www.dorchestercollection.com Open in urlscan Pro
104.22.22.243 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.dorchestercollection.com/en/welcoming-you-back/
Submission: On March 16 via api (March 16th 2021, 8:13:39 pm UTC) from US

Summary HTTP 115 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 45 IPs in 7 countries across 41 domains to perform 115 HTTP transactions. The main IP is 104.22.22.243, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.dorchestercollection.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on July 29th 2020. Valid for: a year.

This is the only time www.dorchestercollection.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
37	104.22.22.243 104.22.22.243	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:135e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
8	2606:4700::68... 2606:4700::6812:1734	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a04:4e42:1b:... 2a04:4e42:1b::621	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:808::200a	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:812::2008	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2600:9000:206... 2600:9000:206f:7400:f:8ce2:fb80:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	104.79.113.20 104.79.113.20	16625 (AKAMAI-AS) (AKAMAI-AS)
1	13.226.146.155 13.226.146.155	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:802::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c0c::9a	15169 (GOOGLE) (GOOGLE)
1	172.217.16.130 172.217.16.130	15169 (GOOGLE) (GOOGLE)
3	2606:4700:20:... 2606:4700:20::681a:b13	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	52.28.121.193 52.28.121.193	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82b::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:810::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
2 7	193.0.160.128 193.0.160.128	54312 (ROCKETFUEL) (ROCKETFUEL)
2 2	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1 2	185.33.221.90 185.33.221.90	29990 (ASN-APPNEX) (ASN-APPNEX)
1 2	92.123.150.214 92.123.150.214	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	63.33.120.132 63.33.120.132	16509 (AMAZON-02) (AMAZON-02)
2 2	52.59.102.119 52.59.102.119	16509 (AMAZON-02) (AMAZON-02)
1	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
1 2	2.20.170.241 2.20.170.241	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
1 3	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
1	2600:1f18:612... 2600:1f18:612b:4232:1f73:43cf:8eeb:9521	14618 (AMAZON-AES) (AMAZON-AES)
1	52.58.248.2 52.58.248.2	16509 (AMAZON-02) (AMAZON-02)
1	52.214.133.201 52.214.133.201	16509 (AMAZON-02) (AMAZON-02)
1 2	35.157.221.90 35.157.221.90	16509 (AMAZON-02) (AMAZON-02)
1	3.124.210.90 3.124.210.90	16509 (AMAZON-02) (AMAZON-02)
2 2	151.101.114.49 151.101.114.49	54113 (FASTLY) (FASTLY)
1	104.110.252.25 104.110.252.25	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	80.252.91.53 80.252.91.53	15830 (EQUINIX-C...) (EQUINIX-CONNECT)
1 1	52.85.115.44 52.85.115.44	16509 (AMAZON-02) (AMAZON-02)
1	54.175.102.177 54.175.102.177	14618 (AMAZON-AES) (AMAZON-AES)
1 1	54.77.184.190 54.77.184.190	16509 (AMAZON-02) (AMAZON-02)
1	52.214.43.215 52.214.43.215	16509 (AMAZON-02) (AMAZON-02)
115	45

37 104.22.22.243 (United States)

ASN13335 (CLOUDFLARENET, US)

www.dorchestercollection.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:135e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2606:4700::6812:1734 (United States)

ASN13335 (CLOUDFLARENET, US)

kit.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ka-p.fontawesome.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:1b::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:206f:7400:f:8ce2:fb80:93a1 (United States)

ASN16509 (AMAZON-02, US)

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.79.113.20 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a104-79-113-20.deploy.static.akamaitechnologies.com

c1.rfihub.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.146.155 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-146-155.dus51.r.cloudfront.net

js.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:802::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c0c::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra15s46-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:20::681a:b13 (United States)

ASN13335 (CLOUDFLARENET, US)

loader.wisepops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.wisepops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.28.121.193 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-28-121-193.eu-central-1.compute.amazonaws.com

popup.wisepops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
tracking.wisepops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 193.0.160.128 (United States) 2 redirects

ASN54312 (ROCKETFUEL, US)

20772747p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
a.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.rfihub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.58.212.162 (Mountain View, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: ams15s22-in-f162.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.90 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 92.123.150.214 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a92-123-150-214.deploy.static.akamaitechnologies.com

stags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
x.dlx.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.33.120.132 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-63-33-120-132.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.59.102.119 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-59-102-119.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.126.56.137 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2.20.170.241 (Schiphol, Netherlands) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-20-170-241.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (United Kingdom)

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 35.244.174.68 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (United States) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:612b:4232:1f73:43cf:8eeb:9521 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

partners.tremorhub.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.58.248.2 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-248-2.eu-central-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.133.201 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-133-201.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.221.90 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-221-90.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.124.210.90 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com

ps.eyeota.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.114.49 (Frankfurt am Main, Germany) 2 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.110.252.25 (New York, United States)

ASN16625 (AKAMAI-AS, US)
PTR: a104-110-252-25.deploy.static.akamaitechnologies.com

contextual.media.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 80.252.91.53 (Amsterdam, Netherlands) 1 redirects

ASN15830 (EQUINIX-CONNECT, GB)

bs.serving-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.85.115.44 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-52-85-115-44.hel50.r.cloudfront.net

live.rezync.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.175.102.177 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-175-102-177.compute-1.amazonaws.com

bpi.rtactivate.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.77.184.190 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-77-184-190.eu-west-1.compute.amazonaws.com

insight.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.214.43.215 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-214-43-215.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
37	dorchestercollection.com www.dorchestercollection.com	3 MB
8	google-analytics.com ssl.google-analytics.com www.google-analytics.com	36 KB
8	fontawesome.com kit.fontawesome.com ka-p.fontawesome.com	141 KB
7	rfihub.com 2 redirects 20772747p.rfihub.com a.rfihub.com p.rfihub.com	10 KB
6	doubleclick.net 2 redirects stats.g.doubleclick.net googleads.g.doubleclick.net cm.g.doubleclick.net	3 KB
5	wisepops.com loader.wisepops.com popup.wisepops.com cdn.wisepops.com tracking.wisepops.com	131 KB
4	facebook.com www.facebook.com	448 B
3	rlcdn.com 1 redirects idsync.rlcdn.com	1010 B
3	gstatic.com fonts.gstatic.com	46 KB
3	google.de www.google.de	284 B
3	google.com www.google.com	284 B
3	adsrvr.org 1 redirects js.adsrvr.org insight.adsrvr.org match.adsrvr.org	3 KB
3	facebook.net connect.facebook.net	162 KB
2	everesttech.net 2 redirects sync-tm.everesttech.net	588 B
2	bidswitch.net 1 redirects x.bidswitch.net	855 B
2	spotxchange.com 1 redirects sync.search.spotxchange.com	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	yahoo.com ups.analytics.yahoo.com ads.yahoo.com	1 KB
2	advertising.com 2 redirects pixel.advertising.com	679 B
2	demdex.net 1 redirects dpm.demdex.net	2 KB
2	adnxs.com 1 redirects ib.adnxs.com	2 KB
2	bing.com bat.bing.com	9 KB
2	googletagmanager.com www.googletagmanager.com	107 KB
2	googleapis.com ajax.googleapis.com fonts.googleapis.com	7 KB
2	cloudflare.com cdnjs.cloudflare.com	3 KB
1	rtactivate.com bpi.rtactivate.com	109 B
1	rezync.com 1 redirects live.rezync.com	788 B
1	serving-sys.com 1 redirects bs.serving-sys.com	835 B
1	media.net contextual.media.net	696 B
1	eyeota.net ps.eyeota.net	344 B
1	krxd.net beacon.krxd.net	337 B
1	agkn.com aa.agkn.com	238 B
1	tremorhub.com partners.tremorhub.com	183 B
1	addthis.com x.dlx.addthis.com	191 B
1	rubiconproject.com pixel.rubiconproject.com	239 B
1	bluekai.com 1 redirects stags.bluekai.com	813 B
1	googleadservices.com www.googleadservices.com	12 KB
1	rfihub.net c1.rfihub.net	6 KB
1	dwin1.com www.dwin1.com	5 KB
1	jsdelivr.net cdn.jsdelivr.net	9 KB
0	mbww.com Failed tt.mbww.com Failed
115	41

	Domain	Requested by
37	www.dorchestercollection.com	www.dorchestercollection.com
7	ka-p.fontawesome.com	kit.fontawesome.com www.dorchestercollection.com
6	www.google-analytics.com	www.googletagmanager.com www.dorchestercollection.com
5	p.rfihub.com	2 redirects
4	www.facebook.com	www.dorchestercollection.com connect.facebook.net
3	idsync.rlcdn.com	1 redirects www.dorchestercollection.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.google.de	www.dorchestercollection.com
3	www.google.com	www.dorchestercollection.com
3	stats.g.doubleclick.net	www.dorchestercollection.com
3	connect.facebook.net	www.dorchestercollection.com connect.facebook.net
2	sync-tm.everesttech.net	2 redirects
2	x.bidswitch.net	1 redirects
2	sync.search.spotxchange.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	pixel.advertising.com	2 redirects
2	dpm.demdex.net	1 redirects
2	ib.adnxs.com	1 redirects
2	cm.g.doubleclick.net	2 redirects
2	cdn.wisepops.com	loader.wisepops.com www.dorchestercollection.com
2	bat.bing.com	www.dorchestercollection.com
2	ssl.google-analytics.com	www.googletagmanager.com www.dorchestercollection.com
2	www.googletagmanager.com	www.dorchestercollection.com www.googletagmanager.com
2	cdnjs.cloudflare.com	www.dorchestercollection.com
1	tracking.wisepops.com	loader.wisepops.com
1	match.adsrvr.org	js.adsrvr.org
1	insight.adsrvr.org	1 redirects
1	bpi.rtactivate.com	www.dorchestercollection.com
1	live.rezync.com	1 redirects
1	bs.serving-sys.com	1 redirects
1	contextual.media.net	www.dorchestercollection.com
1	ps.eyeota.net
1	beacon.krxd.net	www.dorchestercollection.com
1	aa.agkn.com	www.dorchestercollection.com
1	partners.tremorhub.com	www.dorchestercollection.com
1	x.dlx.addthis.com	www.dorchestercollection.com
1	ads.yahoo.com	www.dorchestercollection.com
1	ups.analytics.yahoo.com
1	pixel.rubiconproject.com	www.dorchestercollection.com
1	stags.bluekai.com	1 redirects
1	a.rfihub.com
1	20772747p.rfihub.com	c1.rfihub.net
1	fonts.googleapis.com	cdn.wisepops.com
1	googleads.g.doubleclick.net	www.googleadservices.com
1	popup.wisepops.com	www.dorchestercollection.com
1	loader.wisepops.com	www.dorchestercollection.com
1	www.googleadservices.com	www.googletagmanager.com
1	js.adsrvr.org	www.googletagmanager.com
1	c1.rfihub.net	www.dorchestercollection.com
1	www.dwin1.com	www.googletagmanager.com
1	ajax.googleapis.com	www.dorchestercollection.com
1	cdn.jsdelivr.net	www.dorchestercollection.com
1	kit.fontawesome.com	www.dorchestercollection.com
0	tt.mbww.com Failed	www.googletagmanager.com
115	54

This site contains links to these domains. Also see Links.

Domain
newsletter.dorchestercollection.com
shop.dorchestercollection.com
gc.synxis.com
www.dcdiamondclub.com
www.facebook.com
www.twitter.com
www.youtube.com
www.pinterest.com
instagram.com

Subject Issuer	Validity	Valid
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-29` - `2021-07-29`	a year	crt.sh
*.fontawesome.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-13` - `2021-12-14`	a year	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-03-09` - `2021-04-17`	a month	crt.sh
upload.video.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.dwin1.com Amazon	`2020-12-04` - `2022-01-02`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-01-19` - `2021-07-19`	6 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
*.rfihub.net DigiCert SHA2 Secure Server CA	`2020-04-01` - `2021-07-01`	a year	crt.sh
*.adsrvr.org Trustwave Organization Validation SHA256 CA, Level 1	`2019-03-07` - `2021-04-19`	2 years	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
loader.wisepops.com Amazon	`2020-04-16` - `2021-05-16`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-02-23` - `2021-05-18`	3 months	crt.sh
*.rfihub.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-18` - `2022-06-18`	2 years	crt.sh
*.adnxs.com GeoTrust ECC CA 2018	`2021-03-05` - `2022-02-19`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
ups.analytics.yahoo.com DigiCert SHA2 High Assurance Server CA	`2020-10-24` - `2021-04-20`	6 months	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.ads.yahoo.com DigiCert SHA2 High Assurance Server CA	`2021-02-28` - `2021-04-13`	a month	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2021-02-25` - `2022-03-28`	a year	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-10-15` - `2021-04-09`	6 months	crt.sh
*.search.spotxchange.com GeoTrust RSA CA 2018	`2019-03-20` - `2021-04-21`	2 years	crt.sh
*.tremorhub.com Amazon	`2020-07-25` - `2021-08-25`	a year	crt.sh
*.agkn.com RapidSSL RSA CA 2018	`2020-07-25` - `2022-09-18`	2 years	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.bidswitch.net Sectigo RSA Domain Validation Secure Server CA	`2020-04-23` - `2022-05-04`	2 years	crt.sh
*.eyeota.net R3	`2021-02-28` - `2021-05-29`	3 months	crt.sh
*.media.net DigiCert SHA2 Secure Server CA	`2020-02-25` - `2021-05-26`	a year	crt.sh
rtactivate.com Amazon	`2020-06-11` - `2021-07-11`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.dorchestercollection.com/en/welcoming-you-back/
Frame ID: 57CD9516E26EACBCF4DBA021BD77C21C
Requests: 92 HTTP requests in this frame

Frame: https://20772747p.rfihub.com/ca.html?ver=9&rb=30932&ca=20772747&_o=30932&t=view&pe=https%3A%2F%2Fwww.dorchestercollection.com%2Fen%2Fwelcoming-you-back%2F&pf=&ra=8463560079290517
Frame ID: BC618E77B5B2B73DD4DD9545578C745F
Requests: 22 HTTP requests in this frame

Frame: https://match.adsrvr.org/track/upb/?adv=3dpjdzx&ref=https%3A%2F%2Fwww.dorchestercollection.com%2Fen%2Fwelcoming-you-back%2F&upid=g8i4mvb&upv=1.1.0
Frame ID: CE1B3DF3C80FACD0F45986D214D4C4BD
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

CloudFlare (CDN) Expand

Overall confidence: 100%
Detected patterns

headers server /^cloudflare$/i

Page Statistics

115
Requests

99 %
HTTPS

46 %
IPv6

41
Domains

54
Subdomains

45
IPs

7
Countries

3285 kB
Transfer

5236 kB
Size

20
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://newsletter.dorchestercollection.com/webApp/dc_sub_unsub
Title: Newsletter signup

Search URL Search Domain Scan URL

URL: https://shop.dorchestercollection.com/
Title: Shop

Search URL Search Domain Scan URL

URL: https://gc.synxis.com/rez.aspx?chain=5310&adult=2
Title: Reserve your stay

Search URL Search Domain Scan URL

URL: https://gc.synxis.com/rez.aspx?chain=5310&adult=2&locale=en-GB
Title: Make a reservation

Search URL Search Domain Scan URL

URL: https://www.dcdiamondclub.com/
Title: Diamond Club

Search URL Search Domain Scan URL

URL: https://shop.dorchestercollection.com/balance-check
Title: Check your gift card balance

Search URL Search Domain Scan URL

URL: https://www.facebook.com/DC.Luxuryhotels
Title: fab fa-facebook

Search URL Search Domain Scan URL

URL: https://www.twitter.com/DC_LuxuryHotels
Title: fab fa-twitter

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/DorchesterCollection
Title: fab fa-youtube

Search URL Search Domain Scan URL

URL: https://www.pinterest.com/DCluxuryhotels
Title: fab fa-pinterest

Search URL Search Domain Scan URL

URL: https://instagram.com/dorchestercollection
Title: fab fa-instagram

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 85

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTg3NTgxOTYxODIxMzM5MzA2OA==&forward= HTTP 302
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEOS8s1yaDBEYmXU4z1awyU8&google_cver=1

Request Chain 86

https://ib.adnxs.com/setuid?entity=18&code=1875819618213393068 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D1875819618213393068

Request Chain 87

https://stags.bluekai.com/site/4722?id=1875819618213393068&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D HTTP 302
https://p.rfihub.com/cm?bk_uuid=8Mlywx99999x9NaQ&forward=

Request Chain 89

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1875819618213393068&redir= HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1875819618213393068&redir=

Request Chain 90

https://pixel.advertising.com/ups/55856/sync?uid=1875819618213393068&_origin=1 HTTP 302
https://pixel.advertising.com/ups/55856/sync?uid=1875819618213393068&_origin=1&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55856/sync?uid=1875819618213393068&_origin=1&apid=UP0e79ff2b-8694-11eb-80bd-0278aefe5bd8

Request Chain 91

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1875819618213393068&forward= HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1875819618213393068&forward=&C=1

Request Chain 95

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1875819618213393068&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1875819618213393068&img=1&__user_check__=1&sync_id=0e84ce10-8694-11eb-b44f-173c25ca2606

Request Chain 99

https://x.bidswitch.net/sync?dsp_id=119&user_id=1875819618213393068&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1875819618213393068&expires=30

Request Chain 100

https://p.rfihub.com/cm?pub=24472&in=1 HTTP 302
https://ps.eyeota.net/match?uid=1875819618213393068&bid=omt9pi0

Request Chain 101

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D HTTP 302
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YFERYgAAAJSAxToG HTTP 302
https://p.rfihub.com/cm?in=1&pub=21653&userid=YFERYgAAAJSAxToG&_test=YFERYgAAAJSAxToG

Request Chain 103

https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D HTTP 302
https://p.rfihub.com/cm?in=1&pub=17945&userid=0a16062b-b0b7-4fe7-86fb-dd58f07d5db0

Request Chain 104

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1875819618213393068&referrer=https%3A%2F%2Fwww.dorchestercollection.com%2Fen%2Fwelcoming-you-back%2F HTTP 302
https://p.rfihub.com/cm?pub=39342&in=0&userid=d5d4529f-5050-4194-b946-123f7bb395f3%3A1615925602.54&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dd5d4529f-5050-4194-b946-123f7bb395f3%253A1615925602.54 HTTP 302
https://idsync.rlcdn.com/501709.gif?partner_uid=d5d4529f-5050-4194-b946-123f7bb395f3%3A1615925602.54 HTTP 307
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm HTTP 302
https://idsync.rlcdn.com/362358.gif?google_gid=CAESECYaTLAXrpSLv3JmLVR_aWQ&google_cver=1

Request Chain 106

https://insight.adsrvr.org/track/up?adv=3dpjdzx&ref=https%3A%2F%2Fwww.dorchestercollection.com%2Fen%2Fwelcoming-you-back%2F&upid=g8i4mvb&upv=1.1.0 HTTP 302
https://match.adsrvr.org/track/upb/?adv=3dpjdzx&ref=https%3A%2F%2Fwww.dorchestercollection.com%2Fen%2Fwelcoming-you-back%2F&upid=g8i4mvb&upv=1.1.0

115 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.dorchestercollection.com/en/welcoming-you-back/ 103 KB
19 KB 217ms
108ms Document
text/html 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0f2bb33eb17a106e7e2efa7fa6c5306895c1c34b1d83141ec02e0d5dbde3237d

Request headers

:method: GET
:authority: www.dorchestercollection.com
:scheme: https
:path: /en/welcoming-you-back/
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
content-type: text/html; charset=UTF-8
set-cookie: __cfduid=d2c728e65e4e9329458c0c4b4a414a5751615925600; expires=Thu, 15-Apr-21 20:13:20 GMT; path=/; domain=.dorchestercollection.com; HttpOnly; SameSite=Lax
last-modified: Tue, 16 Mar 2021 10:14:31 GMT
x-scout-cache: EXPIRED
access-control-allow-origin: *
cf-cache-status: DYNAMIC
cf-request-id: 08de44f8a600001ecea6349000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
server: cloudflare
cf-ray: 6310a43aac341ece-AMS
content-encoding: br

GET
H2 200 style.min.css
www.dorchestercollection.com/wp-includes/css/dist/block-library/ 53 KB
7 KB 83ms
77ms Stylesheet
text/css 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dorchestercollection.com/wp-includes/css/dist/block-library/style.min.css?ver=5.5.3
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af

Request headers

Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Sep 2020 08:06:28 GMT
server: cloudflare
age: 37295
etag: W/"5f50a404-d293"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=16070400
cf-ray: 6310a43b7e2a1ece-AMS
cf-request-id: 08de44f92a00001ecea40d0000000001
expires: Thu, 15 Apr 2021 09:51:45 GMT

GET
H2 200 magnify.min.css
cdnjs.cloudflare.com/ajax/libs/magnify/2.3.3/css/ 985 B
787 B 18ms
12ms Stylesheet
text/css 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/magnify/2.3.3/css/magnify.min.css?ver=5.5.3

Requested by

Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4f69412612c5d7f804343335621c4ac0ee0301586290749c35ebf6ef530fd2b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 4142983
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 394
cf-request-id: 08de44f9140000d6b5363e9000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed4-3d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WfiRGVIzvUzeQkPOO0Sh212PYbr7o%2FcRB9%2FfeiY0mUBB2LeVJzHo1MVCeb%2Bn4AYo29denbOjLC4HvYMgBds3%2BBdEVbWx5jTEO9E5SUleo4sUfejJmD0Z86VcjaYJZcX7sg%3D%3D"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6310a43b5b2dd6b5-FRA
expires: Sun, 06 Mar 2022 20:13:20 GMT

GET
H2 200 app.css
www.dorchestercollection.com/wp-content/themes/dc20/dist/ 110 KB
15 KB 76ms
70ms Stylesheet
text/css 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dorchestercollection.com/wp-content/themes/dc20/dist/app.css?id=47dae9604e9e5a6a93b2
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bd63cf488475d0559b52fb60c4040e91b218a64aa9d2c0315614a16aca8f25f6

Request headers

Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Mar 2021 10:06:58 GMT
server: cloudflare
age: 35514
etag: W/"60508342-1b7b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=16070400
cf-ray: 6310a43b7e2d1ece-AMS
cf-request-id: 08de44f92c00001ecea48a2000000001
expires: Thu, 15 Apr 2021 10:21:26 GMT

GET
H2 200 front.min.css
www.dorchestercollection.com/wp-content/plugins/cookie-notice/css/ 7 KB
1 KB 104ms
99ms Stylesheet
text/css 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dorchestercollection.com/wp-content/plugins/cookie-notice/css/front.min.css?ver=5.5.3
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8dbb3fbf6b9f43e7b8910762718dbae04c9a3bf59d129f400985defe7447e0dd

Request headers

Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Mar 2021 15:01:57 GMT
server: cloudflare
age: 37295
etag: W/"604a30e5-1b2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=16070400
cf-ray: 6310a43b7e311ece-AMS
cf-request-id: 08de44f92c00001ecee2bdc000000001
expires: Thu, 15 Apr 2021 09:51:45 GMT

GET
H2 200 jquery.js Show response
www.dorchestercollection.com/wp-includes/js/jquery/ 95 KB
32 KB 84ms
79ms Script
application/javascript 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dorchestercollection.com/wp-includes/js/jquery/jquery.js?ver=1.12.4-wp
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df

Request headers

Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Mon, 22 Jul 2019 11:19:33 GMT
server: cloudflare
age: 37225
etag: W/"5d359bc5-17a69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=16070400
cf-ray: 6310a43b7e331ece-AMS
cf-request-id: 08de44f92d00001ecefd1e0000000001
expires: Thu, 15 Apr 2021 09:52:55 GMT

GET
H2 200 87cd77f416.js Show response
kit.fontawesome.com/ 11 KB
4 KB 60ms
40ms Script
text/javascript 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://kit.fontawesome.com/87cd77f416.js

Requested by

Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0e5bca890602fa7ecab31099c69916ff2ee4a6fef1a4c21f51c6f75437e9fd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload

Request headers

Origin: https://www.dorchestercollection.com
Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
content-encoding: gzip
vary: origin, accept-encoding, access-control-request-headers, access-control-request-method
cf-cache-status: REVALIDATED
strict-transport-security: max-age=31536000; preload
cf-request-id: 08de44f99b000032582ca2c000000001
x-request-id: FmyKUiQ9HE8sIm0AEp7h
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET, OPTIONS
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=60, public, must-revalidate
cf-ray: 6310a43c2f753258-FRA
access-control-allow-headers: accept, accept-langauge, content-language, content-type, fa-kit-token

GET
H2 200 alpine.min.js Show response
cdn.jsdelivr.net/gh/alpinejs/alpine@v2.8.1/dist/ 26 KB
9 KB 24ms
6ms Script
application/javascript 2a04:4e42:1b::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/gh/alpinejs/alpine@v2.8.1/dist/alpine.min.js

Requested by

Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:1b::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

de9485aee0805fc555984a4286697dccb8a9762fa9240c6a47b4dd478d282e74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.dorchestercollection.com
Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 1826824
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
content-length: 8686
etag: W/"6964-M33llwtEtRbUwMPPG0SKpWL3vX8"
x-served-by: cache-fra19136-FRA, cache-hhn4073-HHN
date: Tue, 16 Mar 2021 20:13:20 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 en.png
www.dorchestercollection.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/ 400 B
713 B 122ms
118ms Image
image/webp 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dorchestercollection.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9e938b572a9e1fe2fc723d85ae1a6bf06ac87e7d57108dccc530e826f4074a86

Request headers

Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
cf-cache-status: HIT
age: 37224
cf-polished: origFmt=png, origSize=600
content-disposition: inline; filename="en.webp"
content-length: 400
cf-request-id: 08de44f9b200001ece1b32f000000001
last-modified: Tue, 07 May 2019 16:23:25 GMT
server: cloudflare
etag: "5cd1b0fd-258"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 15 Apr 2021 09:52:56 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6310a43c489a1ece-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 London-904x904-1.jpg
www.dorchestercollection.com/wp-content/uploads/ 61 KB
61 KB 84ms
79ms Image
image/jpeg 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dorchestercollection.com/wp-content/uploads/London-904x904-1.jpg
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3040defaacce8b9d94bb3497cae91eb273df312e628f4582e140e5a2a2a090ec

Request headers

Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
cf-cache-status: HIT
age: 32638
cf-polished: origSize=67815, status=webp_bigger
content-length: 62482
cf-request-id: 08de44f9b200001ecefb119000000001
last-modified: Wed, 20 May 2020 16:25:32 GMT
server: cloudflare
etag: "5ec559fc-108e7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 15 Apr 2021 11:09:22 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6310a43c489b1ece-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 ascot-coworth-park-rose-garden-new-landscape-904x904.jpg
www.dorchestercollection.com/wp-content/uploads/ 278 KB
278 KB 95ms
91ms Image
image/jpeg 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dorchestercollection.com/wp-content/uploads/ascot-coworth-park-rose-garden-new-landscape-904x904.jpg
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0d74cf6deeec28b7bd618bb816ec15b341981e389855d5cd10a183739a36745

Request headers

Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
cf-cache-status: HIT
age: 32638
cf-polished: degrade=85, origSize=297311, status=webp_bigger
content-length: 284632
cf-request-id: 08de44f9b200001ece198cb000000001
last-modified: Tue, 24 Mar 2020 13:04:55 GMT
server: cloudflare
etag: "5e7a0577-4895f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 15 Apr 2021 11:09:22 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6310a43c489c1ece-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 LMP_605_Executive_Room_Balcony_0388.HR-16x9-904x904.jpg
www.dorchestercollection.com/wp-content/uploads/ 133 KB
133 KB 106ms
102ms Image
image/jpeg 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dorchestercollection.com/wp-content/uploads/LMP_605_Executive_Room_Balcony_0388.HR-16x9-904x904.jpg
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b41a13faed25f7c62584766727f4e782de6ebc3a9c597d3a8ba5e10f7ff38f31

Request headers

Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
cf-cache-status: HIT
age: 32638
cf-polished: origSize=137481, status=webp_bigger
content-length: 135793
cf-request-id: 08de44f9b200001ece1f956000000001
last-modified: Tue, 09 Jul 2019 16:27:42 GMT
server: cloudflare
etag: "5d24c07e-21909"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 15 Apr 2021 11:09:22 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6310a43c489d1ece-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 bel-air-exterior-central-garden-tree-fountain-square-904x904.jpg
www.dorchestercollection.com/wp-content/uploads/ 260 KB
260 KB 107ms
103ms Image
image/jpeg 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dorchestercollection.com/wp-content/uploads/bel-air-exterior-central-garden-tree-fountain-square-904x904.jpg
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 497b92de73bf09524b40ba99fd190aee97af4d566d2224b7682567384b44cf1e

Request headers

Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
cf-cache-status: HIT
age: 32638
cf-polished: origSize=267214, status=webp_bigger
content-length: 266166
cf-request-id: 08de44f9b300001ecefd945000000001
last-modified: Fri, 21 Jun 2019 18:12:10 GMT
server: cloudflare
etag: "5d0d1dfa-413ce"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 15 Apr 2021 11:09:22 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6310a43c489e1ece-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 Milan-904x904-1.jpg
www.dorchestercollection.com/wp-content/uploads/ 169 KB
170 KB 107ms
103ms Image
image/jpeg 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dorchestercollection.com/wp-content/uploads/Milan-904x904-1.jpg
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e8ba62cf761b5f7ee6d557170dd26e54aff7f29a60a0abc5d4782c434ff2ab89

Request headers

Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
cf-cache-status: HIT
age: 32638
cf-polished: origSize=185563, status=webp_bigger
content-length: 173208
cf-request-id: 08de44f9b300001eceb90af000000001
last-modified: Wed, 20 May 2020 16:25:40 GMT
server: cloudflare
etag: "5ec55a04-2d4db"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 15 Apr 2021 11:09:22 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6310a43c489f1ece-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 Rome-904x904-1.jpg
www.dorchestercollection.com/wp-content/uploads/ 135 KB
135 KB 105ms
102ms Image
image/jpeg 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dorchestercollection.com/wp-content/uploads/Rome-904x904-1.jpg
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f2b67e3349a5c02ab872fde9c7cfed352e0ee13d986756b7e8c6d09b49606417

Request headers

Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
cf-cache-status: HIT
age: 32638
cf-polished: origSize=143442, status=webp_bigger
content-length: 137792
cf-request-id: 08de44f9b300001ecee3269000000001
last-modified: Wed, 20 May 2020 16:25:37 GMT
server: cloudflare
etag: "5ec55a01-23052"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 15 Apr 2021 11:09:22 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6310a43c48a01ece-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 tdl.png
www.dorchestercollection.com/wp-content/uploads/logos/ 4 KB
4 KB 106ms
102ms Image
image/webp 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dorchestercollection.com/wp-content/uploads/logos/tdl.png
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 552d90c7de054eaff874607e8d6fa0b886f5e24dfeacb8965b599ab825a37e0d

Request headers

Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
cf-cache-status: HIT
age: 36319
cf-polished: origFmt=png, origSize=9068
content-disposition: inline; filename="tdl.webp"
content-length: 3872
cf-request-id: 08de44f9b300001ecefaaca000000001
last-modified: Thu, 23 Nov 2017 23:11:37 GMT
server: cloudflare
etag: "5a1755a9-236c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 15 Apr 2021 10:08:01 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6310a43c48a11ece-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 45l.png
www.dorchestercollection.com/wp-content/uploads/logos/ 1 KB
1 KB 105ms
102ms Image
image/webp 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dorchestercollection.com/wp-content/uploads/logos/45l.png
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5da307f835e60496b923f3f714dc9e3edc863083f4def30b3d6e92add3e1ca4f

Request headers

Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
cf-cache-status: HIT
age: 36319
cf-polished: origFmt=png, origSize=2963
content-disposition: inline; filename="45l.webp"
content-length: 1166
cf-request-id: 08de44f9b400001ece152ce000000001
last-modified: Thu, 23 Nov 2017 23:11:37 GMT
server: cloudflare
etag: "5a1755a9-b93"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 15 Apr 2021 10:08:01 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6310a43c48a31ece-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 cpa.png
www.dorchestercollection.com/wp-content/uploads/logos/ 6 KB
6 KB 106ms
103ms Image
image/webp 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dorchestercollection.com/wp-content/uploads/logos/cpa.png
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: da9e7c8fb823576fe327e8631f7fd4ff24ec47c87649bdb558ce1bdba4e9c246

Request headers

Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
cf-cache-status: HIT
age: 36319
cf-polished: origFmt=png, origSize=11595
content-disposition: inline; filename="cpa.webp"
content-length: 5914
cf-request-id: 08de44f9b400001ecec484e000000001
last-modified: Thu, 23 Nov 2017 23:11:37 GMT
server: cloudflare
etag: "5a1755a9-2d4b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 15 Apr 2021 10:08:01 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6310a43c48a41ece-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 bhh.png
www.dorchestercollection.com/wp-content/uploads/logos/ 5 KB
5 KB 106ms
103ms Image
image/webp 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dorchestercollection.com/wp-content/uploads/logos/bhh.png
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ccbcef9e94d4adf16a37dfcb1b48f3de6c47f2fc48d237539ede201363e0a6c4

Request headers

Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
cf-cache-status: HIT
age: 36319
cf-polished: origFmt=png, origSize=10746
content-disposition: inline; filename="bhh.webp"
content-length: 5020
cf-request-id: 08de44f9b400001ece19345000000001
last-modified: Thu, 23 Nov 2017 23:11:37 GMT
server: cloudflare
etag: "5a1755a9-29fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 15 Apr 2021 10:08:01 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6310a43c48a51ece-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 hba.png
www.dorchestercollection.com/wp-content/uploads/logos/ 3 KB
3 KB 104ms
102ms Image
image/webp 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dorchestercollection.com/wp-content/uploads/logos/hba.png
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4f53f972750d51df4b487098adc95af10cf0fe25e8ee350251a8b2a9dbc1772e

Request headers

Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
cf-cache-status: HIT
age: 36319
cf-polished: origFmt=png, origSize=7150
content-disposition: inline; filename="hba.webp"
content-length: 3158
cf-request-id: 08de44f9b400001ecea8103000000001
last-modified: Thu, 23 Nov 2017 23:11:37 GMT
server: cloudflare
etag: "5a1755a9-1bee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 15 Apr 2021 10:08:01 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6310a43c48a61ece-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 lmp.png
www.dorchestercollection.com/wp-content/uploads/logos/ 3 KB
3 KB 106ms
103ms Image
image/webp 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dorchestercollection.com/wp-content/uploads/logos/lmp.png
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff5cd7a9f589a1272fc7022198db5de6d23980a60c2907ef80135baf5294af74

Request headers

Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
cf-cache-status: HIT
age: 36319
cf-polished: origFmt=png, origSize=5994
content-disposition: inline; filename="lmp.webp"
content-length: 2624
cf-request-id: 08de44f9b400001ecebeb9f000000001
last-modified: Mon, 04 Dec 2017 09:12:23 GMT
server: cloudflare
etag: "5a251177-176a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 15 Apr 2021 10:08:01 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6310a43c48a81ece-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 hpa.png
www.dorchestercollection.com/wp-content/uploads/logos/ 4 KB
4 KB 104ms
101ms Image
image/webp 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dorchestercollection.com/wp-content/uploads/logos/hpa.png
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aa6bd0a2b9be7d5e6591a4d0297995236309c57578bb37d137ba36030ff1cdd1

Request headers

Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
cf-cache-status: HIT
age: 36319
cf-polished: origFmt=png, origSize=9532
content-disposition: inline; filename="hpa.webp"
content-length: 4250
cf-request-id: 08de44f9b500001eced391b000000001
last-modified: Thu, 23 Nov 2017 23:11:37 GMT
server: cloudflare
etag: "5a1755a9-253c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 15 Apr 2021 10:08:01 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6310a43c48a91ece-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 her.png
www.dorchestercollection.com/wp-content/uploads/logos/ 3 KB
4 KB 105ms
103ms Image
image/webp 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dorchestercollection.com/wp-content/uploads/logos/her.png
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 34acbd20eabec132c70b8098ffdf8ef089e2e3601b50e671fc64043347073489

Request headers

Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
cf-cache-status: HIT
age: 36319
cf-polished: origFmt=png, origSize=8081
content-disposition: inline; filename="her.webp"
content-length: 3540
cf-request-id: 08de44f9b500001ecea6369000000001
last-modified: Thu, 23 Nov 2017 23:11:37 GMT
server: cloudflare
etag: "5a1755a9-1f91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 15 Apr 2021 10:08:01 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6310a43c48ab1ece-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 hps.png
www.dorchestercollection.com/wp-content/uploads/logos/ 3 KB
3 KB 119ms
117ms Image
image/webp 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dorchestercollection.com/wp-content/uploads/logos/hps.png
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: cedf1af6e83fcc2da30b26c262a1689f1ef93194288667bc57209f79e3549549

Request headers

Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
cf-cache-status: HIT
age: 36319
cf-polished: origFmt=png, origSize=7898
content-disposition: inline; filename="hps.webp"
content-length: 3314
cf-request-id: 08de44f9b500001ecef21fa000000001
last-modified: Thu, 23 Nov 2017 23:11:37 GMT
server: cloudflare
etag: "5a1755a9-1eda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 15 Apr 2021 10:08:01 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6310a43c48ae1ece-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 js_composer_front.min.js Show response
www.dorchestercollection.com/wp-content/plugins/js_composer/assets/js/dist/ 20 KB
6 KB 88ms
88ms Script
application/javascript 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dorchestercollection.com/wp-content/plugins/js_composer/assets/js/dist/js_composer_front.min.js?ver=6.3.0
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 527beb6c2c7fb7390156ab5c7e269b74994831e1cae8a54bec16e6165b908fc4

Request headers

Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 03 Sep 2020 08:10:55 GMT
server: cloudflare
age: 37295
etag: W/"5f50a50f-50d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=16070400
cf-ray: 6310a43c18201ece-AMS
cf-request-id: 08de44f99100001ece1ebcf000000001
expires: Thu, 15 Apr 2021 09:51:45 GMT

GET
H2 200 iframeResizer.min.js Show response
www.dorchestercollection.com/wp-content/plugins/dc-modules/DcModules/js/ 11 KB
5 KB 85ms
85ms Script
application/javascript 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dorchestercollection.com/wp-content/plugins/dc-modules/DcModules/js/iframeResizer.min.js?ver=1.0
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 99867862ef674aa4267eae2237a7c14b8e4f01edc1b08ba44b3cd3af71d4ae5c

Request headers

Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Mar 2021 14:24:55 GMT
server: cloudflare
age: 37225
etag: W/"604a2837-2df0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=16070400
cf-ray: 6310a43c18231ece-AMS
cf-request-id: 08de44f99200001ecee2bec000000001
expires: Thu, 15 Apr 2021 09:52:55 GMT

GET
H2 200 jquery.magnify.min.js Show response
cdnjs.cloudflare.com/ajax/libs/magnify/2.3.3/js/ 4 KB
2 KB 16ms
11ms Script
application/javascript 2606:4700::6810:135e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/magnify/2.3.3/js/jquery.magnify.min.js

Requested by

Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:135e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

33be16f7ec667cad3c3f736e602b5820a38d998752aa00023327029d1f2ea1a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"max_age":604800,"report_to":"cf-nel"}
age: 2460435
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 1564
cf-request-id: 08de44f98a0000d6b5e68ad000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:12:04 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ed4-1057"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4s3o2uGcOFWhYyXkirDUWMy0JxmGqBP0bNcCewVHKSsdOSrspbqICPbooybLOlHqPuFQTTlDq8RZ%2FTw1en16s6ULiBg1OoWCKTI8Pzz%2FcI8yIhzkN1kFXhLzYGM5XRaWlw%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 6310a43c1cc5d6b5-FRA
expires: Sun, 06 Mar 2022 20:13:20 GMT

GET
H2 200 anime.min.js Show response
www.dorchestercollection.com/wp-content/plugins/dc-modules/DcModules/js/ 17 KB
7 KB 107ms
103ms Script
application/javascript 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dorchestercollection.com/wp-content/plugins/dc-modules/DcModules/js/anime.min.js?ver=3.0.1
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a43f4a6446508a64cb40e3134fdf65061193ec05f230fcf783dd86d62c9de3bd

Request headers

Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Mar 2021 14:24:55 GMT
server: cloudflare
age: 37295
etag: W/"604a2837-431b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=16070400
cf-ray: 6310a43c48941ece-AMS
cf-request-id: 08de44f9b100001eceb1b78000000001
expires: Thu, 15 Apr 2021 09:51:45 GMT

GET
H2 200 front.min.js Show response
www.dorchestercollection.com/wp-content/plugins/cookie-notice/js/ 9 KB
2 KB 84ms
79ms Script
application/javascript 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dorchestercollection.com/wp-content/plugins/cookie-notice/js/front.min.js?ver=2.0.3
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc51ed5137587b9033d06b65d9456d6d69dc52a4005cc51b2d23f85e69d4f8c8

Request headers

Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Thu, 11 Mar 2021 15:01:57 GMT
server: cloudflare
age: 37295
etag: W/"604a30e5-2474"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=16070400
cf-ray: 6310a43c48981ece-AMS
cf-request-id: 08de44f9b100001ecef5079000000001
expires: Thu, 15 Apr 2021 09:51:45 GMT

GET
H2 200 app.js Show response
www.dorchestercollection.com/wp-content/themes/dc20/dist/ 413 KB
118 KB 122ms
118ms Script
application/javascript 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dorchestercollection.com/wp-content/themes/dc20/dist/app.js?id=418c6aa5ac61a60d51ab
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 270c6a454e0b0e10ce24de0f54e96675177feebd2f4e9b74caf0305b1139dc3a

Request headers

Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Tue, 16 Mar 2021 09:34:40 GMT
server: cloudflare
age: 37295
etag: W/"60507bb0-674dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=16070400
cf-ray: 6310a43c48991ece-AMS
cf-request-id: 08de44f9b100001ecedf206000000001
expires: Thu, 15 Apr 2021 09:51:45 GMT

GET
H2 200 webfont.js Show response
ajax.googleapis.com/ajax/libs/webfont/1.5.18/ 16 KB
6 KB 8ms
6ms Script
text/javascript 2a00:1450:4001:808::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/webfont/1.5.18/webfont.js

Requested by

Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Sat, 13 Mar 2021 07:17:00 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 305780
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6490
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Sun, 13 Mar 2022 07:17:00 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 251 KB
68 KB 34ms
32ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W7S3Z6

Requested by

Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a294921d8b52c11e27a1748dfc42cbfacfd0b43dde0b71e2bff07c98bebc2c2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69198
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Mar 2021 20:13:20 GMT

GET
H2 200 tt1047m_-webfont.woff
www.dorchestercollection.com/wp-content/themes/dc20/dist/fonts/ 29 KB
30 KB 101ms
101ms Font
font/woff 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dorchestercollection.com/wp-content/themes/dc20/dist/fonts/tt1047m_-webfont.woff
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a013f622f8c22fce98b22cfb19e0579b0bb6aac4cc475f4b713a85b246f312ae

Request headers

Origin: https://www.dorchestercollection.com
Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
cf-cache-status: HIT
age: 37225
content-length: 30156
cf-request-id: 08de44f9b500001ecef8119000000001
last-modified: Tue, 02 Mar 2021 15:11:36 GMT
server: cloudflare
etag: "603e55a8-75cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6310a43c48b01ece-AMS
expires: Thu, 15 Apr 2021 09:52:55 GMT

GET
H2 200 NewsGothicBT-Roman.ttf
www.dorchestercollection.com/wp-content/themes/dc20/dist/fonts/ 55 KB
55 KB 101ms
100ms Font
application/octet-stream 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dorchestercollection.com/wp-content/themes/dc20/dist/fonts/NewsGothicBT-Roman.ttf
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8d03124cf5391c5a15f8aee91b8bd00501d2dd5b1a3b57ce12b857a3900428a

Request headers

Origin: https://www.dorchestercollection.com
Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
cf-cache-status: HIT
age: 37225
content-length: 55856
cf-request-id: 08de44f9b600001ecea5a40000000001
last-modified: Tue, 02 Mar 2021 15:11:36 GMT
server: cloudflare
etag: "603e55a8-da30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6310a43c48b31ece-AMS
expires: Thu, 15 Apr 2021 09:52:55 GMT

GET
H2 200 DCEC_0820_When-youre-ready_Web-banner_NO-TEXT-1920x840.jpg
www.dorchestercollection.com/wp-content/uploads/ 240 KB
241 KB 159ms
159ms Image
image/jpeg 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dorchestercollection.com/wp-content/uploads/DCEC_0820_When-youre-ready_Web-banner_NO-TEXT-1920x840.jpg
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e22dec381dfb96462d938898c58ec7538f1f10bfbf2fb11fde601649edc8ee0a

Request headers

Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
cf-cache-status: MISS
last-modified: Thu, 13 Aug 2020 10:22:14 GMT
server: cloudflare
etag: "5f351456-3c1ba"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6310a43c99301ece-AMS
content-length: 246202
cf-request-id: 08de44f9dc00001ecebcb76000000001
expires: Thu, 15 Apr 2021 20:13:20 GMT

GET
H2 200 placeholder-16x9-views-of-hyde-park-from-the-dorchester.jpg
www.dorchestercollection.com/wp-content/uploads/ 192 KB
192 KB 77ms
76ms Image
image/jpeg 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dorchestercollection.com/wp-content/uploads/placeholder-16x9-views-of-hyde-park-from-the-dorchester.jpg
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 41496c7e4c93abda701d5da7270ccf2dc9e6e94dd9cddb0c917d054341e12419

Request headers

Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
cf-cache-status: HIT
age: 32636
cf-polished: origSize=207906, status=webp_bigger
content-length: 196465
cf-request-id: 08de44f9e400001ecec4855000000001
last-modified: Tue, 17 Oct 2017 11:28:48 GMT
server: cloudflare
etag: "59e5e970-32c22"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Thu, 15 Apr 2021 11:09:24 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6310a43c99461ece-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 Satycation_-offer_header_1920x8404.jpg
www.dorchestercollection.com/wp-content/uploads/ 137 KB
138 KB 71ms
71ms Image
image/webp 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dorchestercollection.com/wp-content/uploads/Satycation_-offer_header_1920x8404.jpg
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89239034821d17be0d09542542fc1e456594a275cd08bfd273265d699e8332d6

Request headers

Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
cf-cache-status: HIT
age: 36318
cf-polished: qual=85, origFmt=jpeg, origSize=925374
content-disposition: inline; filename="Satycation_-offer_header_1920x8404.webp"
content-length: 140572
cf-request-id: 08de44f9e200001ecef507f000000001
last-modified: Thu, 21 May 2020 13:51:50 GMT
server: cloudflare
etag: "5ec68776-e1ebe"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 15 Apr 2021 10:08:01 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6310a43c99481ece-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 tt1048m_-webfont.woff
www.dorchestercollection.com/wp-content/themes/dc20/dist/fonts/ 33 KB
34 KB 79ms
79ms Font
font/woff 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dorchestercollection.com/wp-content/themes/dc20/dist/fonts/tt1048m_-webfont.woff
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c02cd745dc3f23602e84fda75bd06cdcafa97e1abea8d39a2f146d6a09152083

Request headers

Origin: https://www.dorchestercollection.com
Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
cf-cache-status: HIT
age: 37225
content-length: 34256
cf-request-id: 08de44f9e500001ecefaacf000000001
last-modified: Tue, 02 Mar 2021 15:11:36 GMT
server: cloudflare
etag: "603e55a8-85d0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6310a43ca9581ece-AMS
expires: Thu, 15 Apr 2021 09:52:55 GMT

GET
H2 200 Mr-Cowdray-Dorchester-Collection-2-1600x900.jpg
www.dorchestercollection.com/wp-content/uploads/ 83 KB
83 KB 68ms
67ms Image
image/webp 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dorchestercollection.com/wp-content/uploads/Mr-Cowdray-Dorchester-Collection-2-1600x900.jpg
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ae6f29817dc907c5672c79f7b3a7fc003ff4a4ec601b73071b73fb5e432d451a

Request headers

Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
cf-cache-status: HIT
age: 36319
cf-polished: qual=85, origFmt=jpeg, origSize=131413
content-disposition: inline; filename="Mr-Cowdray-Dorchester-Collection-2-1600x900.webp"
content-length: 84852
cf-request-id: 08de44f9f600001eceb90b6000000001
last-modified: Wed, 20 May 2020 10:46:42 GMT
server: cloudflare
etag: "5ec50a92-20155"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 15 Apr 2021 10:08:01 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6310a43cb9aa1ece-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 BHH-Staff-web-crop-1600x900.jpg
www.dorchestercollection.com/wp-content/uploads/ 188 KB
188 KB 117ms
117ms Image
image/jpeg 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dorchestercollection.com/wp-content/uploads/BHH-Staff-web-crop-1600x900.jpg
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c63034ba86807ae61d9ea34550228315b05bcc5419d804f9bd462aecad45d073

Request headers

Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
cf-cache-status: MISS
last-modified: Wed, 20 May 2020 10:48:38 GMT
server: cloudflare
etag: "5ec50b06-2f066"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6310a43cb9ac1ece-AMS
content-length: 192614
cf-request-id: 08de44f9f600001ece131d9000000001
expires: Thu, 15 Apr 2021 20:13:20 GMT

GET
H2 200 beverly-hills-bungalow-22A-living-room_LAndscape-1600x900.jpg
www.dorchestercollection.com/wp-content/uploads/ 263 KB
263 KB 79ms
79ms Image
image/webp 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.dorchestercollection.com/wp-content/uploads/beverly-hills-bungalow-22A-living-room_LAndscape-1600x900.jpg
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d752e3276ceeb551d9cf7999be09c9813be12630cdb8335f6df784b820c39a09

Request headers

Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
cf-cache-status: HIT
age: 32636
cf-polished: qual=85, origFmt=jpeg, origSize=298552
content-disposition: inline; filename="beverly-hills-bungalow-22A-living-room_LAndscape-1600x900.webp"
content-length: 269202
cf-request-id: 08de44f9f700001ecea515e000000001
last-modified: Thu, 10 May 2018 00:16:12 GMT
server: cloudflare
etag: "5af38f4c-48e38"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Thu, 15 Apr 2021 11:09:24 GMT
cache-control: max-age=16070400
accept-ranges: bytes
cf-ray: 6310a43cb9ad1ece-AMS
cf-bgj: imgq:85,h2pri

GET
H2 200 pro.min.css Show response
ka-p.fontawesome.com/releases/v5.15.2/css/ 310 KB
52 KB 23ms
21ms Fetch
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.2/css/pro.min.css?token=87cd77f416
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/87cd77f416.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1833dd8b12e343fabdaa88ccdc017af44753571fb6dcfbd6fb5a50c893b75fae

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 5255693
content-length: 53569
cf-request-id: 08de44f9e80000325842265000000001
last-modified: Wed, 13 Jan 2021 18:32:23 GMT
server: cloudflare
etag: "5fff3cb7-d141"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 6310a43ca8543258-FRA

GET
H2 200 pro-v4-shims.min.css Show response
ka-p.fontawesome.com/releases/v5.15.2/css/ 26 KB
4 KB 22ms
20ms Fetch
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.2/css/pro-v4-shims.min.css?token=87cd77f416
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/87cd77f416.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c95ae22b8d3f26a4bccfc359b7f236e0baadea9e814b7616fe9380ecf72d404d

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 5255693
content-length: 4202
cf-request-id: 08de44f9e70000325888a65000000001
last-modified: Wed, 13 Jan 2021 18:32:20 GMT
server: cloudflare
etag: "5fff3cb4-106a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 6310a43ca8513258-FRA

GET
H2 200 pro-v4-font-face.min.css Show response
ka-p.fontawesome.com/releases/v5.15.2/css/ 27 KB
3 KB 19ms
17ms Fetch
text/css 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.2/css/pro-v4-font-face.min.css?token=87cd77f416
Requested by: Host: kit.fontawesome.com
URL: https://kit.fontawesome.com/87cd77f416.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 06663477c0f778367b3550d1672db9bcf0ee750322e9101813fd7d03508ad3f7

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
content-encoding: gzip
cf-cache-status: HIT
age: 373797
content-length: 2568
cf-request-id: 08de44f9e80000325838253000000001
last-modified: Wed, 13 Jan 2021 18:32:19 GMT
server: cloudflare
etag: "5fff3cb3-a08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 6310a43ca8563258-FRA

GET
H2 200 NewsGothicBT-Demi.ttf
www.dorchestercollection.com/wp-content/themes/dc20/dist/fonts/ 50 KB
50 KB 62ms
62ms Font
application/octet-stream 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dorchestercollection.com/wp-content/themes/dc20/dist/fonts/NewsGothicBT-Demi.ttf
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 21e2863e58541871f68126845ad7830c38cbb6ed19e02d3468e9b760efdb4f32

Request headers

Origin: https://www.dorchestercollection.com
Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
cf-cache-status: HIT
age: 37224
content-length: 51144
cf-request-id: 08de44fa3900001ecee01c0000000001
last-modified: Tue, 02 Mar 2021 15:11:36 GMT
server: cloudflare
etag: "603e55a8-c7c8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6310a43d2a8d1ece-AMS
expires: Thu, 15 Apr 2021 09:52:56 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 27ms
7ms Script
text/javascript 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7S3Z6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 1910
date: Tue, 16 Mar 2021 19:41:30 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Tue, 16 Mar 2021 21:41:30 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
19 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:828::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7S3Z6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 05 Feb 2021 21:33:27 GMT
server: Golfe2
age: 2695
date: Tue, 16 Mar 2021 19:28:25 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18980
expires: Tue, 16 Mar 2021 21:28:25 GMT

GET
H2 200 19365.js Show response
www.dwin1.com/ 15 KB
5 KB 50ms
8ms Script
application/javascript 2600:9000:206f:7400:f:8ce2:fb80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/19365.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7S3Z6
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:7400:f:8ce2:fb80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: b40c83e8fc8c6afc7ca2e3062d535074668e55add6b355b3fb1873402944ab93

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-amz-version-id: xZ4gA6dXIfPKtxL.RqL_k3NHGSBO_Fec
content-encoding: gzip
etag: W/"a4cdf19b9a549078bc6b1e0a93043e45"
age: 521
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Tue, 09 Mar 2021 16:42:47 GMT
server: AmazonS3
date: Tue, 16 Mar 2021 20:08:23 GMT
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
via: 1.1 cae542650fb32c773cc494fc6e7e71e7.cloudfront.net (CloudFront)
cache-control: max-age=600, s-maxage=600
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: xLfU91Q2NxH9Jt8COcM0oyJbjaFVtRxZmOVm3ZxetnwmKPWX9yRwsQ==

GET
H2 200 bat.js Show response
bat.bing.com/ 28 KB
9 KB 29ms
28ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: f14f0d4ca69db0c2914322578f10bf3f9393771f439c9f670cc4d40971b0af8d

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
content-encoding: gzip
last-modified: Fri, 05 Mar 2021 20:27:29 GMT
x-msedge-ref: Ref A: C0DDFF5A4F1049F5B00A50BF1BBCB9F5 Ref B: FRAEDGE1312 Ref C: 2021-03-16T20:13:20Z
etag: "804e75f6fd11d71:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8562

GET tt-fe6340be87fd5e43b7f0cac5741e76205dd69a68b2024fda16c696848a720f7a.js
tt.mbww.com/ 0
0

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
23 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: NV/MmbGXNiQRcWFGZWGf/y+dem7r4OZGSIQH9Z1rh9x8B+QlaTmx+N0mpWvat73RPejhg8AtHiP29CveQ/NrxA==
x-fb-trip-id: 2050670934
x-frame-options: DENY
date: Tue, 16 Mar 2021 20:13:20 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
x-xss-protection: 0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H/1.1 200
OK tc.min.js Show response
c1.rfihub.net/js/ 19 KB
6 KB 887ms
294ms Script
application/x-javascript 104.79.113.20
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c1.rfihub.net/js/tc.min.js
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.79.113.20 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-79-113-20.deploy.static.akamaitechnologies.com
Software: Jetty(9.0.6.v20130930) /
Resource Hash: 7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 20:13:21 GMT
Content-Encoding: gzip
Last-Modified: Wed, 27 Jan 2021 22:42:23 GMT
Server: Jetty(9.0.6.v20130930)
Vary: Accept-Encoding
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Cache-Control: public, max-age=3600
Connection: keep-alive
Content-Type: application/x-javascript
Content-Length: 6162
Expires: Tue, 16 Mar 2021 21:13:21 GMT

GET
H/1.1 200
OK up_loader.1.1.0.js Show response
js.adsrvr.org/ 4 KB
2 KB 165ms
58ms Script
application/x-javascript 13.226.146.155
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://js.adsrvr.org/up_loader.1.1.0.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7S3Z6
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 13.226.146.155 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-226-146-155.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Mon, 15 Mar 2021 22:04:15 GMT
Content-Encoding: gzip
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Age: 79746
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Content-Type: application/x-javascript
Via: 1.1 20f674d6a4a322fa027d3644cb825864.cloudfront.net (CloudFront)
Connection: keep-alive
Transfer-Encoding: chunked
X-Amz-Cf-Pop: DUS51-C1
X-Amz-Cf-Id: 0bJCCABIXk1UZVXsCVuFmdriFQYsQs1XEqe2QXgIzjDOms8CWt2HCQ==

GET
H2 200 pro-fa-brands-400-5.0.0.woff2
ka-p.fontawesome.com/releases/v5.15.2/webfonts/ 38 KB
38 KB 19ms
18ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-brands-400-5.0.0.woff2
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5f031f5beda509b8c7f74966b00340c15321b31b43ada420ef85ff7c5e5e7578

Request headers

Origin: https://www.dorchestercollection.com
Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
cf-cache-status: HIT
last-modified: Wed, 13 Jan 2021 18:39:27 GMT
server: cloudflare
age: 5259339
etag: "5fff3e5f-9908"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 6310a43e2afd3258-FRA
content-length: 39176
cf-request-id: 08de44fad900003258569bf000000001

GET
H2 200 pro-fa-brands-400-5.8.2.woff2
ka-p.fontawesome.com/releases/v5.15.2/webfonts/ 2 KB
3 KB 17ms
17ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-brands-400-5.8.2.woff2
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 88994b8503760a004c40a2db177a7a610c1fee9710639a506971afb8c8d02b07

Request headers

Origin: https://www.dorchestercollection.com
Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
cf-cache-status: HIT
last-modified: Wed, 13 Jan 2021 18:40:17 GMT
server: cloudflare
age: 5259339
etag: "5fff3e91-9a8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 6310a43e2aff3258-FRA
content-length: 2472
cf-request-id: 08de44fad900003258879c1000000001

GET
H2 200 pro-fa-solid-900-5.0.0.woff2
ka-p.fontawesome.com/releases/v5.15.2/webfonts/ 20 KB
20 KB 17ms
16ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-solid-900-5.0.0.woff2
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8eb67a3d1088e367e9b1429105c2df2ce1f042dbb819351e998dbb76717d0936

Request headers

Origin: https://www.dorchestercollection.com
Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:20 GMT
cf-cache-status: HIT
last-modified: Wed, 13 Jan 2021 18:44:17 GMT
server: cloudflare
age: 2451557
etag: "5fff3f81-4f08"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 6310a43e2b013258-FRA
content-length: 20232
cf-request-id: 08de44fad900003258418c6000000001

GET
H2 200 pro-fa-regular-400-5.10.2.woff2
ka-p.fontawesome.com/releases/v5.15.2/webfonts/ 16 KB
16 KB 34ms
34ms Font
font/woff2 2606:4700::6812:1734
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://ka-p.fontawesome.com/releases/v5.15.2/webfonts/pro-fa-regular-400-5.10.2.woff2
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6812:1734 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ab3f7bbfc5c0678c098861d2de0f081a0a092fdd9b8626acfce169eb27950383

Request headers

Origin: https://www.dorchestercollection.com
Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:21 GMT
cf-cache-status: HIT
last-modified: Wed, 13 Jan 2021 18:43:27 GMT
server: cloudflare
age: 5259340
etag: "5fff3f4f-40dc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Origin, Accept-Encoding, Access-Control-Request-Headers, Access-Control-Request-Method
content-type: font/woff2
access-control-allow-origin: *
cache-control: max-age=31556926
accept-ranges: bytes
cf-ray: 6310a43e2b033258-FRA
content-length: 16604
cf-request-id: 08de44fada0000325898239000000001

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
97 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c0c::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-43851666-1&cid=745796530.1615925601&jid=312380260&gjid=284947002&_gid=888433834.1615925601&_u=YGBAgEABAAAAAE~&z=413836597

Requested by

Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 16 Mar 2021 20:13:21 GMT
content-type: text/plain
access-control-allow-origin: https://www.dorchestercollection.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
75 B 13ms
12ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=512762124&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dorchestercollection.com%2Fen%2Fwelcoming-you-back%2F&ul=en-us&de=UTF-8&dt=When%20you%E2%80%99re%20ready%2C%20we%E2%80%99ll%20be%20waiting%20%7C%20Dorchester%20Collection&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAAG~&jid=83539229&gjid=380251393&cid=745796530.1615925601&tid=UA-43851666-5&_gid=888433834.1615925601&_r=1&gtm=2wg330W7S3Z6&z=807007978

Requested by

Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 20:13:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dorchestercollection.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
85 B 6ms
5ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=512762124&t=pageview&_s=1&dl=https%3A%2F%2Fwww.dorchestercollection.com%2Fen%2Fwelcoming-you-back%2F&ul=en-us&de=UTF-8&dt=When%20you%E2%80%99re%20ready%2C%20we%E2%80%99ll%20be%20waiting%20%7C%20Dorchester%20Collection&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBAgEAB~&jid=312380260&gjid=284947002&cid=745796530.1615925601&tid=UA-43851666-1&_gid=888433834.1615925601&gtm=2wg330W7S3Z6&z=976732809

Requested by

Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 19:54:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1112
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 99 KB
39 KB 44ms
29ms Script
application/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-830648764

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W7S3Z6

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7320d55ddc724a4fc12d50e987e5d10444060cc323eee6cb6601e396d467c3a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39781
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 18:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 16 Mar 2021 20:13:21 GMT

GET
H2 200 1327363780682788 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1327363780682788?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c86ffcaacce638ee6bd5ff20455bf015314195249dab85b2b21f6c6d1e16a594

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70621
x-fb-rlafr: 0
pragma: public
x-fb-debug: 2kO5HTUJ6rDUCa3XTK/DXyVBd4nVKvjBdaehebp+CPnEhRzJKW62NOX7mm1JsT95XFbwJ3fzEOrqWoqj+ZbeeA==
x-fb-trip-id: 2050670934
x-frame-options: DENY
date: Tue, 16 Mar 2021 20:13:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
93 B 32ms
31ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5488861&Ver=2&mid=5ac9d1bb-90fd-40b1-9da9-443d61fd4c5d&sid=0ddb06f0869411eba9cf5f29fe396d64&vid=0ddb3c00869411eb8eb6b3e97e9831e2&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=When%20you%E2%80%99re%20ready,%20we%E2%80%99ll%20be%20waiting%20%7C%20Dorchester%20Collection&p=https%3A%2F%2Fwww.dorchestercollection.com%2Fen%2Fwelcoming-you-back%2F&r=&lt=644&evt=pageLoad&msclkid=N&sv=1&rn=688583
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Tue, 16 Mar 2021 20:13:20 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 1EDFDB47A0AF4F398A07E51330BDF9B9 Ref B: FRAEDGE1312 Ref C: 2021-03-16T20:13:21Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-43851666-1&cid=745796530.1615925601&jid=312380260&_u=YGBAgEABAAAAAE~&z=315993141

Requested by

Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 20:13:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 29ms
29ms Image
image/gif 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-43851666-1&cid=745796530.1615925601&jid=312380260&_u=YGBAgEABAAAAAE~&z=315993141

Requested by

Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 20:13:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 1 B
77 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-43851666-5&cid=745796530.1615925601&jid=83539229&gjid=380251393&_gid=888433834.1615925601&_u=YGDACEABBAAAAG~&z=1784340207

Requested by

Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 16 Mar 2021 20:13:21 GMT
content-type: text/plain
access-control-allow-origin: https://www.dorchestercollection.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 __utm.gif
ssl.google-analytics.com/r/ 35 B
378 B 42ms
27ms Image
image/gif 2a00:1450:4001:812::2008
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1107924700&utmhn=www.dorchestercollection.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1600x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=When%20you%E2%80%99re%20ready%2C%20we%E2%80%99ll%20be%20waiting%20%7C%20Dorchester%20Collection&utmhid=512762124&utmr=-&utmp=%2Fen%2Fwelcoming-you-back%2F&utmht=1615925601091&utmac=UA-41848973-1&utmgtm=2wg330W7S3Z6&utmcc=__utma%3D239222038.745796530.1615925601.1615925601.1615925601.1%3B%2B__utmz%3D239222038.1615925601.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)%3B&utmjid=1415602055&utmredir=1&utmu=q2AAAABAAAGBAAAAAgABAAAE~

Requested by

Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 20:13:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 32 KB
12 KB 57ms
56ms Script
text/javascript 172.217.16.130
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-830648764

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra15s46-in-f2.1e100.net

Software

cafe /

Resource Hash

f6ac3c8e6ce2149cb393c789e9640b78cfb6626380e872a605c1c5fb1df3981e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12620
x-xss-protection: 0
server: cafe
etag: 4454677202539371103
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Tue, 16 Mar 2021 20:13:21 GMT

GET
H2 200 get-loader.js Show response
loader.wisepops.com/ 45 KB
13 KB 59ms
43ms Script
text/javascript 2606:4700:20::681a:b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://loader.wisepops.com/get-loader.js?v=1&site=ayeeR33817
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f6750db6fcd51005bd8336db2d4dd87f4041745787a02ad5f32f6f411547fd7

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
server: cloudflare
age: 617
x-wisepops-server: popup-prod-eu-1
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Tbfa8by6dPi4aaOjETJi%2F1ECdD5oMqmssllNNMwbE0%2Fd7jUeZyTHXgzShaUHnLN6dkFREjejn4JkEv9m8Q%2Bx3m41cqdsdLbRi2EW%2FyC4445Ks1wSLplVJAPg4gwnZ8sX"}]}
content-type: text/javascript
cache-control: public, max-age=3600
cf-ray: 6310a43f2ba9dfd7-FRA
cf-request-id: 08de44fb780000dfd782964000000001
x-robots-tag: noindex, nofollow

GET
H2 200 985639565105713 Show response
connect.facebook.net/signals/config/ 241 KB
69 KB 121ms
121ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/985639565105713?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7282aedfae74dee35b15e6282f41103fad3e49e14fbc8517705a2e4f012acdd1

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: public
x-fb-debug: FQCvPwRUgPsYQhztTbOn9/9J9A/RhAXSTlqlDaEEeHaJplJkFT21l1mNYXbHrn4soAaSXHssfkq4BR3gm+0oGQ==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Tue, 16 Mar 2021 20:13:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coop_report","max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}],"include_subdomains":true}, {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
cross-origin-opener-policy-report-only: same-origin-allow-popups;report-to="coop_report"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
258 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1327363780682788&ev=PageView&dl=https%3A%2F%2Fwww.dorchestercollection.com%2Fen%2Fwelcoming-you-back%2F&rl=&if=false&ts=1615925601144&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1615925601143.1790193223&it=1615925601043&coo=false&rqm=GET

Requested by

Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 16 Mar 2021 20:13:21 GMT

POST
H/1.1 200
OK my-wisepop Show response
popup.wisepops.com/ 274 B
598 B 218ms
60ms XHR
application/json 52.28.121.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://popup.wisepops.com/my-wisepop
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.121.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-121-193.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: 78b891728f706e2a9447a48437daafa2c090b7e4e275c319051d8370ea9763cb

Request headers

Accept: application/json
Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Date: Tue, 16 Mar 2021 20:13:21 GMT
Server: nginx
X-Wisepops-Server: popup-prod-eu-1
Content-Type: application/json
Access-Control-Allow-Origin: https://www.dorchestercollection.com
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Robots-Tag: noindex, nofollow
Content-Length: 274

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/830648764/ 2 KB
1 KB 17ms
17ms Script
text/javascript 2a00:1450:4001:82b::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/830648764/?random=1615925601196&cv=9&fst=1615925601196&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.dorchestercollection.com%2Fen%2Fwelcoming-you-back%2F&tiba=When%20you%E2%80%99re%20ready%2C%20we%E2%80%99ll%20be%20waiting%20%7C%20Dorchester%20Collection&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a0acbf73cb70da68ce1d8916e3bd971416e0ff080b9cffcc3786d2e27da42ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 20:13:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1083
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/830648764/ 42 B
89 B 20ms
20ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/830648764/?random=1615925601196&cv=9&fst=1615924800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.dorchestercollection.com%2Fen%2Fwelcoming-you-back%2F&tiba=When%20you%E2%80%99re%20ready%2C%20we%E2%80%99ll%20be%20waiting%20%7C%20Dorchester%20Collection&async=1&fmt=3&is_vtc=1&random=1102689153&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 20:13:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/830648764/ 42 B
89 B 19ms
19ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/830648764/?random=1615925601196&cv=9&fst=1615924800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa330&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.dorchestercollection.com%2Fen%2Fwelcoming-you-back%2F&tiba=When%20you%E2%80%99re%20ready%2C%20we%E2%80%99ll%20be%20waiting%20%7C%20Dorchester%20Collection&async=1&fmt=3&is_vtc=1&random=1102689153&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 20:13:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 6ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=985639565105713&ev=PageView&dl=https%3A%2F%2Fwww.dorchestercollection.com%2Fen%2Fwelcoming-you-back%2F&rl=&if=false&ts=1615925601285&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1615925601143.1790193223&it=1615925601043&coo=false&rqm=GET

Requested by

Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Tue, 16 Mar 2021 20:13:21 GMT

GET
H2 200 161893.js Show response
cdn.wisepops.com/shared/wisepops/18eee389fb0b10c68cd0d32fe81a48e6/ 281 KB
80 KB 48ms
41ms Script
text/javascript 2606:4700:20::681a:b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.wisepops.com/shared/wisepops/18eee389fb0b10c68cd0d32fe81a48e6/161893.js?v=1607599478000
Requested by: Host: loader.wisepops.com
URL: https://loader.wisepops.com/get-loader.js?v=1&site=ayeeR33817
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 13a961605453f8134818f20334c8733d85df8409da019126084ee3e5543644f9

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=JB17jw==, md5=Qn/Q2cPNP2TJU9DtHpW8kQ==
date: Tue, 16 Mar 2021 20:13:21 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 95364
x-guploader-uploadid: ABg5-UwJqNTxBrxbJ2vAT0FU4dmZI9Wp4AD0W68XytZoIVZUC47lyCDg4ZWqZ9fB4UMF8bol1CejAow_E_n-7yEcE9u6bKFZAA
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-type: text/javascript
cf-request-id: 08de44fc900000dfd776283000000001
last-modified: Fri, 12 Jun 2020 12:55:53 GMT
server: cloudflare
etag: W/"427fd0d9c3cd3f64c953d0ed1e95bc91"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3h15hzf4hbjdtEHW8HJ7AmvXyWiwa%2Bgat20JKPq9ZbNu2%2F86MWJDQ2287piLQEeIvx5YdRl1GbJ%2BkijsqrDU1NE66GmDRZgJPxkxYCx1YppAr%2B%2BWqdbOMK%2BVZ9Fa"}]}
x-goog-generation: 1591966553947645
cache-control: public, max-age=31536000
x-goog-stored-content-length: 287820
cf-ray: 6310a440eec1dfd7-FRA
expires: Mon, 15 Mar 2021 18:12:35 GMT

GET
H2 200 css
fonts.googleapis.com/ 6 KB
778 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:82a::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,700

Requested by

Host: cdn.wisepops.com
URL: https://cdn.wisepops.com/shared/wisepops/18eee389fb0b10c68cd0d32fe81a48e6/161893.js?v=1607599478000

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e47a27d91c2487289d6607ee10d7cb7b31944a5ed3ff5ffc86ec8526e9374af0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 16 Mar 2021 20:04:08 GMT
server: ESF
date: Tue, 16 Mar 2021 20:13:21 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 16 Mar 2021 20:13:21 GMT

GET
H2 200 98717403f7e07c7f64f7642e1a7b60c2.jpg
cdn.wisepops.com/shared/images/wisepops/161893/ 36 KB
36 KB 30ms
30ms Image
image/webp 2606:4700:20::681a:b13
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.wisepops.com/shared/images/wisepops/161893/98717403f7e07c7f64f7642e1a7b60c2.jpg
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:b13 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d65dd8a57fbc9ac9efe5f449449026df4439bbc8f6656d9ba6333ac65dbe05aa

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-goog-hash: crc32c=bOL1qg==, md5=ps/lk7lUEYtQ9YNCU5FDPw==
date: Tue, 16 Mar 2021 20:13:21 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 95363
cf-polished: qual=85, origFmt=jpeg, origSize=189713
x-guploader-uploadid: ABg5-UyH5RmtaXeysJDUe5Cyb0lF57V6n-3XBL8WJ8bAlwHad2OPRWuqmXpBT4iGloGUqUV8LT_w9FCrZT-OGrRV4CSl0YY7ug
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-disposition: inline; filename="98717403f7e07c7f64f7642e1a7b60c2.webp"
content-type: image/webp
content-length: 36516
cf-request-id: 08de44fd170000dfd799030000000001
last-modified: Tue, 24 Mar 2020 20:01:49 GMT
server: cloudflare
etag: "a6cfe593b954118b50f583425391433f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=t7zcKt92H9d0iTRmfzGvFN9f4vaiTHSHFQx36PorPwodeF00QhADM51kZq0%2FD2By9tmKMDwLCTd7F2K9d%2BSz1FF17KBS2%2Bs6ZtYy6mOnJ2jzUTCK%2F0Vix592L0ip"}]}
x-goog-generation: 1585080109063251
expires: Mon, 15 Mar 2021 18:12:36 GMT
cache-control: public, max-age=31536000
x-goog-stored-content-length: 189713
accept-ranges: bytes
cf-ray: 6310a441b82adfd7-FRA
cf-bgj: imgq:85,h2pri

GET
H2 200 tt1047m_-webfont.woff
www.dorchestercollection.com/wp-content/themes/dc2017/fonts/ 29 KB
30 KB 73ms
73ms Font
font/woff 104.22.22.243
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dorchestercollection.com/wp-content/themes/dc2017/fonts/tt1047m_-webfont.woff
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.22.22.243 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a013f622f8c22fce98b22cfb19e0579b0bb6aac4cc475f4b713a85b246f312ae

Request headers

Origin: https://www.dorchestercollection.com
Referer: https://www.dorchestercollection.com/en/welcoming-you-back/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:21 GMT
cf-cache-status: HIT
age: 37224
content-length: 30156
cf-request-id: 08de44fd4b00001ecea4148000000001
last-modified: Tue, 16 Jan 2018 09:14:13 GMT
server: cloudflare
etag: "5a5dc265-75cc"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: font/woff
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 6310a4421e9c1ece-AMS
expires: Thu, 15 Apr 2021 09:52:57 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
16 KB 6ms
5ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.dorchestercollection.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 22:41:50 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:55 GMT
server: sffe
age: 509491
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15784
x-xss-protection: 0
expires: Thu, 10 Mar 2022 22:41:50 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
15 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.dorchestercollection.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Mon, 15 Mar 2021 18:51:47 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:18:36 GMT
server: sffe
age: 91294
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15736
x-xss-protection: 0
expires: Tue, 15 Mar 2022 18:51:47 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v20/ 15 KB
16 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v20/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,400,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.dorchestercollection.com
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Wed, 10 Mar 2021 19:52:31 GMT
x-content-type-options: nosniff
last-modified: Wed, 24 Jul 2019 01:19:00 GMT
server: sffe
age: 519650
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15816
x-xss-protection: 0
expires: Thu, 10 Mar 2022 19:52:31 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
58 B 6ms
6ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarypLtmYfLaDDbC5wLe

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 16 Mar 2021 20:13:21 GMT
content-type: text/plain
access-control-allow-origin: https://www.dorchestercollection.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H/1.1 200
OK Cookie set ca.html Show response
20772747p.rfihub.com/ Frame BC61 3 KB
4 KB 230ms
56ms Document
text/html 193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to

Full URL: https://20772747p.rfihub.com/ca.html?ver=9&rb=30932&ca=20772747&_o=30932&t=view&pe=https%3A%2F%2Fwww.dorchestercollection.com%2Fen%2Fwelcoming-you-back%2F&pf=&ra=8463560079290517
Requested by: Host: c1.rfihub.net
URL: https://c1.rfihub.net/js/tc.min.js
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 1ba5cfa8bd8fbca0f040c97bd5713a2e6276e8af3c22cd868d18079e882c07b7

Request headers

Host: 20772747p.rfihub.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.dorchestercollection.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.dorchestercollection.com/

Response headers

Date: Tue, 16 Mar 2021 20:13:21 GMT
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Set-Cookie: eud=H4sIAAAAAAAAAJvFyGtoZmhqaWRqZmBoaWS8Co1_Co3_Co3_C43fxITKn4TGn4XGX4TGX4XG34TG34XG_4SunwWVfwuNv4kVzTxuNP-g8RcJo_IfofEBuYPesUABAAA; Path=/; Domain=.rfihub.com; Expires=Sun, 10 Apr 2022 20:13:21 GMT; Secure; SameSite=None rud=H4sIAAAAAAAAAOMSNrQwN7UwtDQztDAyNDa2NDYwsxDiM9RNdTeMDEk0CdM1y8iR4jU0MzS1NDI1MzC0NLQAAH8bhcI0AAAA; Path=/; Domain=.rfihub.com; Expires=Sun, 10 Apr 2022 20:13:21 GMT; Secure; SameSite=None ruds=H4sIAAAAAAAAAOMSNrQwN7UwtDQztDAyNDa2NDYwsxDiM9RNdTeMDEk0CdM1y8gBAPGUlGMlAAAA; Path=/; Domain=.rfihub.com; Secure; SameSite=None
Cache-Control: no-cache
Content-Type: text/html;charset=utf-8
Content-Length: 3120
Server: Jetty(9.3.29.v20201019)

POST
H2 200 /
www.facebook.com/tr/ 0
31 B 6ms
6ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryzT85PFfvTURMIo4F

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Tue, 16 Mar 2021 20:13:21 GMT
content-type: text/plain
access-control-allow-origin: https://www.dorchestercollection.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H/1.1

200
OK

cm
a.rfihub.com/ Frame BC61
Redirect Chain

https://cm.g.doubleclick.net/pixel?&in=0&google_nid=zeta_interactive&google_cm=&google_sc=&google_hm=MTg3NTgxOTYxODIxMzM5MzA2OA==&forward=
https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEOS8s1yaDBEYmXU4z1awyU8&google_cver=1

42 B
1 KB

193ms
48ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEOS8s1yaDBEYmXU4z1awyU8&google_cver=1
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://20772747p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 20:13:22 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Tue, 16 Mar 2021 20:13:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://a.rfihub.com/cm?pub=445&in=0&forward=&google_gid=CAESEOS8s1yaDBEYmXU4z1awyU8&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 311
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame BC61
Redirect Chain

https://ib.adnxs.com/setuid?entity=18&code=1875819618213393068
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D1875819618213393068

43 B
1 KB

53ms
47ms

Image
image/gif

185.33.221.90
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D1875819618213393068

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.221.90 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

727.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://20772747p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Mar 2021 20:13:22 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.116:80
AN-X-Request-Uuid: e9e6a801-0860-471f-ad8c-dd6358739ab4
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 16 Mar 2021 20:13:22 GMT
X-Proxy-Origin: 194.99.105.99; 194.99.105.99; 727.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.134:80
AN-X-Request-Uuid: d2063137-f7a5-47f0-8ca8-96b93c7fb6fc
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D18%26code%3D1875819618213393068
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame BC61
Redirect Chain

https://stags.bluekai.com/site/4722?id=1875819618213393068&redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fbk_uuid%3D%24_BK_UUID%26forward%3D
https://p.rfihub.com/cm?bk_uuid=8Mlywx99999x9NaQ&forward=

42 B
997 B

199ms
50ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?bk_uuid=8Mlywx99999x9NaQ&forward=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://20772747p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 20:13:22 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Location: https://p.rfihub.com/cm?bk_uuid=8Mlywx99999x9NaQ&forward=
Date: Tue, 16 Mar 2021 20:13:22 GMT
Connection: keep-alive
Content-Length: 0
BK-Server: e40d
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame BC61 0
239 B 175ms
46ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=13490&nid=2596&put=1875819618213393068
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://20772747p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: de8527bfa1ccfd6c1590da0d3b6cff52
Content-Type: image/gif

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame BC61
Redirect Chain

https://dpm.demdex.net/ibs:dpid=1121&dpuuid=1875819618213393068&redir=
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1875819618213393068&redir=

42 B
915 B

66ms
65ms

Image
image/gif

63.33.120.132
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1875819618213393068&redir=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

63.33.120.132 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-63-33-120-132.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://20772747p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v090-01da9bff2.edge-irl1.demdex.com 5.80.7.20210304103356 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: jMnbB1ZsRxM=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: K08FQl3LSPQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=1121&dpuuid=1875819618213393068&redir=
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

204
No Content

sync
ups.analytics.yahoo.com/ups/55856/ Frame BC61
Redirect Chain

https://pixel.advertising.com/ups/55856/sync?uid=1875819618213393068&_origin=1
https://pixel.advertising.com/ups/55856/sync?uid=1875819618213393068&_origin=1&verify=true
https://ups.analytics.yahoo.com/ups/55856/sync?uid=1875819618213393068&_origin=1&apid=UP0e79ff2b-8694-11eb-80bd-0278aefe5bd8

0
964 B

161ms
54ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55856/sync?uid=1875819618213393068&_origin=1&apid=UP0e79ff2b-8694-11eb-80bd-0278aefe5bd8

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/7.1.2.128 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://20772747p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 20:13:22 GMT
Server: ATS/7.1.2.128
Connection: keep-alive
Age: 0
Strict-Transport-Security: max-age=31536000
P3P: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55856/sync?uid=1875819618213393068&_origin=1&apid=UP0e79ff2b-8694-11eb-80bd-0278aefe5bd8
date: Tue, 16 Mar 2021 20:13:22 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame BC61
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1875819618213393068&forward=
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1875819618213393068&forward=&C=1

43 B
1006 B

92ms
92ms

Image
image/gif

2.20.170.241
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1875819618213393068&forward=&C=1
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2.20.170.241 Schiphol, Netherlands, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-20-170-241.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://20772747p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 16 Mar 2021 20:13:22 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Tue, 16 Mar 2021 20:13:22 GMT

Redirect headers

Pragma: no-cache
Date: Tue, 16 Mar 2021 20:13:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=57&external_user_id=1875819618213393068&forward=&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 295
Expires: Tue, 16 Mar 2021 20:13:22 GMT

GET
H2 204 v1
ads.yahoo.com/cms/ Frame BC61 0
446 B 24ms
7ms Image
text/plain 2a00:1288:80:800::7001
YAHOO-DEB

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ads.yahoo.com/cms/v1?esig=1~84c296ca4cae9f73fbcc48363a3cd4cd34be98f5&nwid=10000648372&sigv=1

Requested by

Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1288:80:800::7001 , United Kingdom, ASN203220 (YAHOO-DEB, GB),

Reverse DNS

Software

ATS /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://20772747p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:21 GMT
cache-control: no-store
x-content-type-options: nosniff
server: ATS
strict-transport-security: max-age=15552000
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
x-xss-protection: 1; mode=block

GET
H2 200 360947.gif
idsync.rlcdn.com/ Frame BC61 42 B
417 B 128ms
45ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/360947.gif?partner_uid=1875819618213393068
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://20772747p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 20:13:22 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

GET
H2 200 rocketfuel_sync
x.dlx.addthis.com/e/ Frame BC61 43 B
191 B 293ms
210ms Image
image/gif 92.123.150.214
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://x.dlx.addthis.com/e/rocketfuel_sync?na_exid=1875819618213393068

Requested by

Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

92.123.150.214 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a92-123-150-214.deploy.static.akamaitechnologies.com

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=2628000

Request headers

Referer: https://20772747p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 20:13:22 GMT
cache-control: max-age=0, no-cache, no-store
expires: Tue, 16 Mar 2021 20:13:22 GMT
content-length: 43
strict-transport-security: max-age=2628000
content-type: image/gif

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame BC61
Redirect Chain

https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1875819618213393068&img=1
https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1875819618213393068&img=1&__user_check__=1&sync_id=0e84ce10-8694-11eb-b44f-173c25ca2606

43 B
548 B

55ms
54ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=7180&uid=1875819618213393068&img=1&__user_check__=1&sync_id=0e84ce10-8694-11eb-b44f-173c25ca2606
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 185.94.180.126 , United States, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

Referer: https://20772747p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 20:13:22 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 54
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Tue, 16 Mar 2021 20:13:22 GMT
Server: nginx
Location: /partner?adv_id=7180&uid=1875819618213393068&img=1&__user_check__=1&sync_id=0e84ce10-8694-11eb-b44f-173c25ca2606
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 124
Connection: keep-alive
Content-Length: 0

GET
H2 200 sync
partners.tremorhub.com/ Frame BC61 43 B
183 B 272ms
87ms Image
image/gif 2600:1f18:612b:4232:1f73:43cf:8eeb:9521
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://partners.tremorhub.com/sync?UIRF=1875819618213393068&r=bOQWLR3nT7bW
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2600:1f18:612b:4232:1f73:43cf:8eeb:9521 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://20772747p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:22 GMT
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
content-type: image/gif

GET
H2 200 g.pixel
aa.agkn.com/adscores/ Frame BC61 43 B
238 B 164ms
51ms Image
image/gif 52.58.248.2
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://aa.agkn.com/adscores/g.pixel?sid=9212192898&rf=1875819618213393068
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.248.2 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-248-2.eu-central-1.compute.amazonaws.com
Software: AAWebServer /
Resource Hash: 98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer: https://20772747p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 20:13:22 GMT
server: AAWebServer
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-length: 43
expires: 0

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame BC61 0
337 B 190ms
62ms Image
text/plain 52.214.133.201
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner_id=rfuel&partner_user_id=1875819618213393068
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.133.201 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-133-201.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://20772747p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:22 GMT
cache-control: private, no-cache, no-store
x-request-time: D=61 t=1615925602
x-served-by: beacon-n005-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H2

200

sync
x.bidswitch.net/ul_cb/ Frame BC61
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=119&user_id=1875819618213393068&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1875819618213393068&expires=30

43 B
343 B

53ms
52ms

Image
image/gif

35.157.221.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1875819618213393068&expires=30
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.157.221.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-157-221-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://20772747p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 43
content-type: image/gif

Redirect headers

location: https://x.bidswitch.net/ul_cb/sync?dsp_id=119&user_id=1875819618213393068&expires=30
date: Tue, 16 Mar 2021 20:13:22 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H/1.1

200
OK

match
ps.eyeota.net/ Frame BC61
Redirect Chain

https://p.rfihub.com/cm?pub=24472&in=1
https://ps.eyeota.net/match?uid=1875819618213393068&bid=omt9pi0

0
344 B

208ms
52ms

Image
text/plain

3.124.210.90
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ps.eyeota.net/match?uid=1875819618213393068&bid=omt9pi0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.124.210.90 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-124-210-90.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://20772747p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 20:13:22 GMT
Content-Length: 0
P3P: CP="CURa ADMa DEVa TAIo PSAo PSDo OUR SAMo BUS UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR", policyref="http://ps.eyeota.net/w3c/p3p.xml"

Redirect headers

Location: https://ps.eyeota.net/match?uid=1875819618213393068&bid=omt9pi0
Date: Tue, 16 Mar 2021 20:13:22 GMT
Server: Jetty(9.3.29.v20201019)
Content-Length: 0
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame BC61
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D
https://sync-tm.everesttech.net/ct/upi/pid/Mlpt2JaG/?redir=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D21653%26userid%3D%24%7BTM_USER_ID%7D&_test=YFERYgAAAJSAxToG
https://p.rfihub.com/cm?in=1&pub=21653&userid=YFERYgAAAJSAxToG&_test=YFERYgAAAJSAxToG

42 B
1 KB

52ms
51ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=21653&userid=YFERYgAAAJSAxToG&_test=YFERYgAAAJSAxToG
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://20772747p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 20:13:22 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

pragma: no-cache
date: Tue, 16 Mar 2021 20:13:22 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1615925603.516752,VS0,VE0
x-served-by: cache-hhn4051-HHN
x-cache: HIT
location: https://p.rfihub.com/cm?in=1&pub=21653&userid=YFERYgAAAJSAxToG&_test=YFERYgAAAJSAxToG
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2 200 cksync.php
contextual.media.net/ Frame BC61 46 B
696 B 444ms
181ms Image
image/gif 104.110.252.25
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://contextual.media.net/cksync.php?cs=3&type=rkt&ovsid=1875819618213393068

Requested by

Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.110.252.25 New York, United States, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-110-252-25.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=604800

Request headers

Referer: https://20772747p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=604800
server: Apache
date: Tue, 16 Mar 2021 20:13:22 GMT
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
cache-control: max-age=0, no-cache, no-store
content-type: image/gif
content-length: 46
x-mnet-hl2: E
expires: Tue, 16 Mar 2021 20:13:22 GMT

GET
H/1.1

200
OK

cm
p.rfihub.com/ Frame BC61
Redirect Chain

https://bs.serving-sys.com/serving?cn=um&dpid=12&rtu=https%3A%2F%2Fp.rfihub.com%2Fcm%3Fin%3D1%26pub%3D17945%26userid%3D%5B%25tp_UserID%25%5D
https://p.rfihub.com/cm?in=1&pub=17945&userid=0a16062b-b0b7-4fe7-86fb-dd58f07d5db0

42 B
1 KB

52ms
52ms

Image
image/gif

193.0.160.128
ROCKETFUEL

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.rfihub.com/cm?in=1&pub=17945&userid=0a16062b-b0b7-4fe7-86fb-dd58f07d5db0
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_CBC
Server: 193.0.160.128 , United States, ASN54312 (ROCKETFUEL, US),
Reverse DNS
Software: Jetty(9.3.29.v20201019) /
Resource Hash: 47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292

Request headers

Referer: https://20772747p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date: Tue, 16 Mar 2021 20:13:22 GMT
Cache-Control: no-cache
Server: Jetty(9.3.29.v20201019)
Content-Type: image/gif
Content-Length: 42
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

Pragma: no-cache
Date: Tue, 16 Mar 2021 20:13:21 GMT
Server: Microsoft-IIS/7.5
X-Powered-By: ASP.NET
P3P: CP="NOI DEVa OUR BUS UNI"
Location: https://p.rfihub.com/cm?in=1&pub=17945&userid=0a16062b-b0b7-4fe7-86fb-dd58f07d5db0
Cache-Control: no-cache, no-store
Content-Type: text/html; charset=UTF-8
Content-Length: 213
Expires: Sun, 05-Jun-2005 22:00:00 GMT

GET
H2

200

362358.gif
idsync.rlcdn.com/ Frame BC61
Redirect Chain

https://live.rezync.com/pixel?c=bd8618c307ae9885a12561b7191e2cea&cid=1875819618213393068&referrer=https%3A%2F%2Fwww.dorchestercollection.com%2Fen%2Fwelcoming-you-back%2F
https://p.rfihub.com/cm?pub=39342&in=0&userid=d5d4529f-5050-4194-b946-123f7bb395f3%3A1615925602.54&forward=https%3A//idsync.rlcdn.com/501709.gif%3Fpartner_uid%3Dd5d4529f-5050-4194-b946-123f7bb395f3...
https://idsync.rlcdn.com/501709.gif?partner_uid=d5d4529f-5050-4194-b946-123f7bb395f3%3A1615925602.54
https://cm.g.doubleclick.net/pixel?google_nid=epsilon&google_cm
https://idsync.rlcdn.com/362358.gif?google_gid=CAESECYaTLAXrpSLv3JmLVR_aWQ&google_cver=1

42 B
300 B

48ms
47ms

Image
image/gif

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/362358.gif?google_gid=CAESECYaTLAXrpSLv3JmLVR_aWQ&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://20772747p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

timing-allow-origin: *
date: Tue, 16 Mar 2021 20:13:22 GMT
via: 1.1 google
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
content-type: image/gif
alt-svc: clear
content-length: 42

Redirect headers

pragma: no-cache
date: Tue, 16 Mar 2021 20:13:22 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://idsync.rlcdn.com/362358.gif?google_gid=CAESECYaTLAXrpSLv3JmLVR_aWQ&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 289
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
bpi.rtactivate.com/tag/ Frame BC61 43 B
109 B 485ms
196ms Image
image/gif 54.175.102.177
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bpi.rtactivate.com/tag/?id=11017&user_id=1875819618213393068
Requested by: Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.175.102.177 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-175-102-177.compute-1.amazonaws.com
Software: awselb/2.0 /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://20772747p.rfihub.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date: Tue, 16 Mar 2021 20:13:22 GMT
server: awselb/2.0
content-length: 43
content-type: image/gif

GET
H2

200

/ Show response
match.adsrvr.org/track/upb/ Frame CE1B
Redirect Chain

https://insight.adsrvr.org/track/up?adv=3dpjdzx&ref=https%3A%2F%2Fwww.dorchestercollection.com%2Fen%2Fwelcoming-you-back%2F&upid=g8i4mvb&upv=1.1.0
https://match.adsrvr.org/track/upb/?adv=3dpjdzx&ref=https%3A%2F%2Fwww.dorchestercollection.com%2Fen%2Fwelcoming-you-back%2F&upid=g8i4mvb&upv=1.1.0

0
182 B

185ms
61ms

Document
text/html

52.214.43.215
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://match.adsrvr.org/track/upb/?adv=3dpjdzx&ref=https%3A%2F%2Fwww.dorchestercollection.com%2Fen%2Fwelcoming-you-back%2F&upid=g8i4mvb&upv=1.1.0
Requested by: Host: js.adsrvr.org
URL: https://js.adsrvr.org/up_loader.1.1.0.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.214.43.215 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-214-43-215.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

:method: GET
:authority: match.adsrvr.org
:scheme: https
:path: /track/upb/?adv=3dpjdzx&ref=https%3A%2F%2Fwww.dorchestercollection.com%2Fen%2Fwelcoming-you-back%2F&upid=g8i4mvb&upv=1.1.0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.dorchestercollection.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: TDID=d2740eda-f570-4d18-84e2-f74cbde71ea5
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer: https://www.dorchestercollection.com/

Response headers

date: Tue, 16 Mar 2021 20:13:22 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

Redirect headers

date: Tue, 16 Mar 2021 20:13:22 GMT
content-type: text/html; charset=utf-8
location: https://match.adsrvr.org/track/upb/?adv=3dpjdzx&ref=https%3A%2F%2Fwww.dorchestercollection.com%2Fen%2Fwelcoming-you-back%2F&upid=g8i4mvb&upv=1.1.0
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
set-cookie: TDID=d2740eda-f570-4d18-84e2-f74cbde71ea5; domain=.adsrvr.org; expires=Wed, 16-Mar-2022 20:13:22 GMT; path=/; secure; SameSite=None
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 2 B
25 B 13ms
13ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j88&a=512762124&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.dorchestercollection.com%2Fen%2Fwelcoming-you-back%2F&ul=en-us&de=UTF-8&dt=When%20you%E2%80%99re%20ready%2C%20we%E2%80%99ll%20be%20waiting%20%7C%20Dorchester%20Collection&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Engagement&ea=0&el=https%3A%2F%2Fwww.dorchestercollection.com%2Fen%2Fwelcoming-you-back%2F&_utma=239222038.745796530.1615925601.1615925601.1615925601.1&_utmz=239222038.1615925601.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1615925601974&_u=aGDCCEABBAAAAG~&jid=1893439430&gjid=1617193977&cid=745796530.1615925601&tid=UA-43851666-1&_gid=888433834.1615925601&_r=1&gtm=2wg330W7S3Z6&z=336868079

Requested by

Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 20:13:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.dorchestercollection.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
28 B 15ms
14ms XHR
text/plain 2a00:1450:400c:c0c::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j88&tid=UA-43851666-1&cid=745796530.1615925601&jid=1893439430&gjid=1617193977&_gid=888433834.1615925601&_u=aGDCCEABBAAAAG~&z=419792659

Requested by

Host: www.dorchestercollection.com
URL: https://www.dorchestercollection.com/en/welcoming-you-back/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c0c::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Tue, 16 Mar 2021 20:13:21 GMT
content-type: text/plain
access-control-allow-origin: https://www.dorchestercollection.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
88 B 29ms
29ms Image
image/gif 2a00:1450:4001:802::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-43851666-1&cid=745796530.1615925601&jid=1893439430&_u=aGDCCEABBAAAAG~&z=1125683828

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 20:13:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
88 B 30ms
30ms Image
image/gif 2a00:1450:4001:810::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j88&tid=UA-43851666-1&cid=745796530.1615925601&jid=1893439430&_u=aGDCCEABBAAAAG~&z=1125683828

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 20:13:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK _.gif
tracking.wisepops.com/ 42 B
251 B 224ms
54ms Other
image/gif 52.28.121.193
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tracking.wisepops.com/_.gif?e=d&p=161893&site=ayeeR33817
Requested by: Host: loader.wisepops.com
URL: https://loader.wisepops.com/get-loader.js?v=1&site=ayeeR33817
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.28.121.193 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-28-121-193.eu-central-1.compute.amazonaws.com
Software: nginx /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 16 Mar 2021 20:13:26 GMT
X-Robots-Tag: noindex, nofollow
Server: nginx
Connection: keep-alive
X-Wisepops-Server: popup-prod-eu-1
Content-Length: 42
Content-Type: image/gif

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
62 B 6ms
6ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=512762124&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.dorchestercollection.com%2Fen%2Fwelcoming-you-back%2F&ul=en-us&de=UTF-8&dt=When%20you%E2%80%99re%20ready%2C%20we%E2%80%99ll%20be%20waiting%20%7C%20Dorchester%20Collection&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=WisePops&ea=Display&el=Desktop%202019&_utma=239222038.745796530.1615925601.1615925601.1615925601.1&_utmz=239222038.1615925601.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1615925606133&_u=aHDCiEABBAAAAG~&jid=&gjid=&cid=745796530.1615925601&tid=UA-43851666-1&_gid=888433834.1615925601&gtm=2wg330W7S3Z6&z=429192376

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 19:54:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1117
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
58 B 7ms
6ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j88&a=512762124&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.dorchestercollection.com%2Fen%2Fwelcoming-you-back%2F&ul=en-us&de=UTF-8&dt=When%20you%E2%80%99re%20ready%2C%20we%E2%80%99ll%20be%20waiting%20%7C%20Dorchester%20Collection&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=WisePops&ea=Display&el=Desktop%202019&_utma=239222038.745796530.1615925601.1615925601.1615925601.1&_utmz=239222038.1615925601.1.1.utmcsr%3D(direct)%7Cutmccn%3D(direct)%7Cutmcmd%3D(none)&_utmht=1615925606135&_u=aHDCCEABBAAAAG~&jid=&gjid=&cid=745796530.1615925601&tid=UA-43851666-5&_gid=888433834.1615925601&gtm=2wg330W7S3Z6&z=18948083

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.dorchestercollection.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 16 Mar 2021 19:54:49 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 1117
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: tt.mbww.com
URL: https://tt.mbww.com/tt-fe6340be87fd5e43b7f0cac5741e76205dd69a68b2024fda16c696848a720f7a.js

Verdicts & Comments Add Verdict or Comment

109 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.rfihub.com/	1970-01-20 02:13:41	Name: rud Value: H4sIAAAAAAAAAOMSNrQwN7UwtDQztDAyNDa2NDYwsxDiM9RNdTeMDEk0CdM1y8iR4jU0MzS1NDI1MzC0NLQAAH8bhcI0AAAA
.rfihub.com/	1970-01-20 02:13:41	Name: eud Value: H4sIAAAAAAAAAJvFyGtoZmhqaWRqZmBoaWS8Co1_Co3_Co3_C43fxITKn4TGn4XGX4TGX4XG34TG34XG_4SunwWVfwuNv4kVzTxuNP-g8RcJo_IfofEBuYPesUABAAA
.dorchestercollection.com/	1969-12-31 23:59:59	Name: wisepops_session Value: %7B%22arrivalOnSite%22%3A%222021-03-16T20%3A13%3A21.126Z%22%2C%22mtime%22%3A1615925601194%2C%22pageviews%22%3A1%2C%22popups%22%3A%7B%7D%2C%22bars%22%3A%7B%7D%2C%22countdowns%22%3A%7B%7D%2C%22src%22%3Anull%2C%22utm%22%3A%7B%7D%7D
.dorchestercollection.com/	1970-01-20 10:23:17	Name: wisepops Value: %7B%22csd%22%3A1%2C%22popups%22%3A%7B%7D%2C%22sub%22%3A0%2C%22ucrn%22%3A46%2C%22cid%22%3A%2236682%22%2C%22v%22%3A4%2C%22bandit%22%3A%7B%22recos%22%3A%7B%7D%7D%7D
.dorchestercollection.com/	1970-01-19 19:01:41	Name: _fbp Value: fb.1.1615925601143.1790193223
.dorchestercollection.com/	1970-01-19 16:52:06	Name: __utmt Value: 1
.dorchestercollection.com/	1970-01-19 16:52:07	Name: __utmb Value: 239222038.1.10.1615925601
.dorchestercollection.com/	1970-01-19 21:14:53	Name: __utmz Value: 239222038.1615925601.1.1.utmcsr=(direct)\|utmccn=(direct)\|utmcmd=(none)
.rfihub.com/	1969-12-31 23:59:59	Name: ruds Value: H4sIAAAAAAAAAOMSNrQwN7UwtDQztDAyNDa2NDYwsxDiM9RNdTeMDEk0CdM1y8gBAPGUlGMlAAAA
.dorchestercollection.com/	1970-01-20 10:23:17	Name: __utma Value: 239222038.745796530.1615925601.1615925601.1615925601.1
.dorchestercollection.com/	1970-01-19 16:53:32	Name: _uetsid Value: 0ddb06f0869411eba9cf5f29fe396d64
.dorchestercollection.com/	1970-01-19 16:52:05	Name: _gat_UA-43851666-5 Value: 1
.dorchestercollection.com/	1970-01-19 17:35:17	Name: __cfduid Value: d2c728e65e4e9329458c0c4b4a414a5751615925600
.dorchestercollection.com/	1970-01-19 17:15:29	Name: _uetvid Value: 0ddb3c00869411eb8eb6b3e97e9831e2
.dorchestercollection.com/	1970-01-19 16:52:05	Name: _dc_gtm_UA-43851666-1 Value: 1
.dorchestercollection.com/	1970-01-20 10:23:17	Name: _ga Value: GA1.2.745796530.1615925601
.dorchestercollection.com/	1970-01-20 10:23:17	Name: wisepops_visits Value: %5B%222021-03-16T20%3A13%3A21.126Z%22%5D
.dorchestercollection.com/	1970-01-19 16:53:32	Name: _gid Value: GA1.2.888433834.1615925601
.dorchestercollection.com/	1969-12-31 23:59:59	Name: __utmc Value: 239222038
.dorchestercollection.com/	1970-01-19 19:01:41	Name: _gcl_au Value: 1.1.1083843927.1615925601

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	warning	URL: https://connect.facebook.net/en_US/fbevents.js(Line 23) Message: [Facebook Pixel] - Duplicate Pixel ID: 985639565105713.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

20772747p.rfihub.com
a.rfihub.com
aa.agkn.com
ads.yahoo.com
ajax.googleapis.com
bat.bing.com
beacon.krxd.net
bpi.rtactivate.com
bs.serving-sys.com
c1.rfihub.net
cdn.jsdelivr.net
cdn.wisepops.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
connect.facebook.net
contextual.media.net
dpm.demdex.net
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
idsync.rlcdn.com
insight.adsrvr.org
js.adsrvr.org
ka-p.fontawesome.com
kit.fontawesome.com
live.rezync.com
loader.wisepops.com
match.adsrvr.org
p.rfihub.com
partners.tremorhub.com
pixel.advertising.com
pixel.rubiconproject.com
popup.wisepops.com
ps.eyeota.net
ssl.google-analytics.com
stags.bluekai.com
stats.g.doubleclick.net
sync-tm.everesttech.net
sync.search.spotxchange.com
tracking.wisepops.com
tt.mbww.com
ups.analytics.yahoo.com
www.dorchestercollection.com
www.dwin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
x.dlx.addthis.com
tt.mbww.com
104.110.252.25
104.22.22.243
104.79.113.20
13.226.146.155
151.101.114.49
172.217.16.130
185.33.221.90
185.94.180.126
193.0.160.128
2.20.170.241
216.58.212.162
2600:1f18:612b:4232:1f73:43cf:8eeb:9521
2600:9000:206f:7400:f:8ce2:fb80:93a1
2606:4700:20::681a:b13
2606:4700::6810:135e
2606:4700::6812:1734
2620:1ec:c11::200
2a00:1288:80:800::7001
2a00:1450:4001:800::200e
2a00:1450:4001:802::2004
2a00:1450:4001:808::200a
2a00:1450:4001:810::2003
2a00:1450:4001:811::2003
2a00:1450:4001:812::2008
2a00:1450:4001:828::2008
2a00:1450:4001:828::200e
2a00:1450:4001:82a::200a
2a00:1450:4001:82b::2002
2a00:1450:4001:82b::2003
2a00:1450:400c:c0c::9a
2a00:1450:400c:c0c::9c
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:1b::621
3.124.210.90
3.126.56.137
35.157.221.90
35.244.174.68
52.214.133.201
52.214.43.215
52.28.121.193
52.58.248.2
52.59.102.119
52.85.115.44
54.175.102.177
54.77.184.190
63.33.120.132
69.173.144.138
80.252.91.53
92.123.150.214
06663477c0f778367b3550d1672db9bcf0ee750322e9101813fd7d03508ad3f7
0f2bb33eb17a106e7e2efa7fa6c5306895c1c34b1d83141ec02e0d5dbde3237d
0f3be44690ae9914ae3e47b7752e1bdea316f09938e9094f99e0de19ccd8987a
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
13a961605453f8134818f20334c8733d85df8409da019126084ee3e5543644f9
1833dd8b12e343fabdaa88ccdc017af44753571fb6dcfbd6fb5a50c893b75fae
1ba5cfa8bd8fbca0f040c97bd5713a2e6276e8af3c22cd868d18079e882c07b7
1db21d816296e6939ba1f42962496e4134ae2b0081e26970864c40c6d02bb1df
21e2863e58541871f68126845ad7830c38cbb6ed19e02d3468e9b760efdb4f32
270c6a454e0b0e10ce24de0f54e96675177feebd2f4e9b74caf0305b1139dc3a
29f6da0a8c21c5681511bb9b08663d3fd2c5d09c9bd8054ec354c563b8c8b7c1
3040defaacce8b9d94bb3497cae91eb273df312e628f4582e140e5a2a2a090ec
33be16f7ec667cad3c3f736e602b5820a38d998752aa00023327029d1f2ea1a0
34acbd20eabec132c70b8098ffdf8ef089e2e3601b50e671fc64043347073489
3f6750db6fcd51005bd8336db2d4dd87f4041745787a02ad5f32f6f411547fd7
41496c7e4c93abda701d5da7270ccf2dc9e6e94dd9cddb0c917d054341e12419
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
48c3fa6f86c54f1d9bb519220713d4b0a1f8cd1a589a3c03b9fa82e98ecb13e3
497b92de73bf09524b40ba99fd190aee97af4d566d2224b7682567384b44cf1e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4f53f972750d51df4b487098adc95af10cf0fe25e8ee350251a8b2a9dbc1772e
527beb6c2c7fb7390156ab5c7e269b74994831e1cae8a54bec16e6165b908fc4
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
552d90c7de054eaff874607e8d6fa0b886f5e24dfeacb8965b599ab825a37e0d
579a172ca2c700734ebcfa06d105a134f31ec2357660e58e0874cfdee8472fd4
5a0acbf73cb70da68ce1d8916e3bd971416e0ff080b9cffcc3786d2e27da42ef
5da307f835e60496b923f3f714dc9e3edc863083f4def30b3d6e92add3e1ca4f
5f031f5beda509b8c7f74966b00340c15321b31b43ada420ef85ff7c5e5e7578
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7282aedfae74dee35b15e6282f41103fad3e49e14fbc8517705a2e4f012acdd1
7320d55ddc724a4fc12d50e987e5d10444060cc323eee6cb6601e396d467c3a5
78b891728f706e2a9447a48437daafa2c090b7e4e275c319051d8370ea9763cb
7ef97b12890fc6fee67f869c6e1f74b6719de7d66ac0d649c8d7386a80b4c30f
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
88994b8503760a004c40a2db177a7a610c1fee9710639a506971afb8c8d02b07
89239034821d17be0d09542542fc1e456594a275cd08bfd273265d699e8332d6
8c626f0f9b5c109539b256b73e72c02b300a184f46b4535c2eb86599215c78af
8dbb3fbf6b9f43e7b8910762718dbae04c9a3bf59d129f400985defe7447e0dd
8eb67a3d1088e367e9b1429105c2df2ce1f042dbb819351e998dbb76717d0936
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
99867862ef674aa4267eae2237a7c14b8e4f01edc1b08ba44b3cd3af71d4ae5c
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9e938b572a9e1fe2fc723d85ae1a6bf06ac87e7d57108dccc530e826f4074a86
a013f622f8c22fce98b22cfb19e0579b0bb6aac4cc475f4b713a85b246f312ae
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a294921d8b52c11e27a1748dfc42cbfacfd0b43dde0b71e2bff07c98bebc2c2a
a43f4a6446508a64cb40e3134fdf65061193ec05f230fcf783dd86d62c9de3bd
aa6bd0a2b9be7d5e6591a4d0297995236309c57578bb37d137ba36030ff1cdd1
ab3f7bbfc5c0678c098861d2de0f081a0a092fdd9b8626acfce169eb27950383
ae6f29817dc907c5672c79f7b3a7fc003ff4a4ec601b73071b73fb5e432d451a
b0d74cf6deeec28b7bd618bb816ec15b341981e389855d5cd10a183739a36745
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b40c83e8fc8c6afc7ca2e3062d535074668e55add6b355b3fb1873402944ab93
b41a13faed25f7c62584766727f4e782de6ebc3a9c597d3a8ba5e10f7ff38f31
b4d07892cde715d50bb69c1982df496385d1dfd8f9d1867c31f19a3c8634cfae
bd63cf488475d0559b52fb60c4040e91b218a64aa9d2c0315614a16aca8f25f6
c02cd745dc3f23602e84fda75bd06cdcafa97e1abea8d39a2f146d6a09152083
c63034ba86807ae61d9ea34550228315b05bcc5419d804f9bd462aecad45d073
c86ffcaacce638ee6bd5ff20455bf015314195249dab85b2b21f6c6d1e16a594
c95ae22b8d3f26a4bccfc359b7f236e0baadea9e814b7616fe9380ecf72d404d
ccbcef9e94d4adf16a37dfcb1b48f3de6c47f2fc48d237539ede201363e0a6c4
ce261eb163fcaee6953cedc35059732a133766ab824dc512bbdf9424d48601e4
cedf1af6e83fcc2da30b26c262a1689f1ef93194288667bc57209f79e3549549
d0e5bca890602fa7ecab31099c69916ff2ee4a6fef1a4c21f51c6f75437e9fd0
d4f69412612c5d7f804343335621c4ac0ee0301586290749c35ebf6ef530fd2b
d65dd8a57fbc9ac9efe5f449449026df4439bbc8f6656d9ba6333ac65dbe05aa
d752e3276ceeb551d9cf7999be09c9813be12630cdb8335f6df784b820c39a09
da9e7c8fb823576fe327e8631f7fd4ff24ec47c87649bdb558ce1bdba4e9c246
dc51ed5137587b9033d06b65d9456d6d69dc52a4005cc51b2d23f85e69d4f8c8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
de9485aee0805fc555984a4286697dccb8a9762fa9240c6a47b4dd478d282e74
e22dec381dfb96462d938898c58ec7538f1f10bfbf2fb11fde601649edc8ee0a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e47a27d91c2487289d6607ee10d7cb7b31944a5ed3ff5ffc86ec8526e9374af0
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e8ba62cf761b5f7ee6d557170dd26e54aff7f29a60a0abc5d4782c434ff2ab89
ee3a7301fe1e0c0f6bf6acff0d7a8d107f5cb3f62a2566740c0416d8e61f00b9
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f14f0d4ca69db0c2914322578f10bf3f9393771f439c9f670cc4d40971b0af8d
f2b67e3349a5c02ab872fde9c7cfed352e0ee13d986756b7e8c6d09b49606417
f6ac3c8e6ce2149cb393c789e9640b78cfb6626380e872a605c1c5fb1df3981e
f8d03124cf5391c5a15f8aee91b8bd00501d2dd5b1a3b57ce12b857a3900428a
ff5cd7a9f589a1272fc7022198db5de6d23980a60c2907ef80135baf5294af74

www.dorchestercollection.com Open in urlscan Pro 104.22.22.243 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

115 Requests

99 %HTTPS

46 %IPv6

41 Domains

54 Subdomains

45 IPs

7 Countries

3285 kBTransfer

5236 kBSize

20 Cookies

11 Outgoing links

Redirected requests

115 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.dorchestercollection.com Open in urlscan Pro
104.22.22.243 Public Scan

Screenshot
Live screenshot

Full Image

115
Requests

99 %
HTTPS

46 %
IPv6

41
Domains

54
Subdomains

45
IPs

7
Countries

3285 kB
Transfer

5236 kB
Size

20
Cookies

115 HTTP transactions
0 data transactions