiktok.com https://*.facebook.net https://*.googlesyndication.com https://widgetthemes-live.azureedge.net https://translate.google.com https://fonts.gstatic.com https://track.linksynergy.com https://cdn.honey.io https://googleads.g.doubleclick.net *.googleapis.com https://adservice.google.com https://*.ytimg.com https://googletraveladservices.com https://*.googletraveladservices.com https://secure-hotel-tracker.com https://*.bing.com https://bat.bing.com https://track.linksynergy.com *.doubleclick.net https://log.pinterest.com https://click.exacttarget.com https://www.facebook.com https://region1.analytics.google.com https://www.google.de https://www.google.ca https://www.google.ro https://www.google.com.tr https://www.google.com.hk https://www.google.gm https://www.google.cz https://www.google.mu https://www.google.com.gi https://www.google.com.ng https://www.google.com.co https://www.google.co.za https://www.google.com.mm https://www.google.com.sg https://www.google.at https://www.google.im https://www.google.dk https://www.google.gr https://www.google.no https://www.google.se https://www.google.lt https://www.google.com.mt https://www.google.ch https://www.google.hu https://www.google.com.cu https://www.google.gg https://www.google.ie https://www.google.nl https://www.google.be https://www.google.pt https://www.google.fr https://www.google.it https://www.google.es https://www.google.je https://www.google.co.in https://www.google.com.tj https://www.google.co.ke https://www.google.ae https://www.google.co.th https://www.google-analytics.com https://www.google.com.au https://www.google.pl *.googletagmanager.com https://*.googletagmanager.com https://www.google.co.uk https://www.google.com *.google-analytics.com https://oimgnn/; style-src-elem 'self' 'unsafe-inline' data: https://code.jquery.com https://www.gstatic.com https://fonts.googleapis.com https://cdn.honey.io https://*.cloudflare.com https://*.typography.com https://cloud.typography.com *.googleapis.com http://*.googleapis.com https://*.typekit.net https://use.typekit.net; script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://*.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://*.kaspersky-labs.com https://*.hirizasune.com https://www.gstatic.com https://*.googlesyndication.com https://assets.pinterest.com https://*.googleapis.com https://www.googleadservices.com https://*.cloudflare.com https://*.cardinalcommerce.com https://*.freedompay.com https://*.triptease.io https://connect.facebook.net https://*.hotjar.com https://static.sojern.com https://*.cookiebot.com https://consent.cookiebot.com https://*.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com; manifest-src 'self'; media-src 'self'; worker-src 'none';
alt-svc: h3=":443"; ma=86400
content-length: 2489
x-xss-protection: 1; mode=block
last-modified: Tue, 27 Sep 2022 22:00:34 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/x-icon
cache-control: public, max-age=2692000
accept-ranges: bytes
cf-ray: 8c243bb22fbeac7b-YYZ
expires: Fri, 13 Sep 2024 17:43:24 GMT

GET
H/1.1 200
OK beacon.gif Show response
rum-collector-2.pingdom.net/img/ 0
213 B 449ms
107ms XHR
text/plain 34.251.78.200
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rum-collector-2.pingdom.net/img/beacon.gif?id=6486fe9139b8d30012000066&sAW=1600&sAH=1200&bIW=1600&bIH=1200&pD=24&dPR=1&or=landscape-primary&nT=0&rC=0&nS=0&cS=11&cE=44&dLE=11&dLS=1&fS=0&hS=11&rE=-1&rS=-1&reS=44&resS=394&resE=499&uEE=-1&uES=-1&dL=407&dI=1919&dCLES=1919&dCLEE=1931&dC=2252&lES=2252&lEE=2263&s=nt&title=Spa%20Late%20Availability%20in%20Edinburgh%20%7C%20Norton%20House%20Hotel%20%26%20Spa%20%7C%20Hand%20Picked%20Hotels&path=https%3A%2F%2Fwww.handpickedhotels.co.uk%2Fnortonhouse%2Fspa%2Flate-availability&ref=&sId=eblsm37n&sST=1726189570&sIS=1&rV=0&v=1.4.1
Requested by: Host: rum-static.pingdom.net
URL: https://rum-static.pingdom.net/pa-6486fe9139b8d30012000066.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.251.78.200 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-34-251-78-200.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.handpickedhotels.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

Access-Control-Allow-Origin: *
Pragma: no-cache
Date: Fri, 13 Sep 2024 01:06:11 GMT
Cache-Control: no-cache, no-store, must-revalidate
Connection: keep-alive
Content-Length: 0
Expires: 0

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 163ms
48ms Fetch
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-6ZNXEVNMRD&gtm=45je49b0v890804593z871233370za200zb71233370&_p=1726189569865&gcs=G100&gcd=13p3p3l3l5l1&npa=0&dma=0&tag_exp=0&gdid=dMWZhNz&cid=1855343695.1726189571&ul=en-ca&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&_s=1&sid=1726189571&sct=1&seg=0&dl=https%3A%2F%2Fwww.handpickedhotels.co.uk%2Fnortonhouse%2Fspa%2Flate-availability&dt=Spa%20Late%20Availability%20in%20Edinburgh%20%7C%20Norton%20House%20Hotel%20%26%20Spa%20%7C%20Hand%20Picked%20Hotels&en=page_view&_fv=1&_nsi=1&_ss=1&ep.hotel_name=Norton%20House%20Hotel%20-%20&ep.member_status=false&ep.log_in_status=false&tfd=2480
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6ZNXEVNMRD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.handpickedhotels.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Sep 2024 01:06:11 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.handpickedhotels.co.uk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 common.js Show response
maps.googleapis.com/maps-api-v3/api/js/58/4a/ 288 KB
62 KB 33ms
26ms Script
text/javascript 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/58/4a/common.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCBxkktwGRi6Y7Ky9WERVu7Qps_lnD8Z60&v=3.exp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2d5c427ead1354727c0c871835e1ea8fb8679f0469a34b58e5b094e07104e044

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.handpickedhotels.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 19:16:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 63010
x-xss-protection: 0
last-modified: Wed, 11 Sep 2024 21:50:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Sep 2025 19:16:05 GMT

GET
H2 200 util.js Show response
maps.googleapis.com/maps-api-v3/api/js/58/4a/ 181 KB
55 KB 40ms
37ms Script
text/javascript 2607:f8b0:4006:809::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://maps.googleapis.com/maps-api-v3/api/js/58/4a/util.js

Requested by

Host: maps.googleapis.com
URL: https://maps.googleapis.com/maps/api/js?key=AIzaSyCBxkktwGRi6Y7Ky9WERVu7Qps_lnD8Z60&v=3.exp

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2607:f8b0:4006:809::200a , United States, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53d8920eb5d9aedd3c0f19ae3846d63e7638230cec33bc23208358cf290ff1f5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.handpickedhotels.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

date: Thu, 12 Sep 2024 19:16:05 GMT
content-encoding: br
x-content-type-options: nosniff
age: 21010
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/maps-api-js
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 56155
x-xss-protection: 0
last-modified: Wed, 11 Sep 2024 21:50:53 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="maps-api-js"
vary: Accept-Encoding, Origin
report-to: {"group":"maps-api-js","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/maps-api-js"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 12 Sep 2025 19:16:05 GMT

POST
H2 204 collect
www.google-analytics.com/g/ 0
0 52ms
50ms Fetch
text/plain 2001:4860:4802:38::178
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google-analytics.com/g/collect?v=2&tid=G-6ZNXEVNMRD&gtm=45je49b0v890804593za200zb71233370&_p=1726189569865&gcs=G100&gcd=13p3p3l3l5l1&npa=0&dma=0&tag_exp=0&gdid=dMWZhNz&cid=1855343695.1726189571&ul=en-ca&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&are=1&frm=0&pscdl=denied&_eu=EEA&_s=2&sid=1726189571&sct=1&seg=0&dl=https%3A%2F%2Fwww.handpickedhotels.co.uk%2Fnortonhouse%2Fspa%2Flate-availability&dt=Spa%20Late%20Availability%20in%20Edinburgh%20%7C%20Norton%20House%20Hotel%20%26%20Spa%20%7C%20Hand%20Picked%20Hotels&en=scroll&ep.hotel_name=Norton%20House%20Hotel%20-%20&ep.member_status=false&ep.log_in_status=false&epn.percent_scrolled=90&tfd=7507
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-6ZNXEVNMRD&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:38::178 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash

Request headers

Referer: https://www.handpickedhotels.co.uk/
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/128.0.0.0 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 13 Sep 2024 01:06:16 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.handpickedhotels.co.uk
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.handpickedhotels.co.uk
URL: https://www.handpickedhotels.co.uk/reservations/spalateavailability?hotelcode=NHH&date=16-09-2024%20-%2021-09-2024

Verdicts & Comments Add Verdict or Comment

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

7 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.handpickedhotels.co.uk/	1970-01-21 09:05:49	Name: bookingsuccess_spa Value: d0e539365d26e2ada81f859c7dde24aefc1e4bc6%2Bfalse
www.handpickedhotels.co.uk/	1970-01-20 23:29:51	Name: laravel_session Value: 65b5076ca748f47e9ef770d88523e72542a85746%2B04gOjWAhrloMH7Iq5xSG5baadXbKI9P3jxDv7Sec
.tiktok.com/	1970-01-21 08:51:25	Name: _ttp Value: 2lzizeneYA9F0mI95sl2agL17kP
.handpickedhotels.co.uk/	1970-01-21 08:51:25	Name: _tt_enable_cookie Value: 1
.handpickedhotels.co.uk/	1970-01-21 08:51:25	Name: _ttp Value: reqkmbBBpZu92Ct5dN1NBQX5rcj
www.handpickedhotels.co.uk/	1970-01-20 23:30:25	Name: mktz_sess Value: sess.2.1723113928.1726189570682
www.handpickedhotels.co.uk/	1970-01-21 08:15:25	Name: mktz_client Value: %7B%22is_returning%22%3A0%2C%22uid%22%3A%221196252499211023400%22%2C%22session%22%3A%22sess.2.1723113928.1726189570682%22%2C%22views%22%3A1%2C%22referer_url%22%3A%22%22%2C%22referer_domain%22%3A%22%22%2C%22referer_type%22%3A%22direct%22%2C%22visits%22%3A1%2C%22landing%22%3A%22https%3A//www.handpickedhotels.co.uk/nortonhouse/spa/late-availability%22%2C%22enter_at%22%3A%222024-09-12%7C18%3A6%3A10%22%2C%22first_visit%22%3A%222024-09-12%7C18%3A6%3A10%22%2C%22last_visit%22%3A%222024-09-12%7C18%3A6%3A10%22%2C%22last_variation%22%3A%22%22%2C%22utm_source%22%3Afalse%2C%22utm_term%22%3Afalse%2C%22utm_campaign%22%3Afalse%2C%22utm_content%22%3Afalse%2C%22utm_medium%22%3Afalse%2C%22consent%22%3A%22%22%2C%22device_type%22%3A%22desktop%22%2C%22id_website%22%3A%2224444%22%7D

19 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	error	URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
security	error	URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability Message: The Content-Security-Policy directive name '#report-uri' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://www.handpickedhotels.co.uk/nortonhouse/spa/late-availability Message: The source list for the Content Security Policy directive 'script-src' contains an invalid source: 'https://*navisperformance.com'. It will be ignored.
security	error	URL: https://www.googletagmanager.com/gtm.js?id=GTM-PWSLWB(Line 775) Message: [Report Only] Refused to load the script 'https://cdn.omniconvert.com/js/n3c9876.js' because it violates the following Content Security Policy directive: "script-src-elem 'self' 'unsafe-inline' data: https://sslwidget.criteo.com https://dynamic.criteo.com https://static.criteo.net https://.freedompay.com https://maps.google.com https://tpc.googlesyndication.com https://ajax.googleapis.com https://pagespeed-mod.com https://.kaspersky-labs.com https://.hirizasune.com https://www.gstatic.com https://.googlesyndication.com https://assets.pinterest.com https://.googleapis.com https://www.googleadservices.com https://.cloudflare.com https://.cardinalcommerce.com https://.freedompay.com https://.triptease.io https://connect.facebook.net https://.hotjar.com https://static.sojern.com https://.cookiebot.com https://consent.cookiebot.com https://.doubleclick.net https://googleads.g.doubleclick.net https://www.googleoptimize.com https://www.googletagmanager.com https://*.googleapis.com https://www.google.com https://www.google-analytics.com https://rum-static.pingdom.net https://analytics.tiktok.com".
security	error	URL: https://consent.cookiebot.com/uc.js?cbid=9812b456-0fe6-4c73-bb74-003c23bc69d0&implementation=gtm&consentmode-dataredaction=dynamic(Line 1) Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
security	error	URL: https://consent.cookiebot.com/uc.js?cbid=9812b456-0fe6-4c73-bb74-003c23bc69d0&implementation=gtm&consentmode-dataredaction=dynamic(Line 1) Message: The Content-Security-Policy directive name '#report-uri' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://consent.cookiebot.com/uc.js?cbid=9812b456-0fe6-4c73-bb74-003c23bc69d0&implementation=gtm&consentmode-dataredaction=dynamic(Line 1) Message: The source list for the Content Security Policy directive 'script-src' contains an invalid source: 'https://*navisperformance.com'. It will be ignored.
security	error	URL: https://consent.cookiebot.com/uc.js?cbid=9812b456-0fe6-4c73-bb74-003c23bc69d0&implementation=gtm&consentmode-dataredaction=dynamic(Line 1) Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
security	error	URL: https://consent.cookiebot.com/uc.js?cbid=9812b456-0fe6-4c73-bb74-003c23bc69d0&implementation=gtm&consentmode-dataredaction=dynamic(Line 1) Message: The Content-Security-Policy directive name '#report-uri' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://consent.cookiebot.com/uc.js?cbid=9812b456-0fe6-4c73-bb74-003c23bc69d0&implementation=gtm&consentmode-dataredaction=dynamic(Line 1) Message: The source list for the Content Security Policy directive 'script-src' contains an invalid source: 'https://*navisperformance.com'. It will be ignored.
security	error	URL: https://consent.cookiebot.com/uc.js?cbid=9812b456-0fe6-4c73-bb74-003c23bc69d0&implementation=gtm&consentmode-dataredaction=dynamic(Line 1) Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
security	error	URL: https://consent.cookiebot.com/uc.js?cbid=9812b456-0fe6-4c73-bb74-003c23bc69d0&implementation=gtm&consentmode-dataredaction=dynamic(Line 1) Message: The Content-Security-Policy directive name '#report-uri' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://consent.cookiebot.com/uc.js?cbid=9812b456-0fe6-4c73-bb74-003c23bc69d0&implementation=gtm&consentmode-dataredaction=dynamic(Line 1) Message: The source list for the Content Security Policy directive 'script-src' contains an invalid source: 'https://*navisperformance.com'. It will be ignored.
security	error	URL: https://consent.cookiebot.com/uc.js?cbid=9812b456-0fe6-4c73-bb74-003c23bc69d0&implementation=gtm&consentmode-dataredaction=dynamic(Line 1) Message: The Content Security Policy directive 'upgrade-insecure-requests' is ignored when delivered in a report-only policy.
security	error	URL: https://consent.cookiebot.com/uc.js?cbid=9812b456-0fe6-4c73-bb74-003c23bc69d0&implementation=gtm&consentmode-dataredaction=dynamic(Line 1) Message: The Content-Security-Policy directive name '#report-uri' contains one or more invalid characters. Only ASCII alphanumeric characters or dashes '-' are allowed in directive names.
security	error	URL: https://consent.cookiebot.com/uc.js?cbid=9812b456-0fe6-4c73-bb74-003c23bc69d0&implementation=gtm&consentmode-dataredaction=dynamic(Line 1) Message: The source list for the Content Security Policy directive 'script-src' contains an invalid source: 'https://*navisperformance.com'. It will be ignored.
deprecation	warning	URL: https://www.handpickedhotels.co.uk/js/jquery3.6.4.min.js(Line 1) Message: Listener added for a 'DOMSubtreeModified' mutation event. This event type is deprecated, and will be removed from this browser VERY soon. Usage of this event listener will cause performance issues today, and represents a large risk of imminent site breakage. Consider using MutationObserver instead. See https://chromestatus.com/feature/5083947249172480 for more information.
security	error	URL: https://cdn.omniconvert.com/js/n3c9876.js Message: [Report Only] Refused to connect to 'https://app.omniconvert.com/mktzsave?event=view&uid=1196252499211023400&session=sess.2.1723113928.1726189570682&id_website=24444&page_url=https%3A%2F%2Fwww.handpickedhotels.co.uk%2Fnortonhouse%2Fspa%2Flate-availability&svo=0&time=2024-09-12T18%3A06%3A10-0-7%3A00&version=t13.8.0&versionTimestamp=1726189570&browser=Chrome+128&resolution=1600x1200&device_type=desktop&referer_type=direct&visitor_type=new&ga4_session_id=null&ga4_client_id=null&os=Linux' because it violates the following Content Security Policy directive: "connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://.googlesyndication.com https://.freedompay.com https://.cardinalcommerce.com https://.amazonaws.com https://.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://.hotjar.io wss://.hotjar.com https://www.facebook.com https://.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com".
security	error	URL: https://cdn.omniconvert.com/js/n3c9876.js Message: [Report Only] Refused to connect to 'https://app.omniconvert.com/mktzsave?event=view&uid=1196252499211023400&session=sess.2.1723113928.1726189570682&id_website=24444&page_url=https%3A%2F%2Fwww.handpickedhotels.co.uk%2Fnortonhouse%2Fspa%2Flate-availability&svo=0&time=2024-09-12T18%3A06%3A10-0-7%3A00&version=t13.8.0&versionTimestamp=1726189570&browser=Chrome+128&resolution=1600x1200&device_type=desktop&referer_type=direct&visitor_type=new&ga4_session_id=null&ga4_client_id=null&os=Linux' because it violates the following Content Security Policy directive: "connect-src 'self' https://measurement-api.criteo.com https://mon-va.tiktokv.com https://googleads.g.doubleclick.net https://adservice.google.com https://www.google.co.uk https://translate.googleapis.com https://connect.facebook.net https://www.google.co.in https://www.google.be https://www.google.ie https://www.google.sc https://www.google.se https://www.google.nl https://www.google.gg https://www.google.de https://www.google.es https://www.google.fr https://.googlesyndication.com https://.freedompay.com https://.cardinalcommerce.com https://.amazonaws.com https://.google.com https://www.google.ch https://www.google.je https://www.googletagmanager.com https://maps.googleapis.com https://region1.google-analytics.com https://region1.analytics.google.com https://www.google-analytics.com https://www.doubleclick.net https://stats.g.doubleclick.net https://.hotjar.io wss://.hotjar.com https://www.facebook.com https://.triptease.io https://*.cookiebot.com http://rum-collector-2.pingdom.net https://analytics.tiktok.com".

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

analytics.tiktok.com
app.omniconvert.com
cdn.omniconvert.com
cdnjs.cloudflare.com
cloud.typography.com
consent.cookiebot.com
consentcdn.cookiebot.com
imgsct.cookiebot.com
maps.googleapis.com
p.typekit.net
pagead2.googlesyndication.com
rum-collector-2.pingdom.net
rum-static.pingdom.net
use.typekit.net
www.google-analytics.com
www.googletagmanager.com
www.handpickedhotels.co.uk
www.handpickedhotels.co.uk
104.17.24.14
142.251.32.98
142.251.40.136
172.217.165.138
172.67.7.133
178.128.139.113
2001:4860:4802:38::178
23.203.188.68
23.44.111.72
2600:141b:1c00:16::17c4:30f
2600:141b:1c00:258b::f09
2600:141b:1c00:f::172c:c9cc
2600:141b:1c00:f::172c:c9cf
2606:4700:10::6816:3668
2606:4700:3035::6815:53e6
2607:f8b0:4006:809::200a
2607:f8b0:4006:820::2008
34.251.78.200
0033033d20c03db07e87796930b0a65682037c33c43edb7fe45e97e2ec52d5c2
0106f314b23ace616393c7a2bec49cdd576ddd2dfc713dd8f16bb24e7c00f1e8
0931c24d7f43c99432544c9ae1ecc648f0ef35ef8881c6ed01693d83f82b22b2
14240c16c9b3422c50f3575eff33b56d2cb00ee26f1dcd06abd383abd157cd82
164c452472691ea317740b085ad02b161c6635eec71b4289039395d491f1ecb6
182a9664ab114e075562e6db7f6f1e294e6488115de1a241316ae3eb40037208
1c0ff118a4290c99f39c90abb38703a866e47251b23cca20266c69c812ccafeb
1d3ba2af209b7f90aafbedab6b5c5edfedc6326b8225ae693453306075dd4412
1fcbd93fb35765f4d68e0807e889e54281886a76870cc47252fe4a68a418049d
211393b09ab7fdfba9ddb5f6135625e6674613fd89b872d258ab535a348d2adb
229e8ac05641c2375d8e1c0bd445e4e1bdbf6abc75cabb89e30f192c31e74b1e
2595496fe48df6fcf9b1bc57c29a744c121eb4dd11566466bc13d2e52e6bbcc8
26f4ebf0d249f9442f2a72289951e4e24f982a83352abc5cb7a693bb49e35f8a
2765f2f52a392bbf23ea4e6a2a866eba023ce690ce89d23461d13a41385f5815
2903b07a9c868c2468d8aa9dd052492cee03051a408c0d0fdd20aafb1c4e7c2b
2aa4afc11c9d7a606d9d9697bf302736df839525aa7a74cf7456d0eb777d0920
2b28a95a3617edf71797e3e0989e44e6bf2f6d97756de5ef337168297a3fb192
2d5c427ead1354727c0c871835e1ea8fb8679f0469a34b58e5b094e07104e044
2de3129c25969c6c7d5f7641594dc8af6e03002532879f24fb032e8122d09322
3213344f44259aceaab954f0bd7d5d769ef33ae3eedc3e6f8fb731d3671bf709
340a4d13aa10312d4b78dfa6ba4d02265d4a4e8930b0d99307911a5e01db38ca
34e124b3a1a03fe1457d7bf2b9c1a4ff49aa710b91a825889b92df05df0438e9
3635bbd5fedba0e1fe7d2825c97a3b7e48478fe43989336f4a04a0bcd41ac8f3
3905726cae4d547cb2e292cde22c3af6e34bdeedf89e26aaa5e3c0d239e64cfb
394299a913cb2249adec7bc2be6e910ee921fdb8c4e321b45091276f5e633d79
3973f7ae134c2a8d76fa9651a6e74511b8195f415971cbad872e142337699174
3af373b35bac7f113a07b59e3b87916a722438ff02350590920ea7e6acd55045
4148a21d6139fd0b55461579a8a551e166816871fb2bf6428d9b37fcb1559ce3
4468064aa41fba7041cd47536ec0497845cc87de6704b1eef2c57ddd067c917c
4a25afd5419088026f9ca71b22e12a1d59294a1e25c508eaf64328d1dbfa7a98
4e2b85b0650b9e5ddc915903ce5083aa93aa1d486299aa66c9c50a736c8567ed
4e411c99fe4a486db34e801a53392ae86f8659eccc438944b5a062c9aaba25be
4f2b62aa3a66cbbd89ab53e77076d8f31b286450fc67a7665538270d57d93799
4fc7a9c6dd1051ab261a550db0b16147da4236dedfb2efc6311ebff48a045350
50e497b00818378dcffe856b994f89947b620c66163768879c9b8a63d583f898
53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef
53d8920eb5d9aedd3c0f19ae3846d63e7638230cec33bc23208358cf290ff1f5
5873f3f4c8fd18e494022eb43435e6c855f6fef95d5de97becdc70da72b4d174
5b0552fcba4b1c3e82348d223c8ddf20072a3752b51035a54021c6c372cb105b
5f7039b5677144325e44d4f236a709d5731b0a37fae61491cbcab2fe61988635
65ab95b0a57d4fa12ccb83a19088bfc1a593c982dc9fe6f1e7ecc1eb8ab313d0
678cca19c47839fd3abc2dd716372ff2f3aaa1097ddb399a605e130e230e3164
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6c5cc528f47f52157cad3851e058df90be953c91fe455566ad35d69e361b5f62
70b4f53f3ea5095aeeed56b374f70553b2e1fc8a297d036896cd581f7e87946c
70f49a358af95357bb8b1eb85b648bb3813655a8b6836dd57d1452e854031a31
7157511697db744d384a5a2a8646af23f3c90560abf93bb240fdd690b29a898a
72b46ee3879fa1430a025b5cde2e57de54cb318dd767b526652a622421b499af
756c7cdba28dd8a12aed3250bd60c96ac6643ab48fa66f192ac862ed98ba9b5a
79951b5bd4d729a2b2f4d380819f2c14bbcf26f21db56a520189633467766cf4
7e8a5441c90b16922151c420d307ec0316e0442b7ba8425528c4828ddfcda767
80ef468abb3244f9759e3554973c27def34058e024c851010e56854cfcaef398
8181a739bd0ed0fd64624c4aa15b7847bc9d4fd0660bff56c8c9192c4ef75979
864072a3229468b4abd5debaf97f3ed17b77f098513c523746cb825ee183e68f
88156b916c892ca7d755e19188db1f4d92ddcd638e8f5c183c495c8251f425c1
8c94979c6da24a7b2741546d85b784bced95e1738b2889d958951773864a3ac1
962f9913f0957d8b73d1ff254b8a4e80654fd14d09f36351bd9d1569abe587c9
97af00e37770f620e9186f337d206314c5cd6d7b56e9a50a460a8741b544471e
a0bb4b40a76d9e30ab7678303c0aee5e7d9833351a7f3354c364eec1b0866c18
a0fe8723dcf55da64d06b25446d0a8513e52527c45afcb37073465f9c6f352af
a794fdf7e47230d9b6083ca593156ae4e85fbcb521c4151844507a7aed5398e2
a87598f4bb6fee8fa8a3725732d90daa1fa9fd3d514986e8efe419c67928211c
aa9a31cd594a14dd99fb9f13aea5e9ed1a0230007fe7e41d037abe0ec30b6879
ac5e38c6e012a7615b7a63854f8abe5de72dc5ebcf4e4f94ba60ec2dfee0544c
b1e17b84fbf7fcd9255eaaa1daaa07de664889129f24c402177abcc5908fcd9d
b513b51755d1f50be867bd1d6ef503c0b03a054c924787be3b7517fb413edc0c
b5c628f7acc78e425e3ac7b8fbe7b68287a5e0d24ab116d492a0775c7e7a3535
b79e8679035799290c213b82e019210146ad515f1022020f3714439acebaec16
b872edebe491dfad119a97bc9888aa99978f68489af0f73dc955a063553172f2
bb9e7dc822c6b7b95a6329932885c72ff2caf74b243fc1c40aca0e858123b83e
bf48cada2810e4ddc497216376ec6d1b67a3040ff85b87cce0f3cee37e1a00f2
c77c6a2d3db39575e74de16eb7f963f954de37a4575dfa74b3d05eaca03ad79d
ca3d163bab055381827226140568f3bef7eaac187cebd76878e0b63e9e442356
d1a9f209f5a03483daafb79df2310038e0c167eb27479317c886b95bb14865fd
d20f6c729837cf4c15f4484818bf82dc1f627393584f02a67bafac8a2629cd57
d305915423bad8a04f94a048cd4b28a6c916ddd5594c9f61061cfe8ceef72f33
dfa2220faf05e0bff101e38a6b01371d2af185d6f680cf8e96de319d3b2d102d
e0ff55964f9bf6c1b80e46387efabbe6e41d7989a0b81e84ee84dc94a5a3e410
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42b2e5089575dc8d2635ad094bd36434fed8b2fe6ca2e14cbf757fb7c29bf58
ecac93f7e02055f6e1a12624bf774ebbcb7e95a7d0efb537c369accf30cec266
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f054065e70c4e1783a6c2140cbf57650566a25267dc62483e717f93d8b06b6b8
f424dfbf5efc859a4500a90911ceb4a3e6b8d20d4c2da78624b72c453888ca33
f4994586b1bc7d1040d610772a1d446f3cc4efd38f82fdb64a4760b6851b79d5
f9a2393005f6a7cdc2c81ad71cabdb211d7fd9d563fb8b59a50aea494e61c8b9
fa87904726726364ad19a7c4b2f2b20ee10637325601b5aa88ed8bfdcb7117a7

www.handpickedhotels.co.uk Open in urlscan Pro 172.67.7.133 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

90 Requests

98 %HTTPS

50 %IPv6

12 Domains

17 Subdomains

18 IPs

4 Countries

2609 kBTransfer

6091 kBSize

7 Cookies

39 Outgoing links

Redirected requests

90 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 5 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.handpickedhotels.co.uk Open in urlscan Pro
172.67.7.133 Public Scan

Screenshot
Live screenshot

Full Image

90
Requests

98 %
HTTPS

50 %
IPv6

12
Domains

17
Subdomains

18
IPs

4
Countries

2609 kB
Transfer

6091 kB
Size

7
Cookies

90 HTTP transactions
5 data transactions