www.sandmanhotels.com Open in urlscan Pro
2606:4700::6811:b764 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
https://us-east-2.protection.sophos.com/?d=outlook.com&u=aHR0cHM6Ly9ldXIwMy5zYWZlbGlua3MucHJvdGVjdGlvbi5vdXRsb29rLmNvbS8_dXJsPWh0dHBzJTN...
Effective URL:
https://www.sandmanhotels.com/
Submission: On May 06 via api (May 6th 2022, 8:49:45 pm UTC) from US — Scanned from DE

Summary HTTP 141 Redirects Links 15 Behaviour Indicators

Summary

This website contacted 46 IPs in 5 countries across 39 domains to perform 141 HTTP transactions. The main IP is 2606:4700::6811:b764, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.sandmanhotels.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on March 7th 2022. Valid for: a year.

This is the only time www.sandmanhotels.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	143.204.215.51 143.204.215.51	16509 (AMAZON-02) (AMAZON-02)
1 1	104.47.8.28 104.47.8.28	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	167.89.118.28 167.89.118.28	11377 (SENDGRID) (SENDGRID)
1 13	2606:4700::68... 2606:4700::6811:b764	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:812::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
7	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
2 6	2600:9000:206... 2600:9000:206f:1200:6:9280:1080:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2620:116:800d... 2620:116:800d:21:ee05:6a01:4b41:8c89	16509 (AMAZON-02) (AMAZON-02)
1	142.250.179.162 142.250.179.162	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	143.204.215.78 143.204.215.78	16509 (AMAZON-02) (AMAZON-02)
1	108.157.4.23 108.157.4.23	16509 (AMAZON-02) (AMAZON-02)
1	151.101.65.131 151.101.65.131	54113 (FASTLY) (FASTLY)
1	2620:1ec:27::... 2620:1ec:27::cafe:1586	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2	108.157.5.209 108.157.5.209	16509 (AMAZON-02) (AMAZON-02)
13	2606:4700::68... 2606:4700::6811:b664	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2600:9000:231... 2600:9000:2315:3800:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
1	3.123.206.88 3.123.206.88	16509 (AMAZON-02) (AMAZON-02)
1	104.90.191.187 104.90.191.187	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
1	65.9.63.32 65.9.63.32	16509 (AMAZON-02) (AMAZON-02)
5	20.85.30.134 20.85.30.134	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	54.171.137.8 54.171.137.8	16509 (AMAZON-02) (AMAZON-02)
20	96.16.129.171 96.16.129.171	16625 (AKAMAI-AS) (AKAMAI-AS)
1	54.69.174.156 54.69.174.156	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:206... 2600:9000:206f:ac00:16:41f8:18c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	34.120.195.249 34.120.195.249	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
3	195.244.31.25 195.244.31.25	63140 (IGUANA-WO...) (IGUANA-WORLDWIDE)
10	2a00:1450:400... 2a00:1450:4001:830::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:d6cc	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f01... 2a03:2880:f01c:216:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	2606:4700::68... 2606:4700::6811:7fab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:45b0	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:440... 2606:4700:4400::6812:21ab	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6813:9a53	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	2606:4700::68... 2606:4700::6810:5505	13335 (CLOUDFLAR...) (CLOUDFLARENET)
9	108.157.4.90 108.157.4.90	16509 (AMAZON-02) (AMAZON-02)
1 2	52.142.114.2 52.142.114.2	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2001:4860:480... 2001:4860:4802:36::36	15169 (GOOGLE) (GOOGLE)
3	216.239.32.21 216.239.32.21	15169 (GOOGLE) (GOOGLE)
2	2600:9000:231... 2600:9000:2315:a200:16:eb47:3100:93a1	16509 (AMAZON-02) (AMAZON-02)
141	46

1 143.204.215.51 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-51.fra53.r.cloudfront.net

us-east-2.protection.sophos.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.47.8.28 (Amsterdam, Netherlands) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

eur03.safelinks.protection.outlook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 167.89.118.28 (Las Vegas, United States) 2 redirects

ASN11377 (SENDGRID, US)
PTR: o16789118x28.outbound-mail.sendgrid.net

u3798611.ct.sendgrid.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6811:b764 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.sandmanhotels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cdn.galaxy.tf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:812::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:206f:1200:6:9280:1080:93a1 (United States) 2 redirects

ASN16509 (AMAZON-02, US)

s.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:ee05:6a01:4b41:8c89 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.179.162 (United States)

ASN15169 (GOOGLE, US)
PTR: ams15s41-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 143.204.215.78 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-215-78.fra53.r.cloudfront.net

sleeknotecustomerscripts.sleeknote.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-23.dus51.r.cloudfront.net

js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.65.131 (United States)

ASN54113 (FASTLY, US)

018e94e1202b42a58806dbbe702ec82f.js.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:27::cafe:1586 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 108.157.5.209 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-5-209.dus51.r.cloudfront.net

cdn.segment.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

13 2606:4700::6811:b664 (United States)

ASN13335 (CLOUDFLARENET, US)

image-tc.galaxy.tf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2315:3800:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.123.206.88 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-3-123-206-88.eu-central-1.compute.amazonaws.com

api-js.datadome.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.90.191.187 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-191-187.deploy.static.akamaitechnologies.com

tcgms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.63.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-63-32.fra56.r.cloudfront.net

assets.ubembed.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 20.85.30.134 (Boydton, United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

j.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.171.137.8 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-171-137-8.eu-west-1.compute.amazonaws.com

d.adroll.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 96.16.129.171 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a96-16-129-171.deploy.static.akamaitechnologies.com

www.tcgms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
images.zmaildirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.69.174.156 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-69-174-156.us-west-2.compute.amazonaws.com

api.segment.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:206f:ac00:16:41f8:18c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.tsa-db.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.120.195.249 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 249.195.120.34.bc.googleusercontent.com

o478535.ingest.sentry.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 195.244.31.25 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
PTR: xo7-viplb-01-new.ny.ig-1.net

dynamic.travelclick-websolutions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:830::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:d6cc (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-scripts.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:216:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:7fab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hscollectedforms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:45b0 (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-analytics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:4400::6812:21ab (United States)

ASN13335 (CLOUDFLARENET, US)

js.hs-banner.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6813:9a53 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
track.hubspot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6810:5505 (United States)

ASN13335 (CLOUDFLARENET, US)

forms.hsforms.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 108.157.4.90 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-90.dus51.r.cloudfront.net

sleeknotestaticcontent.sleeknote.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.142.114.2 (Dublin, Ireland) 1 redirects

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:36::36 (United States)

ASN15169 (GOOGLE, US)

us-central1-mimir-181311.cloudfunctions.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 216.239.32.21 (United States)

ASN15169 (GOOGLE, US)
PTR: any-in-2015.1e100.net

analytics.sleeknote.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:2315:a200:16:eb47:3100:93a1 (United States)

ASN16509 (AMAZON-02, US)

images.sleeknote.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
20	tcgms.net tcgms.net — Cisco Umbrella Rank: 66993 www.tcgms.net — Cisco Umbrella Rank: 89276	302 KB
15	sleeknote.com sleeknotecustomerscripts.sleeknote.com — Cisco Umbrella Rank: 23016 sleeknotestaticcontent.sleeknote.com — Cisco Umbrella Rank: 26775 analytics.sleeknote.com — Cisco Umbrella Rank: 30367 images.sleeknote.com — Cisco Umbrella Rank: 118795	102 KB
14	galaxy.tf image-tc.galaxy.tf — Cisco Umbrella Rank: 145710 cdn.galaxy.tf — Cisco Umbrella Rank: 167602	695 KB
12	sandmanhotels.com 1 redirects www.sandmanhotels.com	1 MB
10	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 101	20 KB
8	clarity.ms 1 redirects www.clarity.ms — Cisco Umbrella Rank: 1591 j.clarity.ms — Cisco Umbrella Rank: 2780 c.clarity.ms — Cisco Umbrella Rank: 926	25 KB
7	adroll.com 2 redirects s.adroll.com — Cisco Umbrella Rank: 3525 d.adroll.com — Cisco Umbrella Rank: 2453	20 KB
7	gstatic.com fonts.gstatic.com	104 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 111	3 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 605 c.bing.com — Cisco Umbrella Rank: 379	12 KB
3	travelclick-websolutions.com dynamic.travelclick-websolutions.com — Cisco Umbrella Rank: 189384	13 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 142	187 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 100	388 B
2	hubspot.com forms.hubspot.com — Cisco Umbrella Rank: 5463 track.hubspot.com — Cisco Umbrella Rank: 4194	2 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 195	114 KB
2	sentry.io o478535.ingest.sentry.io — Cisco Umbrella Rank: 205387	346 B
2	tsa-db.com api.tsa-db.com — Cisco Umbrella Rank: 89893	1 KB
2	google.de www.google.de — Cisco Umbrella Rank: 3632	611 B
2	google.com www.google.com — Cisco Umbrella Rank: 20	611 B
2	doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 65 stats.g.doubleclick.net — Cisco Umbrella Rank: 175	2 KB
2	segment.com cdn.segment.com — Cisco Umbrella Rank: 2604	26 KB
2	ubembed.com 018e94e1202b42a58806dbbe702ec82f.js.ubembed.com assets.ubembed.com — Cisco Umbrella Rank: 14326	48 KB
2	datadome.co js.datadome.co — Cisco Umbrella Rank: 8912 api-js.datadome.co — Cisco Umbrella Rank: 8378	47 KB
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1338 pixel.quantserve.com — Cisco Umbrella Rank: 653	10 KB
2	sendgrid.net 2 redirects u3798611.ct.sendgrid.net	785 B
1	cloudfunctions.net us-central1-mimir-181311.cloudfunctions.net	462 B
1	hsforms.com forms.hsforms.com — Cisco Umbrella Rank: 7740	516 B
1	hs-banner.com js.hs-banner.com — Cisco Umbrella Rank: 4045	16 KB
1	hs-analytics.net js.hs-analytics.net — Cisco Umbrella Rank: 4062	20 KB
1	hscollectedforms.net js.hscollectedforms.net — Cisco Umbrella Rank: 8436	25 KB
1	zmaildirect.com images.zmaildirect.com — Cisco Umbrella Rank: 279692	3 KB
1	hs-scripts.com js.hs-scripts.com — Cisco Umbrella Rank: 4381	968 B
1	segment.io api.segment.io — Cisco Umbrella Rank: 1239	178 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1160	1 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 126	15 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 341	6 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 2150	39 KB
1	outlook.com 1 redirects eur03.safelinks.protection.outlook.com — Cisco Umbrella Rank: 127250	1 KB
1	sophos.com 1 redirects us-east-2.protection.sophos.com — Cisco Umbrella Rank: 155178	1 KB
141	39

	Domain	Requested by
19	www.tcgms.net	tcgms.net www.tcgms.net
13	image-tc.galaxy.tf	www.sandmanhotels.com
12	www.sandmanhotels.com	1 redirects www.sandmanhotels.com js.datadome.co
10	www.google-analytics.com	www.googletagmanager.com www.sandmanhotels.com
9	sleeknotestaticcontent.sleeknote.com	sleeknotecustomerscripts.sleeknote.com sleeknotestaticcontent.sleeknote.com
7	fonts.gstatic.com	fonts.googleapis.com
6	s.adroll.com	2 redirects www.googletagmanager.com www.sandmanhotels.com s.adroll.com
5	j.clarity.ms	www.clarity.ms j.clarity.ms www.sandmanhotels.com
5	fonts.googleapis.com	www.sandmanhotels.com sleeknotestaticcontent.sleeknote.com
3	analytics.sleeknote.com
3	dynamic.travelclick-websolutions.com	www.sandmanhotels.com
3	bat.bing.com	www.googletagmanager.com bat.bing.com www.sandmanhotels.com
3	www.googletagmanager.com	www.sandmanhotels.com www.googletagmanager.com
2	images.sleeknote.com	js.datadome.co sleeknotestaticcontent.sleeknote.com
2	c.clarity.ms	1 redirects
2	www.facebook.com	www.sandmanhotels.com
2	connect.facebook.net	www.sandmanhotels.com connect.facebook.net
2	o478535.ingest.sentry.io	www.sandmanhotels.com
2	api.tsa-db.com	www.sandmanhotels.com
2	www.google.de	www.sandmanhotels.com
2	www.google.com	www.sandmanhotels.com
2	cdn.segment.com	www.sandmanhotels.com cdn.segment.com
2	u3798611.ct.sendgrid.net	2 redirects
1	us-central1-mimir-181311.cloudfunctions.net	sleeknotestaticcontent.sleeknote.com
1	track.hubspot.com
1	c.bing.com	1 redirects
1	forms.hsforms.com	www.sandmanhotels.com
1	forms.hubspot.com	www.sandmanhotels.com
1	js.hs-banner.com	js.hs-scripts.com
1	js.hs-analytics.net	js.hs-scripts.com
1	js.hscollectedforms.net	js.hs-scripts.com
1	stats.g.doubleclick.net	www.sandmanhotels.com
1	images.zmaildirect.com	tcgms.net
1	js.hs-scripts.com	www.googletagmanager.com
1	api.segment.io	js.datadome.co
1	d.adroll.com	s.adroll.com
1	assets.ubembed.com	018e94e1202b42a58806dbbe702ec82f.js.ubembed.com
1	pixel.quantserve.com	www.sandmanhotels.com
1	tcgms.net	www.sandmanhotels.com
1	api-js.datadome.co	js.datadome.co
1	googleads.g.doubleclick.net	www.googleadservices.com
1	rules.quantcount.com	secure.quantserve.com
1	cdn.galaxy.tf	www.sandmanhotels.com
1	www.clarity.ms	www.sandmanhotels.com
1	018e94e1202b42a58806dbbe702ec82f.js.ubembed.com	www.googletagmanager.com
1	js.datadome.co	www.sandmanhotels.com
1	sleeknotecustomerscripts.sleeknote.com	www.sandmanhotels.com
1	www.googleadservices.com	www.googletagmanager.com
1	secure.quantserve.com	www.googletagmanager.com
1	cdnjs.cloudflare.com	www.sandmanhotels.com
1	www.googleoptimize.com	www.sandmanhotels.com
1	eur03.safelinks.protection.outlook.com	1 redirects
1	us-east-2.protection.sophos.com	1 redirects
141	53

This site contains links to these domains. Also see Links.

Domain
www.sandmansignature.co.uk
s3.amazonaws.com
reservations.travelclick.com
www.rsvprewards.com
www.facebook.com
twitter.com
www.instagram.com
www.tiktok.com
northland.ca

Subject Issuer	Validity	Valid
www.sandmanhotels.com Cloudflare Inc ECC CA-3	`2022-03-07` - `2023-03-07`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-09-21` - `2022-09-20`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
s.adroll.com Amazon	`2021-08-02` - `2022-08-31`	a year	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2021-09-22` - `2022-09-21`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-03-16` - `2022-09-16`	6 months	crt.sh
*.sleeknote.com Amazon	`2022-01-18` - `2023-02-14`	a year	crt.sh
*.datadome.co Gandi Standard SSL CA 2	`2021-10-12` - `2022-10-21`	a year	crt.sh
*.js.ubembed.com GlobalSign Atlas R3 DV TLS CA H2 2021	`2022-01-04` - `2023-02-05`	a year	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
*.segment.com Amazon	`2022-01-12` - `2023-02-10`	a year	crt.sh
image-tc.galaxy.tf Cloudflare Inc ECC CA-3	`2021-07-09` - `2022-07-08`	a year	crt.sh
cdn.galaxy.tf Cloudflare Inc ECC CA-3	`2022-05-06` - `2023-05-06`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
secure.tcgms.net R3	`2022-04-28` - `2022-07-27`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
assets.ubembed.com Amazon	`2022-02-04` - `2023-03-05`	a year	crt.sh
a.clarity.ms Microsoft RSA TLS CA 01	`2021-07-27` - `2022-07-27`	a year	crt.sh
adroll.mgr.consensu.org Amazon	`2021-09-09` - `2022-10-08`	a year	crt.sh
*.segment.io Amazon	`2022-02-10` - `2023-03-11`	a year	crt.sh
*.tsa-db.com Amazon	`2022-03-30` - `2023-04-28`	a year	crt.sh
*.ingest.sentry.io R3	`2022-04-22` - `2022-07-21`	3 months	crt.sh
*.travelclick-websolutions.com Gandi Standard SSL CA 2	`2021-07-02` - `2022-07-08`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-02-13` - `2022-05-14`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
hubspot.com Cloudflare Inc ECC CA-3	`2022-03-08` - `2023-03-07`	a year	crt.sh
misc.google.com GTS CA 1C3	`2022-04-18` - `2022-07-11`	3 months	crt.sh
analytics.sleeknote.com GTS CA 1D4	`2022-03-29` - `2022-06-27`	3 months	crt.sh
ik.imagekit.io R3	`2022-04-23` - `2022-07-22`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.sandmanhotels.com/
Frame ID: 7A35FD25D047AD92C49950B1C8E74139
Requests: 111 HTTP requests in this frame

Frame: https://tcgms.net/app/new/NTE4NDE0NDAzNw?languageCode=df
Frame ID: 8D33677CC88A86E15806C3CBA604974B
Requests: 22 HTTP requests in this frame

Frame: https://us-central1-mimir-181311.cloudfunctions.net/get_ip
Frame ID: 030E34427600BE53271222C32DBAE1B3
Requests: 6 HTTP requests in this frame

Frame: blob://https://www.sandmanhotels.com/49c7a7f9-8f45-4cab-8d30-0d0bb6bc89f8
Frame ID: 9B4AA0FF3FEADB852A64466618518A9E
Requests: 4 HTTP requests in this frame

Frame: blob://https://www.sandmanhotels.com/36fa0416-fac7-4195-93f2-a4ba52abbbce
Frame ID: D0E591CEF7D0C8A74B530F1EAC7E49D8
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Sandman Hotel Group | Hotels in Canada, UK & USAarrow-rightarrow-leftarrow-bottomarrow-topcalendarphonewebsitedownload-arrowfacebooktwittergoogle-plusupload

Page URL History Show full URLs

https://us-east-2.protection.sophos.com/?d=outlook.com&u=aHR0cHM6Ly9ldXIwMy5zYWZlbGlua3MucHJvdGVjdGlvbi5vdXRsb29rLmN... HTTP 302
https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fu3798611.ct.sendgrid.net%2Fwf%2Fclick%3Fupn%3DQjlincAGPP4... HTTP 302
https://u3798611.ct.sendgrid.net/wf/click?upn=QjlincAGPP4pO99hsR9Ug2ZRrKdzVQ7UAa9oxqFeX2WI4lMMxTcQQynvRa02FY9... HTTP 302
https://u3798611.ct.sendgrid.net/wf/click?upn=tq7SP7xinzUQj-2BJbYCisU9lOgQswlX6rDtY8JOXMo-2FjlBsVAqsXYspis8lT... HTTP 302
http://www.sandmanhotels.com/ HTTP 301
https://www.sandmanhotels.com/ Page URL

Detected technologies

Unbounce (Editors) Expand

Overall confidence: 100%
Detected patterns

ubembed\.com

AdRoll (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

(?:a|s)\.adroll\.com

Datadome (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

HubSpot Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

js\.hs-analytics\.net/analytics

Osano (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

cookieconsent\.min\.js

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

Segment (Analytics) Expand

Overall confidence: 100%
Detected patterns

cdn\.segment\.com/analytics\.js

TrackJs (Analytics) Expand

Overall confidence: 100%
Detected patterns

tracker\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

141
Requests

96 %
HTTPS

58 %
IPv6

39
Domains

53
Subdomains

46
IPs

5
Countries

2951 kB
Transfer

10590 kB
Size

32
Cookies

15 Outgoing links

These are links going to different origins than the main page.

URL: https://www.sandmansignature.co.uk/
Title: United Kingdom

Search URL Search Domain Scan URL

URL: https://s3.amazonaws.com/media.sandmanhotels.com/SHG/Sandman-Hotel-Group-Amenity-Tracker.pdf
Title: Amenity Tracker

Search URL Search Domain Scan URL

URL: https://reservations.travelclick.com/113155?HotelId=113155&languageid=1&rooms=1&adults=2
Title: Book now opens in a new tab

Search URL Search Domain Scan URL

URL: https://reservations.travelclick.com/113066?HotelId=113066&languageid=1&rooms=1&adults=2
Title: Book now opens in a new tab

Search URL Search Domain Scan URL

URL: https://reservations.travelclick.com/113179?HotelId=113179&languageid=1&rooms=1&adults=2
Title: Book now opens in a new tab

Search URL Search Domain Scan URL

URL: https://reservations.travelclick.com/113139?HotelId=113139&languageid=1&rooms=1&adults=2
Title: Book now opens in a new tab

Search URL Search Domain Scan URL

URL: https://reservations.travelclick.com/113056?HotelId=113056&languageid=1&rooms=1&adults=2
Title: Book now opens in a new tab

Search URL Search Domain Scan URL

URL: https://reservations.travelclick.com/113151?HotelId=113151&languageid=1&rooms=1&adults=2
Title: Book now opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.rsvprewards.com/
Title: RSVP Rewards Sign In opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.rsvprewards.com/sign-up
Title: Sign Up for RSVP Rewards opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.facebook.com/SandmanHotelGroup

Search URL Search Domain Scan URL

URL: https://twitter.com/sandmanhotels

Search URL Search Domain Scan URL

URL: https://www.instagram.com/sandmanhotels/

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@sandmanhotelgroup

Search URL Search Domain Scan URL

URL: https://northland.ca/
Title: A Northland Properties Company

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

https://us-east-2.protection.sophos.com/?d=outlook.com&u=aHR0cHM6Ly9ldXIwMy5zYWZlbGlua3MucHJvdGVjdGlvbi5vdXRsb29rLmNvbS8_dXJsPWh0dHBzJTNBJTJGJTJGdTM3OTg2MTEuY3Quc2VuZGdyaWQubmV0JTJGd2YlMkZjbGljayUzRnVwbiUzRFFqbGluY0FHUFA0cE85OWhzUjlVZzJaUnJLZHpWUTdVQWE5b3hxRmVYMldJNGxNTXhUY1FReW52UmEwMkZZOU5heUgxZmpSd3dxUEhhN1B4NGRBbVZHNU9SMUp6UEQzaW8zaktncDFwMC0yQmZCUGlMZ3hPQXYyamk3NWRGTnpudFZOM3VCc2x3QnZBNGRRQWkweXVKMXF2UW9jVmN3WVllUDMzTWxidGU0bXZoVjMtMkZFYm9KZFAtMkJ6dUszMFctMkZITjFBeW5UV0pmZnFzZnI3S3libzl3aHFJQ29UVU5najVPa2RuTGYtMkY0MGJJampJQTFkWThhYXBWYUZPLTJGbFRQT0d6Vy0yQnJoNHV0NXY5U1psRUdEZjM5eVh2WjRBSGpRWVMyMVh2Y3pXSjJGLTJCWmotMkZscjY3bUhJYWNmSjU2V2V1OEtzc01zeUsxUVJubXFiamplRzMyNnp2VGh2by0yRlItMkJ6T3dGajcwNTV5ZUlUUVc4aEY5emF3WUduOWFNdTlBdHBrNGlqc01KUzdJUS0yRlh5UUhCUHIwT0g4RlluNEloc3J2Z2hhUzB4NEtJcEZ6anB4QnVvMFktMkYxRzBpbEdUUFExYldNQ1R1TjVoZ2EzREtWODVCaW1KS3N6T05uMGQzd21MTmZnakZERVBlcWlERU9SbmMtM0RfVTd6N29TcVJNU3dkbDJyWXQ5Sko0NHdpOWR4ZC0yRmtBcHNXeTlyZlFLVzJBUHlycnJOVHF1SmFaRHd4WjJrNEs2NWw3aWpDQjBxNnJnTDdTRkJ6amJPRS0yRnhtUk1mYlpwREdzSzRlWWJiSWwzMkRNckYzQ3ctMkJ0TjVWZ3VWai0yQnd6cy0yQkJKbUNYWG9kOHhoUEROOVFkejh2dUtDcXZnR1B2eFM5SWZXY1BmaC0yQll4N0ZTaHFjOHV4TnczZWdVaFdxT0ktMkZQSm9tTGJ5SXAwa0M3aXI4d0lualVqUlJNMmNsUWg4NU9lakd6V2NsZDJUdXo0NnYzTVp4VUxmWTBiejhTWkJSJmRhdGE9MDQlN0MwMSU3Q01hcnRpbi5DYXJkaW5hbCU0MHRodWxlLmNvbSU3QzU1ZThjZWRhMmVkZTQ0MmE5MDFkMDhkOTA2NWE4ZWI3JTdDNjU4MzBjY2I3NDllNGNlMjk4ODdhNjA0ZWQ0ZDc4MmUlN0MxJTdDMCU3QzYzNzU0NzgwODUzODQ1ODc4MyU3Q1Vua25vd24lN0NUV0ZwYkdac2IzZDhleUpXSWpvaU1DNHdMakF3TURBaUxDSlFJam9pVjJsdU16SWlMQ0pCVGlJNklrMWhhV3dpTENKWFZDSTZNbjAlM0QlN0MxMDAwJnNkYXRhPWJvekpPR3dOVnZTZ0YxVTRXNGZyOUFjMGxpTFJwaTFXbzRFcjlyaGZrJTJCcyUzRCZyZXNlcnZlZD0w&i=NWU1ODYzMzJkMmIxYjcxNjljNTUzNGI0&t=YnhNMjY5ZVFKblNwQllxdHdhSjBqL2YzTDhjUlQ1MzBLbCtsWWF0MEtHWT0=&h=2a5f564835214f198ccb00a03c52212b HTTP 302
https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fu3798611.ct.sendgrid.net%2Fwf%2Fclick%3Fupn%3DQjlincAGPP4pO99hsR9Ug2ZRrKdzVQ7UAa9oxqFeX2WI4lMMxTcQQynvRa02FY9NayH1fjRwwqPHa7Px4dAmVG5OR1JzPD3io3jKgp1p0-2BfBPiLgxOAv2ji75dFNzntVN3uBslwBvA4dQAi0yuJ1qvQocVcwYYeP33Mlbte4mvhV3-2FEboJdP-2BzuK30W-2FHN1AynTWJffqsfr7Kybo9whqICoTUNgj5OkdnLf-2F40bIjjIA1dY8aapVaFO-2FlTPOGzW-2Brh4ut5v9SZlEGDf39yXvZ4AHjQYS21XvczWJ2F-2BZj-2Flr67mHIacfJ56Weu8KssMsyK1QRnmqbjjeG326zvThvo-2FR-2BzOwFj7055yeITQW8hF9zawYGn9aMu9Atpk4ijsMJS7IQ-2FXyQHBPr0OH8FYn4IhsrvghaS0x4KIpFzjpxBuo0Y-2F1G0ilGTPQ1bWMCTuN5hga3DKV85BimJKszONn0d3wmLNfgjFDEPeqiDEORnc-3D_U7z7oSqRMSwdl2rYt9JJ44wi9dxd-2FkApsWy9rfQKW2APyrrrNTquJaZDwxZ2k4K65l7ijCB0q6rgL7SFBzjbOE-2FxmRMfbZpDGsK4eYbbIl32DMrF3Cw-2BtN5VguVj-2Bwzs-2BBJmCXXod8xhPDN9Qdz8vuKCqvgGPvxS9IfWcPfh-2BYx7FShqc8uxNw3egUhWqOI-2FPJomLbyIp0kC7ir8wInjUjRRM2clQh85OejGzWcld2Tuz46v3MZxULfY0bz8SZBR&data=04%7C01%7CMartin.Cardinal%40thule.com%7C55e8ceda2ede442a901d08d9065a8eb7%7C65830ccb749e4ce29887a604ed4d782e%7C1%7C0%7C637547808538458783%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C1000&sdata=bozJOGwNVvSgF1U4W4fr9Ac0liLRpi1Wo4Er9rhfk%2Bs%3D&reserved=0 HTTP 302
https://u3798611.ct.sendgrid.net/wf/click?upn=QjlincAGPP4pO99hsR9Ug2ZRrKdzVQ7UAa9oxqFeX2WI4lMMxTcQQynvRa02FY9NayH1fjRwwqPHa7Px4dAmVG5OR1JzPD3io3jKgp1p0-2BfBPiLgxOAv2ji75dFNzntVN3uBslwBvA4dQAi0yuJ1qvQocVcwYYeP33Mlbte4mvhV3-2FEboJdP-2BzuK30W-2FHN1AynTWJffqsfr7Kybo9whqICoTUNgj5OkdnLf-2F40bIjjIA1dY8aapVaFO-2FlTPOGzW-2Brh4ut5v9SZlEGDf39yXvZ4AHjQYS21XvczWJ2F-2BZj-2Flr67mHIacfJ56Weu8KssMsyK1QRnmqbjjeG326zvThvo-2FR-2BzOwFj7055yeITQW8hF9zawYGn9aMu9Atpk4ijsMJS7IQ-2FXyQHBPr0OH8FYn4IhsrvghaS0x4KIpFzjpxBuo0Y-2F1G0ilGTPQ1bWMCTuN5hga3DKV85BimJKszONn0d3wmLNfgjFDEPeqiDEORnc-3D_U7z7oSqRMSwdl2rYt9JJ44wi9dxd-2FkApsWy9rfQKW2APyrrrNTquJaZDwxZ2k4K65l7ijCB0q6rgL7SFBzjbOE-2FxmRMfbZpDGsK4eYbbIl32DMrF3Cw-2BtN5VguVj-2Bwzs-2BBJmCXXod8xhPDN9Qdz8vuKCqvgGPvxS9IfWcPfh-2BYx7FShqc8uxNw3egUhWqOI-2FPJomLbyIp0kC7ir8wInjUjRRM2clQh85OejGzWcld2Tuz46v3MZxULfY0bz8SZBR HTTP 302
https://u3798611.ct.sendgrid.net/wf/click?upn=tq7SP7xinzUQj-2BJbYCisU9lOgQswlX6rDtY8JOXMo-2FjlBsVAqsXYspis8lTzEIBU_oOwCvYUEL-2FEEaJQU5mIgtu61ZucAUoFT-2FsPIEmdI-2F5IlpSbb0nEVvPB8tAekxk29k7A9uTtdujVycpLbj81V6pM32VHy-2F0YC0c5O6Gd-2B0irIdsIEUXyMdCjQJpm7ueM7T3YARNH1mGHROM3pv4bQX163T6h9wp9EmCCaX3nHaX-2BL4qdL2XXjBVRCYdR-2B7mz7POCuXG0pVQIOZLB5ljpPTg-3D-3D HTTP 302
http://www.sandmanhotels.com/ HTTP 301
https://www.sandmanhotels.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://s.adroll.com/j/exp/6GB62NWDQJCHRAOLIVXEEB/index.js HTTP 302
https://s.adroll.com/j/exp/index.js

Request Chain 31

https://s.adroll.com/j/pre/6GB62NWDQJCHRAOLIVXEEB/YQATWS6U4NAOLKOAMWDWW6/fpconsent.js HTTP 302
https://s.adroll.com/j/pre/index.js

Request Chain 110

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=9CBF93CCD46C4765B9A5B0478D8FFF13&RedC=c.clarity.ms&MXFR=20EC37F6B96E68B20413266ABD6E66EE HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=9CBF93CCD46C4765B9A5B0478D8FFF13&MUID=20D1DB7D6C9C647B1FC9CAE16DF765DA

141 HTTP transactions
6 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.sandmanhotels.com/
Redirect Chain

https://us-east-2.protection.sophos.com/?d=outlook.com&u=aHR0cHM6Ly9ldXIwMy5zYWZlbGlua3MucHJvdGVjdGlvbi5vdXRsb29rLmNvbS8_dXJsPWh0dHBzJTNBJTJGJTJGdTM3OTg2MTEuY3Quc2VuZGdyaWQubmV0JTJGd2YlMkZjbGljayUz...
https://eur03.safelinks.protection.outlook.com/?url=https%3A%2F%2Fu3798611.ct.sendgrid.net%2Fwf%2Fclick%3Fupn%3DQjlincAGPP4pO99hsR9Ug2ZRrKdzVQ7UAa9oxqFeX2WI4lMMxTcQQynvRa02FY9NayH1fjRwwqPHa7Px4dAmV...
https://u3798611.ct.sendgrid.net/wf/click?upn=QjlincAGPP4pO99hsR9Ug2ZRrKdzVQ7UAa9oxqFeX2WI4lMMxTcQQynvRa02FY9NayH1fjRwwqPHa7Px4dAmVG5OR1JzPD3io3jKgp1p0-2BfBPiLgxOAv2ji75dFNzntVN3uBslwBvA4dQAi0yuJ1q...
https://u3798611.ct.sendgrid.net/wf/click?upn=tq7SP7xinzUQj-2BJbYCisU9lOgQswlX6rDtY8JOXMo-2FjlBsVAqsXYspis8lTzEIBU_oOwCvYUEL-2FEEaJQU5mIgtu61ZucAUoFT-2FsPIEmdI-2F5IlpSbb0nEVvPB8tAekxk29k7A9uTtdujVy...
http://www.sandmanhotels.com/
https://www.sandmanhotels.com/

173 KB
24 KB

63ms
30ms

Document
text/html

2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandmanhotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

55cd8e244af5480a7e11cc83919432679a3b40c933ce2b82820967ec326e09a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 4836
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=1200
cf-cache-status: HIT
cf-ray: 7074955c0fea01db-ZRH
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 06 May 2022 20:49:36 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Fri, 06 May 2022 21:09:36 GMT
last-modified: Fri, 06 May 2022 18:02:12 GMT
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 a70d280cd058ea89c08954ea0ad67198.cloudfront.net (CloudFront)
x-amz-cf-id: DTDDarBFa1BJn3-DcaD4fgklZyG-qJb-ioUuiRvJMDzxhv6W0yR40g==
x-amz-cf-pop: ZRH50-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

CF-RAY: 7074955bacf1cc5a-ZRH
Cache-Control: max-age=3600
Connection: keep-alive
Date: Fri, 06 May 2022 20:49:36 GMT
Expires: Fri, 06 May 2022 21:49:36 GMT
Location: https://www.sandmanhotels.com/
Server: cloudflare
Transfer-Encoding: chunked
Vary: Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 css
fonts.googleapis.com/ 9 KB
864 B 38ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,700,700i&display=swap&subset=latin,latin-ext

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

5bbd805efda570be0caecdf026a1c45eabf4cbfb01c2de8f8412a5f3edf05622

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 06 May 2022 20:49:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 06 May 2022 20:49:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 May 2022 20:49:36 GMT

GET
H2 200 css
fonts.googleapis.com/ 7 KB
1 KB 37ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Montserrat:400,400i,700,700i&display=swap&subset=latin,latin-ext

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

a5a5dbca8cba9ddea0bec1b7e4ed5a20cd8c0c93208fb9b5d2995c6fe1bf9311

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 06 May 2022 20:49:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 06 May 2022 20:49:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 May 2022 20:49:36 GMT

GET
H2 400 css
fonts.googleapis.com/ 0
0 38ms
17ms Stylesheet
text/html 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://fonts.googleapis.com/css?family=null:400,400i,700,700i&display=swap&subset=latin,latin-ext
Requested by: Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

GET
H2 200 main.css
www.sandmanhotels.com/css/custom/3591/1/e3ac6cd7949cc3eff51a6b984ca5b398/ 624 KB
90 KB 34ms
33ms Stylesheet
text/css 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandmanhotels.com/css/custom/3591/1/e3ac6cd7949cc3eff51a6b984ca5b398/main.css

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d74587150b9c2a07bd325b525be524859dc3aa5eaa4079ed3bb05a41eb629dfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:36 GMT
via: 1.1 03b8fedec120c9a0833a57a86eae03ae.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4836
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 06 May 2022 18:02:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"e1f2f81a97940d14e9fc60402e92e2d2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
cf-ray: 7074955c686c01db-ZRH
x-amz-cf-id: 5GGHi15V8bMEQNwTko9HgYgSNAHwdMdlmIChZ3etEnX_J_4KQZ1Jhw==
expires: Sat, 06 May 2023 20:49:36 GMT

GET
H3 200 css2
fonts.googleapis.com/ 4 KB
510 B 30ms
16ms Stylesheet
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Aleo:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e7561c30eff46edfa75cc5eb479d2779dab1e208f4acb4bac01db81a076066a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 06 May 2022 20:49:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 06 May 2022 20:49:36 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 May 2022 20:49:36 GMT

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 101 KB
39 KB 74ms
26ms Script
application/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=OPT-MHDPHXD

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0b01eaae8bb1f2e4f27101d208ee5a4b1db7a795f9d09f1bb31b43d136ba7dd3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39860
x-xss-protection: 0
last-modified: Fri, 06 May 2022 19:43:02 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 May 2022 20:49:36 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 187 KB
58 KB 45ms
24ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

0ba6455dd88365aef64744a1f435fc2628b2eedada0d395380c6a3405b2cb3d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 58432
x-xss-protection: 0
last-modified: Fri, 06 May 2022 19:43:02 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 May 2022 20:49:36 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 279 KB
81 KB 58ms
37ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-56G27K

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

953e2105961ea1f1f4aa7c593534c4fc734d3a7fb35c6279b18d0b7062337276

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:36 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 83027
x-xss-protection: 0
last-modified: Fri, 06 May 2022 19:43:02 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 May 2022 20:49:36 GMT

GET
H3 200 api.js Show response
www.sandmanhotels.com/cdn-cgi/bm/cv/669835187/ 35 KB
9 KB 19ms
19ms Script
text/javascript 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandmanhotels.com/cdn-cgi/bm/cv/669835187/api.js

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript
cache-control: max-age=604800, public
cf-ray: 7074955d8b8601f4-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 svg-icons.svg
www.sandmanhotels.com/integration/tc-theme/public/svg/ 58 KB
18 KB 49ms
48ms Image
image/svg+xml 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.sandmanhotels.com/integration/tc-theme/public/svg/svg-icons.svg

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cda5bb1c5d67490ae072dc404a371abf6303f8659198ff96c306670f094e5f7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:36 GMT
via: 1.1 a70d280cd058ea89c08954ea0ad67198.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4836
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 09 Mar 2022 20:10:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"833e4797978f9a96db77e8bf3e9f5039"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
cf-ray: 7074955d8b8801f4-ZRH
x-amz-meta-md5chksum: gz5Hl5ePmpbbd+i/Pp9QOQ==
x-amz-cf-id: 3tF0_xz5fGC0SZkH6z-GM3AUgH4uqNwtUQGCW1qYO1wr15BpQ9GTtg==
expires: Sat, 06 May 2023 20:49:36 GMT

GET
H2 200 cookieconsent.min.js Show response
cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/ 19 KB
6 KB 83ms
33ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/cookieconsent2/3.0.3/cookieconsent.min.js

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:36 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 3719741
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 5676
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:17 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e2d-4d5a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FOfKFoegwl12VOcqejZ1tfL3v7AQNmADl5kKDi5IXPsMqhvseXE3JjPgwUO0Fnq3aqyNm54vypVAaGJWN72TnmDfsGgRZJ05gMamu92ZWrTsab0TurUezWXP6%2BuBz8JMn%2BcOhNYknxT8BdDl0G2uydJr"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 7074955def7c01e3-ZRH
expires: Wed, 26 Apr 2023 20:49:36 GMT

GET
H2 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 28ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,700,700i&display=swap&subset=latin,latin-ext

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sandmanhotels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 19:26:22 GMT
x-content-type-options: nosniff
age: 177794
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 May 2023 19:26:22 GMT

GET
H/1.1 200
OK roundtrip.js Show response
s.adroll.com/j/ 50 KB
16 KB 91ms
8ms Script
text/javascript 2600:9000:206f:1200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/roundtrip.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56G27K
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1ef3f0269be7b675dce81bb81af21398575e3f96609f76c0f59881145bbfddff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

X-Amz-Version-Id: HNfyhH5qmLK0DbB1EQ.ihnSY7i0OY2m4
Content-Encoding: gzip
Etag: W/"ca2ef7b6ff5ea3fd1c2fdd160e7243b2"
Age: 148
X-Amz-Server-Side-Encryption: AES256
Transfer-Encoding: chunked
X-Cache: Hit from cloudfront
Connection: keep-alive
Vary: Accept-Encoding
Via: 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
Last-Modified: Wed, 06 Apr 2022 19:05:26 GMT
Server: AmazonS3
Date: Fri, 06 May 2022 20:47:09 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: 2Gd4eXUMRtU8aGgUeyuR1hToUN1qnz6GLnUHpHeCfcrruiElpLAe4Q==

GET
H2 200 quant.js Show response
secure.quantserve.com/ 24 KB
10 KB 66ms
7ms Script
application/javascript 2620:116:800d:21:ee05:6a01:4b41:8c89
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56G27K
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:37 GMT
content-encoding: gzip
etag: "u2JtyZzqnTXwzBUswy2r+w=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
expires: Fri, 13 May 2022 20:49:37 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 39 KB
15 KB 51ms
19ms Script
text/javascript 142.250.179.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56G27K

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.179.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

ams15s41-in-f2.1e100.net

Software

cafe /

Resource Hash

89ba0d4f6cf9500041778760fea24e37c6de04955c6a62b5435c64b600423749

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14865
x-xss-protection: 0
server: cafe
etag: 2710672821686371805
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 06 May 2022 20:49:37 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 67ms
33ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56G27K

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Wed, 09 Feb 2022 23:54:49 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 7CAB2B9216FC4244AAE22C7665D04D80 Ref B: FRAEDGE1517 Ref C: 2022-05-06T20:49:37Z
etag: "806a236c101ed81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Fri, 06 May 2022 20:49:36 GMT
accept-ranges: bytes
content-length: 11333

GET
H2 200 19127.js Show response
sleeknotecustomerscripts.sleeknote.com/ 8 KB
2 KB 153ms
118ms Script
text/javascript 143.204.215.78
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sleeknotecustomerscripts.sleeknote.com/19127.js
Requested by: Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.215.78 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-215-78.fra53.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 53efbbd9eec1aa5d107e0f70913b79d960486510be3989427da0e6bfeee55e8c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: Ib3doiuqk_G1dWwwHJKLiVe3BzSzjHn6
content-encoding: gzip
last-modified: Fri, 25 Mar 2022 18:05:34 GMT
server: AmazonS3
x-amz-cf-pop: FRA53-C1
etag: "fb567d9f84c89a635432c2ec3095d936"
x-cache: RefreshHit from cloudfront
content-type: text/javascript; charset=utf-8
via: 1.1 1764af62d635a1a6ee51aabc37405452.cloudfront.net (CloudFront)
cache-control: max-age=60
date: Fri, 06 May 2022 20:49:38 GMT
accept-ranges: bytes
content-length: 1428
x-amz-cf-id: GbKparPJPO67Ks4Ib1HXZiB8KAY2eD1MYLiV_IzjAiAYRAKI_7ZEXQ==

GET
H2 200 tags.js Show response
js.datadome.co/ 251 KB
47 KB 42ms
12ms Script
text/javascript 108.157.4.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://js.datadome.co/tags.js

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-23.dus51.r.cloudfront.net

Software

Apache /

Resource Hash

01c8f5dfe16e1b117a2354311821ac13e01a98fa933c572fcd09a242586ff96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:38:42 GMT
content-encoding: gzip
vary: Accept-Encoding
age: 655
x-cache: Hit from cloudfront
content-length: 47656
access-control-allow-origin: *
last-modified: Wed, 04 May 2022 08:37:33 GMT
server: Apache
etag: "3ed2d-5de2b896219e9-gzip"
strict-transport-security: max-age=15768000
content-type: text/javascript
via: 1.1 6c90efa18f660ef893fb03f41073cde8.cloudfront.net (CloudFront)
cache-control: max-age=3600, public
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-amz-cf-id: 4tHWtafWehIKlOTzO9SntcIcbArpFgvQE9Ccx8WYTVhH8pLPlxDoqw==
expires: Fri, 06 May 2022 21:38:42 GMT

GET
H2 200 / Show response
018e94e1202b42a58806dbbe702ec82f.js.ubembed.com/ 489 B
623 B 164ms
129ms Script
application/json 151.101.65.131
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://018e94e1202b42a58806dbbe702ec82f.js.ubembed.com/
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56G27K
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.131 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: acd1f16cab16fcfae29ef97a86f303db0fbe7f3c9611a7da8efbbdc1a754c0ce

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:37 GMT
content-encoding: br
x-backend-region: eu_west_1
age: 0
etag: W/a853100cf334fa1a0a1d54373edb16f8-v0.179.2
vary: Accept-Encoding, Referer
x-cache: Miss from cloudfront, MISS
content-type: application/json
access-control-allow-origin: *
cache-control: max-age=0, must-revalidate
x-amz-cf-pop: FRA56-C1
accept-ranges: none
x-amz-apigw-id: RuJ7MHedjoEFdBg=

GET
H2 200 66bhgs36ie Show response
www.clarity.ms/tag/ 1 KB
2 KB 231ms
147ms Script
application/x-javascript 2620:1ec:27::cafe:1586
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/66bhgs36ie
Requested by: Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1586 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: / ASP.NET
Resource Hash: 1370a87f096b6ad57b2af904333367b5a8b764c5eaf9f3a9ccfc8fe3c0b9164f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:37 GMT
x-powered-by: ASP.NET
x-azure-ref: 04Yl1YgAAAAAiedIBuwB7TpOgwKpydBKyTVJTMjBFREdFMDMwNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0
content-length: 1168
expires: -1

GET
H2 200 analytics.min.js Show response
cdn.segment.com/analytics.js/v1/iUMJ6tL6165Rpodbse6hyhGf7EMgPFo1/ 90 KB
25 KB 697ms
634ms Script
text/javascript 108.157.5.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/analytics.js/v1/iUMJ6tL6165Rpodbse6hyhGf7EMgPFo1/analytics.min.js
Requested by: Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.5.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-5-209.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: db0dd118c4a329b56642d13845d493b5a2c611a4b8edc0812d85f74f7271adba

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: KquSBN1nijdhtpx220eg8tjdVWxeUQ3U
content-encoding: br
etag: W/"4140da5a98f8cb304d2e4a2471df74d0"
x-amz-cf-pop: DUS51-P2
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Tue, 26 Apr 2022 20:50:05 GMT
server: AmazonS3
date: Fri, 06 May 2022 20:49:38 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: text/javascript; charset=utf-8
via: 1.1 6eb77e673c2aa566dbadbc817458b976.cloudfront.net (CloudFront)
cache-control: public, max-age=120
x-amz-cf-id: NfpNR5R7aXRXOfx_pJWlwTCd4p4gqbE6yXTNoOcr4RopSXZ7RFnyww==

GET
H2 200 file.png
image-tc.galaxy.tf/wipng-673i2e1qojvzwx2k56uaeduv2/ 23 KB
24 KB 74ms
29ms Image
image/webp 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wipng-673i2e1qojvzwx2k56uaeduv2/file.png?width=500

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6a8bb9ebb1b4c7750466138f83c00cba0b67dad4643181e22863b8ca966bda1e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:37 GMT
via: 1.1 d07eabeb1ed60c06da1457f35fb5c8c4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4837
cf-polished: origFmt=png, origSize=48683
x-cache: Hit from cloudfront
content-disposition: inline; filename="file.webp"
strict-transport-security: max-age=31536000; includeSubdomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24020
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Oct 2021 18:15:01 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "315200df8fdc5bcaff71f54341220ee8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 06 May 2023 20:49:37 GMT
cache-control: public, max-age=31536000
x-amz-version-id: tPm_HCX_.rsGUvPQoF4N64vaifkHxXu8
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 7074955e7b3d0225-ZRH
x-amz-cf-id: qYJf5NNd79pk4auNU92f4ey_7WOvxEiy_Hr1jlCP4mqsu8uUGRkwLQ==
cf-bgj: imgq:100,h2pri

GET
H2 200 gms-latest.min.js Show response
cdn.galaxy.tf/asset-galaxy/js/ 148 KB
46 KB 75ms
30ms Script
application/javascript 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.galaxy.tf/asset-galaxy/js/gms-latest.min.js?v0c4da157409acd458b1fe702cbe7a254

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75229e9eb5b602687c9ea865198e83d3f4a038e5b7b9356b82cf0700d6ad5da5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:37 GMT
content-encoding: br
cf-cache-status: HIT
last-modified: Wed, 01 Dec 2021 12:29:26 GMT
server: cloudflare
age: 4836
etag: W/"24f9c-5d214d3189952-gzip"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=31536000
strict-transport-security: max-age=15768000
cf-ray: 7074955e788401e3-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 06 May 2023 20:49:37 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ 13 KB
13 KB 25ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,400i,700,700i&display=swap&subset=latin,latin-ext

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sandmanhotels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 19:26:22 GMT
x-content-type-options: nosniff
age: 177795
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 May 2023 19:26:22 GMT

GET
H2 200 rules-p-t-Y4C8b3TMpU2.js Show response
rules.quantcount.com/ 2 KB
1 KB 76ms
19ms Script
application/javascript 2600:9000:2315:3800:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-t-Y4C8b3TMpU2.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:3800:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 13b3262bd17b82af659ff836fc4879b17ea9d597447f1eb1fd294dfcb036e110

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:37 GMT
content-encoding: gzip
age: 2953
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
access-control-allow-origin: *
last-modified: Thu, 31 Jan 2019 22:39:23 GMT
server: AmazonS3
etag: W/"18f7988cb7e82b9ae42f1ad4c4ee7637"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
via: 1.1 ddd7d19501f4b19d560bfedbdd9b13ce.cloudfront.net (CloudFront)
cache-control: max-age=3600
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: -HtmbF6zI1LD2iaD0DE-miSRT8N0SGkkqnN-1I_QoA_miPsiF5SQNg==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/966144408/ 2 KB
2 KB 41ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/966144408/?random=1651870177046&cv=9&fst=1651870177046&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg540&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.sandmanhotels.com%2F&tiba=Sandman%20Hotel%20Group%20%7C%20Hotels%20in%20Canada%2C%20UK%20%26%20USA&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1f77b1de27fff180dc48693411997d9eca5efcbf79b8bd10d7045bc835483098

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 20:49:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1041
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 4035341.js Show response
bat.bing.com/p/action/ 0
118 B 357ms
357ms Script
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4035341.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: *
strict-transport-security: max-age=31536000; includeSubDomains; preload
cache-control: private,max-age=1800
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A9684B1EA533478E95857EE7F5EBAAEC Ref B: FRAEDGE1517 Ref C: 2022-05-06T20:49:37Z
date: Fri, 06 May 2022 20:49:36 GMT
x-cache: CONFIG_NOCACHE

POST
H2 200 / Show response
api-js.datadome.co/js/ 237 B
415 B 55ms
9ms XHR
application/json 3.123.206.88
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api-js.datadome.co/js/
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.123.206.88 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-3-123-206-88.eu-central-1.compute.amazonaws.com
Software: DataDome /
Resource Hash: 9ba2e92b87fe2c16ed942a84a25386429d44e646789f33ac8ce173abb59e37be

Request headers

Referer: https://www.sandmanhotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 06 May 2022 20:49:37 GMT
server: DataDome
content-type: application/json;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 237
expires: 0

GET
H3 200 main.bundle.js Show response
www.sandmanhotels.com/integration/tc-theme/public/shared-gms-v2/js/ 201 KB
64 KB 34ms
34ms Script
application/javascript 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandmanhotels.com/integration/tc-theme/public/shared-gms-v2/js/main.bundle.js?v0c4da157409acd458b1fe702cbe7a254

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

862c011b3e8d810f56b7bb55a70861509cb109f439a406c31c00f09f48e048ea

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:37 GMT
via: 1.1 0baaefd2451e4f0e2d5ea55eb90f4a1a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4837
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 28 Apr 2022 00:21:40 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"1c46f299409c877b397f1dab00a88b1f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
cf-ray: 7074955f1e2501f4-ZRH
x-amz-meta-md5chksum: HEbymUCch3s5fx2rAKiLHw==
x-amz-cf-id: eSj-ErAAXOBnBX6h31DUIW6TPXBualLIg6UvczYpBFl_gSXb0vOovw==
expires: Sat, 06 May 2023 20:49:37 GMT

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/gif

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/exp/
Redirect Chain

https://s.adroll.com/j/exp/6GB62NWDQJCHRAOLIVXEEB/index.js
https://s.adroll.com/j/exp/index.js

28 B
761 B

7ms
7ms

Script
application/javascript

2600:9000:206f:1200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/exp/index.js
Requested by: Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/
Protocol: HTTP/1.1
Server: 2600:9000:206f:1200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

X-Amz-Version-Id: Yo1foR6FJ6WFFBWqTYM2cazsDqVdFv1D
Via: 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
Etag: "5816cced8568d223aa09d889f300692b"
Age: 1622
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 28
Last-Modified: Thu, 03 Mar 2022 22:40:46 GMT
Server: AmazonS3
Date: Fri, 06 May 2022 20:22:56 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: TFffgIXPKyDPS7CZ_ol1YQZUndiNOKKJXFmvFB5tHi2M8lny_zDXfg==

Redirect headers

Date: Fri, 06 May 2022 11:06:13 GMT
Via: 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
Age: 35003
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/exp/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: Rkxk4wKtIvJqwXIzlb-eHnSvYMvir9FiWM4KzLmWX_qUhvC4QI16hw==

GET
H/1.1

200
OK

index.js Show response
s.adroll.com/j/pre/
Redirect Chain

https://s.adroll.com/j/pre/6GB62NWDQJCHRAOLIVXEEB/YQATWS6U4NAOLKOAMWDWW6/fpconsent.js
https://s.adroll.com/j/pre/index.js

0
733 B

7ms
7ms

Script
application/javascript

2600:9000:206f:1200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/index.js
Requested by: Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/
Protocol: HTTP/1.1
Server: 2600:9000:206f:1200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

X-Amz-Version-Id: nQEe8wQ7h0ROt7P4GJfDfstto6x684Hy
Via: 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
Age: 34791
X-Amz-Server-Side-Encryption: AES256
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Wed, 15 Jan 2020 23:54:18 GMT
Server: AmazonS3
Date: Fri, 06 May 2022 12:47:16 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: yrCSFxjhUKcpJxLyy78X1WCOX0pv7SOnNgAoICvT0oMnLUh5jXuU0Q==

Redirect headers

Date: Fri, 06 May 2022 11:06:14 GMT
Via: 1.1 579a21a67e4dc50a655a7c0e9675261c.cloudfront.net (CloudFront)
Age: 35003
X-Cache: Hit from cloudfront
Connection: keep-alive
Content-Length: 0
Server: AmazonS3
Location: https://s.adroll.com/j/pre/index.js
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: application/xml
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: false
X-Amz-Cf-Pop: FRA56-C1
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: OcqB_2VQ7NsTVyicM_Z56zkn15-cV9R55jdkfI6sUBEYD_NyG9IIcw==

GET
H/1.1 200
OK index.js Show response
s.adroll.com/j/pre/6GB62NWDQJCHRAOLIVXEEB/YQATWS6U4NAOLKOAMWDWW6/ 0
782 B 653ms
635ms Script
text/javascript 2600:9000:206f:1200:6:9280:1080:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s.adroll.com/j/pre/6GB62NWDQJCHRAOLIVXEEB/YQATWS6U4NAOLKOAMWDWW6/index.js
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:1200:6:9280:1080:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

X-Amz-Version-Id: _T7tgDsw4SdfEf3_3zy_3RsDpy59zTs0
Via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
Etag: "d41d8cd98f00b204e9800998ecf8427e"
X-Amz-Cf-Pop: FRA56-C1
X-Amz-Server-Side-Encryption: AES256
X-Cache: RefreshHit from cloudfront
Connection: keep-alive
Content-Length: 0
Last-Modified: Mon, 25 Apr 2022 11:36:42 GMT
Server: AmazonS3
Date: Fri, 06 May 2022 20:49:38 GMT
Access-Control-Max-Age: 600
Access-Control-Allow-Methods: GET
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600, must-revalidate
Access-Control-Allow-Credentials: false
Accept-Ranges: bytes
Access-Control-Allow-Headers: *
X-Amz-Cf-Id: i18iYzx2usgZIwHMVvE8H7PbJZMpcraZ8UO5IOpGx84jXNjnBAGUdQ==

GET
H3 200 c4mv1nF8G8_swA3J0Q.woff2
fonts.gstatic.com/s/aleo/v11/ 28 KB
28 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/aleo/v11/c4mv1nF8G8_swA3J0Q.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Aleo:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bdd44d0692f267a0b26e5968e694bbd095511faacb598ce37957d57814490aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.sandmanhotels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 03:54:48 GMT
x-content-type-options: nosniff
age: 233689
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28272
x-xss-protection: 0
last-modified: Tue, 19 Apr 2022 19:12:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 May 2023 03:54:48 GMT

GET
H3 200 standard.jpg
image-tc.galaxy.tf/wijpeg-d272x97i27cfefw3hwinak967/ 24 KB
24 KB 128ms
111ms Image
image/jpeg 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-d272x97i27cfefw3hwinak967/standard.jpg?crop=110%2C0%2C1780%2C1335&width=372

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8aec0f3ed08ab5e9db8a779f49f838782298d2687a64b4d0c8a9094b9875f535

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:37 GMT
via: 1.1 9bca546700a965c9c77ef5b8dbe65cc4.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4837
cf-polished: status=not_needed
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 24181
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Oct 2021 18:15:01 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "3205e7a0eeb62319c539cfce0a84c363"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 06 May 2023 20:49:37 GMT
cache-control: public, max-age=31536000
x-amz-version-id: h0ONwgg1OLB4T20nyA_ehL1Id5WbVyOI
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 7074955f6e9001f8-ZRH
x-amz-cf-id: LBw-T5PPqlRbhwZhTXzp2aH_pIEhD8Gm1PfD2D7Rbkj43FXl-WAcPA==
cf-bgj: imgq:100,h2pri

GET
H3 200 standard.jpg
image-tc.galaxy.tf/wijpeg-67bjnjyi54gk5es7s482lsuzt/ 17 KB
18 KB 79ms
62ms Image
image/jpeg 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-67bjnjyi54gk5es7s482lsuzt/standard.jpg?crop=110%2C0%2C1780%2C1335&width=372

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

81a1c8f8a996ba7a20b116b0fb8027af53f11402dcd06da8421cefe3cd9898d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:37 GMT
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4837
cf-polished: status=not_needed
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17382
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Oct 2021 18:15:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "d5800d5e0ea22ebbff7fb18b4c1289ee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 06 May 2023 20:49:37 GMT
cache-control: public, max-age=31536000
x-amz-version-id: k7tpyCj_9Fawh.rNZS2wqutPTp5sA3sA
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 7074955f6e8a01f8-ZRH
x-amz-cf-id: 3Z6dR6JDR_-gN-ZTFFSKoVjMdu96BnYIBF72vZEmTeOIc0Ldvck6_Q==
cf-bgj: imgq:100,h2pri

GET
H3 200 standard.jpg
image-tc.galaxy.tf/wijpeg-3d8auokupqjt9im6qwowksf2n/ 23 KB
24 KB 51ms
34ms Image
image/jpeg 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-3d8auokupqjt9im6qwowksf2n/standard.jpg?crop=88%2C0%2C1424%2C1068&width=372

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d19184949ab5afddd72264435b8b05b7b2dcfdd33b6c08f3ea0791059189ccd1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:37 GMT
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4836
cf-polished: status=not_needed
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23800
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Oct 2021 18:15:03 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "985a75002dcc2184693dd3ea5bba1560"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 06 May 2023 20:49:37 GMT
cache-control: public, max-age=31536000
x-amz-version-id: tdGrw5WVbFk_1YRMMOPWVrORXrJ_otc7
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 7074955f6e8d01f8-ZRH
x-amz-cf-id: 0SXUZVh73YvfTD8c7kbCngkMfnMPF5M10YALRiw0Q2mpAC2msq1Uiw==
cf-bgj: imgq:100,h2pri

GET
H3 200 standard.jpg
image-tc.galaxy.tf/wijpeg-83o8erbhzn96q5t7i0novrf6u/ 17 KB
18 KB 112ms
96ms Image
image/jpeg 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-83o8erbhzn96q5t7i0novrf6u/standard.jpg?crop=89%2C0%2C1423%2C1067&width=372

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a93efd838d5467dff8629cd1533f381d0b82909de009234326539a493d373e4d

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:37 GMT
via: 1.1 f2ee8ec5deee40e44013272a9c7aa35c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4836
cf-polished: status=not_needed
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 17253
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Oct 2021 18:15:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "83bccd0a8cf669d1eb988c8161017fa2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 06 May 2023 20:49:37 GMT
cache-control: public, max-age=31536000
x-amz-version-id: RpHJMQFRUR5PwmWStsITo_z3oRyKU7tB
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 7074955f6e8f01f8-ZRH
x-amz-cf-id: AKF-Sk6CXBfZNyLm_CoufGuXh05QLaXTaCkTJPYkkY6zGs6fbErbsQ==
cf-bgj: imgq:100,h2pri

GET
H3 200 standard.jpg
image-tc.galaxy.tf/wijpeg-5w1qlzwia0xnzbhqwlk7lo4fp/ 23 KB
24 KB 162ms
146ms Image
image/jpeg 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-5w1qlzwia0xnzbhqwlk7lo4fp/standard.jpg?crop=0%2C400%2C1068%2C801&width=372

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d1da7be1878380087a74ef033cd3b271e2d55ba9affe0058b6585f5d236c729a

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:37 GMT
via: 1.1 78059242182c195ff7f26013772da09a.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4836
cf-polished: status=not_needed
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 23437
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Oct 2021 18:15:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "ded6b7adf3f4fb7575bf9d82b67a7312"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 06 May 2023 20:49:37 GMT
cache-control: public, max-age=31536000
x-amz-version-id: dwENCoHv2Ac8igtGG0vaY0fwYzLCSbuv
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 7074955f6e9101f8-ZRH
x-amz-cf-id: Wc6XeaKN3osOrbqjeO6flM19TWdU4-_OmZULjPpCsA3vrFH79J1BzA==
cf-bgj: imgq:100,h2pri

GET
H3 200 standard.jpg
image-tc.galaxy.tf/wijpeg-7wuje1ztz31drwuedhws0927u/ 21 KB
21 KB 200ms
184ms Image
image/jpeg 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-7wuje1ztz31drwuedhws0927u/standard.jpg?crop=88%2C0%2C1424%2C1068&width=372

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

134e9ea357e37998ed2a4189cdd30e3e58fcc1d3146fda2b2e054f3558226c86

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:37 GMT
via: 1.1 25c6baf0a31a5ef699c1e219b25ce7b8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4836
cf-polished: status=not_needed
x-cache: Hit from cloudfront
strict-transport-security: max-age=31536000; includeSubdomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 21134
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Oct 2021 18:15:02 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "e37116c68b70faa2dd1f2c378f17f372"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/jpeg
access-control-allow-origin: *
expires: Sat, 06 May 2023 20:49:37 GMT
cache-control: public, max-age=31536000
x-amz-version-id: mut5ei78dCYhWDYBXLpG4KgxzhsB10en
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 7074955f6e9401f8-ZRH
x-amz-cf-id: 9QV2W2ik9zSxRtGUgDhv7mZnM-kG_COWawNnvopM0wu0MzEw235ywg==
cf-bgj: imgq:100,h2pri

GET
H3 200 file.png
image-tc.galaxy.tf/wipng-8sm46hjhgtoxi4h0rfqe6zb6w/ 530 B
1 KB 240ms
224ms Image
image/webp 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wipng-8sm46hjhgtoxi4h0rfqe6zb6w/file.png?width=116&height=116

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4d33d19a86ed469d46e6ec16cff7a658c22b4a3e0626942c60a9cacf86b71dae

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:37 GMT
via: 1.1 9ce5bc08de451222a6a280b1273d60c6.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 46753
cf-polished: origFmt=png, origSize=1329
x-cache: Hit from cloudfront
content-disposition: inline; filename="file.webp"
strict-transport-security: max-age=31536000; includeSubdomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 530
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Mar 2022 21:37:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "1a971a5a9c0d4d2028ddcaf24d781c69"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 06 May 2023 20:49:37 GMT
cache-control: public, max-age=31536000
x-amz-version-id: c8mOmFd.X8tbeVN3i7dczL.njNQA1Nzy
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
cf-ray: 7074955f6e9601f8-ZRH
x-amz-cf-id: Oima5LNpYnxQNyGaOzXc0geOAowuNYWPNKF3N2Hp2TI0zo2ypLjf9w==
cf-bgj: imgq:100,h2pri

GET
H3 200 file.png
image-tc.galaxy.tf/wipng-1wmdc5mkd2c3ia1obszg057ep/ 936 B
2 KB 241ms
225ms Image
image/webp 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wipng-1wmdc5mkd2c3ia1obszg057ep/file.png?width=116&height=116

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3593099a51c8a9d8732583b5917d90c6088504a38d03337d542d49939ac9e85c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:37 GMT
via: 1.1 5bbaa27b453dc834289b91c14bbb4934.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 46753
cf-polished: origFmt=png, origSize=1934
x-cache: Hit from cloudfront
content-disposition: inline; filename="file.webp"
strict-transport-security: max-age=31536000; includeSubdomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 936
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Mar 2022 21:37:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "506820e3e06e76900a3aee73ecffc6a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 06 May 2023 20:49:37 GMT
cache-control: public, max-age=31536000
x-amz-version-id: wNaCiZQP6KkBK45K55yZzdtWeqGgf7.e
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
cf-ray: 7074955f6e9701f8-ZRH
x-amz-cf-id: odzTYHITv2YoOPyJa0tBxSw03AWrl0bnhT76itPLtxYiixGWjOM1_w==
cf-bgj: imgq:100,h2pri

GET
H3 200 file.png
image-tc.galaxy.tf/wipng-553urz8bep1pxxjl5inaf187n/ 496 B
1 KB 241ms
225ms Image
image/webp 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wipng-553urz8bep1pxxjl5inaf187n/file.png?width=116&height=116

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f233243ee960cf1c52d6d7371ad7321155ad8c92d854a74128998672c74bcbca

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:37 GMT
via: 1.1 774fae779f194800b967be38df6bd8d2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1223706
cf-polished: origFmt=png, origSize=1316
x-cache: Hit from cloudfront
content-disposition: inline; filename="file.webp"
strict-transport-security: max-age=31536000; includeSubdomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 496
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Mar 2022 21:37:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "69163502795a013fa190719f40c9faef"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept
content-type: image/webp
access-control-allow-origin: *
expires: Sat, 06 May 2023 20:49:37 GMT
cache-control: public, max-age=31536000
x-amz-version-id: TwZ1v9a24N0wI6N5Nuy1MEJdA..Ea5Sl
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: MUC50-P2
accept-ranges: bytes
cf-ray: 7074955f6e9901f8-ZRH
x-amz-cf-id: 6FSgF9Z_gU8VBDP4BZ5m6li4SfNbQCkTcyQM1EIxGF25Gfc7v09G1A==
cf-bgj: imgq:100,h2pri

GET
H2 200 NTE4NDE0NDAzNw Show response
tcgms.net/app/new/ Frame 8D33 43 KB
11 KB 563ms
507ms Document
text/html 104.90.191.187
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://tcgms.net/app/new/NTE4NDE0NDAzNw?languageCode=df

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

104.90.191.187 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a104-90-191-187.deploy.static.akamaitechnologies.com

Software

Apache-Coyote/1.1 /

Resource Hash

569b533786f679b87f330e061837353dbb865842a6f2389935341d6c73b6cc0f

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-cache
content-encoding: gzip
content-length: 10175
content-security-policy: upgrade-insecure-requests
content-type: text/html;charset=UTF-8
date: Fri, 06 May 2022 20:49:37 GMT
server: Apache-Coyote/1.1
vary: Accept-Encoding

GET
H2 200 /
www.google.com/pagead/1p-user-list/966144408/ 42 B
548 B 43ms
21ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/966144408/?random=1651870177046&cv=9&fst=1651867200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg540&sendb=1&frm=0&url=https%3A%2F%2Fwww.sandmanhotels.com%2F&tiba=Sandman%20Hotel%20Group%20%7C%20Hotels%20in%20Canada%2C%20UK%20%26%20USA&async=1&fmt=3&is_vtc=1&random=3970698205&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 20:49:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/966144408/ 42 B
548 B 41ms
20ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/966144408/?random=1651870177046&cv=9&fst=1651867200000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg540&sendb=1&frm=0&url=https%3A%2F%2Fwww.sandmanhotels.com%2F&tiba=Sandman%20Hotel%20Group%20%7C%20Hotels%20in%20Canada%2C%20UK%20%26%20USA&async=1&fmt=3&is_vtc=1&random=3970698205&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 20:49:37 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 galaxy-helpers.js Show response
www.sandmanhotels.com/frontend/galaxy-helpers/public/ 63 KB
23 KB 44ms
43ms Script
application/javascript 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandmanhotels.com/frontend/galaxy-helpers/public/galaxy-helpers.js?v=l-88708b3e-ffe5-4ede-82a2-440c0907ec68

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9ca5836021078b32c266024a6ecf7479552e792e0f8935b7a1e1e143bd376b47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:37 GMT
via: 1.1 f0f5607a03d2ae4c43b553dc2cef0c9e.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4837
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 20 Apr 2022 17:20:42 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"52902efe9580dbbe540e25a7b8a57298"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
cf-ray: 7074955f6e8c01f4-ZRH
x-amz-meta-md5chksum: UpAu/pWA275UDiWnuKVymA==
x-amz-cf-id: HkBNMzfdA-ukF--yp9F1-Vt1UvoUeA-sCipOb1LPNJcxcFS786S2jA==
expires: Sat, 06 May 2023 20:49:37 GMT

GET
H2 200 pixel;r=2132655095;labels=keywords.%2Ctitle.Sandman%20Hotel%20Group%20%7C%20Hotels%20in%20Canada%20%20UK%20%26%20USA;source=gtm;rf=0;a=p-t-Y4C8b3TMpU2;url=https%3A%2F%2Fwww.sandmanhotels.com%2F;uht...
pixel.quantserve.com/ 35 B
372 B 19ms
10ms Image
image/gif 2620:116:800d:21:ee05:6a01:4b41:8c89
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=2132655095;labels=keywords.%2Ctitle.Sandman%20Hotel%20Group%20%7C%20Hotels%20in%20Canada%20%20UK%20%26%20USA;source=gtm;rf=0;a=p-t-Y4C8b3TMpU2;url=https%3A%2F%2Fwww.sandmanhotels.com%2F;uht=2;fpan=1;fpa=P0-2106192444-1651870177186;pbc=;ns=0;ce=1;qjs=1;qv=a98acd33-20220316110313;cm=;gdpr=0;ref=;d=sandmanhotels.com;je=0;sr=1600x1200x24;dst=0;et=1651870177185;tzo=0;ogl=site_name.Sandman%20Hotels%2Curl.https%3A%2F%2Fwww%252Esandmanhotels%252Ecom%2F%2Ctitle.Sandman%20Hotel%20Group%20%7C%20Hotels%20in%20Canada%252C%20UK%20%26%20USA%2Cdescription.Sandman%20Hotel%20Group%20offers%20comfortable%20%26%20affordable%20accommodations%20in%20fantastic%20%2Clocale.en_US

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:ee05:6a01:4b41:8c89 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 20:49:37 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
cache-control: private, no-cache, no-store, proxy-revalidate
content-type: image/gif
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 bundle.js Show response
assets.ubembed.com/universalscript/releases/v0.179.2/ 174 KB
48 KB 53ms
7ms Script
application/javascript 65.9.63.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.ubembed.com/universalscript/releases/v0.179.2/bundle.js
Requested by: Host: 018e94e1202b42a58806dbbe702ec82f.js.ubembed.com
URL: https://018e94e1202b42a58806dbbe702ec82f.js.ubembed.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.63.32 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-65-9-63-32.fra56.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Tue, 05 Apr 2022 17:08:16 GMT
content-encoding: gzip
last-modified: Tue, 05 Apr 2022 16:31:05 GMT
server: AmazonS3
age: 2691682
etag: W/"359008fe01078c59c66e034866170bd2"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 4162b603e4967e54c2386fa354705d6e.cloudfront.net (CloudFront)
cache-control: max-age=31536000
x-amz-cf-pop: FRA56-C1
x-amz-cf-id: wg_jnOXqXyHKa1zTSQITMQ2G4mOT7qxYRYixu300qffsbyztjl1S7Q==

GET
H3 200 gp-hotels Show response
www.sandmanhotels.com/json/search/1/1/ 55 KB
10 KB 276ms
275ms Fetch
application/json 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandmanhotels.com/json/search/1/1/gp-hotels

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

88e5827b197d82fd564d4d6d3a55e0ad091811ff73616600a36a66adfeb2b885

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:37 GMT
via: 1.1 f5a41f2e2650c6e3da553e0f45e52bfa.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: TXL50-P3
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 06 May 2022 18:02:23 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"d46fc28c8786758b2ec75745060765d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/json
vary: Accept-Encoding
cache-control: public, max-age=1200
cf-ray: 7074955fbeeb01f4-ZRH
x-amz-cf-id: 8CfE0umO2Iv2memaeBWtQCiqWpJ_06ikO9dTDfu7X_jj6ZY6XQgCwg==
expires: Fri, 06 May 2022 21:09:37 GMT

GET
H2 200 clarity.js Show response
j.clarity.ms/s/0.6.34/ 53 KB
23 KB 309ms
98ms Script
application/javascript 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/s/0.6.34/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/66bhgs36ie
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:36 GMT
content-encoding: br
etag: "1d85e80e187b254"
last-modified: Tue, 03 May 2022 00:01:04 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
accept-ranges: bytes
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 6GB62NWDQJCHRAOLIVXEEB Show response
d.adroll.com/consent/check/ 449 B
542 B 129ms
30ms Script
application/javascript 54.171.137.8
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://d.adroll.com/consent/check/6GB62NWDQJCHRAOLIVXEEB?arrfrr=https%3A%2F%2Fwww.sandmanhotels.com%2F&_s=12698124171421905cd3c16354311d43&_b=2
Requested by: Host: s.adroll.com
URL: https://s.adroll.com/j/roundtrip.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.171.137.8 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-171-137-8.eu-west-1.compute.amazonaws.com
Software: nginx/1.20.0 /
Resource Hash: dcbdd16824779e178951c6e33345dd34a5dfea189686a6899d67e364c63e644f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:37 GMT
server: nginx/1.20.0
content-length: 449
content-type: application/javascript

GET
H3 200 bundle.js Show response
www.sandmanhotels.com/integration/tc-theme/public/js/ 5 MB
828 KB 40ms
39ms Script
application/javascript 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandmanhotels.com/integration/tc-theme/public/js/bundle.js?v0c4da157409acd458b1fe702cbe7a254

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a5f28bac7785fbda6486644a5a0acb398bb1cd5e4d0777ede97b82874f7bf26e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:37 GMT
via: 1.1 ebbd7f31e48ea8cf77f6021cdd92bf62.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4837
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 06 May 2022 18:02:29 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"583304eec9c1c005018464375b6d4fa9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
cf-ray: 707495600f7001f4-ZRH
x-amz-meta-md5chksum: WDME7snBwAUBhGQ3W21PqQ==
x-amz-cf-id: x-YAYz-tyl6UtSD4y7zDtN94HX5xvKETXxwEDr7lkJYw6uolQVb83g==
expires: Sat, 06 May 2023 20:49:37 GMT

GET
H2 200 settings Show response
cdn.segment.com/v1/projects/iUMJ6tL6165Rpodbse6hyhGf7EMgPFo1/ 546 B
1 KB 37ms
17ms XHR
application/json 108.157.5.209
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.segment.com/v1/projects/iUMJ6tL6165Rpodbse6hyhGf7EMgPFo1/settings
Requested by: Host: cdn.segment.com
URL: https://cdn.segment.com/analytics.js/v1/iUMJ6tL6165Rpodbse6hyhGf7EMgPFo1/analytics.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.5.209 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-5-209.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 15ee46bb08550f18dd50e3526572854bed5044202047f52ad5c6134c13532f2d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: KC1t8o08GcvlK4MGWxAEgh2lt5bgvMLB
via: 1.1 268679e7d17267a1a7a03722822fb800.cloudfront.net (CloudFront)
etag: "15d3ed7a87ae292ce1118da6873921a2"
age: 10762
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-length: 546
last-modified: Tue, 07 Dec 2021 20:55:49 GMT
server: AmazonS3
date: Fri, 06 May 2022 20:49:37 GMT
access-control-max-age: 3000
access-control-allow-methods: GET, HEAD
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=10800
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-amz-cf-id: 8IuRw0N1f4ms8MH_BZMnhNoes0sPhJLzEhNAWAH9E4MOsn9MblLW4A==

POST
H2 204 collect Show response
j.clarity.ms/ 0
74 B 96ms
95ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: j.clarity.ms
URL: https://j.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.sandmanhotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: https://www.sandmanhotels.com
date: Fri, 06 May 2022 20:49:36 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 dialogs.css
www.tcgms.net/scripts/dialogs/css/ Frame 8D33 27 KB
5 KB 318ms
196ms Stylesheet
text/css 96.16.129.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/dialogs/css/dialogs.css

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4NDE0NDAzNw?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.129.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-171.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

2d5f55af6b26f54540a0b432dd6f4fbda74ac3391ce1c81c2da35b0eee52356e

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:38 GMT
content-encoding: gzip
last-modified: Mon, 16 Dec 2013 19:44:34 GMT
server: Apache
etag: "6d0c-4edac0a8ccc80"
vary: Accept-Encoding
content-type: text/css
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 5292

GET
H2 200 jquery-ui.min.css
www.tcgms.net/scripts/responsive/ Frame 8D33 28 KB
7 KB 339ms
218ms Stylesheet
text/css 96.16.129.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/jquery-ui.min.css

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4NDE0NDAzNw?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.129.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-171.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

235811eea35afea6661df621dcd80615b44d0abf0f4e30141bcb062c3edcecea

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:38 GMT
content-encoding: gzip
last-modified: Wed, 02 Dec 2015 13:44:34 GMT
server: Apache
etag: "6f91-525ea79777480"
vary: Accept-Encoding
content-type: text/css
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 6942

GET
H2 200 jquery-ui.structure.min.css
www.tcgms.net/scripts/responsive/ Frame 8D33 14 KB
5 KB 282ms
161ms Stylesheet
text/css 96.16.129.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/jquery-ui.structure.min.css

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4NDE0NDAzNw?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.129.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-171.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c1f78372fef6004ba25f660c5e2a8377c7e057e1386281df289973abb4cebabf

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:38 GMT
content-encoding: gzip
last-modified: Wed, 02 Dec 2015 13:44:34 GMT
server: Apache
etag: "39ac-525ea79777480"
vary: Accept-Encoding
content-type: text/css
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 4738

GET
H2 200 jquery-ui.theme.min.css
www.tcgms.net/scripts/responsive/ Frame 8D33 13 KB
2 KB 272ms
151ms Stylesheet
text/css 96.16.129.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/jquery-ui.theme.min.css

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4NDE0NDAzNw?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.129.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-171.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ad276a9b384daf069f7458062d26b31838d009086e6b3a5e0c69a5682063239c

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:38 GMT
content-encoding: gzip
last-modified: Wed, 02 Dec 2015 13:44:34 GMT
server: Apache
etag: "351f-525ea79777480"
vary: Accept-Encoding
content-type: text/css
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 2284

GET
H2 200 jquery-ui-slider-pips.css
www.tcgms.net/scripts/responsive/ Frame 8D33 11 KB
2 KB 288ms
167ms Stylesheet
text/css 96.16.129.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/jquery-ui-slider-pips.css

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4NDE0NDAzNw?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.129.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-171.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

dff41f45bf1410d70bbaa825268ce556be0a4c1eb3c293600971e60e565a218b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:38 GMT
content-encoding: gzip
last-modified: Wed, 02 Dec 2015 13:44:34 GMT
server: Apache
etag: "2baa-525ea79777480"
vary: Accept-Encoding
content-type: text/css
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 2034

GET
H2 200 jquery.mobile-1.4.5.min.css
www.tcgms.net/scripts/responsive/ Frame 8D33 203 KB
25 KB 319ms
197ms Stylesheet
text/css 96.16.129.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/jquery.mobile-1.4.5.min.css

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4NDE0NDAzNw?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.129.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-171.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a1f1132059ae29789542297e710d6d45e60307f961d25acccb12ddb30f8d1bcc

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:38 GMT
content-encoding: gzip
last-modified: Wed, 02 Dec 2015 13:44:34 GMT
server: Apache
etag: "32a69-525ea79777480"
vary: Accept-Encoding
content-type: text/css
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 25215

GET
H2 200 jquery.mobile.custom.theme.min.css
www.tcgms.net/scripts/responsive/ Frame 8D33 12 KB
2 KB 317ms
196ms Stylesheet
text/css 96.16.129.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/jquery.mobile.custom.theme.min.css

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4NDE0NDAzNw?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.129.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-171.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

291e4ceacea80004276a4500a661d05acd5912b405fb13a2fe5fa6fc4c676eee

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:38 GMT
content-encoding: gzip
last-modified: Wed, 02 Dec 2015 13:44:34 GMT
server: Apache
etag: "3071-525ea79777480"
vary: Accept-Encoding
content-type: text/css
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 2243

GET
H2 200 jquery.mobile.custom.structure.min.css
www.tcgms.net/scripts/responsive/ Frame 8D33 66 KB
10 KB 318ms
197ms Stylesheet
text/css 96.16.129.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/jquery.mobile.custom.structure.min.css

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4NDE0NDAzNw?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.129.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-171.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

8964e438a1f1a01489df821e32816d1651550b39b55b783ad7f5d85e43c6247b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:38 GMT
content-encoding: gzip
last-modified: Wed, 02 Dec 2015 13:44:34 GMT
server: Apache
etag: "10953-525ea79777480"
vary: Accept-Encoding
content-type: text/css
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 9788

GET
H2 200 intlTelInput.css
www.tcgms.net/scripts/responsive/intlTelInput/ Frame 8D33 21 KB
3 KB 342ms
221ms Stylesheet
text/css 96.16.129.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/intlTelInput/intlTelInput.css

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4NDE0NDAzNw?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.129.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-171.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a06428ba01c0ceafa7d68c9c6cf720ae3543831c878ca0c66dc38ad74eb5c74b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:38 GMT
content-encoding: gzip
last-modified: Tue, 06 Dec 2016 03:58:21 GMT
server: Apache
etag: "54a4-542f56a489b33"
vary: Accept-Encoding
content-type: text/css
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 3187

GET
H2 200 jquery-1.11.1.min.js Show response
www.tcgms.net/scripts/responsive/ Frame 8D33 94 KB
33 KB 496ms
375ms Script
application/javascript 96.16.129.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/jquery-1.11.1.min.js

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4NDE0NDAzNw?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.129.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-171.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:38 GMT
content-encoding: gzip
last-modified: Wed, 02 Dec 2015 13:44:34 GMT
server: Apache
etag: "1762a-525ea79777480"
vary: Accept-Encoding
content-type: application/javascript
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 33266

GET
H2 200 custom-jquery-scripts.js Show response
www.tcgms.net/scripts/responsive/ Frame 8D33 112 B
286 B 338ms
218ms Script
application/javascript 96.16.129.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/custom-jquery-scripts.js

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4NDE0NDAzNw?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.129.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-171.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

4018d80284d0b380e6f0187eea93cd2006c976d7990a9a59234bbb3f7e4d48a3

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: upgrade-insecure-requests
last-modified: Mon, 07 Dec 2015 18:15:35 GMT
server: Apache
etag: "70-52652d7e77fc0"
content-type: application/javascript
date: Fri, 06 May 2022 20:49:38 GMT
accept-ranges: bytes
content-length: 112

GET
H2 200 jquery-ui.min.js Show response
www.tcgms.net/scripts/responsive/ Frame 8D33 235 KB
63 KB 394ms
274ms Script
application/javascript 96.16.129.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/jquery-ui.min.js

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4NDE0NDAzNw?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.129.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-171.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

a8bd2ffb1e86cd8ab362d0c57f12860bc2b35b243d9f9a9ed63b663ca2ae82ca

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:38 GMT
content-encoding: gzip
last-modified: Wed, 02 Dec 2015 13:44:34 GMT
server: Apache
etag: "3ab26-525ea79777480"
vary: Accept-Encoding
content-type: application/javascript
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes

GET
H2 200 jquery-ui-slider-pips.js Show response
www.tcgms.net/scripts/responsive/ Frame 8D33 22 KB
5 KB 317ms
197ms Script
application/javascript 96.16.129.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/jquery-ui-slider-pips.js

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4NDE0NDAzNw?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.129.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-171.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

d14a1b9791657bcd13c89ddc2d2bfcddc5491c377ebf7b4ef6a86c5b89eb18c7

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:38 GMT
content-encoding: gzip
last-modified: Wed, 02 Dec 2015 13:44:34 GMT
server: Apache
etag: "59d3-525ea79777480"
vary: Accept-Encoding
content-type: application/javascript
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 4630

GET
H2 200 jquery.mobile.custom.min.js Show response
www.tcgms.net/scripts/responsive/ Frame 8D33 181 KB
51 KB 514ms
394ms Script
application/javascript 96.16.129.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/jquery.mobile.custom.min.js

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4NDE0NDAzNw?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.129.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-171.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

77db1e92623f53f39a92474ff79429f547485f839dc0b30bc33a5f65ce880da8

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:38 GMT
content-encoding: gzip
last-modified: Wed, 02 Dec 2015 13:44:34 GMT
server: Apache
etag: "2d37a-525ea79777480"
vary: Accept-Encoding
content-type: application/javascript
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes

GET
H2 200 iframeResizer.contentWindow.min.js Show response
www.tcgms.net/scripts/responsive/ Frame 8D33 13 KB
5 KB 315ms
196ms Script
application/javascript 96.16.129.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/iframeResizer.contentWindow.min.js

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4NDE0NDAzNw?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.129.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-171.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:38 GMT
content-encoding: gzip
last-modified: Wed, 02 Dec 2015 13:44:33 GMT
server: Apache
etag: "3445-525ea79683240"
vary: Accept-Encoding
content-type: application/javascript
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 5005

GET
H2 200 intlTelInput.min.js Show response
www.tcgms.net/scripts/responsive/intlTelInput/ Frame 8D33 22 KB
9 KB 342ms
222ms Script
application/javascript 96.16.129.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/intlTelInput/intlTelInput.min.js

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4NDE0NDAzNw?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.129.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-171.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

ffc992202755637f8b6d51b4f61d30e3b47fc797403d923a9cd618a47c6ca184

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:38 GMT
content-encoding: gzip
last-modified: Tue, 06 Dec 2016 03:58:21 GMT
server: Apache
etag: "56bf-542f56a48a2f5"
vary: Accept-Encoding
content-type: application/javascript
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 9108

GET
H2 200 utils.js Show response
www.tcgms.net/scripts/responsive/intlTelInput/ Frame 8D33 233 KB
51 KB 752ms
633ms Script
application/javascript 96.16.129.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/intlTelInput/utils.js

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4NDE0NDAzNw?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.129.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-171.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

3d5c31a7e56cfc12b784ae9f7d946c74b9f0e301032ddc6b786a83c3be2773db

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:38 GMT
content-encoding: gzip
last-modified: Tue, 06 Dec 2016 03:58:21 GMT
server: Apache
etag: "3a41e-542f56a48aeac"
vary: Accept-Encoding
content-type: application/javascript
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes

GET
H2 200 qrcode.min.js Show response
www.tcgms.net/scripts/responsive/ Frame 8D33 19 KB
7 KB 349ms
229ms Script
application/javascript 96.16.129.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://www.tcgms.net/scripts/responsive/qrcode.min.js

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4NDE0NDAzNw?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.129.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-171.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:38 GMT
content-encoding: gzip
last-modified: Wed, 22 Feb 2017 12:04:19 GMT
server: Apache
etag: "4dd7-5491d4be08778"
vary: Accept-Encoding
content-type: application/javascript
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 7007

POST
H2 200 p Show response
api.segment.io/v1/ 21 B
178 B 483ms
158ms Fetch
application/json 54.69.174.156
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api.segment.io/v1/p

Requested by

Host: js.datadome.co
URL: https://js.datadome.co/tags.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.69.174.156 Boardman, United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-54-69-174-156.us-west-2.compute.amazonaws.com

Software

Resource Hash

12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.sandmanhotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.sandmanhotels.com
date: Fri, 06 May 2022 20:49:38 GMT
strict-transport-security: max-age=31536000
content-length: 21
vary: Origin
content-type: application/json

POST
H2 204 collect Show response
j.clarity.ms/ 0
48 B 195ms
194ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: j.clarity.ms
URL: https://j.clarity.ms/s/0.6.34/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.sandmanhotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: https://www.sandmanhotels.com
date: Fri, 06 May 2022 20:49:37 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

OPTIONS
H2 200 125904
api.tsa-db.com/v1/data/BID/ Frame 0
0 37ms
11ms Preflight
application/json 2600:9000:206f:ac00:16:41f8:18c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.tsa-db.com/v1/data/BID/125904
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ac00:16:41f8:18c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.sandmanhotels.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: *
access-control-max-age: 86400
age: 46812
cache-control: max-age=86400, s-maxage=86400, proxy-revalidate
content-length: 0
content-type: application/json
date: Fri, 06 May 2022 07:49:26 GMT
via: 1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront)
x-amz-apigw-id: RsXpBEiSjoEFdFg=
x-amz-cf-id: r4-ylKfrpo92h-IIMhmPLBKxEmzLh1GZm5XGPoCROYOwqz1Blpu2rg==
x-amz-cf-pop: FRA56-C1
x-amzn-requestid: bcdf273c-5836-46df-b165-ef31e16fdb89
x-cache: Hit from cloudfront

GET
H2 200 125904 Show response
api.tsa-db.com/v1/data/BID/ 673 B
1 KB 133ms
133ms XHR
application/json 2600:9000:206f:ac00:16:41f8:18c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.tsa-db.com/v1/data/BID/125904
Requested by: Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:206f:ac00:16:41f8:18c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 40ee5d1bda2a27ac8c1d8a8cc67deb0093962475a25310c1d6731ed202f35f83

Request headers

Referer: https://www.sandmanhotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 06 May 2022 20:49:38 GMT
via: 1.1 df7c0ba7857d5300ae11e7566c926f16.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA56-C1
x-amzn-requestid: adaa394f-4db3-46b4-960d-1d16aa21af8b
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
x-amzn-trace-id: Root=1-627589e2-487d4fa221e3983444fcb714;Sampled=0
access-control-allow-credentials: true
x-amz-apigw-id: RuJ7ZFbgjoEFs2g=
content-length: 673
x-amz-cf-id: wB3nLO984uYWNnoJiVOohfi_h87ZwpnaLGB_6VgreXBikn5GZbLfDg==

POST
H2 200 / Show response
o478535.ingest.sentry.io/api/282725/envelope/ 2 B
281 B 47ms
10ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o478535.ingest.sentry.io/api/282725/envelope/?sentry_key=74e3662d86224213a76f365f800bfb4f&sentry_version=7

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/integration/tc-theme/public/js/bundle.js?v0c4da157409acd458b1fe702cbe7a254

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.sandmanhotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 06 May 2022 20:49:38 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.sandmanhotels.com
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 2

GET
H3 200 svg-icons.svg Show response
www.sandmanhotels.com/integration/tc-theme/public/svg/ 58 KB
18 KB 30ms
30ms XHR
image/svg+xml 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandmanhotels.com/integration/tc-theme/public/svg/svg-icons.svg

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/integration/tc-theme/public/js/bundle.js?v0c4da157409acd458b1fe702cbe7a254

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cda5bb1c5d67490ae072dc404a371abf6303f8659198ff96c306670f094e5f7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.sandmanhotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
sentry-trace: cb912dd0914a4b68b336644de403ede3-a13146af9d7c26da-1

Response headers

date: Fri, 06 May 2022 20:49:38 GMT
via: 1.1 a70d280cd058ea89c08954ea0ad67198.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: HIT
age: 4838
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 09 Mar 2022 20:10:19 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"833e4797978f9a96db77e8bf3e9f5039"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-amz-cf-pop: ZRH50-C1
cf-ray: 7074956618f001f4-ZRH
x-amz-meta-md5chksum: gz5Hl5ePmpbbd+i/Pp9QOQ==
x-amz-cf-id: 3tF0_xz5fGC0SZkH6z-GM3AUgH4uqNwtUQGCW1qYO1wr15BpQ9GTtg==
expires: Sat, 06 May 2023 20:49:38 GMT

POST
H/1.1 200
OK 3591 Show response
dynamic.travelclick-websolutions.com/view/ 3 KB
2 KB 507ms
292ms XHR
application/json 195.244.31.25
IGUANA-WORLDWIDE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.travelclick-websolutions.com/view/3591

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/integration/tc-theme/public/js/bundle.js?v0c4da157409acd458b1fe702cbe7a254

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

195.244.31.25 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),

Reverse DNS

xo7-viplb-01-new.ny.ig-1.net

Software

Apache /

Resource Hash

a7eb66363508dead8acdb6c6c5dc8919e9e39726172ea48e954e94d079558ffe

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://www.sandmanhotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 06 May 2022 20:49:38 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
X-Real-Hostname: xo7-web-01
Strict-Transport-Security: max-age=15768000
Content-Length: 1323
Expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H/1.1 200
OK 1 Show response
dynamic.travelclick-websolutions.com/token/ 686 B
1 KB 285ms
115ms XHR
application/json 195.244.31.25
IGUANA-WORLDWIDE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.travelclick-websolutions.com/token/1

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/integration/tc-theme/public/js/bundle.js?v0c4da157409acd458b1fe702cbe7a254

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

195.244.31.25 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),

Reverse DNS

xo7-viplb-01-new.ny.ig-1.net

Software

Apache /

Resource Hash

53ae997558e6c364fddff8e0266f1ccc554987ec258114a4964236b5cbe977a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 06 May 2022 20:49:38 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
X-Real-Hostname: xo7-web-03
Strict-Transport-Security: max-age=15768000
Content-Length: 553
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 122 KB
48 KB 30ms
16ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-0&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

567dffcf12b18041861e46e5c3f3d5d1593e53f615bc597d895373b3ee980974

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:38 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 48885
x-xss-protection: 0
last-modified: Fri, 06 May 2022 19:43:02 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 06 May 2022 20:49:38 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 1829
date: Fri, 06 May 2022 20:19:09 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 06 May 2022 22:19:09 GMT

GET
H2 200 1460214.js Show response
js.hs-scripts.com/ 1 KB
968 B 462ms
414ms Script
application/javascript 2606:4700::6811:d6cc
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-scripts.com/1460214.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-56G27K
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:d6cc , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ecaf54fe5964852d6a064576ebceaa2f5df96f506d65bc44807650c1e7f61b7c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:38 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: EXPIRED
x-hubspot-correlation-id: ea54a990-e08c-4ce4-b84c-63baf762e88c
last-modified: Fri, 06 May 2022 16:45:36 GMT
server: cloudflare
x-trace: 2B9627C67D05B37C559922E55E4E269C3BF57F771C000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3600
content-type: application/javascript;charset=utf-8
access-control-allow-origin: https://www.sandmanhotels.com
cache-control: public, max-age=60
access-control-allow-credentials: true
cf-ray: 70749567f88c0219-ZRH
expires: Fri, 06 May 2022 20:50:38 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 99 KB
27 KB 22ms
7ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b819b3ac2fe5857b7026a609f9115f0d50a7d6e8085ba5987d70ed6baaa41f4e

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26311
x-xss-protection: 0
pragma: public
x-fb-debug: XPPN42IKqSt3d9dIlyq89EVpXbHg6Ff3Tj37Ti4BfdVIGLpLbTsCku/zAMNkKUBaAs9PneUzbt4R+aygBe6/Ug==
x-fb-trip-id: 2050670934
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 06 May 2022 20:49:38 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
175 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bat.bing.com/action/0?ti=4035341&tm=gtm002&Ver=2&mid=19113ba7-e7bb-4950-b7f9-a9259a25cef3&sid=0b8bd7a0cd7e11ec91cfc14ac644fa86&vid=0b8c2100cd7e11ec87a8f52101082179&vids=1&pi=1200101525&lg=en-US&sw=1600&sh=1200&sc=24&tl=Sandman%20Hotel%20Group%20%7C%20Hotels%20in%20Canada,%20UK%20%26%20USA&p=https%3A%2F%2Fwww.sandmanhotels.com%2F&r=&lt=3736&evt=pageLoad&msclkid=N&sv=1&rn=241962

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000; includeSubDomains; preload
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 23AF1488C6194A1EBECF137BBFA0F7A1 Ref B: FRAEDGE1517 Ref C: 2022-05-06T20:49:38Z
date: Fri, 06 May 2022 20:49:37 GMT
x-cache: CONFIG_NOCACHE
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H/1.1 200
OK 3591 Show response
dynamic.travelclick-websolutions.com/list/ 64 KB
10 KB 560ms
390ms XHR
application/json 195.244.31.25
IGUANA-WORLDWIDE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.travelclick-websolutions.com/list/3591

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/integration/tc-theme/public/js/bundle.js?v0c4da157409acd458b1fe702cbe7a254

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

195.244.31.25 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),

Reverse DNS

xo7-viplb-01-new.ny.ig-1.net

Software

Apache /

Resource Hash

9f962e0d2f9b3fddd09149ae0260d618bc06738a3e417e9db8ac40aac95c94f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

Accept: */*
Referer: https://www.sandmanhotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

Pragma: no-cache
Date: Fri, 06 May 2022 20:49:38 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
X-Real-Hostname: xo7-web-02
Strict-Transport-Security: max-age=15768000
Transfer-Encoding: chunked
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 chunk-tc-GMS-8b56aee4e54fd7433cd6.js Show response
www.sandmanhotels.com/integration/tc-theme/public/js/chunk/ 12 KB
4 KB 93ms
93ms Script
application/javascript 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.sandmanhotels.com/integration/tc-theme/public/js/chunk/chunk-tc-GMS-8b56aee4e54fd7433cd6.js

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/integration/tc-theme/public/js/bundle.js?v0c4da157409acd458b1fe702cbe7a254

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e9459792c52947536c35da67cc93fda9fb9ebe63145532aadf981e0aae383be

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:38 GMT
via: 1.1 8a18c9375ff4553eb348eedbe6d74372.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: TXL50-P3
x-cache: Hit from cloudfront
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 06 May 2022 18:02:25 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: W/"13f8b1a2a24fe49c25b8b442d28ed9d5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
content-type: application/javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 70749567eb4d01f4-ZRH
x-amz-meta-md5chksum: E/ixoqJP5JwluLRC0o7Z1Q==
x-amz-cf-id: hUOy9dP9Tp_-NgzLGE1oKlkMsJqYwxARsRs0FsQ1RXBLspoSfoHdXg==
expires: Sat, 06 May 2023 20:49:38 GMT

GET
H3 200 file.jpg
image-tc.galaxy.tf/wijpeg-chwxiexjgq9ykkhuelcvolztv/ 156 KB
157 KB 86ms
85ms Image
image/jpeg 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-chwxiexjgq9ykkhuelcvolztv/file.jpg?width=1920

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5585dad59b4681163dbb311564fa900066c5c51f88f399362beb2777f42d78df

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:38 GMT
via: 1.1 127feb674de1f66343675c9727fafd6c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: DUS51-P1
x-cache: Hit from cloudfront
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 159726
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 30 Mar 2022 16:18:39 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "2792f6ea3964380a53a8ce45cbee3371"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-amz-version-id: XwBYeUUb37SgAD7ZtfzOVW_GD9EJ9JBQ
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
accept-ranges: bytes
cf-ray: 707495688c4f01f8-ZRH
x-amz-cf-id: bl4tO-I0eN5kAP5niTaQmAzc37KCXBIhZaLad2sVe1mUaQnYJAKMJA==
expires: Sat, 06 May 2023 20:49:38 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 28ms
14ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1463728975&t=pageview&_s=1&dl=https%3A%2F%2Fwww.sandmanhotels.com%2F&ul=en-us&de=UTF-8&dt=Sandman%20Hotel%20Group%20%7C%20Hotels%20in%20Canada%2C%20UK%20%26%20USA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=753777694&gjid=163509733&cid=58872850.1651870179&tid=UA-162681275-1&_gid=2092066023.1651870179&_r=1&gtm=2wg540TL2MM4B&cg1=web&cg2=not_applicable&cg3=group_property&cd1=125904&cd2=not_applicable&cd3=Northland%20Properties%20Corp&cd4=Sandman%20Hotels&cd5=not_applicable&cd6=not_applicable&cd7=not_applicable&cd8=not_applicable&cd9=not_applicable&cd10=not_applicable&cd11=not_applicable&cd12=galaxy&cd13=essentials&cd14=th1&cd15=hd1&cd16=ft3&cd19=tvs_no&cd20=not_applicable&cd21=group_property&cd22=not_applicable&cd23=not_applicable&cd24=2&cd25=en&cd26=web&cd27=not_applicable&cd28=not_applicable&cd29=not_applicable&cd30=no&cd31=no&cd34=%7C&cd36=%7C&cd38=https%3A%2F%2Fwww.sandmanhotels.com%2F&cd39=not_applicable&cd40=sandmanhotels.com&cd41=GTM-TL2MM4B&cd42=44&cd54=be4&z=2084311769

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/integration/tc-theme/public/js/bundle.js?v0c4da157409acd458b1fe702cbe7a254

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sandmanhotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 May 2022 20:49:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sandmanhotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 23ms
15ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/integration/tc-theme/public/js/bundle.js?v0c4da157409acd458b1fe702cbe7a254

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sandmanhotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 May 2022 20:49:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sandmanhotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 18ms
15ms XHR
text/plain 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/integration/tc-theme/public/js/bundle.js?v0c4da157409acd458b1fe702cbe7a254

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sandmanhotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 06 May 2022 20:49:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.sandmanhotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 947923552298694 Show response
connect.facebook.net/signals/config/ 306 KB
87 KB 142ms
134ms Script
application/x-javascript 2a03:2880:f01c:216:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/947923552298694?v=2.9.58&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:216:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

2300e9f7346a6572d517b813426f957e9f20d059d6ea3b439817980def84fac7

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: Xv1Wh+/vnewbpVh6TOiF9ZcTN9pbUAAfIr/tL25T4L+q6mW5QGJE5ABgp1MKlafRmjbl4Ow93YyEnieI93at0g==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 06 May 2022 20:49:38 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1651870178885
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 ajax-loader.gif
www.tcgms.net/scripts/responsive/images/ Frame 8D33 6 KB
6 KB 159ms
159ms Image
image/gif 96.16.129.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.tcgms.net/scripts/responsive/images/ajax-loader.gif

Requested by

Host: www.tcgms.net
URL: https://www.tcgms.net/scripts/responsive/jquery.mobile.custom.theme.min.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.129.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-171.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

4283b7de52bd36949abd99c7f8f7a1301ecf3d67f60658fa8c6854eadcb91950

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.tcgms.net/scripts/responsive/jquery.mobile.custom.theme.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:38 GMT
last-modified: Mon, 23 Nov 2015 20:11:52 GMT
server: Apache
etag: "1862-5253ad5fcd200"
content-type: image/gif
cache-control: max-age=300
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-length: 6242
expires: Fri, 06 May 2022 20:54:18 GMT

GET
H2 200 down-caret-ccc-thin.png
images.zmaildirect.com/img/15P2tu2HH/iDI/images/ Frame 8D33 3 KB
3 KB 164ms
142ms Image
image/png 96.16.129.171
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://images.zmaildirect.com/img/15P2tu2HH/iDI/images/down-caret-ccc-thin.png

Requested by

Host: tcgms.net
URL: https://tcgms.net/app/new/NTE4NDE0NDAzNw?languageCode=df

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

96.16.129.171 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a96-16-129-171.deploy.static.akamaitechnologies.com

Software

UploadServer /

Resource Hash

0abd7afdb099eeac39437317d820b6a95c892a39f0bf41950ac906eaf6f19964

Security Headers

Name	Value
Content-Security-Policy	upgrade-insecure-requests

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://tcgms.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:38 GMT
x-guploader-uploadid: ADPycdsDVpfeWFV0AnMoLGvRbau4ywrbwHGDw1wsE6M_lCz2WhGEgZMrGoujvBArxP3btS8qJcAIQjIJCR0dH55UNgGaMRl7pv7P
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
content-length: 2806
last-modified: Tue, 09 Mar 2021 20:45:00 GMT
server: UploadServer
etag: "2ef394225b734c6b5256c64b1a508123"
x-goog-hash: crc32c=VU0TlA==, md5=LvOUIltzTGtSVsZLGlCBIw==
x-goog-generation: 1615322700282529
x-goog-meta-gcsfuse_mtime: 2021-03-09T20:45:00.150333081Z
cache-control: public, max-age=3600
x-goog-stored-content-length: 2806
content-security-policy: upgrade-insecure-requests
accept-ranges: bytes
content-type: image/png
expires: Fri, 06 May 2022 21:26:57 GMT

GET
DATA 200
OK truncated
/ Frame 8D33 34 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/gif

POST
H3 204 result Show response
www.sandmanhotels.com/cdn-cgi/bm/cv/ 0
423 B 20ms
19ms XHR
text/plain 2606:4700::6811:b764
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.sandmanhotels.com/cdn-cgi/bm/cv/result?req_id=7074955c0fea01db
Requested by: Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/integration/tc-theme/public/js/bundle.js?v0c4da157409acd458b1fe702cbe7a254
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:b764 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.sandmanhotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 06 May 2022 20:49:38 GMT
server: cloudflare
cf-ray: 707495698dbc01f4-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
446 B 58ms
18ms XHR
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-84647801-1&cid=58872850.1651870179&jid=1672398290&gjid=777726947&_gid=2092066023.1651870179&_u=YGDACEABBAAAAC~&z=690914761

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/integration/tc-theme/public/js/bundle.js?v0c4da157409acd458b1fe702cbe7a254

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.sandmanhotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 06 May 2022 20:49:38 GMT
content-type: text/plain
access-control-allow-origin: https://www.sandmanhotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 56ms
30ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-84647801-1&cid=58872850.1651870179&jid=1672398290&_u=YGDACEABBAAAAC~&z=919252323

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 20:49:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 47ms
31ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-84647801-1&cid=58872850.1651870179&jid=1672398290&_u=YGDACEABBAAAAC~&z=919252323

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 20:49:38 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 file.jpg
image-tc.galaxy.tf/wijpeg-dvmptg1bdvf80w7nppkt9n2ze/ 145 KB
146 KB 104ms
103ms Image
image/jpeg 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-dvmptg1bdvf80w7nppkt9n2ze/file.jpg?width=1920

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8cb8ab69ccb76ede91a0215ebf59d800209d13ccb21e614e8ccaa5a163e8087e

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:38 GMT
via: 1.1 acf8dc23ea92f292049638fbd5d718e2.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: DUS51-P1
x-cache: Hit from cloudfront
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 148844
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 12 Oct 2021 18:15:08 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "62d22079a4dc14f96e42ec28e9da0791"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-amz-version-id: rA1.D8yACopi.FC6c1FEUAxXGO5ru8pd
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
accept-ranges: bytes
cf-ray: 70749569fe6201f8-ZRH
x-amz-cf-id: AJfjkMpJOQVFzCzbKhdMdtb9kYoXs9lAOeCrlyTvehwI1BvBWiExZA==
expires: Sat, 06 May 2023 20:49:38 GMT

GET
H2 200 collectedforms.js Show response
js.hscollectedforms.net/ 73 KB
25 KB 50ms
23ms Script
application/javascript 2606:4700::6811:7fab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hscollectedforms.net/collectedforms.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1460214.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:7fab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a996803be97bd6eed2f13e2aaceed65ee5cc24e0669fcbd223788c5cf9159c2e

Request headers

Referer: https://www.sandmanhotels.com/
Origin: https://www.sandmanhotels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:39 GMT
via: 1.1 3500e6db5ae43764ed5ca43fc6d56058.cloudfront.net (CloudFront)
vary: Accept-Encoding,Origin,Access-Control-Request-Headers,Access-Control-Request-Method
cf-cache-status: HIT
age: 84427
x-amz-server-side-encryption: AES256
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=collected-forms-embed-js/static-1.273/bundles/project.js&cfRay=706c88330c26cc36-IAD
x-cache: Hit from cloudfront
x-amz-replication-status: COMPLETED
content-encoding: br
cf-ray: 7074956aa8d523c7-ZRH
last-modified: Fri, 04 Mar 2022 03:24:42 UTC
server: cloudflare
etag: W/"5655d6c20b8fbd0326ccba67c4a94b8e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 3000
access-control-allow-methods: GET
x-amz-version-id: d8qvQ4NJOEEA6UgWpFiA1cbs11TvqQym
access-control-allow-origin: *
cache-control: s-maxage=86400, max-age=0
x-hs-cache-status: MISS
x-amz-cf-pop: IAD89-P1
content-type: application/javascript; charset=utf-8
x-amz-cf-id: FtcqaVC1g4QIAqEqkKs0I_kH4Oes4vQmVcx0AkILQYgcl206hZNPwQ==
x-hs-target-asset: collected-forms-embed-js/static-1.273/bundles/project.js

GET
H2 200 1460214.js Show response
js.hs-analytics.net/analytics/1651869900000/ 62 KB
20 KB 242ms
194ms Script
text/javascript 2606:4700::6811:45b0
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-analytics.net/analytics/1651869900000/1460214.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1460214.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:45b0 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e756a9ef676f964c4dfc01fabf0b887a10975ff9cdaf717d0b9f0cb971d7f411

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:39 GMT
content-encoding: br
cf-cache-status: MISS
x-amz-request-id: J1NHTGQ5G9KA3D3D
x-amz-server-side-encryption: AES256
cf-ray: 7074956aeb0f2373-ZRH
x-amz-id-2: 2on3CiGsFpSpDrQCeV5rep0/J8N3dW6Mj+juemYdsTHy6VEa/lAMSQzMJI0VOe+fROrmuTHygl0=
last-modified: Thu, 14 Apr 2022 15:11:00 GMT
server: cloudflare
etag: W/"fab2137c4cd4219c9ed7b98135d60272"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-amz-version-id: null
cache-control: max-age=300, public
access-control-allow-credentials: false
content-type: text/javascript
expires: Fri, 06 May 2022 20:54:39 GMT

GET
H2 200 1460214.js Show response
js.hs-banner.com/ 60 KB
16 KB 443ms
416ms Script
text/javascript 2606:4700:4400::6812:21ab
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://js.hs-banner.com/1460214.js
Requested by: Host: js.hs-scripts.com
URL: https://js.hs-scripts.com/1460214.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:4400::6812:21ab , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2a83c0c551dfa7a2c45fd79e47f440931385b56231b687a7f547f86a09933e73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:39 GMT
content-encoding: br
cf-cache-status: REVALIDATED
x-amz-request-id: XEHTAKKFFFNP8YB7
x-amz-server-side-encryption: AES256
content-type: text/javascript; charset=UTF-8
access-control-max-age: 604800
x-amz-id-2: Dbua+Inm08tHmnye4oex5aFR0V1KM6VScykE6lk5Y/RISFcZmHxTyyuOiW+Z9KH/9ZD/jph4rRc=
timing-allow-origin: *
last-modified: Thu, 17 Feb 2022 20:41:40 GMT
server: cloudflare
etag: W/"ccb4ae84a9722701a5c85dfad3e49c00"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
x-amz-version-id: 2YKbvaOeefPzVBXkhlE8lMDtvtHYTw9j
access-control-allow-origin: https://www.sandmanhotels.com
access-control-expose-headers: x-last-modified-timestamp, X-HubSpot-NotFound, X-HS-User-Request, Link, Server-Timing
cache-control: max-age=300, public
access-control-allow-credentials: true
cf-ray: 7074956aa8d823c7-ZRH
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, Accept-Charset, Accept-Encoding, X-Override-Internal-Permissions, X-Properties-Source, X-Properties-SourceId, X-Properties-Flag, X-Hubspot-User-Id, X-Hubspot-Trace, X-Hubspot-Callee, X-Hubspot-Offset, X-Hubspot-No-Trace, X-HubSpot-Static-App-Info, X-HubSpot-Messages-Uri, X-HubSpot-Request-Source, X-HubSpot-Request-Reason, Subscription-Billing-Auth-Token, X-App-CSRF, X-Tools-CSRF, Online-Payment-Signing-UUID, X-Source, X-SourceId, X-Origin-UserId, X-Biden-Request-Source, X-HubSpot-CSRF-hubspotapi, X-Force-Cookie-Refresh, X-Force-Cookie-Refresh-No-Cache, X-HS-User-Request, X-Application-Id, X-HS-Referer, X-HubSpot-Correlation-Id
expires: Fri, 06 May 2022 20:54:39 GMT

GET
H2 200 json Show response
forms.hubspot.com/collected-forms/v1/config/ 115 B
1 KB 175ms
144ms XHR
application/json 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://forms.hubspot.com/collected-forms/v1/config/json?portalId=1460214&utk=

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/integration/tc-theme/public/js/bundle.js?v0c4da157409acd458b1fe702cbe7a254

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1ab05efec033d11b15039918fae47dc65a89b4d926382951fd9cd777d00c5ee9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: application/json, text/plain, */*
Referer: https://www.sandmanhotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 422b69ec-6f26-4089-b9d7-ba7a4bb8ca1b
access-control-allow-methods: GET, OPTIONS, PUT, POST, DELETE, PATCH, HEAD
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 180
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2zz%2BpIKviX5wWOr%2FW5%2FudmpIWWrN0pQ3mArRmpbtgw%2BvkfSNhyd3NQQH4632RZZ33mAUxkuVO91SetndhpoIPO%2B4o8wT0dVcGQ0bjsvsSNo2QTnWarjCrY4XvQEnvoOg0j95ndj4Ur2HFT8RSU6n"}],"group":"cf-nel","max_age":604800}
content-type: application/json;charset=utf-8
access-control-allow-origin: https://www.sandmanhotels.com
x-robots-tag: none
access-control-allow-credentials: false
cf-ray: 7074956b48cc01db-ZRH
access-control-allow-headers: *

GET
H3 200 file.jpg
image-tc.galaxy.tf/wijpeg-70l74lpfuyfidwec6byh2zg5u/ 189 KB
189 KB 80ms
80ms Image
image/jpeg 2606:4700::6811:b664
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-70l74lpfuyfidwec6byh2zg5u/file.jpg?width=1920

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b664 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d0a87531100e5c37a53d0544d1e560b2a06629bbd833275a1cc1aa3fb11d69a3

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:39 GMT
via: 1.1 a6848167f38570c4e775e8ba04d1f1d0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
cf-cache-status: MISS
x-amz-cf-pop: DUS51-P1
x-cache: Hit from cloudfront
content-type: image/jpeg
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 193138
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Thu, 27 Jan 2022 18:29:01 GMT
server: cloudflare
x-frame-options: SAMEORIGIN
etag: "ac7ac7e9dfd1e3e9af19cac6f6a5170b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-amz-version-id: oecdi9w2eolJTgs6crmniG1x5NjwH8rJ
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=31536000
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
accept-ranges: bytes
cf-ray: 7074956b889001f8-ZRH
x-amz-cf-id: qEhHcsNLdG_OPE32mpkJC2ceaBy-HANf2SGuR3rzZUiMouZ8i1s_tQ==
expires: Sat, 06 May 2023 20:49:39 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
297 B 23ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=947923552298694&ev=PageView&dl=https%3A%2F%2Fwww.sandmanhotels.com%2F&rl=&if=false&ts=1651870179232&sw=1600&sh=1200&v=2.9.58&r=stable&ec=0&o=30&par[0]=%7B%22extractorID%22%3A%22923794541733207%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%22priceCurrency%22%3A%22CAD%22%7D%7D%7D&par[1]=%7B%22extractorID%22%3A%222898657570398940%22%2C%22jsonLD%22%3A%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22Product%22%2C%22offers%22%3A%7B%7D%7D%7D&fbp=fb.1.1651870179231.754518426&it=1651870178745&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:39 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 06 May 2022 20:49:39 GMT

GET
H2 200 counters.gif
forms.hsforms.com/embed/v3/ 35 B
516 B 162ms
135ms Image
image/gif 2606:4700::6810:5505
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://forms.hsforms.com/embed/v3/counters.gif?key=collected-forms-embed-js-form-bind&count=2

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5505 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:39 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
x-hubspot-correlation-id: 685b240c-f30c-4854-ad60-b3b5c1671c8f
cf-ray: 7074956c7a19021d-ZRH
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 35
server: cloudflare
x-trace: 2BC12AB2AF51B904107B9B90D6D994E7136511D03B000000000000000000
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/gif
access-control-expose-headers: X-Origin-Hublet
cache-control: max-age=0, no-cache, no-store
access-control-allow-credentials: false
x-robots-tag: none

POST
H3 429 / Show response
o478535.ingest.sentry.io/api/282725/envelope/ 45 B
65 B 25ms
8ms Fetch
application/json 34.120.195.249
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to

Full URL

https://o478535.ingest.sentry.io/api/282725/envelope/?sentry_key=74e3662d86224213a76f365f800bfb4f&sentry_version=7

Requested by

Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/integration/tc-theme/public/js/bundle.js?v0c4da157409acd458b1fe702cbe7a254

Protocol

Security

QUIC, , AES_128_GCM

Server

34.120.195.249 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),

Reverse DNS

249.195.120.34.bc.googleusercontent.com

Software

nginx /

Resource Hash

77e29e7c2ef665fb66daa4adbd5a877ad518b9698c165e1a486813acf9ee84f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.sandmanhotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 06 May 2022 20:49:39 GMT
via: 1.1 google
server: nginx
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.sandmanhotels.com
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 45
x-sentry-rate-limits: 6:transaction:organization:transaction_usage_exceeded
retry-after: 6

GET
H2 200 core.js Show response
sleeknotestaticcontent.sleeknote.com/ 3 KB
2 KB 49ms
9ms Script
application/javascript 108.157.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sleeknotestaticcontent.sleeknote.com/core.js
Requested by: Host: sleeknotecustomerscripts.sleeknote.com
URL: https://sleeknotecustomerscripts.sleeknote.com/19127.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-90.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fbd9beb357f7d05a4e6c6913f40f52d673719ddda4c3a873d7c291dc0767f351

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Thu, 05 May 2022 11:28:46 GMT
content-encoding: gzip
last-modified: Thu, 05 May 2022 11:28:41 GMT
server: AmazonS3
age: 120054
etag: W/"6cc44443db488b3b3bb202b5de29e41a"
vary: Accept-Encoding
x-cache: Hit from cloudfront
x-amz-version-id: y4S1Wdxm5xHGs1gL9uOqlHT9ORB7Vl62
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
cache-control: max-age=604800
x-amz-cf-pop: DUS51-P2
content-type: application/javascript
x-amz-cf-id: G-dfpjABCTnNaiOfa1RN159FSNF1vl3_s14EazWGAan5iZDjHxPDSA==

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=9CBF93CCD46C4765B9A5B0478D8FFF13&RedC=c.clarity.ms&MXFR=20EC37F6B96E68B20413266ABD6E66EE
https://c.clarity.ms/c.gif?CtsSyncId=9CBF93CCD46C4765B9A5B0478D8FFF13&MUID=20D1DB7D6C9C647B1FC9CAE16DF765DA

42 B
370 B

26ms
26ms

Image
image/gif

52.142.114.2
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=9CBF93CCD46C4765B9A5B0478D8FFF13&MUID=20D1DB7D6C9C647B1FC9CAE16DF765DA
Protocol: H2
Server: 52.142.114.2 Dublin, Ireland, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 20:49:38 GMT
last-modified: Fri, 18 Mar 2022 19:39:54 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "8120eaf0ff3ad81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 06 May 2022 20:49:38 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A79C2F5B05E64B5392040121D5EDA5D9 Ref B: FRAEDGE1517 Ref C: 2022-05-06T20:49:39Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=9CBF93CCD46C4765B9A5B0478D8FFF13&MUID=20D1DB7D6C9C647B1FC9CAE16DF765DA
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 __ptq.gif
track.hubspot.com/ 45 B
965 B 193ms
146ms Image
image/gif 2606:4700::6813:9a53
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://track.hubspot.com/__ptq.gif?k=1&sd=1600x1200&cd=24-bit&cs=UTF-8&ln=en-us&bfp=3280190177&v=1.1&a=1460214&rcu=https%3A%2F%2Fwww.sandmanhotels.com%2F&pu=https%3A%2F%2Fwww.sandmanhotels.com%2F&t=Sandman+Hotel+Group+%7C+Hotels+in+Canada%2C+UK+%26+USA&cts=1651870179420&vi=b4438cfa3c7b40671047986aab6b12b2&nc=true&ce=false&cc=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:9a53 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:39 GMT
vary: Accept-Encoding
cf-cache-status: DYNAMIC
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
x-hubspot-correlation-id: 691744e4-f0be-4c95-9b72-e1b3aac526e2
cf-ray: 7074956dc8cf01fc-ZRH
p3p: CP="NOI CUR ADM OUR NOR STA NID"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 45
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vLy5zFOuN0JP%2F4OiLnPAulYzYrRBjAcJdb667jdmGpLNNNpiiYcywpx%2Bqen57FMM4ivAlQWchEGjBksmcstz8WMnZsBaTYd%2FNrYpIwjWXNDr0%2Bx8MzQAqqch%2BM5g15LGRZMHpImfVTLA0K25erdT"}],"group":"cf-nel","max_age":604800}
content-type: image/gif
cache-control: no-cache, no-store, no-transform
access-control-allow-credentials: false
x-robots-tag: none

GET
H2 200 package-core-boot.js Show response
sleeknotestaticcontent.sleeknote.com/production/ 114 KB
36 KB 11ms
11ms Script
application/javascript 108.157.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sleeknotestaticcontent.sleeknote.com/production/package-core-boot.js
Requested by: Host: sleeknotestaticcontent.sleeknote.com
URL: https://sleeknotestaticcontent.sleeknote.com/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-90.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: d810ababdb07efe8722aa745571559ca78580fa03551194883228dc0fc98891f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: w9ziPaubajQTMRQeH9flLM2EscZD1O1e
content-encoding: gzip
last-modified: Thu, 05 May 2022 11:28:39 GMT
server: AmazonS3
age: 30
etag: W/"d7f4bd08cb7b488bdf87b471eda35045"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
cache-control: no-cache
date: Fri, 06 May 2022 20:49:11 GMT
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: ZarwE968d2TzztvqhlFqve0EDyf6u12WRENbLXkWKm1_qILBmSwBew==

GET
H2 200 get_ip Show response
us-central1-mimir-181311.cloudfunctions.net/ Frame 030E 49 B
462 B 158ms
121ms Fetch
application/json 2001:4860:4802:36::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://us-central1-mimir-181311.cloudfunctions.net/get_ip
Requested by: Host: sleeknotestaticcontent.sleeknote.com
URL: https://sleeknotestaticcontent.sleeknote.com/production/package-core-boot.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:36::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Google Frontend / Express
Resource Hash: 83879f87f64ac4fd02c0e0566c6ee86b7c1527db197b3ffc57efa9ae65837a55

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:39 GMT
content-encoding: gzip
server: Google Frontend
x-powered-by: Express
etag: W/"31-zd1rmmFgOI8nOJaPcs8aIZHr4Js"
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.sandmanhotels.com
x-cloud-trace-context: 3078aa044fcacbc362945d05e0658666
cache-control: private
function-execution-id: zw1ld76h2vlx
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 69

GET
H2 200 package-notes.js Show response
sleeknotestaticcontent.sleeknote.com/production/ 96 KB
33 KB 10ms
10ms Script
application/javascript 108.157.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sleeknotestaticcontent.sleeknote.com/production/package-notes.js
Requested by: Host: sleeknotestaticcontent.sleeknote.com
URL: https://sleeknotestaticcontent.sleeknote.com/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-90.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 46948d712d1f55f7fa06ee1d35452e8eaac1a99da255d4784073db30a8e97997

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: bANrd.JGEGw5HWe9tYOvf3dpnimMGmK7
content-encoding: gzip
last-modified: Thu, 05 May 2022 11:28:39 GMT
server: AmazonS3
age: 89
etag: W/"6663abddb848c063f65be07c1a37bf04"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
cache-control: no-cache
date: Fri, 06 May 2022 20:48:11 GMT
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: q7y7Z9MjRV5wGPCjCcXjX_mGUzN0QskVwn8zp5eCYtEWs3diIwiVGA==

GET
H2 200 package-tracker.js Show response
sleeknotestaticcontent.sleeknote.com/production/ 12 KB
5 KB 9ms
9ms Script
application/javascript 108.157.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sleeknotestaticcontent.sleeknote.com/production/package-tracker.js
Requested by: Host: sleeknotestaticcontent.sleeknote.com
URL: https://sleeknotestaticcontent.sleeknote.com/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-90.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: fc33f4d973d22040befe531530957e027f079e88ef121405d20c525cb8461ac3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: h6W9EJZfN6NRL55lbsRkfvmlZW_Ibk1I
content-encoding: gzip
last-modified: Thu, 05 May 2022 11:28:39 GMT
server: AmazonS3
age: 21
etag: W/"b15270dc7d42ae3593ed3850a2a609a0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
cache-control: no-cache
date: Fri, 06 May 2022 20:49:20 GMT
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: fvqtmBJwNi5OrO6NbD7OOMgt_OjuH3O2ZzZbwIh6zgTJbfGSPtfCuQ==

GET
DATA 200
OK truncated
/ 311 B
0 Image
image/avif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/avif

GET
DATA 200
OK truncated
/ 66 B
0 Image
image/webp

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/webp

GET
H2 200 package-anchored.js Show response
sleeknotestaticcontent.sleeknote.com/production/ 24 KB
8 KB 11ms
11ms Script
application/javascript 108.157.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sleeknotestaticcontent.sleeknote.com/production/package-anchored.js
Requested by: Host: sleeknotestaticcontent.sleeknote.com
URL: https://sleeknotestaticcontent.sleeknote.com/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-90.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ae71ae33098d1a86319ad7c8f950423d5e1d3f611c573063ec93bea1ea9df008

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: 2qnoU0RsgSKVXKdAR1tMyuk_rTX_Z1BY
content-encoding: gzip
last-modified: Thu, 05 May 2022 11:28:39 GMT
server: AmazonS3
age: 77
etag: W/"f88a8c768cc24d77a5f1e67f8597d711"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
cache-control: no-cache
date: Fri, 06 May 2022 20:48:23 GMT
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: WPPvamzxbchYprLsY4rjhl1fAYvccyCSdljvwve8S9Yikwsg-ufWGg==

GET
H2 200 /
analytics.sleeknote.com/ 35 B
229 B 547ms
17ms Image
image/gif 216.239.32.21
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.sleeknote.com/?v8=2_pageview&v0=35396f2e0886561ebdbdba609e8ac3c0&v3=2022-05-06T20%3A49%3A39Z&v6=2022-05-06T20%3A49%3A39Z&v20=true&v25=true&v27=0&s4=https%3A%2F%2Fwww.sandmanhotels.com%2F&s9=https%3A&s11=%2F&s12=&s13=&s2=Sandman+Hotel+Group+%7C+Hotels+in+Canada%2C+UK+%26+USA&c1=&s7=en-US&v5=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.41+Safari%2F537.36&v22=chrome&v23=101&v24=windows&v26=desktop&v21=019e635b-b142-4155-9cea-223270f113c3&s1=19127&s3=www.sandmanhotels.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.32.21 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

any-in-2015.1e100.net

Software

/ Express

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 20:49:40 GMT
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 35
etag: W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"

GET
DATA 200
OK truncated
/ 5 B
0 Stylesheet
text/css

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 80ecad3b9696fe9b61ccac5b119f6bb9e36811b3db973a3d9dc03858644c95ee

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: text/css

GET
H2 200 7d864b89-d0e8-4fd3-9452-2e16caec691d.html Show response
sleeknotestaticcontent.sleeknote.com/editorv2/desktoptoggler/ Frame 030E 19 KB
4 KB 200ms
181ms Fetch
text/html 108.157.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sleeknotestaticcontent.sleeknote.com/editorv2/desktoptoggler/7d864b89-d0e8-4fd3-9452-2e16caec691d.html?1651870179698
Requested by: Host: sleeknotestaticcontent.sleeknote.com
URL: https://sleeknotestaticcontent.sleeknote.com/production/package-notes.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-90.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 1b08d8263a7196daa254c5346d5de908cd7d9e173f2a78b564b2184c3f899599

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: lfEk_vqFjver4.hvyltjmu0ElfJQ7ofT
content-encoding: gzip
etag: W/"09bd42e60c7e802c960ba1cf90d990b6"
x-amz-cf-pop: DUS51-P2
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Fri, 25 Mar 2022 18:05:21 GMT
server: AmazonS3
date: Fri, 06 May 2022 20:49:40 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, PUT, HEAD
content-type: text/html
via: 1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
cache-control: max-age=60
x-amz-cf-id: Mc18Qdf-iWfXfdFADFdJc_w0smDkW6-xLhQFAfaag7MRKZc_vcGetg==

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 15ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=947923552298694&ev=Microdata&dl=https%3A%2F%2Fwww.sandmanhotels.com%2F&rl=&if=false&ts=1651870179735&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Sandman%20Hotel%20Group%20%7C%20Hotels%20in%20Canada%2C%20UK%20%26%20USA%22%2C%22meta%3Adescription%22%3A%22Sandman%20Hotel%20Group%20offers%20comfortable%20%26%20affordable%20accommodations%20in%20fantastic%20locations%20across%20Canada%2C%20the%20United%20Kingdom%20%26%20the%20United%20States.%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Sandman%20Hotels%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.sandmanhotels.com%2F%22%2C%22og%3Atitle%22%3A%22Sandman%20Hotel%20Group%20%7C%20Hotels%20in%20Canada%2C%20UK%20%26%20USA%22%2C%22og%3Adescription%22%3A%22Sandman%20Hotel%20Group%20offers%20comfortable%20%26%20affordable%20accommodations%20in%20fantastic%20locations%20across%20Canada%2C%20the%20United%20Kingdom%20%26%20the%20United%20States.%22%2C%22og%3Alocale%22%3A%22en_US%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22BreadcrumbList%22%2C%22itemListElement%22%3A%5B%7B%22%40type%22%3A%22ListItem%22%2C%22position%22%3A1%2C%22item%22%3A%7B%22%40id%22%3A%22https%3A%2F%2Fwww.sandmanhotels.com%2F%22%2C%22name%22%3A%22Home%22%7D%7D%5D%7D%5D&sw=1600&sh=1200&v=2.9.58&r=stable&ec=1&o=30&fbp=fb.1.1651870179231.754518426&it=1651870178745&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Fri, 06 May 2022 20:49:39 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
priority: u=3,i
expires: Fri, 06 May 2022 20:49:39 GMT

GET
H2 200 sleeknote4.css Show response
sleeknotestaticcontent.sleeknote.com/production/ Frame 030E 13 KB
4 KB 138ms
137ms Fetch
text/css 108.157.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sleeknotestaticcontent.sleeknote.com/production/sleeknote4.css?&1651870179698
Requested by: Host: sleeknotestaticcontent.sleeknote.com
URL: https://sleeknotestaticcontent.sleeknote.com/production/package-notes.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-90.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 7366dcb413f2232059e7c10d46ceec36bf3aaae8b6b47afb42b0a4862dc7a6ab

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: .gC6EP9MCVz3Cz9UfJD.xbpgKWr0cwFq
content-encoding: gzip
etag: W/"5a4c5c2398bdffd7fb5b507417188a61"
x-amz-cf-pop: DUS51-P2
x-cache: RefreshHit from cloudfront
access-control-max-age: 3000
access-control-allow-origin: *
last-modified: Thu, 05 May 2022 11:28:40 GMT
server: AmazonS3
date: Fri, 06 May 2022 20:49:41 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, PUT, HEAD
content-type: text/css
via: 1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
cache-control: no-cache
x-amz-cf-id: mlonlfr9qfM7QQRhtfA62-6GRsjeogad-kToMrFeDbVFn8kYvoCi5A==

POST
H2 204 collect Show response
j.clarity.ms/ 0
48 B 300ms
300ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/integration/tc-theme/public/js/bundle.js?v0c4da157409acd458b1fe702cbe7a254
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.sandmanhotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: https://www.sandmanhotels.com
date: Fri, 06 May 2022 20:49:39 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

HEAD
H2 200 637413261440494972.png Show response
images.sleeknote.com/sleeknoteimages/tr:f-png,lo-true/ 0
358 B 89ms
10ms Fetch
image/png 2600:9000:2315:a200:16:eb47:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.sleeknote.com/sleeknoteimages/tr:f-png,lo-true/637413261440494972.png
Requested by: Host: js.datadome.co
URL: https://js.datadome.co/tags.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:a200:16:eb47:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sun, 27 Feb 2022 06:20:55 GMT
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
age: 5927325
etag: W/"1b1-7sHsu8yactZqv/ZA8V8Szg"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
x-amz-cf-pop: DUS51-P2
timing-allow-origin: *
content-length: 433
x-amz-cf-id: Vwpe1zQ5YQPGWkMCkxZX9CKwN_9af8Jv0VcmqAfwlUPHclX-G8BXPw==

GET
H2 200 637413261440494972.png Show response
images.sleeknote.com/sleeknoteimages/tr:f-png,lo-true/ Frame 030E 433 B
810 B 11ms
11ms Fetch
image/png 2600:9000:2315:a200:16:eb47:3100:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://images.sleeknote.com/sleeknoteimages/tr:f-png,lo-true/637413261440494972.png
Requested by: Host: sleeknotestaticcontent.sleeknote.com
URL: https://sleeknotestaticcontent.sleeknote.com/production/package-notes.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2315:a200:16:eb47:3100:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: fa399e7dafd49a1d794f0c41de9a790b3df84a3738bf0b9ab566c264e9c43e77

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Sat, 26 Feb 2022 11:59:54 GMT
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
age: 5993386
etag: W/"1b1-7sHsu8yactZqv/ZA8V8Szg"
x-cache: Hit from cloudfront
content-type: image/png
access-control-allow-origin: *
cache-control: public, s-maxage=15552000, max-age=15552000, must-revalidate
x-server: ImageKit.io
x-amz-cf-pop: DUS51-P2
timing-allow-origin: *
content-length: 433
x-amz-cf-id: PnNqx_VmJVk5VOzvRQXznMLOuZHeWTPwnSIP3g9oP15siOdW40ykYQ==

GET
BLOB 200
OK 49c7a7f9-8f45-4cab-8d30-0d0bb6bc89f8
https://www.sandmanhotels.com/ Frame 9B4A 433 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.sandmanhotels.com/49c7a7f9-8f45-4cab-8d30-0d0bb6bc89f8
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fa399e7dafd49a1d794f0c41de9a790b3df84a3738bf0b9ab566c264e9c43e77

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length: 433
Content-Type: image/png

GET
DATA 200
OK truncated
/ Frame 9B4A 133 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 9201cf1f1bac965087a6b23d2915fcca3949091ed9b8ab731b0a2c6e715f1747

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 css Show response
fonts.googleapis.com/ Frame 030E 6 KB
699 B 39ms
16ms Fetch
text/css 2a00:1450:4001:812::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Source+Sans+Pro:400,300,700&1651870179698

Requested by

Host: sleeknotestaticcontent.sleeknote.com
URL: https://sleeknotestaticcontent.sleeknote.com/production/package-notes.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:812::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6b45aa144d65604b427a71d9f0d2db74dac636944a007db5cd5ae67452e4f8bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 06 May 2022 20:08:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Fri, 06 May 2022 20:49:40 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 06 May 2022 20:49:40 GMT

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 9B4A 13 KB
13 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandmanhotels.com/
Origin: https://www.sandmanhotels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 19:26:22 GMT
x-content-type-options: nosniff
age: 177798
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 May 2023 19:26:22 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame 9B4A 13 KB
13 KB 9ms
9ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandmanhotels.com/
Origin: https://www.sandmanhotels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 19:26:22 GMT
x-content-type-options: nosniff
age: 177798
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 May 2023 19:26:22 GMT

GET
H2 200 123456_close_button.png Show response
sleeknotestaticcontent.sleeknote.com/template-images/ Frame 030E 763 B
1 KB 11ms
10ms Fetch
image/png 108.157.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sleeknotestaticcontent.sleeknote.com/template-images/123456_close_button.png?1651870179698
Requested by: Host: sleeknotestaticcontent.sleeknote.com
URL: https://sleeknotestaticcontent.sleeknote.com/production/package-notes.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-90.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 374ab63d65152fea2b273f29b6a3ede7230db2b994e404c1f6eace4dac2c3820

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: FxteTfRYXkJ4ikRMj9A4mu6iFcjAJ2f8
via: 1.1 b0067143f1e1520182fe27b53cced2a6.cloudfront.net (CloudFront)
etag: "8fec52d25156e32efaf512c88853bd79"
age: 39362
x-cache: Hit from cloudfront
access-control-max-age: 3000
content-length: 763
last-modified: Thu, 11 Mar 2021 20:51:39 GMT
server: AmazonS3
date: Fri, 06 May 2022 09:53:39 GMT
vary: Origin,Access-Control-Request-Headers,Access-Control-Request-Method
access-control-allow-methods: GET, PUT, HEAD
content-type: image/png
access-control-allow-origin: *
x-amz-cf-pop: DUS51-P2
accept-ranges: bytes
x-amz-cf-id: AFrSJ_gc0SmspXkXyiWFtxIV23b7T_dO31dB7Y5eEIQGheq0IJilAg==

GET
BLOB 200
OK 36fa0416-fac7-4195-93f2-a4ba52abbbce
https://www.sandmanhotels.com/ Frame D0E5 763 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: blob:https://www.sandmanhotels.com/36fa0416-fac7-4195-93f2-a4ba52abbbce
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 374ab63d65152fea2b273f29b6a3ede7230db2b994e404c1f6eace4dac2c3820

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

Content-Length: 763
Content-Type: image/png

GET
H3 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame D0E5 13 KB
13 KB 7ms
6ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwlxdu.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandmanhotels.com/
Origin: https://www.sandmanhotels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 19:26:22 GMT
x-content-type-options: nosniff
age: 177798
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 12924
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:02:31 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 May 2023 19:26:22 GMT

GET
H3 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2
fonts.gstatic.com/s/sourcesanspro/v21/ Frame D0E5 13 KB
13 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v21/6xK3dSBYKcSV-LCoeQqfX1RYOo3qOK7l.woff2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.sandmanhotels.com/
Origin: https://www.sandmanhotels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

date: Wed, 04 May 2022 19:26:22 GMT
x-content-type-options: nosniff
age: 177798
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13036
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:04:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 04 May 2023 19:26:22 GMT

POST
H2 204 collect Show response
j.clarity.ms/ 0
48 B 97ms
96ms XHR
text/plain 20.85.30.134
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://j.clarity.ms/collect
Requested by: Host: www.sandmanhotels.com
URL: https://www.sandmanhotels.com/integration/tc-theme/public/js/bundle.js?v0c4da157409acd458b1fe702cbe7a254
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.85.30.134 Boydton, United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.sandmanhotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

access-control-allow-origin: https://www.sandmanhotels.com
date: Fri, 06 May 2022 20:49:42 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:3f60b293-70d6-4805-b0bb-3484f0a73bf0

GET
H2 200 badge.js Show response
sleeknotestaticcontent.sleeknote.com/production/ 8 KB
4 KB 12ms
11ms Script
application/javascript 108.157.4.90
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://sleeknotestaticcontent.sleeknote.com/production/badge.js
Requested by: Host: sleeknotestaticcontent.sleeknote.com
URL: https://sleeknotestaticcontent.sleeknote.com/core.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 108.157.4.90 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-108-157-4-90.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 6762f02f7981a933cfe7e8fb470198701561f7089a3805e0bd299470fec9e53e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

x-amz-version-id: CJLusKRLhgyQ5c2yuSyY1WcnmRMaGijo
content-encoding: gzip
last-modified: Thu, 05 May 2022 11:28:39 GMT
server: AmazonS3
age: 17
etag: W/"f49d407d2712a80ea19d77bdd39f7949"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: application/javascript
via: 1.1 3b5a3bc53642845f1ba1a839609aac0e.cloudfront.net (CloudFront)
cache-control: no-cache
date: Fri, 06 May 2022 20:49:27 GMT
x-amz-cf-pop: DUS51-P2
x-amz-cf-id: 13EH1SGmcFsIqqUUN-Yi4vc8hRAzkczCje94aFG12rUDiuJxp-0GpQ==

GET
H2 200 /
analytics.sleeknote.com/ 35 B
97 B 19ms
18ms Image
image/gif 216.239.32.21
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.sleeknote.com/?v1=7d864b89-d0e8-4fd3-9452-2e16caec691d&v8=3_sleeknote_shown&v9=1_sleeknote_trigger_shown_after&v12=1_Newsletter&v11=false&v13=13&v33=form&v0=35396f2e0886561ebdbdba609e8ac3c0&v3=2022-05-06T20%3A49%3A44Z&v6=2022-05-06T20%3A49%3A39Z&v20=true&v25=true&v27=5&s4=https%3A%2F%2Fwww.sandmanhotels.com%2F&s9=https%3A&s11=%2F&s12=&s13=&s2=Sandman+Hotel+Group+%7C+Hotels+in+Canada%2C+UK+%26+USA&c1=&s7=en-US&v5=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.41+Safari%2F537.36&v22=chrome&v23=101&v24=windows&v26=desktop&v21=019e635b-b142-4155-9cea-223270f113c3&s1=19127&s3=www.sandmanhotels.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.32.21 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

any-in-2015.1e100.net

Software

/ Express

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 20:49:44 GMT
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 35
etag: W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1463728975&t=event&ni=1&_s=2&dl=https%3A%2F%2Fwww.sandmanhotels.com%2F&ul=en-us&de=UTF-8&dt=Sandman%20Hotel%20Group%20%7C%20Hotels%20in%20Canada%2C%20UK%20%26%20USA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Sleeknote&ea=Sleeknote%20shown&el=7d864b89-d0e8-4fd3-9452-2e16caec691d&_u=aHDACEABBAAAAC~&jid=&gjid=&cid=58872850.1651870179&tid=UA-162681275-1&_gid=2092066023.1651870179&gtm=2wg540TL2MM4B&cg1=web&cg2=not_applicable&cg3=group_property&cd1=125904&cd2=not_applicable&cd3=Northland%20Properties%20Corp&cd4=Sandman%20Hotels&cd5=not_applicable&cd6=not_applicable&cd7=not_applicable&cd8=not_applicable&cd9=not_applicable&cd10=not_applicable&cd11=not_applicable&cd12=galaxy&cd13=essentials&cd14=th1&cd15=hd1&cd16=ft3&cd19=tvs_no&cd20=not_applicable&cd21=group_property&cd22=not_applicable&cd23=not_applicable&cd24=2&cd25=en&cd26=web&cd27=not_applicable&cd28=not_applicable&cd29=not_applicable&cd30=no&cd31=no&cd34=%7C&cd36=%7C&cd38=https%3A%2F%2Fwww.sandmanhotels.com%2F&cd39=not_applicable&cd40=sandmanhotels.com&cd41=GTM-TL2MM4B&cd42=44&cd54=be4&z=270988181

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 00:22:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73620
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
6ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 00:22:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73620
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 00:22:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73620
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
analytics.sleeknote.com/ 35 B
97 B 19ms
17ms Image
image/gif 216.239.32.21
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.sleeknote.com/?v1=7d864b89-d0e8-4fd3-9452-2e16caec691d&v8=3_sleeknote_shown&v9=queue&v12=1_Newsletter&v11=false&v13=13&v33=form&v0=35396f2e0886561ebdbdba609e8ac3c0&v3=2022-05-06T20%3A49%3A44Z&v6=2022-05-06T20%3A49%3A39Z&v20=true&v25=true&v27=5&s4=https%3A%2F%2Fwww.sandmanhotels.com%2F&s9=https%3A&s11=%2F&s12=&s13=&s2=Sandman+Hotel+Group+%7C+Hotels+in+Canada%2C+UK+%26+USA&c1=&s7=en-US&v5=Mozilla%2F5.0+%28Windows+NT+10.0%3B+Win64%3B+x64%29+AppleWebKit%2F537.36+%28KHTML%2C+like+Gecko%29+Chrome%2F101.0.4951.41+Safari%2F537.36&v22=chrome&v23=101&v24=windows&v26=desktop&v21=019e635b-b142-4155-9cea-223270f113c3&s1=19127&s3=www.sandmanhotels.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.239.32.21 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

any-in-2015.1e100.net

Software

/ Express

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 20:49:44 GMT
via: 1.1 google
x-content-type-options: nosniff
x-powered-by: Express
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
content-length: 35
etag: W/"23-X71HIiL+uKIs9biqXcW44Tr4jis"

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
7ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&aip=1&a=1463728975&t=event&ni=1&_s=3&dl=https%3A%2F%2Fwww.sandmanhotels.com%2F&ul=en-us&de=UTF-8&dt=Sandman%20Hotel%20Group%20%7C%20Hotels%20in%20Canada%2C%20UK%20%26%20USA&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Sleeknote&ea=Sleeknote%20shown&el=7d864b89-d0e8-4fd3-9452-2e16caec691d&_u=aHDACEABBAAAAC~&jid=&gjid=&cid=58872850.1651870179&tid=UA-162681275-1&_gid=2092066023.1651870179&gtm=2wg540TL2MM4B&cg1=web&cg2=not_applicable&cg3=group_property&cd1=125904&cd2=not_applicable&cd3=Northland%20Properties%20Corp&cd4=Sandman%20Hotels&cd5=not_applicable&cd6=not_applicable&cd7=not_applicable&cd8=not_applicable&cd9=not_applicable&cd10=not_applicable&cd11=not_applicable&cd12=galaxy&cd13=essentials&cd14=th1&cd15=hd1&cd16=ft3&cd19=tvs_no&cd20=not_applicable&cd21=group_property&cd22=not_applicable&cd23=not_applicable&cd24=2&cd25=en&cd26=web&cd27=not_applicable&cd28=not_applicable&cd29=not_applicable&cd30=no&cd31=no&cd34=%7C&cd36=%7C&cd38=https%3A%2F%2Fwww.sandmanhotels.com%2F&cd39=not_applicable&cd40=sandmanhotels.com&cd41=GTM-TL2MM4B&cd42=44&cd54=be4&z=92662375

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 00:22:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73620
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 00:22:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73620
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:830::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.sandmanhotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 06 May 2022 00:22:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 73620
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

160 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

32 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.sandmanhotels.com/	1970-01-20 05:00:46	Name: _gcl_au Value: 1.1.847617237.1651870177
.bing.com/	1970-01-20 12:12:46	Name: MUID Value: 20D1DB7D6C9C647B1FC9CAE16DF765DA
.doubleclick.net/	1970-01-20 02:51:11	Name: test_cookie Value: CheckForPermission
.sandmanhotels.com/	1970-01-20 11:36:46	Name: datadome Value: N8iXQPRO~1X3rSmwpCBqIF0fJ4R7.XfMozpuXl2f4BU9EVFO7e6u8mxuY5Kp_09Rg~V~qLy4PdFU5vmKqE796CHGDJxiOi3LctkqnPgQNST47sJgIJjoUptRBbyzO3m
.quantserve.com/	1970-01-20 12:21:24	Name: mc Value: 627589e1-31b53-763f0-2a9f0
www.clarity.ms/	1970-01-20 11:36:46	Name: CLID Value: bc8baa76fa6f403eb1be65db26cec6e1.20220506.20230506
.sandmanhotels.com/	1970-01-20 12:15:38	Name: __qca Value: P0-2106192444-1651870177186
.sandmanhotels.com/	1970-01-20 11:36:46	Name: _clck Value: nu70vn\|1\|f18\|0
.sandmanhotels.com/	1970-01-20 11:36:46	Name: ajs_anonymous_id Value: f989492b-169b-4db5-b7b7-71395b86e29c
.sandmanhotels.com/	1970-01-20 02:52:36	Name: _clsk Value: 1rtpw48\|1651870177849\|1\|1\|j.clarity.ms/collect
.sandmanhotels.com/	1970-01-20 02:52:36	Name: _uetsid Value: 0b8bd7a0cd7e11ec91cfc14ac644fa86
.sandmanhotels.com/	1970-01-20 12:12:46	Name: _uetvid Value: 0b8c2100cd7e11ec87a8f52101082179
.sandmanhotels.com/	1970-01-20 20:22:22	Name: _ga Value: GA1.2.58872850.1651870179
.sandmanhotels.com/	1970-01-20 02:52:36	Name: _gid Value: GA1.2.2092066023.1651870179
.sandmanhotels.com/	1970-01-20 02:51:10	Name: _gat_tct Value: 1
.sandmanhotels.com/	1970-01-20 02:51:10	Name: _gat_tc_client Value: 1
.sandmanhotels.com/	1970-01-20 02:51:10	Name: _gat_tc_client_roll_up Value: 1
.www.sandmanhotels.com/	1970-01-20 02:51:11	Name: __cf_bm Value: U54kR4o7AUUWIVl2bBdn1WXgDfZchR7fy0tOL3bGMBQ-1651870178-0-Abf7CLVVnrPxQqO7qEGXsbo9A6qM1JDAAry7hOnSNrbpo56rqLwxfwenibnPvnL4j5HEfNr7hgd7ODSQuGwAGXLyd1Gc9rbL+3/8Knk4ZAc1C7GmTFZZDuJpS+NiMTV8xA==
.sandmanhotels.com/	1970-01-20 05:00:46	Name: _fbp Value: fb.1.1651870179231.754518426
www.sandmanhotels.com/	1970-01-20 07:10:22	Name: __hstc Value: 247016539.b4438cfa3c7b40671047986aab6b12b2.1651870179417.1651870179417.1651870179417.1
www.sandmanhotels.com/	1970-01-20 07:10:22	Name: hubspotutk Value: b4438cfa3c7b40671047986aab6b12b2
www.sandmanhotels.com/	1969-12-31 23:59:59	Name: __hssrc Value: 1
www.sandmanhotels.com/	1970-01-20 02:51:11	Name: __hssc Value: 247016539.1.1651870179418
www.sandmanhotels.com/	1969-12-31 23:59:59	Name: SNS Value: 1
.c.bing.com/	1970-01-20 12:12:46	Name: SRM_B Value: 20D1DB7D6C9C647B1FC9CAE16DF765DA
.c.clarity.ms/	1969-12-31 23:59:59	Name: SM Value: C
.clarity.ms/	1970-01-20 12:12:46	Name: MUID Value: 20D1DB7D6C9C647B1FC9CAE16DF765DA
.c.clarity.ms/	1970-01-20 02:51:10	Name: ANONCHK Value: 0
.hubspot.com/	1970-01-20 02:51:11	Name: __cf_bm Value: HBQDFueSkEe_B6K.DdG3r3FOYVlbbuTADVIDSERCmIM-1651870179-0-Aauq2cZfnyLrU17ReH45LbO2A4kkRHKJ/sF+JXCJT3nVUUAMFlCsueFiRi5ixAEL8s6vw3MM49VZ2N67ffHakD8=
www.sandmanhotels.com/	1970-01-20 11:36:46	Name: _sn_m Value: {"r":{"n":1},"cs":{"7d86":{"u":1}},"ip":"2001:ac8:20:3c00:1011:bbf6:4e5a:351a"}
www.sandmanhotels.com/	1970-01-20 11:36:46	Name: _sn_n Value: {"a":{"i":"019e635b-b142-4155-9cea-223270f113c3"}}
www.sandmanhotels.com/	1970-01-20 11:36:46	Name: _sn_a Value: {"a":{"s":1651870179711},"v":"478f1d1e-c6bd-4d1c-a39d-023549e6f9c9"}

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://fonts.googleapis.com/css?family=null:400,400i,700,700i&display=swap&subset=latin,latin-ext Message: Failed to load resource: the server responded with a status of 400 ()
network	error	URL: https://o478535.ingest.sentry.io/api/282725/envelope/?sentry_key=74e3662d86224213a76f365f800bfb4f&sentry_version=7 Message: Failed to load resource: the server responded with a status of 429 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

018e94e1202b42a58806dbbe702ec82f.js.ubembed.com
analytics.sleeknote.com
api-js.datadome.co
api.segment.io
api.tsa-db.com
assets.ubembed.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.galaxy.tf
cdn.segment.com
cdnjs.cloudflare.com
connect.facebook.net
d.adroll.com
dynamic.travelclick-websolutions.com
eur03.safelinks.protection.outlook.com
fonts.googleapis.com
fonts.gstatic.com
forms.hsforms.com
forms.hubspot.com
googleads.g.doubleclick.net
image-tc.galaxy.tf
images.sleeknote.com
images.zmaildirect.com
j.clarity.ms
js.datadome.co
js.hs-analytics.net
js.hs-banner.com
js.hs-scripts.com
js.hscollectedforms.net
o478535.ingest.sentry.io
pixel.quantserve.com
rules.quantcount.com
s.adroll.com
secure.quantserve.com
sleeknotecustomerscripts.sleeknote.com
sleeknotestaticcontent.sleeknote.com
stats.g.doubleclick.net
tcgms.net
track.hubspot.com
u3798611.ct.sendgrid.net
us-central1-mimir-181311.cloudfunctions.net
us-east-2.protection.sophos.com
www.clarity.ms
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googleoptimize.com
www.googletagmanager.com
www.sandmanhotels.com
www.tcgms.net
104.47.8.28
104.90.191.187
108.157.4.23
108.157.4.90
108.157.5.209
142.250.179.162
143.204.215.51
143.204.215.78
151.101.65.131
167.89.118.28
195.244.31.25
20.85.30.134
2001:4860:4802:36::36
216.239.32.21
2600:9000:206f:1200:6:9280:1080:93a1
2600:9000:206f:ac00:16:41f8:18c0:93a1
2600:9000:2315:3800:6:44e3:f8c0:93a1
2600:9000:2315:a200:16:eb47:3100:93a1
2606:4700:4400::6812:21ab
2606:4700::6810:5505
2606:4700::6811:190e
2606:4700::6811:45b0
2606:4700::6811:7fab
2606:4700::6811:b664
2606:4700::6811:b764
2606:4700::6811:d6cc
2606:4700::6813:9a53
2620:116:800d:21:ee05:6a01:4b41:8c89
2620:1ec:27::cafe:1586
2620:1ec:c11::200
2a00:1450:4001:802::2003
2a00:1450:4001:810::200e
2a00:1450:4001:812::200a
2a00:1450:4001:813::2008
2a00:1450:4001:827::2003
2a00:1450:4001:82f::2002
2a00:1450:4001:830::200e
2a00:1450:4001:831::2004
2a00:1450:400c:c0c::9d
2a03:2880:f01c:216:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.123.206.88
34.120.195.249
52.142.114.2
54.171.137.8
54.69.174.156
65.9.63.32
96.16.129.171
01c8f5dfe16e1b117a2354311821ac13e01a98fa933c572fcd09a242586ff96e
04dfc8e1a6e59e36a3a3a5c15443a97a92a6d2a7da9d276b050d58be3c7952a7
0abd7afdb099eeac39437317d820b6a95c892a39f0bf41950ac906eaf6f19964
0b01eaae8bb1f2e4f27101d208ee5a4b1db7a795f9d09f1bb31b43d136ba7dd3
0ba6455dd88365aef64744a1f435fc2628b2eedada0d395380c6a3405b2cb3d4
0d3118e306c6a26f1d2efcb698984e6922c5e7e155c94a84760e36e5592a3c11
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
134e9ea357e37998ed2a4189cdd30e3e58fcc1d3146fda2b2e054f3558226c86
1370a87f096b6ad57b2af904333367b5a8b764c5eaf9f3a9ccfc8fe3c0b9164f
13b3262bd17b82af659ff836fc4879b17ea9d597447f1eb1fd294dfcb036e110
15ee46bb08550f18dd50e3526572854bed5044202047f52ad5c6134c13532f2d
1ab05efec033d11b15039918fae47dc65a89b4d926382951fd9cd777d00c5ee9
1b08d8263a7196daa254c5346d5de908cd7d9e173f2a78b564b2184c3f899599
1e85ec81b9800b4c443d39caca0d0926089a3ac201120db1ceb45b93789480b8
1ef3f0269be7b675dce81bb81af21398575e3f96609f76c0f59881145bbfddff
1f77b1de27fff180dc48693411997d9eca5efcbf79b8bd10d7045bc835483098
2300e9f7346a6572d517b813426f957e9f20d059d6ea3b439817980def84fac7
235811eea35afea6661df621dcd80615b44d0abf0f4e30141bcb062c3edcecea
291e4ceacea80004276a4500a661d05acd5912b405fb13a2fe5fa6fc4c676eee
2a83c0c551dfa7a2c45fd79e47f440931385b56231b687a7f547f86a09933e73
2d5f55af6b26f54540a0b432dd6f4fbda74ac3391ce1c81c2da35b0eee52356e
2e9459792c52947536c35da67cc93fda9fb9ebe63145532aadf981e0aae383be
3593099a51c8a9d8732583b5917d90c6088504a38d03337d542d49939ac9e85c
374ab63d65152fea2b273f29b6a3ede7230db2b994e404c1f6eace4dac2c3820
3d5c31a7e56cfc12b784ae9f7d946c74b9f0e301032ddc6b786a83c3be2773db
4018d80284d0b380e6f0187eea93cd2006c976d7990a9a59234bbb3f7e4d48a3
40ee5d1bda2a27ac8c1d8a8cc67deb0093962475a25310c1d6731ed202f35f83
4283b7de52bd36949abd99c7f8f7a1301ecf3d67f60658fa8c6854eadcb91950
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
46948d712d1f55f7fa06ee1d35452e8eaac1a99da255d4784073db30a8e97997
4d33d19a86ed469d46e6ec16cff7a658c22b4a3e0626942c60a9cacf86b71dae
53ae997558e6c364fddff8e0266f1ccc554987ec258114a4964236b5cbe977a8
53efbbd9eec1aa5d107e0f70913b79d960486510be3989427da0e6bfeee55e8c
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
5585dad59b4681163dbb311564fa900066c5c51f88f399362beb2777f42d78df
55cd8e244af5480a7e11cc83919432679a3b40c933ce2b82820967ec326e09a2
567dffcf12b18041861e46e5c3f3d5d1593e53f615bc597d895373b3ee980974
569b533786f679b87f330e061837353dbb865842a6f2389935341d6c73b6cc0f
5bbd805efda570be0caecdf026a1c45eabf4cbfb01c2de8f8412a5f3edf05622
5bdd44d0692f267a0b26e5968e694bbd095511faacb598ce37957d57814490aa
6762f02f7981a933cfe7e8fb470198701561f7089a3805e0bd299470fec9e53e
6a8bb9ebb1b4c7750466138f83c00cba0b67dad4643181e22863b8ca966bda1e
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b45aa144d65604b427a71d9f0d2db74dac636944a007db5cd5ae67452e4f8bb
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
7348a2eb48c9a681d6178433394c7037144d85b57ee33a11339d3a33fa1001a4
7366dcb413f2232059e7c10d46ceec36bf3aaae8b6b47afb42b0a4862dc7a6ab
75229e9eb5b602687c9ea865198e83d3f4a038e5b7b9356b82cf0700d6ad5da5
77db1e92623f53f39a92474ff79429f547485f839dc0b30bc33a5f65ce880da8
77e29e7c2ef665fb66daa4adbd5a877ad518b9698c165e1a486813acf9ee84f2
7d5f5d0fe842536e512b4ca0cac0b48a66577ea091f3a6840365ff6124be034b
80ecad3b9696fe9b61ccac5b119f6bb9e36811b3db973a3d9dc03858644c95ee
81a1c8f8a996ba7a20b116b0fb8027af53f11402dcd06da8421cefe3cd9898d7
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
83879f87f64ac4fd02c0e0566c6ee86b7c1527db197b3ffc57efa9ae65837a55
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8540c5e2d2e85cc6c5d46b1b06b7f6642dce39e0314299a08976cfe6053c7c52
862c011b3e8d810f56b7bb55a70861509cb109f439a406c31c00f09f48e048ea
88e5827b197d82fd564d4d6d3a55e0ad091811ff73616600a36a66adfeb2b885
8964e438a1f1a01489df821e32816d1651550b39b55b783ad7f5d85e43c6247b
89ba0d4f6cf9500041778760fea24e37c6de04955c6a62b5435c64b600423749
8aec0f3ed08ab5e9db8a779f49f838782298d2687a64b4d0c8a9094b9875f535
8cb8ab69ccb76ede91a0215ebf59d800209d13ccb21e614e8ccaa5a163e8087e
8d6580af877387b05d9ffac3ebeacfe25a7728c77adef6d9b32fd72ccbe21468
9201cf1f1bac965087a6b23d2915fcca3949091ed9b8ab731b0a2c6e715f1747
953e2105961ea1f1f4aa7c593534c4fc734d3a7fb35c6279b18d0b7062337276
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9ba2e92b87fe2c16ed942a84a25386429d44e646789f33ac8ce173abb59e37be
9ca5836021078b32c266024a6ecf7479552e792e0f8935b7a1e1e143bd376b47
9f962e0d2f9b3fddd09149ae0260d618bc06738a3e417e9db8ac40aac95c94f4
a06428ba01c0ceafa7d68c9c6cf720ae3543831c878ca0c66dc38ad74eb5c74b
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a1f1132059ae29789542297e710d6d45e60307f961d25acccb12ddb30f8d1bcc
a5a5dbca8cba9ddea0bec1b7e4ed5a20cd8c0c93208fb9b5d2995c6fe1bf9311
a5f28bac7785fbda6486644a5a0acb398bb1cd5e4d0777ede97b82874f7bf26e
a7eb66363508dead8acdb6c6c5dc8919e9e39726172ea48e954e94d079558ffe
a8bd2ffb1e86cd8ab362d0c57f12860bc2b35b243d9f9a9ed63b663ca2ae82ca
a93efd838d5467dff8629cd1533f381d0b82909de009234326539a493d373e4d
a996803be97bd6eed2f13e2aaceed65ee5cc24e0669fcbd223788c5cf9159c2e
acd1f16cab16fcfae29ef97a86f303db0fbe7f3c9611a7da8efbbdc1a754c0ce
ad276a9b384daf069f7458062d26b31838d009086e6b3a5e0c69a5682063239c
ae71ae33098d1a86319ad7c8f950423d5e1d3f611c573063ec93bea1ea9df008
af4c6683814aa527caf53bde3d021e6aafe00833b45f2dead043c87ed7864674
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b318b179b35ca92c87626801798f3bce3864172926ae10288f0460a53f30177c
b71c20271d9c80d1a71aa0ab9935281c4fa8ac404533f1a0747d7fb03fc68e79
b819b3ac2fe5857b7026a609f9115f0d50a7d6e8085ba5987d70ed6baaa41f4e
c124c88ca4fcb4336e97617647ef0d32441329371120c8eabaea0fea226560b0
c1f78372fef6004ba25f660c5e2a8377c7e057e1386281df289973abb4cebabf
c541ef06327885a8415bca8df6071e14189b4855336def4f36db54bde8484f36
ca63193ce799e4e00c9106349365981dc6e26cb77632ebf5df23dffba2aaccfa
cda5bb1c5d67490ae072dc404a371abf6303f8659198ff96c306670f094e5f7e
d0a87531100e5c37a53d0544d1e560b2a06629bbd833275a1cc1aa3fb11d69a3
d14a1b9791657bcd13c89ddc2d2bfcddc5491c377ebf7b4ef6a86c5b89eb18c7
d19184949ab5afddd72264435b8b05b7b2dcfdd33b6c08f3ea0791059189ccd1
d1da7be1878380087a74ef033cd3b271e2d55ba9affe0058b6585f5d236c729a
d74587150b9c2a07bd325b525be524859dc3aa5eaa4079ed3bb05a41eb629dfd
d810ababdb07efe8722aa745571559ca78580fa03551194883228dc0fc98891f
db0dd118c4a329b56642d13845d493b5a2c611a4b8edc0812d85f74f7271adba
dc111a70984a9eda00752b06277113029ef288f1125c31eff2477413e15e8aa4
dcbdd16824779e178951c6e33345dd34a5dfea189686a6899d67e364c63e644f
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
dff41f45bf1410d70bbaa825268ce556be0a4c1eb3c293600971e60e565a218b
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e7561c30eff46edfa75cc5eb479d2779dab1e208f4acb4bac01db81a076066a9
e756a9ef676f964c4dfc01fabf0b887a10975ff9cdaf717d0b9f0cb971d7f411
ecaf54fe5964852d6a064576ebceaa2f5df96f506d65bc44807650c1e7f61b7c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f233243ee960cf1c52d6d7371ad7321155ad8c92d854a74128998672c74bcbca
f59e5f34a941183aacaed25322ac0856628493c2cfd936ded3fddc0a49510e52
fa399e7dafd49a1d794f0c41de9a790b3df84a3738bf0b9ab566c264e9c43e77
fbd9beb357f7d05a4e6c6913f40f52d673719ddda4c3a873d7c291dc0767f351
fc33f4d973d22040befe531530957e027f079e88ef121405d20c525cb8461ac3
ffc992202755637f8b6d51b4f61d30e3b47fc797403d923a9cd618a47c6ca184

www.sandmanhotels.com Open in urlscan Pro 2606:4700::6811:b764 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

141 Requests

96 %HTTPS

58 %IPv6

39 Domains

53 Subdomains

46 IPs

5 Countries

2951 kBTransfer

10590 kBSize

32 Cookies

15 Outgoing links

Page URL History

Redirected requests

141 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 6 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.sandmanhotels.com Open in urlscan Pro
2606:4700::6811:b764 Public Scan

Screenshot
Live screenshot

Full Image

141
Requests

96 %
HTTPS

58 %
IPv6

39
Domains

53
Subdomains

46
IPs

5
Countries

2951 kB
Transfer

10590 kB
Size

32
Cookies

141 HTTP transactions
6 data transactions