www.thewindsorsuites.com Open in urlscan Pro
2606:4700::6812:a353 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.thewindsorsuites.com/
Effective URL:
https://www.thewindsorsuites.com/
Submission: On May 17 via api (May 17th 2024, 1:44:18 am UTC) from US — Scanned from DE

Summary HTTP 73 Redirects Links 22 Behaviour Indicators

Summary

This website contacted 26 IPs in 5 countries across 20 domains to perform 73 HTTP transactions. The main IP is 2606:4700::6812:a353, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.thewindsorsuites.com.
TLS certificate: Issued by GTS CA 1P5 on April 8th 2024. Valid for: 3 months.

This is the only time www.thewindsorsuites.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
14	2606:4700::68... 2606:4700::6812:a353	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.31.234 104.18.31.234	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
6	2600:9000:267... 2600:9000:2670:a000:b:4a4a:a7c0:93a1	16509 (AMAZON-02) (AMAZON-02)
5	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	104.17.24.14 104.17.24.14	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6810:4f49	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	188.114.97.3 188.114.97.3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	2600:9000:223... 2600:9000:223c:ce00:5:8193:8e40:93a1	16509 (AMAZON-02) (AMAZON-02)
4	2a00:1450:400... 2a00:1450:4001:81d::2003	15169 (GOOGLE) (GOOGLE)
1	216.58.206.66 216.58.206.66	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f08... 2a03:2880:f083:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1 7	172.67.164.226 172.67.164.226	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	35.244.188.9 35.244.188.9	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
4	142.250.181.232 142.250.181.232	15169 (GOOGLE) (GOOGLE)
2	2600:9000:275... 2600:9000:275d:c800:1d:40aa:1fc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.161.82.59 3.161.82.59	16509 (AMAZON-02) (AMAZON-02)
5	95.100.146.34 95.100.146.34	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	157.240.0.6 157.240.0.6	32934 (FACEBOOK) (FACEBOOK)
4	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	3.79.70.238 3.79.70.238	16509 (AMAZON-02) (AMAZON-02)
1	23.45.238.237 23.45.238.237	16625 (AKAMAI-AS) (AKAMAI-AS)
1	2606:4700::68... 2606:4700::6812:a253	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.194.133 151.101.194.133	54113 (FASTLY) (FASTLY)
73	26

14 2606:4700::6812:a353 (United States)

ASN13335 (CLOUDFLARENET, US)

www.thewindsorsuites.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.31.234 (None, )

ASN13335 (CLOUDFLARENET, US)

app.termly.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:2670:a000:b:4a4a:a7c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

frontend.cdn.tambourine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.17.24.14 (None, )

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:4f49 (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.114.97.3 (Amsterdam, Netherlands)

ASN13335 (CLOUDFLARENET, US)

siteimproveanalytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:223c:ce00:5:8193:8e40:93a1 (United States)

ASN16509 (AMAZON-02, US)

symphony.cdn.tambourine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:81d::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.206.66 (United States)

ASN15169 (GOOGLE, US)
PTR: tzfraa-aa-in-f2.1e100.net

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f083:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 172.67.164.226 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

onboard.triptease.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
targeted-messages.triptease.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.188.9 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 9.188.244.35.bc.googleusercontent.com

static.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.181.232 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f8.1e100.net

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:275d:c800:1d:40aa:1fc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

p.relay-t.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.161.82.59 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-3-161-82-59.fra56.r.cloudfront.net

www.thehotelsnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 95.100.146.34 (Prague, Czech Republic)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a95-100-146-34.deploy.static.akamaitechnologies.com

analytics.tiktok.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 157.240.0.6 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
PTR: xx-fbcdn-shv-02-fra3.fbcdn.net

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.79.70.238 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-79-70-238.eu-central-1.compute.amazonaws.com

6119418.global.siteimproveanalytics.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.45.238.237 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-45-238-237.deploy.static.akamaitechnologies.com

2486634c787a971a3554-d983ce57e4c84901daded0f67d5a004f.ssl.cf1.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6812:a253 (United States)

ASN13335 (CLOUDFLARENET, US)

api.tambourine.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.194.133 (San Francisco, United States)

ASN54113 (FASTLY, US)

messages.guest-experience.triptease.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
14	thewindsorsuites.com www.thewindsorsuites.com	92 KB
10	tambourine.com frontend.cdn.tambourine.com — Cisco Umbrella Rank: 92506 symphony.cdn.tambourine.com — Cisco Umbrella Rank: 94729 api.tambourine.com — Cisco Umbrella Rank: 102047	701 KB
9	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 39	798 KB
8	triptease.io 1 redirects onboard.triptease.io — Cisco Umbrella Rank: 32328 targeted-messages.triptease.io — Cisco Umbrella Rank: 48028 messages.guest-experience.triptease.io — Cisco Umbrella Rank: 48986	125 KB
5	tiktok.com analytics.tiktok.com — Cisco Umbrella Rank: 712	150 KB
4	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	4 KB
4	gstatic.com fonts.gstatic.com	90 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 183	76 KB
2	google-analytics.com region1.google-analytics.com — Cisco Umbrella Rank: 2533	314 B
2	relay-t.io p.relay-t.io — Cisco Umbrella Rank: 41548	5 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 33	3 KB
1	rackcdn.com 2486634c787a971a3554-d983ce57e4c84901daded0f67d5a004f.ssl.cf1.rackcdn.com — Cisco Umbrella Rank: 160641	6 KB
1	siteimproveanalytics.io 6119418.global.siteimproveanalytics.io — Cisco Umbrella Rank: 170107	149 B
1	thehotelsnetwork.com www.thehotelsnetwork.com — Cisco Umbrella Rank: 36448	8 KB
1	sojern.com static.sojern.com — Cisco Umbrella Rank: 13621	27 KB
1	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 103	64 B
1	siteimproveanalytics.com siteimproveanalytics.com — Cisco Umbrella Rank: 3735	6 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 804	7 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 237	31 KB
1	termly.io app.termly.io — Cisco Umbrella Rank: 15994	251 KB
73	20

	Domain	Requested by
14	www.thewindsorsuites.com	www.thewindsorsuites.com frontend.cdn.tambourine.com
9	www.googletagmanager.com	www.thewindsorsuites.com www.googletagmanager.com
6	onboard.triptease.io	1 redirects www.thewindsorsuites.com onboard.triptease.io
6	frontend.cdn.tambourine.com	www.thewindsorsuites.com
5	analytics.tiktok.com	www.thewindsorsuites.com analytics.tiktok.com
4	www.facebook.com	www.thewindsorsuites.com
4	fonts.gstatic.com	fonts.googleapis.com
3	connect.facebook.net	www.thewindsorsuites.com connect.facebook.net
3	symphony.cdn.tambourine.com	www.thewindsorsuites.com
2	region1.google-analytics.com	www.googletagmanager.com
2	p.relay-t.io	www.thewindsorsuites.com p.relay-t.io
2	fonts.googleapis.com	www.thewindsorsuites.com
1	messages.guest-experience.triptease.io	targeted-messages.triptease.io
1	targeted-messages.triptease.io	onboard.triptease.io targeted-messages.triptease.io
1	api.tambourine.com	frontend.cdn.tambourine.com
1	2486634c787a971a3554-d983ce57e4c84901daded0f67d5a004f.ssl.cf1.rackcdn.com
1	6119418.global.siteimproveanalytics.io	www.thewindsorsuites.com
1	www.thehotelsnetwork.com	www.googletagmanager.com
1	static.sojern.com	www.googletagmanager.com www.thewindsorsuites.com
1	pagead2.googlesyndication.com	www.googletagmanager.com
1	siteimproveanalytics.com	www.thewindsorsuites.com
1	static.cloudflareinsights.com	www.thewindsorsuites.com
1	cdnjs.cloudflare.com	www.thewindsorsuites.com
1	app.termly.io	www.thewindsorsuites.com
73	24

This site contains links to these domains. Also see Links.

Domain
reservations.verticalbooking.com
reservations.thewindsorsuites.com
www.visitphilly.com
www.paconvention.com
www.fi.edu
philamuseum.org
www.nps.gov
symphony.cdn.tambourine.com
recruiting.ultipro.com
www.facebook.com
www.instagram.com
www.tambourine.com
modushotels.com

Subject Issuer	Validity	Valid
thewindsorsuites.com GTS CA 1P5	`2024-04-08` - `2024-07-07`	3 months	crt.sh
app.termly.io Sectigo RSA Domain Validation Secure Server CA	`2023-05-03` - `2024-06-02`	a year	crt.sh
upload.video.google.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
frontend.cdn.tambourine.com Amazon RSA 2048 M01	`2023-07-05` - `2024-08-02`	a year	crt.sh
*.google-analytics.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2023-07-03` - `2024-07-02`	a year	crt.sh
cloudflareinsights.com GTS CA 1P5	`2024-05-08` - `2024-08-06`	3 months	crt.sh
siteimproveanalytics.com GTS CA 1P5	`2024-04-23` - `2024-07-22`	3 months	crt.sh
symphony.cdn.tambourine.com Amazon RSA 2048 M02	`2024-01-25` - `2025-02-23`	a year	crt.sh
*.gstatic.com WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.g.doubleclick.net WR2	`2024-05-06` - `2024-07-29`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2024-02-24` - `2024-05-24`	3 months	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2024-02-08` - `2024-12-21`	10 months	crt.sh
p.relay-t.io Amazon RSA 2048 M02	`2024-04-30` - `2025-05-29`	a year	crt.sh
*.thehotelsnetwork.com Amazon RSA 2048 M03	`2023-09-21` - `2024-10-19`	a year	crt.sh
*.tiktok.com RapidSSL ECC CA 2018	`2023-07-14` - `2024-08-13`	a year	crt.sh
onboard.triptease.io GTS CA 1P5	`2024-04-29` - `2024-07-28`	3 months	crt.sh
*.global.r1.siteimproveanalytics.io Amazon RSA 2048 M03	`2023-10-26` - `2024-11-23`	a year	crt.sh
*.ssl.cf1.rackcdn.com DigiCert TLS RSA SHA256 2020 CA1	`2024-01-29` - `2025-01-29`	a year	crt.sh
api.tambourine.com GTS CA 1P5	`2024-05-04` - `2024-08-02`	3 months	crt.sh
targeted-messages.triptease.io GTS CA 1P5	`2024-04-30` - `2024-07-29`	3 months	crt.sh
*.guest-experience.triptease.io R3	`2024-04-17` - `2024-07-16`	3 months	crt.sh

This page contains 4 frames:

Primary Page: https://www.thewindsorsuites.com/
Frame ID: 59261A39E756654F4C3862C6BC87E85C
Requests: 71 HTTP requests in this frame

Frame: https://static.sojern.com/cip/c/27.html?f_v=cp_v3_js&p_v=1&version=5&auto_url=https%3A%2F%2Fwww.thewindsorsuites.com%2F&auto_ccid=fkl5d-yfvva-lnt19-py1ho-xgbaq&auto_ga=&e_eml=null&auto_eml=Zm9ybXNAdGFtYm91cmluZS5jb20%253D&auto_eml_count=1&auto_eml_domain=dGFtYm91cmluZS5jb20%253D&ws=1600x1200&tz=-120&hpr=The%20Windsor%20Suites&hpid=17784&pt=HOME_PAGE&et=
Frame ID: 044DCC9562F21AFA809FD2D7F2BF1E59
Requests: 1 HTTP requests in this frame

Frame: https://onboard.triptease.io/kernel/v7711.103399/kernel-host.html?originHost=www.thewindsorsuites.com
Frame ID: 2F88A8ABFF64C1AFA664BB3903A358B0
Requests: 1 HTTP requests in this frame

Frame: https://targeted-messages.triptease.io/static/storageIframe.html
Frame ID: 8C8A5823500E65D9956E7DFB1C764A6C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Downtown Philadelphia Hotels | Official Website | The Windsor Suites

Page URL History Show full URLs

http://www.thewindsorsuites.com/ HTTP 307
https://www.thewindsorsuites.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Vue.js (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:/([\d.]+))?/vue(?:\.min)?\.js

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Termly (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

app\.termly\.io/embed\.min\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

73
Requests

96 %
HTTPS

48 %
IPv6

20
Domains

24
Subdomains

26
IPs

5
Countries

2378 kB
Transfer

8081 kB
Size

10
Cookies

22 Outgoing links

These are links going to different origins than the main page.

URL: https://reservations.verticalbooking.com/premium/cancel_modify.html?id_albergo=17784&dc=8551&lingua_int=usa&id_stile=13428
Title: Modify Reservation Link

Search URL Search Domain Scan URL

URL: https://reservations.thewindsorsuites.com/?Hotel=40987&Chain=22582&promo=VPHILLY
Title: Book Now

Search URL Search Domain Scan URL

URL: https://reservations.thewindsorsuites.com/?Hotel=40987&Chain=22582&promo=GOV
Title: Book Now

Search URL Search Domain Scan URL

URL: https://www.visitphilly.com/things-to-do/attractions/philadelphia-museum-of-art/
Title: Philadelphia Museum of Art

Search URL Search Domain Scan URL

URL: https://www.visitphilly.com/things-to-do/attractions/the-barnes-foundation/
Title: Barnes Foundation

Search URL Search Domain Scan URL

URL: https://www.visitphilly.com/things-to-do/attractions/moore-college-of-art-and-design/
Title: Moore College of Art and Design

Search URL Search Domain Scan URL

URL: https://www.visitphilly.com/things-to-do/attractions/rodin-museum/
Title: Rodin Museum

Search URL Search Domain Scan URL

URL: https://www.paconvention.com/
Title: https://www.paconvention.com/

Search URL Search Domain Scan URL

URL: https://www.fi.edu/
Title: https://www.fi.edu/

Search URL Search Domain Scan URL

URL: https://philamuseum.org/
Title: https://philamuseum.org/

Search URL Search Domain Scan URL

URL: https://www.visitphilly.com/things-to-do/attractions/rittenhouse-square-park/
Title: https://www.visitphilly.com/things-to-do/attractions/rittenhouse-square-park/

Search URL Search Domain Scan URL

URL: https://www.nps.gov/inde/learn/historyculture/stories-libertybell.htm
Title: https://www.nps.gov/inde/learn/historyculture/stories-libertybell.htm

Search URL Search Domain Scan URL

URL: https://symphony.cdn.tambourine.com/the-windsor-suites/media/7_27_20_windsorteam624-210-edit-61f1b94c0ffc8.jpg
Title: Zoom 4

Search URL Search Domain Scan URL

URL: https://symphony.cdn.tambourine.com/the-windsor-suites/media/gallery-thewindsorsuites-6494a5a7d9de2.jpg?q=1
Title: Zoom 5

Search URL Search Domain Scan URL

URL: https://symphony.cdn.tambourine.com/the-windsor-suites/media/7_27_20_windsorteam624-114-edit-61f1b9317993c.jpg
Title: Zoom 2

Search URL Search Domain Scan URL

URL: https://symphony.cdn.tambourine.com/the-windsor-suites/media/3_11_21_624commwindsor-71-edit-1-6291186ceb291.jpg?q=3
Title: Zoom 1

Search URL Search Domain Scan URL

URL: https://symphony.cdn.tambourine.com/the-windsor-suites/media/windsorsuites_may_31_2022_web-28-62bb88d157606.jpg?q=9
Title: Zoom 1

Search URL Search Domain Scan URL

URL: https://recruiting.ultipro.com/POL1006/JobBoard/c0e3f015-388f-2bf6-e3ac-af081fcad685/?q=&o=postedDateDesc&w=&wc=&we=&wpst=&f4=thcEhN3_3F2G82QWLH6yKQ
Title: Join Our Team

Search URL Search Domain Scan URL

URL: https://www.facebook.com/TheWindsorSuites/
Title: facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/thewindsorsuites/
Title: instagram

Search URL Search Domain Scan URL

URL: https://www.tambourine.com/?utm_source=clients&utm_term=7015d000001wBTP&utm_medium=referral&utm_campaign=The-Windsor-Suites
Title: Hotel Website Design By Tambourine #tambourine-logo {width:195px;min-width:195px; min-height:24px; height:auto;}

Search URL Search Domain Scan URL

URL: https://modushotels.com/

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.thewindsorsuites.com/ HTTP 307
https://www.thewindsorsuites.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://onboard.triptease.io/bootstrap.js?integrationId=01DHMCM57QMQ1RAWM4GYGH6AEG HTTP 307
https://onboard.triptease.io/bootstrap/v7711.103399/bootstrap.js

73 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.thewindsorsuites.com/
Redirect Chain

http://www.thewindsorsuites.com/
https://www.thewindsorsuites.com/

88 KB
22 KB

340ms
272ms

Document
text/html

2606:4700::6812:a353
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thewindsorsuites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a353 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b9d7533f87fc6528ee30c525be959823dbde96fcfc8dfe74546faba7fa13c963

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

cache-control: no-store, no-cache, must-revalidate
cf-cache-status: DYNAMIC
cf-ray: 884febc34b084d28-FRA
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 17 May 2024 01:44:12 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: cloudflare
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

Location: https://www.thewindsorsuites.com/
Non-Authoritative-Reason: HttpsUpgrades

GET
H3 200 embed.min.js Show response
app.termly.io/ 785 KB
251 KB 52ms
30ms Script
application/javascript 104.18.31.234
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://app.termly.io/embed.min.js

Requested by

Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.18.31.234 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

350123ff7b28e94c2c734e74f0f2cc08d8071541049efe3eb12ad92fd34036f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:12 GMT
strict-transport-security: max-age=15768000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 5565
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer
last-modified: Wed, 15 May 2024 16:44:34 GMT
server: cloudflare
etag: W/"6644e672-c4419"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: public, max-age=14400
cf-ray: 884febc5282318cf-FRA
expires: Fri, 17 May 2024 05:44:12 GMT

GET
H2 200 css
fonts.googleapis.com/ 18 KB
1 KB 41ms
18ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cormorant+Infant:300,300italic,italic,500,regular|Gilda+Display:regular|Montserrat:200,regular,500,100,300

Requested by

Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1f6fd12d58dcc159078effc353e6bb78cf313612f5e884e50d205974cd2fb2f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 May 2024 01:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 May 2024 01:44:12 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 May 2024 01:44:12 GMT

GET
H2 200 symphony.css
frontend.cdn.tambourine.com/assets/ 22 KB
23 KB 475ms
389ms Stylesheet
text/css 2600:9000:2670:a000:b:4a4a:a7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://frontend.cdn.tambourine.com/assets/symphony.css?Mo7XHU
Requested by: Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2670:a000:b:4a4a:a7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f9122305c0f2aeb3f1d123c1be6ae4cd4bb13eff00f7f06263709d825f05507a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:13 GMT
via: 1.1 3aedbf31650352660fd3a878f7b791c8.cloudfront.net (CloudFront)
last-modified: Mon, 12 Feb 2024 21:28:59 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P9
etag: "cedac6609b5603591037359bb9fe71a9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 22695
x-amz-cf-id: Mo3yuv0edOoY3gVN2NHJOr1KN4z_paf3YL5UoJrlmbvJ0dLzWznQsQ==

GET
H2 200 style.css
www.thewindsorsuites.com/assets/ 114 KB
18 KB 196ms
196ms Stylesheet
text/css 2606:4700::6812:a353
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thewindsorsuites.com/assets/style.css?Mo7XHU

Requested by

Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a353 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

97b8d8853887e84d25368fa6f7fac59a71f730e0b9b524bac989ec5eff70c9f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Mon, 04 Mar 2024 22:32:30 GMT
server: cloudflare
strict-transport-security: max-age=31536000; preload
etag: W/"65e64bfe-1c74b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/css
cache-control: max-age=2592000
cf-ray: 884febc50bcc4d28-FRA
x-xss-protection: 1; mode=block
expires: Sun, 16 Jun 2024 01:44:12 GMT

GET
H2 200 jquery-3.7.0.min.js Show response
frontend.cdn.tambourine.com/assets/js/ 85 KB
86 KB 482ms
397ms Script
application/javascript 2600:9000:2670:a000:b:4a4a:a7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://frontend.cdn.tambourine.com/assets/js/jquery-3.7.0.min.js
Requested by: Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2670:a000:b:4a4a:a7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:13 GMT
via: 1.1 3aedbf31650352660fd3a878f7b791c8.cloudfront.net (CloudFront)
last-modified: Mon, 12 Feb 2024 21:28:58 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P9
etag: "e6c2415c0ace414e5153670314ce99a9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 87462
x-amz-cf-id: ffWK0ICideKjxx3uMEjRKE5qvR9PMiEE4T5cv25o-2A7R-h8PxSv9A==

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
83 KB 50ms
23ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-937521589

Requested by

Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

727315e88e9a715393f9513c40fb97ab63cb43e3b9f21239268238fc21924e39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84896
x-xss-protection: 0
last-modified: Fri, 17 May 2024 00:14:14 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 May 2024 01:44:13 GMT

GET
H2 200 the-windsor-suites-2022.svg
www.thewindsorsuites.com/assets/svg/ 7 KB
3 KB 197ms
196ms Image
image/svg+xml 2606:4700::6812:a353
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thewindsorsuites.com/assets/svg/the-windsor-suites-2022.svg

Requested by

Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a353 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c484613f17a4593458b8b888064bb24f9724e0def33823c6d7c62e7b49e8ff54

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:12 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 16 May 2023 15:46:58 GMT
server: cloudflare
strict-transport-security: max-age=31536000; preload
etag: W/"6463a572-1ac6"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 884febc50bcd4d28-FRA
x-xss-protection: 1; mode=block
expires: Sun, 16 Jun 2024 01:44:12 GMT

GET
H2 200 date_range_picker.js Show response
frontend.cdn.tambourine.com/includes/js/ 87 KB
88 KB 482ms
396ms Script
application/javascript 2600:9000:2670:a000:b:4a4a:a7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://frontend.cdn.tambourine.com/includes/js/date_range_picker.js
Requested by: Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2670:a000:b:4a4a:a7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 5c5c3d76cb0beb426e085fa5de4bfd09dd1c73854668723b5b1d12fb1c75f67a

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:13 GMT
via: 1.1 3aedbf31650352660fd3a878f7b791c8.cloudfront.net (CloudFront)
last-modified: Mon, 12 Feb 2024 21:29:03 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P9
etag: "8ad868acd5ec3d4e288fa42d9e99bbce"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 89384
x-amz-cf-id: 3_gdUOxP-4k5Dg0EUhrYlAPYmdzTAZpeVCPnUxrPjgsqBLWf0p3msg==

GET
H2 200 date_range_picker.css
frontend.cdn.tambourine.com/includes/css/ 6 KB
7 KB 393ms
393ms Stylesheet
text/css 2600:9000:2670:a000:b:4a4a:a7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://frontend.cdn.tambourine.com/includes/css/date_range_picker.css
Requested by: Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2670:a000:b:4a4a:a7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 052e58079bc72cbc064ece64e0df1af113fbb15d92fc3aa6c42596d0d5ffed9d

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:13 GMT
via: 1.1 3aedbf31650352660fd3a878f7b791c8.cloudfront.net (CloudFront)
last-modified: Mon, 12 Feb 2024 21:29:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P9
etag: "bb7ea6a6371314e1e7ae21be9ddb5292"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: text/css
accept-ranges: bytes
content-length: 6577
x-amz-cf-id: OFavwPgFoWkAsEbw94BJWTJyUTePDCMWiLH0lL0ClO93zdCbQw_B2w==

GET
H2 200 reviews-logo.svg
www.thewindsorsuites.com/assets/svg/ 2 KB
1 KB 106ms
105ms Image
image/svg+xml 2606:4700::6812:a353
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thewindsorsuites.com/assets/svg/reviews-logo.svg

Requested by

Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a353 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2543fe757a26030ec3216e1d1524b3232a2dbd4ce3e212f9bf858a329a3fbf92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 16 May 2023 15:46:58 GMT
server: cloudflare
strict-transport-security: max-age=31536000; preload
etag: W/"6463a572-6ed"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 884febc8cdff4d28-FRA
x-xss-protection: 1; mode=block
expires: Sun, 16 Jun 2024 01:44:12 GMT

GET
H2 200 reviews-left.svg
www.thewindsorsuites.com/assets/svg/ 1 KB
938 B 108ms
108ms Image
image/svg+xml 2606:4700::6812:a353
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thewindsorsuites.com/assets/svg/reviews-left.svg

Requested by

Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a353 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a97ee3ac9f80aec06bcf1bd4799471bbb85e4f539e2df372889998bbe02b913e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 16 May 2023 15:46:58 GMT
server: cloudflare
strict-transport-security: max-age=31536000; preload
etag: W/"6463a572-505"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 884febc93e334d28-FRA
x-xss-protection: 1; mode=block
expires: Sun, 16 Jun 2024 01:44:13 GMT

GET
H2 200 logo-footer-2022.svg
www.thewindsorsuites.com//assets/svg/ 7 KB
3 KB 108ms
105ms Image
image/svg+xml 2606:4700::6812:a353
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thewindsorsuites.com//assets/svg/logo-footer-2022.svg

Requested by

Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a353 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b55150420b1e46c514d7ac032fc916d506df06cf34dbfc52447275d6f96d5a3e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 16 May 2023 15:46:58 GMT
server: cloudflare
strict-transport-security: max-age=31536000; preload
etag: W/"6463a572-1b60"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 884febc94e384d28-FRA
x-xss-protection: 1; mode=block
expires: Sun, 16 Jun 2024 01:44:13 GMT

GET
H2 200 logo-modus-2022.svg
www.thewindsorsuites.com//assets/svg/ 6 KB
3 KB 209ms
206ms Image
image/svg+xml 2606:4700::6812:a353
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thewindsorsuites.com//assets/svg/logo-modus-2022.svg

Requested by

Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a353 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9e2b21c1ffc84d8f764a0d69ec4494d72cd762f1bb80d79b6a18dbfda88f755d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 16 May 2023 15:46:58 GMT
server: cloudflare
strict-transport-security: max-age=31536000; preload
etag: W/"6463a572-18f8"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 884febc94e394d28-FRA
x-xss-protection: 1; mode=block
expires: Sun, 16 Jun 2024 01:44:13 GMT

GET
H2 200 symphony.js Show response
frontend.cdn.tambourine.com/assets/ 66 KB
66 KB 399ms
397ms Script
application/javascript 2600:9000:2670:a000:b:4a4a:a7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://frontend.cdn.tambourine.com/assets/symphony.js?Mo7XHU
Requested by: Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2670:a000:b:4a4a:a7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 0b82ed265885aa8b5a09b397dd61710b8c97b1ec3263d64d10097d4fecbffdbf

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:14 GMT
via: 1.1 3aedbf31650352660fd3a878f7b791c8.cloudfront.net (CloudFront)
last-modified: Thu, 14 Mar 2024 14:30:41 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P9
etag: "da6859687b9929a52818e5b71113a40f"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 67146
x-amz-cf-id: 5eMdVfZj9iFsUDslKlKTpBVDgn31eY1mJ9GeaJr4xt8Wu1W67syURQ==

GET
H2 200 scripts.js Show response
www.thewindsorsuites.com/assets/ 124 KB
37 KB 207ms
205ms Script
application/javascript 2606:4700::6812:a353
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thewindsorsuites.com/assets/scripts.js?Mo7XHU

Requested by

Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a353 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6ffcb3d467cdd4478bdc39e9904cf3dbdc5732ab39594d8483afa0f65d919e2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Mon, 04 Mar 2024 22:32:30 GMT
server: cloudflare
strict-transport-security: max-age=31536000; preload
etag: W/"65e64bfe-1efaa"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/javascript
cache-control: max-age=2592000
cf-ray: 884febc94e3b4d28-FRA
x-xss-protection: 1; mode=block
expires: Sun, 16 Jun 2024 01:44:13 GMT

GET
H3 200 vue.min.js Show response
cdnjs.cloudflare.com/ajax/libs/vue/2.6.14/ 92 KB
31 KB 26ms
14ms Script
application/javascript 104.17.24.14
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/vue/2.6.14/vue.min.js

Requested by

Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

104.17.24.14 -, , ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:13 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 3647190
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 30949
last-modified: Tue, 08 Jun 2021 12:01:42 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "60bf5c26-78e5"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=JAFbwtku0rvJvQKRLo5BDX%2BErLgVLSz8weG%2BtDdlvvdj578WnISkdo6vH8JsyTCShZXuAwhcvhFKxYIhdLjyHcGK42pD6G3ZI%2BgvwjxGZg%2BXoJo7k2pm4iXHtJbppune7%2Fkoj8R9"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 884febc958622c27-FRA
expires: Wed, 07 May 2025 01:44:13 GMT

GET
H2 200 v-popups.min.js Show response
frontend.cdn.tambourine.com/includes/symphony-components/js/ 96 KB
96 KB 390ms
388ms Script
application/javascript 2600:9000:2670:a000:b:4a4a:a7c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://frontend.cdn.tambourine.com/includes/symphony-components/js/v-popups.min.js?v2=66469a9b9c1cb
Requested by: Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2670:a000:b:4a4a:a7c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 84e6982df43951d710d1d1a02ec4949cb1c937db98de2d88071a1bb9c54fc65b

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:14 GMT
via: 1.1 3aedbf31650352660fd3a878f7b791c8.cloudfront.net (CloudFront)
last-modified: Thu, 09 May 2024 20:52:48 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P9
etag: "f047ea2c242bcc15cf29821168f646c9"
x-amz-server-side-encryption: AES256
vary: Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 98042
x-amz-cf-id: q2DjJPkqCV8Pzbe4GOJZabqOBhx33RDymC6UIP1lULue8xUAFRqnXQ==

GET
H2 200 vedd3670a3b1c4e178fdfb0cc912d969e1713874337387 Show response
static.cloudflareinsights.com/beacon.min.js/ 19 KB
7 KB 62ms
41ms Script
text/javascript 2606:4700::6810:4f49
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/vedd3670a3b1c4e178fdfb0cc912d969e1713874337387
Requested by: Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6810:4f49 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Origin: https://www.thewindsorsuites.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:13 GMT
content-encoding: gzip
last-modified: Mon, 06 May 2024 19:01:13 GMT
server: cloudflare
etag: W/"2024.4.1"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 884febc96a0e91d5-FRA

GET
H2 200 css
fonts.googleapis.com/ 19 KB
1 KB 18ms
17ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Cormorant+Infant:300,300italic,italic,500,regular|Gilda+Display:regular|Montserrat:200,regular,500,100,300&display=swap

Requested by

Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9eadb534b1beb71e8ab51de3ed4b16ab0391a0907c14a4324ab1e0fedef0921e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

strict-transport-security: max-age=31536000
date: Fri, 17 May 2024 01:44:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 17 May 2024 01:44:13 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 17 May 2024 01:44:13 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 323 KB
104 KB 68ms
41ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KMR55CR

Requested by

Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f603d015f6f7896610178cc043e7f627d5acd531467d6f0190340d8bdd597d92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 106319
x-xss-protection: 0
last-modified: Fri, 17 May 2024 00:14:14 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 May 2024 01:44:13 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 273 KB
93 KB 60ms
33ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-P33F2W

Requested by

Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c298921eec0204e34f5a11747bc14d2e21712da2e335d60196815bc31b1d2ae7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 94659
x-xss-protection: 0
last-modified: Fri, 17 May 2024 00:14:14 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 May 2024 01:44:13 GMT

GET
H3 200 siteanalyze_6119418.js Show response
siteimproveanalytics.com/js/ 16 KB
6 KB 38ms
15ms Script
application/javascript 188.114.97.3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://siteimproveanalytics.com/js/siteanalyze_6119418.js
Requested by: Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 188.114.97.3 Amsterdam, Netherlands, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 53e1407e686618c87e15948a2bdd7da7d5b557ae31eb3e8dd9582ce7d02433a2

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:13 GMT
content-encoding: gzip
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-amz-request-id: SSX8P3RKKRCMXN15
age: 6381
alt-svc: h3=":443"; ma=86400
content-length: 5675
x-amz-id-2: WrrQF/ZCg0+xaUM9McwbkJ/HVK9c5X54b6KhdwJX3zYz/2Pmz6VXcmqUgPuUquL1AD/NsIfjRsA=
last-modified: Wed, 14 Feb 2024 16:06:30 GMT
server: cloudflare
etag: "cf0ab0d19a6a30c0055f3ee18febb4f9"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=iQ4eQ9DXxxU3OaWGq44THrhjabfPGPgvGKzH%2FbBsREgepm04QhtDCOG98kqA3fxOu3SNLdeZLGb3HiujdU%2B5MyXEZDtN3SfXVv13IUFIxZhy%2BwrHvwwAGDyvPSZp2fcWEAZ1TNhHZbVvjz4%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400, no-transform
accept-ranges: bytes
cf-ray: 884febc96c20bbdd-FRA

GET
DATA 200
OK truncated
/ 38 B
38 B Other
image/webp

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 down-arrow.svg
www.thewindsorsuites.com/assets/svg/ 272 B
604 B 205ms
204ms Image
image/svg+xml 2606:4700::6812:a353
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thewindsorsuites.com/assets/svg/down-arrow.svg

Requested by

Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/assets/style.css?Mo7XHU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a353 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8036cdecb0294be6062d1b125981512fc4c04baecf0aeab919bad463a2dcc457

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/assets/style.css?Mo7XHU
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 16 May 2023 15:46:58 GMT
server: cloudflare
strict-transport-security: max-age=31536000; preload
etag: W/"6463a572-110"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 884febc95e3e4d28-FRA
x-xss-protection: 1; mode=block
expires: Sun, 16 Jun 2024 01:44:13 GMT

GET
H2 206 thewindor-homepage-header-video-6568a263b7a32.mp4
symphony.cdn.tambourine.com/the-windsor-suites/media/ 2 MB
0 105ms
10ms Media
video/mp4 2600:9000:223c:ce00:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://symphony.cdn.tambourine.com/the-windsor-suites/media/thewindor-homepage-header-video-6568a263b7a32.mp4
Requested by: Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ce00:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://www.thewindsorsuites.com/
Range: bytes=0-
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: _cPWALlBpoElKfDy0gpBY6aiUj0qjUIH
date: Thu, 16 May 2024 20:41:06 GMT
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 18187
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
Content-Range: bytes 0-5606506/5606507
Content-Length: 5606507
last-modified: Thu, 30 Nov 2023 14:55:32 GMT
server: AmazonS3
etag: "c03bd963b818aa7934563ecbe5a1e110"
vary: Accept-Encoding
content-type: video/mp4
accept-ranges: bytes
x-amz-cf-id: lNMHbx6flB4FCDemp_Tj7-A1FKU1z2EDMiLaY6vEVNeEUOkClQ-pIA==

GET
H2 200 pin-black.svg
www.thewindsorsuites.com/assets/svg/ 2 KB
1 KB 106ms
106ms Image
image/svg+xml 2606:4700::6812:a353
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thewindsorsuites.com/assets/svg/pin-black.svg

Requested by

Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/assets/style.css?Mo7XHU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a353 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8b50cfdd907280721a2fb9e5dfee87a06f3e0fdaf3eaa6f6e8804765ad583f01

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/assets/style.css?Mo7XHU
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 16 May 2023 15:46:58 GMT
server: cloudflare
strict-transport-security: max-age=31536000; preload
etag: W/"6463a572-79b"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 884febc97e4b4d28-FRA
x-xss-protection: 1; mode=block
expires: Sun, 16 Jun 2024 01:44:13 GMT

GET
H2 200 JTUSjIg1_i6t8kCHKm459Wlhyw.woff2
fonts.gstatic.com/s/montserrat/v26/ 32 KB
33 KB 30ms
7ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/montserrat/v26/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cormorant+Infant:300,300italic,italic,500,regular|Gilda+Display:regular|Montserrat:200,regular,500,100,300&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.thewindsorsuites.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 06:41:12 GMT
x-content-type-options: nosniff
age: 241381
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 33092
x-xss-protection: 0
last-modified: Wed, 13 Sep 2023 22:51:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 06:41:12 GMT

GET
H2 200 t5tmIRoYMoaYG0WEOh7HwMeR3T7Prw.woff2
fonts.gstatic.com/s/gildadisplay/v18/ 20 KB
20 KB 40ms
17ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/gildadisplay/v18/t5tmIRoYMoaYG0WEOh7HwMeR3T7Prw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cormorant+Infant:300,300italic,italic,500,regular|Gilda+Display:regular|Montserrat:200,regular,500,100,300&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3b58cb822e6503b7fd7c776dc96379e2a26c2e6fc44af829ff35dad3cf5408a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.thewindsorsuites.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 14:25:50 GMT
x-content-type-options: nosniff
age: 213503
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20212
x-xss-protection: 0
last-modified: Thu, 24 Aug 2023 17:52:49 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 14:25:50 GMT

GET
H2 200 HhyIU44g9vKiM1sORYSiWeAsLN9951w3zDQhQw.woff2
fonts.gstatic.com/s/cormorantinfant/v17/ 17 KB
18 KB 42ms
20ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cormorantinfant/v17/HhyIU44g9vKiM1sORYSiWeAsLN9951w3zDQhQw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cormorant+Infant:300,300italic,italic,500,regular|Gilda+Display:regular|Montserrat:200,regular,500,100,300&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5d59cccc44d00ebcc305c6580a0618bfdb8b0a2477851f04831ee75be549c4de

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.thewindsorsuites.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Tue, 14 May 2024 14:12:06 GMT
x-content-type-options: nosniff
age: 214327
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17816
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 02:14:22 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 14 May 2025 14:12:06 GMT

GET
H2 200 HhyKU44g9vKiM1sORYSiWeAsLN997_ItcDERQY8Z.woff2
fonts.gstatic.com/s/cormorantinfant/v17/ 19 KB
19 KB 36ms
14ms Font
font/woff2 2a00:1450:4001:81d::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/cormorantinfant/v17/HhyKU44g9vKiM1sORYSiWeAsLN997_ItcDERQY8Z.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Cormorant+Infant:300,300italic,italic,500,regular|Gilda+Display:regular|Montserrat:200,regular,500,100,300&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f4c65cebd4aeec4d8f0699f034da0c210cdd28c69a2997599ca8cae10a696674

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://fonts.googleapis.com/
Origin: https://www.thewindsorsuites.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Mon, 13 May 2024 21:48:46 GMT
x-content-type-options: nosniff
age: 273327
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 19824
x-xss-protection: 0
last-modified: Tue, 09 Aug 2022 02:28:40 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 13 May 2025 21:48:46 GMT

POST
H3 200 landing
pagead2.googlesyndication.com/pagead/ 42 B
64 B 47ms
17ms Ping
image/gif 216.58.206.66
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/landing?gcs=G100&gcd=13p3p3p2p5&rnd=420496906.1715910253&url=https%3A%2F%2Fwww.thewindsorsuites.com%2F&dma_cps=-&dma=1&npa=1&gtm=45He45f0n71P33F2Wv6585464za200

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P33F2W

Protocol

Security

QUIC, , AES_128_GCM

Server

216.58.206.66 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

tzfraa-aa-in-f2.1e100.net

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 17 May 2024 01:44:13 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 308 KB
101 KB 27ms
26ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-B7WQD3SN2Z&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P33F2W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7a6417e1cc4c499064b045d056c19b1e7d3bba65925b9cdc7f980da0bb648c37

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 103148
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 May 2024 01:44:13 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 218 KB
59 KB 30ms
8ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 17 May 2024 01:44:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 57845
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=6, rtx=0, c=12, mss=1294, tbw=2788, tp=-1, tpl=-1, uplat=0, ullat=-1
pragma: public
x-fb-debug: OUNIWmOZggv79KNaXgyDfryeNWQj0XgysbIFe1bvubkGi8b1sZIqRGwm57tr5Hs9fN5kORjUGYpru423we68bQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3

200

bootstrap.js Show response
onboard.triptease.io/bootstrap/v7711.103399/
Redirect Chain

https://onboard.triptease.io/bootstrap.js?integrationId=01DHMCM57QMQ1RAWM4GYGH6AEG
https://onboard.triptease.io/bootstrap/v7711.103399/bootstrap.js

126 KB
38 KB

36ms
36ms

Script
application/javascript

172.67.164.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/bootstrap/v7711.103399/bootstrap.js

Requested by

Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/

Protocol

Server

172.67.164.226 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

453c5098706ad09b11184b40d51fa561a06094374a5319912cc750cb4b22757a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.thewindsorsuites.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36

Response headers

date: Fri, 17 May 2024 01:44:13 GMT
strict-transport-security: max-age=15552000
content-encoding: br
cf-cache-status: MISS
x-goog-meta-git-hash: ff96548aaa7dbf0b417133837df3772ce231a76d
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPpUNdI4DHV-C3phwcYOWm5Pj2XpD3JP9zqGSnzIJrk383zGY2qvinu1xna3avZopwziTluUFj0fcA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-meta-build-version: 7711.103399
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 16 May 2024 16:02:29 GMT
server: cloudflare
etag: W/"9d5d286db09bac0218a3f365e89b824d"
vary: Accept-Encoding
x-goog-generation: 1715875349546386
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=uK1HjA==, md5=nV0obbCbrAIYo/Nl6JuCTQ==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=a0jNM4TdLUEKgu4efJuNd5gqRH2ZKNuZgQEJzN0y100ES77H0RcL0EWwKUVEzhCd6jp0sD1lz5gvoHgA7oQk4GrTY1oQekHk26NR72jdwgS7ypvuu2NHRwUvOStyjITMyV00O%2B%2B%2B4w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 128751
cf-ray: 884febcb0dee902a-FRA
expires: Sat, 17 May 2025 01:21:37 GMT

Redirect headers

date: Fri, 17 May 2024 01:44:13 GMT
strict-transport-security: max-age=15552000
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=vZsISCmzAe7nuAGFmbW8sBN0VrbofmyidBCV3Wzg%2BgkajFM9LnzYcafFitSZancVWj4RlBweHQjyDjp%2Bkmro7xcac5R38dm1viLuk3nkUDnmoiIdMNupycwnSSVcSFZ8SoueaAGnjg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/plain;charset=UTF-8
location: https://onboard.triptease.io/bootstrap/v7711.103399/bootstrap.js
access-control-allow-origin: *
cache-control: public, max-age=600
cf-ray: 884febca9dc5902a-FRA
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
content-length: 64
alt-svc: h3=":443"; ma=86400

GET
H2 200 sjrn_autocx.js Show response
static.sojern.com/utils/ 26 KB
27 KB 140ms
15ms Script
text/javascript 35.244.188.9
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL: https://static.sojern.com/utils/sjrn_autocx.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P33F2W
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.188.9 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 9.188.244.35.bc.googleusercontent.com
Software: UploadServer /
Resource Hash: 0dffcbdf96ae9aaf25221fac287d4b9745505c38f31d8ff4e28d5659b9ffdb09

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:13:16 GMT
age: 1857
x-guploader-uploadid: ABPtcPqnJxSTyiMLAI_LnWNZsr5wYW8GPn4Oa7dU9yaLV6U6p-u-tLRV2qyNC23ZAcURJk6WwYl8Q5BWew
x-goog-storage-class: STANDARD
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 27113
last-modified: Tue, 16 Apr 2024 09:27:23 GMT
server: UploadServer
etag: "c711c25f5974fd548360227723bb4964"
x-goog-generation: 1713259643329393
x-goog-hash: crc32c=302PIA==, md5=xxHCX1l0/VSDYCJ3I7tJZA==
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=3600
x-goog-stored-content-length: 27113
accept-ranges: bytes
content-type: text/javascript
expires: Fri, 17 May 2024 02:13:16 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 233 KB
83 KB 23ms
22ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-937521589&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P33F2W

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

e917919f9604b923a05b03b06884db478c8d574c38e0c254b6d32fae30e77885

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84834
x-xss-protection: 0
last-modified: Fri, 17 May 2024 00:14:14 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 May 2024 01:44:13 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 311 KB
103 KB 23ms
23ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-VRF9FVWMBB&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMR55CR

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

db5706dde15b08405953e01e224466778ff33168a86b33fb6efd3ab96ba79203

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 105492
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 17 May 2024 01:44:13 GMT

GET
H3 200 destination Show response
www.googletagmanager.com/gtag/ 233 KB
83 KB 28ms
28ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/destination?id=AW-937521589&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMR55CR

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

80d3051fc3899a4f38116e1101f7cf93669d9132cbbe7b68cc8e6afccc0ddc3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84938
x-xss-protection: 0
last-modified: Fri, 17 May 2024 00:14:14 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 May 2024 01:44:13 GMT

GET
H2 200 wh.js Show response
p.relay-t.io/ 4 KB
5 KB 181ms
74ms Script
application/javascript 2600:9000:275d:c800:1d:40aa:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p.relay-t.io/wh.js

Requested by

Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:275d:c800:1d:40aa:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

f50e35eed6b133c5adf2b14a6aa920dbf7384d40d0b2282b3b00670bccb48191

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:14 GMT
via: 1.1 6f1a8e219f50f958f5a2fbc9c84af776.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-meta-content-type: application/javascript
content-length: 4196
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 08 Feb 2024 13:34:04 GMT
server: AmazonS3
etag: "53ab807de88f695459be24327e46aad6"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: 7XCcuJI_j5sFXljrpHwP1ksGQNORRH746iTN70i5ybvAf5y5Q5-Bzw==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 231 KB
83 KB 22ms
22ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-594525725

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMR55CR

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

048410fac238cd52f78db8cc95cbc4225be4ade107cdb4a31dba9037e7ef9094

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 84523
x-xss-protection: 0
last-modified: Fri, 17 May 2024 00:14:14 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 May 2024 01:44:13 GMT

GET
H2 200 loader.js Show response
www.thehotelsnetwork.com/js/ 22 KB
8 KB 156ms
50ms Script
application/javascript 3.161.82.59
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thehotelsnetwork.com/js/loader.js?property_id=1042717&account_key=E2752922AD61895F67B7FB5E479B7DAE

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KMR55CR

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

3.161.82.59 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-3-161-82-59.fra56.r.cloudfront.net

Software

nginx /

Resource Hash

267fb8b0b68ff9267b5515a683b613cb327c159bb7892dc91d4b975a47f62a2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:13 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
via: 1.1 59d552fe007f8133d3f016164f2c79aa.cloudfront.net (CloudFront)
server: nginx
x-amz-cf-pop: FRA56-P10
vary: Accept-Encoding,Accept-Encoding
x-cache: Miss from cloudfront
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.thewindsorsuites.com
access-control-allow-credentials: true
x-amz-cf-id: sl78hFuRackjqyVQGvxoOWS1yYe_Xy4d30XVG1Dqz2zPIGBfFJDJLw==

GET
H2 200 events.js Show response
analytics.tiktok.com/i18n/pixel/ 4 KB
2 KB 245ms
139ms Script
application/javascript 95.100.146.34
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CNNGER3C77U7DQOIRAE0&lib=ttq
Requested by: Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.34 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-34.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: faea9de6034366065c9782dbf32db7aef26ac837bb1ea5c848fd0a972ab0c1aa

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 1d2757ab
date: Fri, 17 May 2024 01:44:13 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240517014413CA875A0A418338F27F2C-56BCDF7237BAE1F0-00
x-cache: TCP_MISS from a95-100-146-30.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
server-timing: inner; dur=5, cdn-cache; desc=MISS, edge; dur=2, origin; dur=108
content-length: 1448
pragma: no-cache
server: nginx
x-tt-logid: 20240517014413CA875A0A418338F27F2C
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 108,95.100.146.30
x-tt-trace-host: 01a866184f8dbbc9d5be1b57a4f37b49440c7374f589aa6903020c076422514a2d668391ebfad112ad560e3bb8b86331f9c23235b39b30a41e02f2ad27129ccc6904098c0494de4147b4ff6aeea540e3643ccb3b540120f3669ff17ef385165af8
expires: Fri, 17 May 2024 01:44:13 GMT

GET
H2 200 187822588940901 Show response
connect.facebook.net/signals/config/ 65 KB
14 KB 83ms
80ms Script
application/x-javascript 2a03:2880:f083:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/187822588940901?v=2.9.156&r=stable&domain=www.thewindsorsuites.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

62e77320b35dde157ec009eed57992df2252574ec22e0898e109d328608eaf94

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 17 May 2024 01:44:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=64, mss=1294, tbw=63375, tp=-1, tpl=-1, uplat=69, ullat=0
pragma: public
x-fb-debug: v7/h7r0eQFjqkmYUAMrf8N9bfk9hyhnWmTKTpxX8pdQtL/0NrVX8CNwq+Q0yav85w6DRzJa8wEJqZaCa0UPNUw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
260 B 64ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-B7WQD3SN2Z&gtm=45je45f0v891191243z86585464za200&_p=1715910252996&gcs=G100&gcd=13p3p3p2p5&npa=1&dma_cps=-&dma=1&cid=89083481.1715910253&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.60%7CChromium%3B125.0.6422.60%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&_s=1&sid=1715910253&sct=1&seg=0&dl=https%3A%2F%2Fwww.thewindsorsuites.com%2F&dt=Downtown%20Philadelphia%20Hotels%20%7C%20Official%20Website%20%7C%20The%20Windsor%20Suites&en=page_view&_fv=1&_nsi=1&_ss=1&tfd=1205
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-B7WQD3SN2Z&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 17 May 2024 01:44:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thewindsorsuites.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 206 thewindor-homepage-header-video-6568a263b7a32.mp4
symphony.cdn.tambourine.com/the-windsor-suites/media/ 35 KB
36 KB 55ms
10ms Media
video/mp4 2600:9000:223c:ce00:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://symphony.cdn.tambourine.com/the-windsor-suites/media/thewindor-homepage-header-video-6568a263b7a32.mp4
Requested by: Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ce00:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ac10f2d34c289f292c92447f3f7de5842ffaae6d2d1519129b2b42bb417f12d8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Encoding: identity;q=1, *;q=0
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Referer: https://www.thewindsorsuites.com/
Range: bytes=5570560-
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: _cPWALlBpoElKfDy0gpBY6aiUj0qjUIH
date: Thu, 16 May 2024 20:41:06 GMT
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-P2
age: 18187
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
Content-Range: bytes 5570560-5606506/5606507
Content-Length: 35947
last-modified: Thu, 30 Nov 2023 14:55:32 GMT
server: AmazonS3
etag: "c03bd963b818aa7934563ecbe5a1e110"
vary: Accept-Encoding
content-type: video/mp4
accept-ranges: bytes
x-amz-cf-id: ibmY0c3VOy6r-6052YmEfU-JIz95bEX5i9DnlNaQsMM8CgFpirZbBA==

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 37ms
14ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-VRF9FVWMBB&gtm=45je45f0v9117977927z89116388209za200&_p=1715910252996&gcs=G100&gcd=13p3p3p2p5&npa=1&dma_cps=-&dma=1&cid=89083481.1715910253&ul=de-de&sr=1600x1200&ir=1&uaa=x86&uab=64&uafvl=Google%2520Chrome%3B125.0.6422.60%7CChromium%3B125.0.6422.60%7CNot.A%252FBrand%3B24.0.0.0&uamb=0&uam=&uap=Win32&uapv=10.0.0&uaw=0&are=1&frm=0&pscdl=denied&_eu=EA&_s=1&sid=1715910253&sct=1&seg=0&dl=https%3A%2F%2Fwww.thewindsorsuites.com%2F&dt=Downtown%20Philadelphia%20Hotels%20%7C%20Official%20Website%20%7C%20The%20Windsor%20Suites&en=page_view&_fv=1&_ss=1&tfd=1233
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-VRF9FVWMBB&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 17 May 2024 01:44:13 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thewindsorsuites.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 378914381507839 Show response
connect.facebook.net/signals/config/ 20 KB
3 KB 77ms
77ms Script
application/x-javascript 157.240.0.6
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/378914381507839?v=2.9.156&r=stable&domain=www.thewindsorsuites.com&hme=c3a545c63044e8e9102d4f32d84a1137594d024f28e801d670bc76dc5c075575&ex_m=67%2C112%2C99%2C103%2C58%2C3%2C93%2C66%2C15%2C91%2C84%2C49%2C51%2C158%2C161%2C172%2C168%2C169%2C171%2C28%2C94%2C50%2C73%2C170%2C153%2C156%2C165%2C166%2C173%2C121%2C14%2C48%2C178%2C177%2C123%2C17%2C33%2C38%2C1%2C41%2C62%2C63%2C64%2C68%2C88%2C16%2C13%2C90%2C87%2C86%2C100%2C102%2C37%2C101%2C29%2C25%2C154%2C157%2C130%2C27%2C10%2C11%2C12%2C5%2C6%2C24%2C21%2C22%2C54%2C59%2C61%2C71%2C95%2C26%2C72%2C8%2C7%2C76%2C46%2C20%2C97%2C96%2C9%2C19%2C18%2C81%2C53%2C79%2C32%2C70%2C0%2C89%2C31%2C78%2C83%2C45%2C44%2C82%2C36%2C4%2C85%2C77%2C42%2C39%2C34%2C80%2C2%2C35%2C60%2C40%2C98%2C43%2C75%2C65%2C104%2C57%2C56%2C30%2C92%2C55%2C52%2C47%2C74%2C69%2C23%2C105%2C184%2C183%2C185%2C190%2C191%2C192%2C188%2C180%2C122%2C124%2C150%2C179%2C181%2C113%2C144%2C135%2C139%2C119%2C174%2C216%2C106%2C117%2C217%2C152%2C110%2C133%2C126%2C114

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

157.240.0.6 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

xx-fbcdn-shv-02-fra3.fbcdn.net

Software

Resource Hash

92482a32590ea1b73cab8dc1034edcd5d3bf2542e658d4a86c0a9689fefee9e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-security-policy: default-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';img-src 'self' data: blob: facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;require-trusted-types-for 'script';
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 17 May 2024 01:44:13 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=13, rtx=0, c=23, mss=1232, tbw=4621, tp=11, tpl=0, uplat=69, ullat=0
pragma: public
x-fb-debug: xbU9TcagU9AF1YY2lyVOoEGF8hAccFXdNRVCBpl5CDEDl50ltNic5TL77UZNeeEfN9bpZ7UUHSzXNj14YLW5DQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), attribution-reporting=(), autoplay=(), battery=(self), bluetooth=(), camera=(), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(), clipboard-write=(), compute-pressure=(), display-capture=(), encrypted-media=(), fullscreen=(self), gamepad=(), geolocation=(), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(), midi=(), otp-credentials=(), payment=(), picture-in-picture=(), private-state-token-issuance=(), publickey-credentials-get=(), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), window-management=(), xr-spatial-tracking=();report-to="permissions_policy"
timing-allow-origin: *
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
273 B 123ms
7ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=187822588940901&ev=PageView&dl=https%3A%2F%2Fwww.thewindsorsuites.com%2F&rl=&if=false&ts=1715910253238&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1715910253237.398135576&cs_est=true&ler=empty&cdl=API_unavailable&it=1715910253146&coo=false&rqm=GET

Requested by

Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1294, tbw=2820, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 17 May 2024 01:44:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
3 KB 414ms
299ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=187822588940901&ev=PageView&dl=https%3A%2F%2Fwww.thewindsorsuites.com%2F&rl=&if=false&ts=1715910253238&sw=1600&sh=1200&v=2.9.156&r=stable&ec=0&o=4126&fbp=fb.1.1715910253237.398135576&cs_est=true&ler=empty&cdl=API_unavailable&it=1715910253146&coo=false&rqm=FGET

Requested by

Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0x7dd2120bffad8ad3","source_keys":["1","2"]},{"key_piece":"0xfb9554622713e1c2","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 17 May 2024 01:44:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=12, rtx=0, c=10, mss=1294, tbw=3169, tp=-1, tpl=-1, uplat=291, ullat=0
pragma: no-cache
x-fb-debug: wa9ZgdtlXPhtA2AYDUAzIYzelChH2HH6Gsy57eGvA+JYaz14NoDufV/foGydspyPxeYSpdoMD2CTUGxaNOKpwg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET 27.html
static.sojern.com/cip/c/ Frame 044D 0
0

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 180 KB
66 KB 20ms
20ms Script
application/javascript 142.250.181.232
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=HA-75&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-P33F2W

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.181.232 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f8.1e100.net

Software

Google Tag Manager /

Resource Hash

98180719d020de6cc0a3a589a80a48bcfc64e4304b2e36466bcbbec7b6db2dd0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:13 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 67044
x-xss-protection: 0
last-modified: Fri, 17 May 2024 00:14:14 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 17 May 2024 01:44:13 GMT

GET
H2 200 beat.js Show response
p.relay-t.io/ 21 B
562 B 66ms
66ms Script
application/javascript 2600:9000:275d:c800:1d:40aa:1fc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://p.relay-t.io/beat.js?type=tg&idhotel=idH&pmsId=pms&tkraw=&tk=&ref=https%3A%2F%2Fwww.thewindsorsuites.com%2F

Requested by

Host: p.relay-t.io
URL: https://p.relay-t.io/wh.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:275d:c800:1d:40aa:1fc0:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

AmazonS3 /

Resource Hash

13abb95134934e2b6ab33036f989d3eb588ec2586fee172d534061cb29e6834a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:14 GMT
via: 1.1 6f1a8e219f50f958f5a2fbc9c84af776.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
x-amz-cf-pop: FRA56-P11
x-amz-server-side-encryption: AES256
x-cache: Miss from cloudfront
x-amz-meta-content-type: application/javascript
content-length: 21
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 08 Feb 2024 13:34:05 GMT
server: AmazonS3
etag: "590efd78ccb474abbf45b795b73e37d8"
x-frame-options: SAMEORIGIN
vary: Origin
content-type: application/javascript
accept-ranges: bytes
x-amz-cf-id: a6iKVapR40lH_TMmpUkGK0a3ihLoR3uEiZ0sOgv6VH_G40BI7H6DKg==

GET
H2 200 /
www.facebook.com/tr/ 0
32 B 43ms
8ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=378914381507839&ev=PageView&dl=https%3A%2F%2Fwww.thewindsorsuites.com%2F&rl=&if=false&ts=1715910253321&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1715910253237.398135576&ler=empty&cdl=API_unavailable&it=1715910253146&coo=false&tm=1&rqm=GET

Requested by

Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-fb-connection-quality: EXCELLENT; q=0.9, rtt=5, rtx=0, c=10, mss=1294, tbw=2820, tp=-1, tpl=-1, uplat=0, ullat=0
strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 17 May 2024 01:44:13 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 /
www.facebook.com/privacy_sandbox/pixel/register/trigger/ 67 B
475 B 335ms
300ms Image
image/png 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/privacy_sandbox/pixel/register/trigger/?id=378914381507839&ev=PageView&dl=https%3A%2F%2Fwww.thewindsorsuites.com%2F&rl=&if=false&ts=1715910253321&sw=1600&sh=1200&v=2.9.156&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=4126&fbp=fb.1.1715910253237.398135576&ler=empty&cdl=API_unavailable&it=1715910253146&coo=false&tm=1&rqm=FGET

Requested by

Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com .fbcdn.net 'unsafe-eval';script-src .facebook.com .fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com:* wss://.fbcdn.net attachment.fbsbx.com blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ .fbsbx.com;font-src data: .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com data:;frame-src .facebook.com .fbsbx.com fbsbx.com data: .fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

attribution-reporting-register-trigger: {"event_trigger_data":[{"trigger_data":"0"}],"aggregatable_trigger_data":[{"key_piece":"0xae9a8916cf63294f","source_keys":["1","2"]},{"key_piece":"0xc1a35d678119e4c8","source_keys":["1","2"]}],"aggregatable_values":{"1":1}}
content-encoding: zstd
x-content-type-options: nosniff
content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com *.fbcdn.net 'unsafe-eval';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' blob: data: 'self' 'unsafe-eval';style-src *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* wss://*.fbcdn.net attachment.fbsbx.com blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ *.fbsbx.com;font-src data: *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net blob: android-webview-video-poster: *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com data:;frame-src *.facebook.com *.fbsbx.com fbsbx.com data: *.fbcdn.net;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
date: Fri, 17 May 2024 01:44:13 GMT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-xss-protection: 0
reporting-endpoints: coop_report="https://www.facebook.com/browser_reporting/coop/?minimize=0", coep_report="https://www.facebook.com/browser_reporting/coep/?minimize=0", default="https://www.facebook.com/ajax/browser_error_reports/?device_level=unknown", permissions_policy="https://www.facebook.com/ajax/browser_error_reports/"
x-fb-connection-quality: EXCELLENT; q=0.9, rtt=12, rtx=0, c=10, mss=1294, tbw=6330, tp=-1, tpl=-1, uplat=292, ullat=0
pragma: no-cache
x-fb-debug: D7pHzQPye4WBIo3yjUc2JfESCRy0KOilb8hZzc+YQtQ1YHtcgpPNqwWuLyNB1AVJmqEFjRepHlXZSkFwL17qSg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups;report-to="coop_report"
vary: Accept-Encoding
report-to: {"max_age":2592000,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coop\/?minimize=0"}],"group":"coop_report","include_subdomains":true}, {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/coep\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}, {"max_age":21600,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/"}],"group":"permissions_policy"}
content-type: image/png
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: private, no-store, no-cache, must-revalidate
permissions-policy: accelerometer=(), attribution-reporting=(self), autoplay=(), battery=(self), bluetooth=(), camera=(self), ch-device-memory=(), ch-downlink=(), ch-dpr=(), ch-ect=(), ch-rtt=(), ch-save-data=(), ch-ua-arch=(), ch-ua-bitness=(), ch-viewport-height=(), ch-viewport-width=(), ch-width=(), clipboard-read=(self), clipboard-write=(self), compute-pressure=(), display-capture=(self), encrypted-media=(self), fullscreen=(self), gamepad=*, geolocation=(self), gyroscope=(), hid=(), idle-detection=(), interest-cohort=(), keyboard-map=(), local-fonts=(), magnetometer=(), microphone=(self), midi=(), otp-credentials=(), payment=(), picture-in-picture=(self), private-state-token-issuance=(), publickey-credentials-get=(self), screen-wake-lock=(), serial=(), shared-storage=(), shared-storage-select-url=(), private-state-token-redemption=(), usb=(), usb-unrestricted=(), unload=(self), window-management=(), xr-spatial-tracking=(self);report-to="permissions_policy"
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 kernel-host.html
onboard.triptease.io/kernel/v7711.103399/ Frame 2F88 0
0 146ms
135ms Document
text/html 172.67.164.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/kernel/v7711.103399/kernel-host.html?originHost=www.thewindsorsuites.com

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01DHMCM57QMQ1RAWM4GYGH6AEG

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.226 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Accept-Language: de-DE,de;q=0.9;q=0.9
Referer: https://www.thewindsorsuites.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-mobile: ?0
sec-ch-ua-platform: "Win32"

Response headers

access-control-allow-origin: *
access-control-expose-headers: Content-Type
alt-svc: h3=":443"; ma=86400
cache-control: public, max-age=31536000
cf-cache-status: MISS
cf-ray: 884febcb98a19bc2-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 17 May 2024 01:44:13 GMT
expires: Sat, 17 May 2025 01:44:13 GMT
last-modified: Thu, 16 May 2024 16:02:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=UcH1%2BW6g0bVhaB29%2Bgeq%2BsnU8VHNwQcao9KPE1XzffZczzIOiFMB1y3uVx%2FKNp68o3K0XmDnUGCxHxTXTjUQGX9okWFIYCNZYI3MFMPIU8oujvICrU8vWIJVePV0krpTsOdGislKwg%3D%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
strict-transport-security: max-age=15552000
vary: Accept-Encoding
x-goog-generation: 1715875347903929
x-goog-hash: crc32c=cVBC3Q== md5=AuBJAWIk72xHWsLd3KWwkg==
x-goog-meta-build-version: 7711.103399
x-goog-meta-git-hash: ff96548aaa7dbf0b417133837df3772ce231a76d
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 62668
x-guploader-uploadid: ABPtcPoLMfIjx55uN5qMZY8gvHyMG5tL16QlIBteI2K-qlF7K-_9BmZcVOQVQNvdCNCC1PSc1nneR1Rh3w

GET
H2 200 main.MWNkMWZjOGNjMA.js Show response
analytics.tiktok.com/i18n/pixel/static/ 411 KB
109 KB 18ms
18ms Script
application/javascript 95.100.146.34
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkMWZjOGNjMA.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/events.js?sdkid=CNNGER3C77U7DQOIRAE0&lib=ttq
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.34 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-34.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: 4dee7b7f5bd454fc7b52f623814a23be6e9bc6b191ffb1b14a8202ce10d6813f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 1d275841
date: Fri, 17 May 2024 01:44:13 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 202405091220193F462D85468CB0D10C4E
x-tt-trace-id: 00-2405091220193F462D85468CB0D10C4E-4B242BBFD8259BF5-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a95-100-146-30.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 018befa628bf870d8d401a6bf128c41342567c2017432baf08729f0335bd26c386857a53fe124b4a8366c9a9be86ae38ae3f6cb772a74fe2c1a3c3e0018f6f6f05a9d0d03f374fd6f21d5b692ef7e979d2a8d5287a8a0ae36727c76b41582aae2c
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 111346

GET
H2 200 identify_93546.js Show response
analytics.tiktok.com/i18n/pixel/static/ 139 KB
37 KB 18ms
18ms Script
application/javascript 95.100.146.34
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/i18n/pixel/static/identify_93546.js
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkMWZjOGNjMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.34 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-34.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: a869fe8cddaf23f1ee50724c35748cefb30c697095b2cf4a231033cb8f43b4ab

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-akamai-request-id: 1d27587d
date: Fri, 17 May 2024 01:44:13 GMT
content-encoding: gzip
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server: nginx
x-tt-logid: 20240508162132A0D6B7841F621DD9E667
x-tt-trace-id: 00-240508162132A0D6B7841F621DD9E667-70C756FE34F66FC3-00
vary: Accept-Encoding
x-cache: TCP_MEM_HIT from a95-100-146-30.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=31536000, immutable
x-tt-trace-host: 018d5bc42629b6c34ba885c13b9b8763a7a344b7c14bab807f1afe93fb47cbbda60ef67d89b7473f189b504b20d03b690032a53a8fef3b3e59b323f80076339f0d90d40ae3978b4cfbeef2ad301653887b773223c76a1464aa0ffc4ff6ac332e94
server-timing: cdn-cache; desc=HIT, edge; dur=0, origin; dur=0, inner; dur=4
content-length: 37047

POST
H2 200 pixel
analytics.tiktok.com/api/v2/ 0
846 B 152ms
152ms Ping
text/plain 95.100.146.34
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkMWZjOGNjMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.34 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-34.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 555c37a.1d275899
date: Fri, 17 May 2024 01:44:13 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240517014413906C1CDC6983A009CD89-76DDD6D33EBEA9E5-00
x-cache: TCP_MISS from a95-100-146-30.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
x-parent-response-time: 127,95.100.146.30
server-timing: cdn-cache; desc=MISS, edge; dur=102, origin; dur=32, inner; dur=29
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240517014413906C1CDC6983A009CD89
x-cache-remote: TCP_MISS from a23-15-7-186.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 32,23.15.7.186
x-tt-trace-host: 01a866184f8dbbc9d5be1b57a4f37b494479034e3e05c1a78942f7403f0bf28bf7f0148a3cd4e33b9afcfec22b64c865b82b91c900f386e9c54b9b0084ff7f6f85ad96048b4877143126b6f212f07192dba95e251e7821617433bc11b4e633784b31a0c828d344a9b06976890af70abb1c
access-control-allow-headers: Authorization,*
expires: Fri, 17 May 2024 01:44:13 GMT

GET
H2 200 functions.php Show response
www.thewindsorsuites.com/ajax/ 1022 B
876 B 171ms
171ms XHR
text/html 2606:4700::6812:a353
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thewindsorsuites.com/ajax/functions.php?operation=_get_geolocation

Requested by

Host: frontend.cdn.tambourine.com
URL: https://frontend.cdn.tambourine.com/includes/symphony-components/js/v-popups.min.js?v2=66469a9b9c1cb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a353 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c8ccd8820fa038bc6d229bf72196454336450d89a6d5aee04828543722b7074

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 17 May 2024 01:44:13 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 884febccf8214d28-FRA
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 left-arrow-slider.svg
www.thewindsorsuites.com/assets/svg/ 288 B
602 B 105ms
104ms Image
image/svg+xml 2606:4700::6812:a353
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.thewindsorsuites.com/assets/svg/left-arrow-slider.svg

Requested by

Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/assets/style.css?Mo7XHU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a353 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff7af4165931c9988455e2f1b95ed2755ec2d0e50fd5d1121b029a8d7145c62b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/assets/style.css?Mo7XHU
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:13 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
last-modified: Tue, 16 May 2023 15:46:58 GMT
server: cloudflare
strict-transport-security: max-age=31536000; preload
etag: W/"6463a572-120"
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: image/svg+xml
cache-control: max-age=2592000
cf-ray: 884febcd28374d28-FRA
x-xss-protection: 1; mode=block
expires: Sun, 16 Jun 2024 01:44:13 GMT

GET
H2 200 image.aspx
6119418.global.siteimproveanalytics.io/ 34 B
149 B 77ms
7ms Image
image/gif 3.79.70.238
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6119418.global.siteimproveanalytics.io/image.aspx?url=https%3A%2F%2Fwww.thewindsorsuites.com%2F&title=Downtown%20Philadelphia%20Hotels%20%7C%20Official%20Website%20%7C%20The%20Windsor%20Suites&res=1600x1200&accountid=6119418&rt=1659&prev=e6112ce2-40f9-d80c-8ce7-47e5a4550b8f&luid=04d8fa0d-86d1-b9da-23d0-8a82d587306a&rnd=65920
Requested by: Host: www.thewindsorsuites.com
URL: https://www.thewindsorsuites.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.79.70.238 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-79-70-238.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

content-type: image/gif
date: Fri, 17 May 2024 01:44:13 GMT
cache-control: max-age=0
content-length: 34
expires: Fri, 17 May 2024 01:44:13 UTC

POST
H2 200 act
analytics.tiktok.com/api/v2/pixel/ 0
703 B 150ms
149ms Ping
text/plain 95.100.146.34
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://analytics.tiktok.com/api/v2/pixel/act
Requested by: Host: analytics.tiktok.com
URL: https://analytics.tiktok.com/i18n/pixel/static/main.MWNkMWZjOGNjMA.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 95.100.146.34 Prague, Czech Republic, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS: a95-100-146-34.deploy.static.akamaitechnologies.com
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

x-akamai-request-id: 1d275966
date: Fri, 17 May 2024 01:44:13 GMT
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
x-tt-trace-id: 00-240517014413CA875A0A418338F27F5D-304F1C7277C163C9-00
x-cache: TCP_MISS from a95-100-146-30.deploy.akamaitechnologies.com (AkamaiGHost/11.5.0.1-56208139) (-)
server-timing: inner; dur=23, cdn-cache; desc=MISS, edge; dur=12, origin; dur=122
content-length: 0
pragma: no-cache
server: nginx
x-tt-logid: 20240517014413CA875A0A418338F27F5D
access-control-allow-methods: GET,POST,PUT,PATCH,DELETE,HEAD,OPTIONS,UPDATE
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
x-origin-response-time: 122,95.100.146.30
x-tt-trace-host: 01a866184f8dbbc9d5be1b57a4f37b49440c7374f589aa6903020c076422514a2d668391ebfad112ad560e3bb8b86331f9dc07bccc56a6e5db78292e904676a469f193d96435257a4b560de2ffaf4f1e289522c6b531c74efe2cab607e8bcd371c
access-control-allow-headers: Authorization,*
expires: Fri, 17 May 2024 01:44:13 GMT

GET
H2 200 functions.php Show response
www.thewindsorsuites.com//ajax/ 70 B
569 B 166ms
166ms Fetch
text/html 2606:4700::6812:a353
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thewindsorsuites.com//ajax/functions.php?operation=_get_form_token

Requested by

Host: frontend.cdn.tambourine.com
URL: https://frontend.cdn.tambourine.com/assets/symphony.js?Mo7XHU

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a353 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

803444ea1a6df04c64f1200bda38895201a48c4b200796cb7e68602ba8598e32

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 17 May 2024 01:44:13 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 884febcdd8904d28-FRA
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK favicon.ico
2486634c787a971a3554-d983ce57e4c84901daded0f67d5a004f.ssl.cf1.rackcdn.com/the-windsor-suites/files/ 5 KB
6 KB 63ms
8ms Other
image/vnd.microsoft.icon 23.45.238.237
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://2486634c787a971a3554-d983ce57e4c84901daded0f67d5a004f.ssl.cf1.rackcdn.com/the-windsor-suites/files/favicon.ico
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.45.238.237 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-45-238-237.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 37923190cc6bcd30673f9a45b6e6ede78e8039134881dc4e2ec185959711a5d7

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

Date: Fri, 17 May 2024 01:44:13 GMT
Last-Modified: Mon, 23 Mar 2020 13:43:43 GMT
ETag: de66f111d5d5f9772b877b3dd9a53a8a
Content-Type: image/vnd.microsoft.icon
X-Timestamp: 1584971022.32229
Cache-Control: public, max-age=183438
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: tx92d3b27c15fc4de19a82b-00660a2220dfw1
Content-Length: 5430
Expires: Sun, 19 May 2024 04:41:31 GMT

GET
H2 200 eyJwYWdlIjoiaG9tZXBhZ2UiLCJpZF9wYWdlIjoyMjM5Mywic3VicGFnZSI6bnVsbCwibG9jYXRpb24iOiJob21lIiwiZ2VvIjpudWxsLCJjb3VudHJ5IjoiREUiLCJzdGF0ZSI6bnVsbCwiaHR0cFJlZmVyZXIiOiIifQ== Show response
api.tambourine.com/api/v1/symphony/popups/907/getPopupBySiteId/en/false/ 6 KB
3 KB 267ms
237ms XHR
application/json 2606:4700::6812:a253
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://api.tambourine.com/api/v1/symphony/popups/907/getPopupBySiteId/en/false/eyJwYWdlIjoiaG9tZXBhZ2UiLCJpZF9wYWdlIjoyMjM5Mywic3VicGFnZSI6bnVsbCwibG9jYXRpb24iOiJob21lIiwiZ2VvIjpudWxsLCJjb3VudHJ5IjoiREUiLCJzdGF0ZSI6bnVsbCwiaHR0cFJlZmVyZXIiOiIifQ==

Requested by

Host: frontend.cdn.tambourine.com
URL: https://frontend.cdn.tambourine.com/includes/symphony-components/js/v-popups.min.js?v2=66469a9b9c1cb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a253 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cf401ce36e1da7baacd8428d82a8beb294e0bc03f067abcf09ec89bae643c01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept: application/json, text/plain, */*
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 17 May 2024 01:44:14 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
strict-transport-security: max-age=31536000; preload
vary: Accept-Encoding
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: *
cache-control: private, must-revalidate
cf-ray: 884febce48739f3a-FRA
x-xss-protection: 1; mode=block
expires: -1

POST
H2 200 functions.php Show response
www.thewindsorsuites.com/ajax/ 0
406 B 248ms
247ms XHR
text/html 2606:4700::6812:a353
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.thewindsorsuites.com/ajax/functions.php

Requested by

Host: frontend.cdn.tambourine.com
URL: https://frontend.cdn.tambourine.com/includes/symphony-components/js/v-popups.min.js?v2=66469a9b9c1cb

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a353 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: application/x-www-form-urlencoded;charset=UTF-8
Accept: application/json, text/plain, */*
Referer: https://www.thewindsorsuites.com/
sec-ch-ua-platform: "Win32"

Response headers

pragma: no-cache
date: Fri, 17 May 2024 01:44:14 GMT
strict-transport-security: max-age=31536000; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
content-encoding: gzip
server: cloudflare
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 884febcfc9664d28-FRA
x-xss-protection: 1; mode=block
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 windsorsuites_may_31_2022_web-28-6622b883ae823.jpg
symphony.cdn.tambourine.com/the-windsor-suites/media/ 296 KB
297 KB 409ms
409ms Image
image/jpeg 2600:9000:223c:ce00:5:8193:8e40:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://symphony.cdn.tambourine.com/the-windsor-suites/media/windsorsuites_may_31_2022_web-28-6622b883ae823.jpg
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:223c:ce00:5:8193:8e40:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 39cb9bb4b20f14b1e83777d9e946c5aa472a68fe37b9d0d07c6945822d49a64f

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

x-amz-version-id: DRSz2XvLwq5OUlt7v2hTe3mbHhlRbz1x
date: Fri, 17 May 2024 01:44:15 GMT
via: 1.1 3f52d342c56014599dee37446f6c9f2e.cloudfront.net (CloudFront)
last-modified: Fri, 19 Apr 2024 18:31:33 GMT
server: AmazonS3
x-amz-cf-pop: FRA56-P2
x-amz-server-side-encryption: AES256
etag: "c337f5a225b81674af5d2829d2c15bc4"
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: image/jpeg
accept-ranges: bytes
content-length: 303049
x-amz-cf-id: 2-VQIGq0iOtpIYONovgoV71qwWZCpraHDc_Ot9PHj53OVZztDg30fQ==

GET
H3 200 vertical-booking.js Show response
onboard.triptease.io/integrations/v7711.103399/ 165 KB
52 KB 146ms
146ms Script
application/javascript 172.67.164.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/integrations/v7711.103399/vertical-booking.js

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01DHMCM57QMQ1RAWM4GYGH6AEG

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.226 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bf97dda4d5a8da083a887d75b2723b8a3de56d228c2f803a44b9bf8bb93dce2c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Origin: https://www.thewindsorsuites.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:14 GMT
strict-transport-security: max-age=15552000
content-encoding: br
cf-cache-status: MISS
x-goog-meta-git-hash: ff96548aaa7dbf0b417133837df3772ce231a76d
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-guploader-uploadid: ABPtcPo1eBPb4NvOvqx32a_DblTUcfMEa7P5CctIxey5Z38zYKs3EjtzLIR4It0hWmRxx0TRDGzfgaZJ9w
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-meta-build-version: 7711.103399
alt-svc: h3=":443"; ma=86400
last-modified: Thu, 16 May 2024 16:05:35 GMT
server: cloudflare
etag: W/"be568fe4edd246da462b5143f66c71dc"
vary: Accept-Encoding
x-goog-generation: 1715875535862705
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-goog-hash: crc32c=sUkU9w==, md5=vlaP5O3SRtpGK1FD9mxx3A==
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=AMknoPGzrdgs0Axv2vg4JgSk44Hq%2B%2BjXGkBj0DstnDMRIDLmDp2BgpDeY5aX4T8L0W%2F%2Ff2%2FqcwvMVzyA%2FdJRvqkRTU6KIlgVw2zGxYSrhqQCGni2Uhov0Ixoy%2B6kXI6qpzauKu1G3w%3D%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 168758
cf-ray: 884febd42a11902a-FRA
expires: Sat, 17 May 2025 01:44:14 GMT

GET
H3 200 identity Show response
onboard.triptease.io/ 161 B
855 B 27ms
16ms Fetch
application/json 172.67.164.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/identity

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01DHMCM57QMQ1RAWM4GYGH6AEG

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.226 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fd37755b3a84090136e33b094b78942b506d473cb93b39ce229cbbd521b1b9aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:15 GMT
strict-transport-security: max-age=15552000
content-encoding: br
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=SMxvJogUpBTplPhovvsVueYOjSMiJsLKfg2COUE9bUB3ulqNYyMZLyqYNq2Ff13Bv6BcDGHS4cR8QY8b7yTqDmiVHBfF4tmuTnq%2BRbmG6iTy1QCMDtxLYVqqOIRiIvEN4c5QFvQcig%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thewindsorsuites.com
cache-control: no-store, no-cache
access-control-allow-credentials: true
cf-ray: 884febd90e4e9195-FRA
alt-svc: h3=":443"; ma=86400

GET
H3 200 bootstrap-message-engine.js Show response
targeted-messages.triptease.io/static/ 99 KB
34 KB 64ms
22ms Script
application/javascript 172.67.164.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://targeted-messages.triptease.io/static/bootstrap-message-engine.js

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01DHMCM57QMQ1RAWM4GYGH6AEG

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.226 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

84bdfee54b101772d9a7b02a61fab63ab6f8255b7c9600cd73ffe81cc773c09a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Origin: https://www.thewindsorsuites.com
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:15 GMT
strict-transport-security: max-age=15552000
content-encoding: br
cf-cache-status: HIT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
x-goog-meta-goog-reserved-file-mtime: 1715590714
age: 81
x-guploader-uploadid: ABPtcPqzjgH4C1iax3d_fVimB_fVkx6M9V6LSUpOk4br1UCQVJPc13_3Gm_c6UC5STyy8pW4mmms21HrQw
x-goog-storage-class: STANDARD
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
alt-svc: h3=":443"; ma=86400
last-modified: Mon, 13 May 2024 08:58:37 GMT
server: cloudflare
etag: W/"fda342d917f6689b623a7b3a87c145c5"
vary: Accept-Encoding
x-goog-generation: 1715590717213771
content-type: application/javascript
access-control-allow-origin: *
x-goog-hash: crc32c=jCeswg==, md5=/aNC2Rf2aJtiOns6h8FFxQ==
access-control-expose-headers: Content-Type
cache-control: public, max-age=600
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=8T8iGVb2MnBIcAwEocDVP1JRuZxOarkCj%2BIlhriaBYLcYIS73c%2BlgSnFSw7z3KNjz21sVxCw08n8lxiO8PGGXY697MGnXY3ovpf2FM%2BvbZBhcKrDB3ru1%2FqurTI9eyH8%2F%2B2Qs4duUffPMonCwkA%2BmYs%3D"}],"group":"cf-nel","max_age":604800}
x-goog-stored-content-length: 101005
cf-ray: 884febda9b87362f-FRA
expires: Fri, 17 May 2024 01:52:54 GMT

GET storageIframe.html
targeted-messages.triptease.io/static/ Frame 8C8A 0
0

GET
H2 200 messages Show response
messages.guest-experience.triptease.io/5B1LGka/ 34 B
437 B 186ms
147ms Fetch
application/json 151.101.194.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://messages.guest-experience.triptease.io/5B1LGka/messages?language=en
Requested by: Host: targeted-messages.triptease.io
URL: https://targeted-messages.triptease.io/static/bootstrap-message-engine.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.194.133 San Francisco, United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 19768d0a9a36a10b41536d15497dd6a5f8289dad900ea45b5e20bd6d53d51327

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
sec-ch-ua-platform: "Win32"

Response headers

date: Fri, 17 May 2024 01:44:16 GMT
via: 1.1 varnish
age: 0
x-cache: MISS
x-city: aachen
content-length: 34
x-served-by: cache-fra-etou8220042-FRA
server: Google Frontend
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.thewindsorsuites.com
x-region-code: NW
x-cloud-trace-context: e3e4be93e900bc93a636b9ff1c858399
cache-control: no-cache,max-age=0
access-control-allow-credentials: true
access-control-expose-headers: X-Country-Code, X-Region-Code, X-City
tt_host: messages.guest-experience.triptease.io
accept-ranges: bytes
x-country-code: DE
x-cache-hits: 0

POST
H3 204 batch
onboard.triptease.io/message/ 0
464 B 187ms
187ms Ping
text/html 172.67.164.226
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/message/batch

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01DHMCM57QMQ1RAWM4GYGH6AEG

Protocol

Security

QUIC, , AES_128_GCM

Server

172.67.164.226 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

sec-ch-ua: "Google Chrome";v="125", "Not:A-Brand";v="8", "Chromium";v="125"
sec-ch-ua-platform: "Win32"
Referer: https://www.thewindsorsuites.com/
Accept-Language: de-DE,de;q=0.9;q=0.9
sec-ch-ua-mobile: ?0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 17 May 2024 01:44:16 GMT
strict-transport-security: max-age=15552000
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v4?s=4XcUXYbFM67u6g%2BOJ745YXV2gk4HQ3OQ12evGwEhPxcpj5wxNgOXvlUe9kxVH6Hix%2BiMFp12O6hDDkSgSnRg1Km0NB90umyYtZ0L27EcxiZUBJxnZ5ulrKsJ%2BwHo%2B0QKbaup6Ml6GA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html
access-control-allow-origin: *
x-cloud-trace-context: d31d390e321bdf9d4617066f1f290401
cf-ray: 884febde29249195-FRA
alt-svc: h3=":443"; ma=86400

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: static.sojern.com
URL: https://static.sojern.com/cip/c/27.html?f_v=cp_v3_js&p_v=1&version=5&auto_url=https%3A%2F%2Fwww.thewindsorsuites.com%2F&auto_ccid=fkl5d-yfvva-lnt19-py1ho-xgbaq&auto_ga=&e_eml=null&auto_eml=Zm9ybXNAdGFtYm91cmluZS5jb20%253D&auto_eml_count=1&auto_eml_domain=dGFtYm91cmluZS5jb20%253D&ws=1600x1200&tz=-120&hpr=The%20Windsor%20Suites&hpid=17784&pt=HOME_PAGE&et=

Domain: targeted-messages.triptease.io
URL: https://targeted-messages.triptease.io/static/storageIframe.html

Verdicts & Comments Add Verdict or Comment

174 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

10 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.thewindsorsuites.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: s35a6ns78dt87aplho37aqmlib
www.thewindsorsuites.com/	1970-01-20 21:21:42	Name: ACCEPT_WEBP Value: true
.thewindsorsuites.com/	1970-01-20 22:48:06	Name: _fbp Value: fb.1.1715910253237.398135576
.tiktok.com/	1970-01-21 06:00:06	Name: _ttp Value: 2gZfvnymuVuj6GQM6neI6p9czqX
.thewindsorsuites.com/	1970-01-21 06:00:06	Name: _tt_enable_cookie Value: 1
.thewindsorsuites.com/	1970-01-21 06:00:06	Name: _ttp Value: n2ZAh3fTSRaxFNWjxObDvKbDEDz
.thewindsorsuites.com/	1970-01-21 06:14:30	Name: nmstat Value: e6112ce2-40f9-d80c-8ce7-47e5a4550b8f
www.thewindsorsuites.com/	1970-01-20 20:48:35	Name: AWSALB Value: DpnQ3FiNVXATPV5NqhMCG7wpMXmMMfehovXGMCLdW6sQtmeRiwS3rq3wgAsjz6jjn4AF5ihysGShf82kO/PuEsyXueFDVk1x2evchxgQIReVjNmXsgqd7+V+HV2z
.triptease.io/	1970-01-21 05:24:06	Name: triptease-user-id Value: 01HY23H8X64BA4EGAVXKQ6V6ZB
.triptease.io/	1970-01-20 20:38:59	Name: triptease-session-id Value: 01HY23H8X6R8F16C08M7SXGEKE

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
other	warning	URL: https://www.thewindsorsuites.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thewindsorsuites.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thewindsorsuites.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thewindsorsuites.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thewindsorsuites.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thewindsorsuites.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thewindsorsuites.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thewindsorsuites.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.
other	warning	URL: https://www.thewindsorsuites.com/ Message: Third-party cookie will be blocked. Learn more in the Issues tab.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2486634c787a971a3554-d983ce57e4c84901daded0f67d5a004f.ssl.cf1.rackcdn.com
6119418.global.siteimproveanalytics.io
analytics.tiktok.com
api.tambourine.com
app.termly.io
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
frontend.cdn.tambourine.com
messages.guest-experience.triptease.io
onboard.triptease.io
p.relay-t.io
pagead2.googlesyndication.com
region1.google-analytics.com
siteimproveanalytics.com
static.cloudflareinsights.com
static.sojern.com
symphony.cdn.tambourine.com
targeted-messages.triptease.io
www.facebook.com
www.googletagmanager.com
www.thehotelsnetwork.com
www.thewindsorsuites.com
static.sojern.com
targeted-messages.triptease.io
104.17.24.14
104.18.31.234
142.250.181.232
151.101.194.133
157.240.0.6
172.67.164.226
188.114.97.3
2001:4860:4802:32::36
216.58.206.66
23.45.238.237
2600:9000:223c:ce00:5:8193:8e40:93a1
2600:9000:2670:a000:b:4a4a:a7c0:93a1
2600:9000:275d:c800:1d:40aa:1fc0:93a1
2606:4700::6810:4f49
2606:4700::6812:a253
2606:4700::6812:a353
2a00:1450:4001:812::200a
2a00:1450:4001:81d::2003
2a00:1450:4001:82f::2008
2a03:2880:f083:100:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
3.161.82.59
3.79.70.238
35.244.188.9
95.100.146.34
048410fac238cd52f78db8cc95cbc4225be4ade107cdb4a31dba9037e7ef9094
052e58079bc72cbc064ece64e0df1af113fbb15d92fc3aa6c42596d0d5ffed9d
0b82ed265885aa8b5a09b397dd61710b8c97b1ec3263d64d10097d4fecbffdbf
0c8ccd8820fa038bc6d229bf72196454336450d89a6d5aee04828543722b7074
0dffcbdf96ae9aaf25221fac287d4b9745505c38f31d8ff4e28d5659b9ffdb09
13abb95134934e2b6ab33036f989d3eb588ec2586fee172d534061cb29e6834a
19768d0a9a36a10b41536d15497dd6a5f8289dad900ea45b5e20bd6d53d51327
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1f6fd12d58dcc159078effc353e6bb78cf313612f5e884e50d205974cd2fb2f4
2543fe757a26030ec3216e1d1524b3232a2dbd4ce3e212f9bf858a329a3fbf92
267fb8b0b68ff9267b5515a683b613cb327c159bb7892dc91d4b975a47f62a2c
350123ff7b28e94c2c734e74f0f2cc08d8071541049efe3eb12ad92fd34036f5
37923190cc6bcd30673f9a45b6e6ede78e8039134881dc4e2ec185959711a5d7
39cb9bb4b20f14b1e83777d9e946c5aa472a68fe37b9d0d07c6945822d49a64f
3b58cb822e6503b7fd7c776dc96379e2a26c2e6fc44af829ff35dad3cf5408a9
453c5098706ad09b11184b40d51fa561a06094374a5319912cc750cb4b22757a
4dee7b7f5bd454fc7b52f623814a23be6e9bc6b191ffb1b14a8202ce10d6813f
52dc24c0429ea6ccc5b579a6da8bb79bf41e471fe5108a62009f3c2e195551c0
53e1407e686618c87e15948a2bdd7da7d5b557ae31eb3e8dd9582ce7d02433a2
5c5c3d76cb0beb426e085fa5de4bfd09dd1c73854668723b5b1d12fb1c75f67a
5d59cccc44d00ebcc305c6580a0618bfdb8b0a2477851f04831ee75be549c4de
62e77320b35dde157ec009eed57992df2252574ec22e0898e109d328608eaf94
6ffcb3d467cdd4478bdc39e9904cf3dbdc5732ab39594d8483afa0f65d919e2e
727315e88e9a715393f9513c40fb97ab63cb43e3b9f21239268238fc21924e39
7a6417e1cc4c499064b045d056c19b1e7d3bba65925b9cdc7f980da0bb648c37
803444ea1a6df04c64f1200bda38895201a48c4b200796cb7e68602ba8598e32
8036cdecb0294be6062d1b125981512fc4c04baecf0aeab919bad463a2dcc457
80d3051fc3899a4f38116e1101f7cf93669d9132cbbe7b68cc8e6afccc0ddc3f
84bdfee54b101772d9a7b02a61fab63ab6f8255b7c9600cd73ffe81cc773c09a
84e6982df43951d710d1d1a02ec4949cb1c937db98de2d88071a1bb9c54fc65b
8b50cfdd907280721a2fb9e5dfee87a06f3e0fdaf3eaa6f6e8804765ad583f01
9174c425c445377df4562ad9165ea08fdf9433a808296d7de5f619791df10e17
92482a32590ea1b73cab8dc1034edcd5d3bf2542e658d4a86c0a9689fefee9e0
97b8d8853887e84d25368fa6f7fac59a71f730e0b9b524bac989ec5eff70c9f8
98180719d020de6cc0a3a589a80a48bcfc64e4304b2e36466bcbbec7b6db2dd0
9e2b21c1ffc84d8f764a0d69ec4494d72cd762f1bb80d79b6a18dbfda88f755d
9eadb534b1beb71e8ab51de3ed4b16ab0391a0907c14a4324ab1e0fedef0921e
a869fe8cddaf23f1ee50724c35748cefb30c697095b2cf4a231033cb8f43b4ab
a97ee3ac9f80aec06bcf1bd4799471bbb85e4f539e2df372889998bbe02b913e
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
ac10f2d34c289f292c92447f3f7de5842ffaae6d2d1519129b2b42bb417f12d8
b55150420b1e46c514d7ac032fc916d506df06cf34dbfc52447275d6f96d5a3e
b9d7533f87fc6528ee30c525be959823dbde96fcfc8dfe74546faba7fa13c963
bb2f90081933c0f2475883ca2c5cfee94e96d7314a09433fffc42e37f4cffd3b
bf97dda4d5a8da083a887d75b2723b8a3de56d228c2f803a44b9bf8bb93dce2c
c298921eec0204e34f5a11747bc14d2e21712da2e335d60196815bc31b1d2ae7
c484613f17a4593458b8b888064bb24f9724e0def33823c6d7c62e7b49e8ff54
cf401ce36e1da7baacd8428d82a8beb294e0bc03f067abcf09ec89bae643c01b
d2e817d2c44b9cf45f0e45cfa351abba3203af38f5aa1c8576a2db69ebd15192
d8f9afbf492e4c139e9d2bcb9ba6ef7c14921eb509fb703bc7a3f911b774eff8
db5706dde15b08405953e01e224466778ff33168a86b33fb6efd3ab96ba79203
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e917919f9604b923a05b03b06884db478c8d574c38e0c254b6d32fae30e77885
e9c370ea9070b144ed45ff5f35c9206112dd1091326ff898f414ef8c12ec85c0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4c65cebd4aeec4d8f0699f034da0c210cdd28c69a2997599ca8cae10a696674
f50e35eed6b133c5adf2b14a6aa920dbf7384d40d0b2282b3b00670bccb48191
f603d015f6f7896610178cc043e7f627d5acd531467d6f0190340d8bdd597d92
f9122305c0f2aeb3f1d123c1be6ae4cd4bb13eff00f7f06263709d825f05507a
faea9de6034366065c9782dbf32db7aef26ac837bb1ea5c848fd0a972ab0c1aa
fd37755b3a84090136e33b094b78942b506d473cb93b39ce229cbbd521b1b9aa
ff7af4165931c9988455e2f1b95ed2755ec2d0e50fd5d1121b029a8d7145c62b

www.thewindsorsuites.com Open in urlscan Pro 2606:4700::6812:a353 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

73 Requests

96 %HTTPS

48 %IPv6

20 Domains

24 Subdomains

26 IPs

5 Countries

2378 kBTransfer

8081 kBSize

10 Cookies

22 Outgoing links

Page URL History

Redirected requests

73 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.thewindsorsuites.com Open in urlscan Pro
2606:4700::6812:a353 Public Scan

Screenshot
Live screenshot

Full Image

73
Requests

96 %
HTTPS

48 %
IPv6

20
Domains

24
Subdomains

26
IPs

5
Countries

2378 kB
Transfer

8081 kB
Size

10
Cookies

73 HTTP transactions
1 data transactions