www.flemings-hotels.com Open in urlscan Pro
2606:4700::6811:b83a Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://tcgms.net/tr/c/136i39y35n38a32i32334g3b33be34g37i32l00/1287302
Effective URL:
https://www.flemings-hotels.com/
Submission: On March 03 via api (March 3rd 2023, 10:00:54 am UTC) from AT — Scanned from DE

Summary HTTP 63 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 20 IPs in 5 countries across 16 domains to perform 63 HTTP transactions. The main IP is 2606:4700::6811:b83a, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.flemings-hotels.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on April 28th 2022. Valid for: a year.

This is the only time www.flemings-hotels.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	104.96.154.58 104.96.154.58	16625 (AKAMAI-AS) (AKAMAI-AS)
1 1	2606:4700::68... 2606:4700::6811:b73a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 31	2606:4700::68... 2606:4700::6811:b83a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.26.3.32 104.26.3.32	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:b63a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	88.198.114.6 88.198.114.6	24940 (HETZNER-AS) (HETZNER-AS)
4	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:813::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:805::2002	15169 (GOOGLE) (GOOGLE)
1 2	142.250.186.70 142.250.186.70	15169 (GOOGLE) (GOOGLE)
2	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2a00:1450:400... 2a00:1450:400d:80d::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:802::2003	15169 (GOOGLE) (GOOGLE)
1	195.244.31.25 195.244.31.25	63140 (IGUANA-WO...) (IGUANA-WORLDWIDE)
3	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
2	2600:9000:21f... 2600:9000:21f3:6a00:16:41f8:18c0:93a1	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f17... 2a03:2880:f177:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
3	2a00:1450:400... 2a00:1450:400d:80a::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
2	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c00::9b	15169 (GOOGLE) (GOOGLE)
63	20

2 104.96.154.58 (Vienna, Austria) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-96-154-58.deploy.static.akamaitechnologies.com

tcgms.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b73a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.flemings-hotels.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

31 2606:4700::6811:b83a (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.flemings-hotels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
image-tc.galaxy.tf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.26.3.32 (United States)

ASN13335 (CLOUDFLARENET, US)

app.secureprivacy.ai	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:b63a (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.galaxy.tf	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 88.198.114.6 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: app8.trustyou.com

api.trustyou.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:805::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.70 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s05-in-f6.1e100.net

3510645.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:80d::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.244.31.25 (Newark, United States)

ASN63140 (IGUANA-WORLDWIDE, US)
PTR: xo7-viplb-01-new.ny.ig-1.net

dynamic.travelclick-websolutions.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21f3:6a00:16:41f8:18c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

api.tsa-db.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:80a::200e (Ireland)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
21	flemings-hotels.com 1 redirects www.flemings-hotels.com	2 MB
11	galaxy.tf cdn.galaxy.tf — Cisco Umbrella Rank: 116706 image-tc.galaxy.tf — Cisco Umbrella Rank: 89020	2 MB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 30 region1.google-analytics.com — Cisco Umbrella Rank: 2425	20 KB
5	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 35 3510645.fls.doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 77	4 KB
5	google.com www.google.com — Cisco Umbrella Rank: 2 adservice.google.com — Cisco Umbrella Rank: 73	2 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6149 adservice.google.de — Cisco Umbrella Rank: 8947	1 KB
4	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 44	292 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 105	239 B
2	tsa-db.com api.tsa-db.com — Cisco Umbrella Rank: 65023	1 KB
2	facebook.net connect.facebook.net — Cisco Umbrella Rank: 151	136 KB
2	tcgms.net 2 redirects tcgms.net — Cisco Umbrella Rank: 56595	526 B
1	travelclick-websolutions.com dynamic.travelclick-websolutions.com — Cisco Umbrella Rank: 124323	1 KB
1	gstatic.com www.gstatic.com	163 KB
1	trustyou.com api.trustyou.com — Cisco Umbrella Rank: 91291	5 KB
1	secureprivacy.ai app.secureprivacy.ai — Cisco Umbrella Rank: 60193	8 KB
1	flemings-hotels.de 1 redirects www.flemings-hotels.de	509 B
63	16

	Domain	Requested by
21	www.flemings-hotels.com	1 redirects www.flemings-hotels.com www.googletagmanager.com
10	image-tc.galaxy.tf	www.flemings-hotels.com
4	www.googletagmanager.com	www.flemings-hotels.com www.googletagmanager.com
4	www.google.com	www.flemings-hotels.com
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	www.google.de	www.flemings-hotels.com
2	region1.google-analytics.com	www.flemings-hotels.com
2	www.facebook.com	www.flemings-hotels.com
2	api.tsa-db.com	www.flemings-hotels.com
2	connect.facebook.net	www.flemings-hotels.com connect.facebook.net
2	3510645.fls.doubleclick.net	1 redirects www.googletagmanager.com
2	googleads.g.doubleclick.net	www.googletagmanager.com
2	tcgms.net	2 redirects
1	stats.g.doubleclick.net	www.google-analytics.com
1	adservice.google.de	adservice.google.com
1	dynamic.travelclick-websolutions.com	cdn.galaxy.tf
1	www.gstatic.com	www.google.com
1	adservice.google.com	3510645.fls.doubleclick.net
1	api.trustyou.com	www.flemings-hotels.com
1	cdn.galaxy.tf	www.flemings-hotels.com
1	app.secureprivacy.ai	www.flemings-hotels.com
1	www.flemings-hotels.de	1 redirects
63	22

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
www.instagram.com
www.linkedin.com
www.occhio-doro.com
www.opentable.de
reservations.flemings-hotels.com
www.amadeus-hospitality.com

Subject Issuer	Validity	Valid
www.flemings-hotels.com Cloudflare Inc ECC CA-3	`2022-04-28` - `2023-04-27`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-06` - `2023-06-05`	a year	crt.sh
cdn.galaxy.tf Cloudflare Inc ECC CA-3	`2022-05-06` - `2023-05-06`	a year	crt.sh
image-tc.galaxy.tf Cloudflare Inc ECC CA-3	`2022-06-08` - `2023-06-07`	a year	crt.sh
*.trustyou.com Go Daddy Secure Certificate Authority - G2	`2022-12-15` - `2023-12-13`	a year	crt.sh
www.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-01-10` - `2023-03-10`	2 months	crt.sh
*.google.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.travelclick-websolutions.com Gandi Standard SSL CA 2	`2022-06-16` - `2023-07-08`	a year	crt.sh
www.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh
*.tsa-db.com Amazon RSA 2048 M02	`2023-02-28` - `2024-03-28`	a year	crt.sh
*.google.de GTS CA 1C3	`2023-02-08` - `2023-05-03`	3 months	crt.sh

This page contains 5 frames:

Primary Page: https://www.flemings-hotels.com/
Frame ID: 121FFCA7C30F221023CB49ACC8E01CA9
Requests: 57 HTTP requests in this frame

Frame: https://3510645.fls.doubleclick.net/activityi;dc_pre=CMi9_afAv_0CFdDxmgodQ9EISw;src=3510645;type=websi050;cat=webi123;ord=1;num=7401717554266;gtm=45He3310;auiddc=2092517816.1677837648;~oref=https%3A%2F%2Fwww.flemings-hotels.com%2F
Frame ID: DBED2C9459529D738B29794EBEF0E980
Requests: 1 HTTP requests in this frame

Frame: https://adservice.google.com/ddm/fls/i/dc_pre=CMi9_afAv_0CFdDxmgodQ9EISw;src=3510645;type=websi050;cat=webi123;ord=1;num=7401717554266;gtm=45He3310;auiddc=2092517816.1677837648;~oref=https%3A%2F%2Fwww.flemings-hotels.com%2F
Frame ID: C7C912DF530ECCDE6E4DA8ED63B37884
Requests: 1 HTTP requests in this frame

Frame: https://www.flemings-hotels.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1677830400
Frame ID: 5D7AF39B0E93E04228943331AF739D11
Requests: 3 HTTP requests in this frame

Frame: https://adservice.google.de/ddm/fls/i/dc_pre=CMi9_afAv_0CFdDxmgodQ9EISw;src=3510645;type=websi050;cat=webi123;ord=1;num=7401717554266;gtm=45He3310;auiddc=2092517816.1677837648;~oref=https%3A%2F%2Fwww.flemings-hotels.com%2F
Frame ID: B72EAC028C4AB9898CB2E5E304958F4C
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Flemings Hotels | Offizielle Webseite | Direkt Online Buchen

Page URL History Show full URLs

http://tcgms.net/tr/c/136i39y35n38a32i32334g3b33be34g37i32l00/1287302 HTTP 301
https://tcgms.net/tr/c/136i39y35n38a32i32334g3b33be34g37i32l00/1287302 HTTP 301
https://www.flemings-hotels.de/?pl=136i39y35n38a32i32334g3b33be34g37i32l00 HTTP 301
https://www.flemings-hotels.com/de/?pl=136i39y35n38a32i32334g3b33be34g37i32l00 HTTP 301
https://www.flemings-hotels.com/ Page URL

Detected technologies

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

63
Requests

100 %
HTTPS

76 %
IPv6

16
Domains

22
Subdomains

20
IPs

5
Countries

4569 kB
Transfer

14405 kB
Size

13
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://www.facebook.com/flemingshotels/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/flemingshotels/

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/flemings-hotels

Search URL Search Domain Scan URL

URL: https://www.occhio-doro.com/
Title: Mehr Info

Search URL Search Domain Scan URL

URL: https://www.opentable.de/r/occhio-doro-frankfurt?lang=de-de
Title: Open Table

Search URL Search Domain Scan URL

URL: https://reservations.flemings-hotels.com/114478
Title: Meine Reservierung

Search URL Search Domain Scan URL

URL: https://www.amadeus-hospitality.com/
Title: Made by Amadeus.

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://tcgms.net/tr/c/136i39y35n38a32i32334g3b33be34g37i32l00/1287302 HTTP 301
https://tcgms.net/tr/c/136i39y35n38a32i32334g3b33be34g37i32l00/1287302 HTTP 301
https://www.flemings-hotels.de/?pl=136i39y35n38a32i32334g3b33be34g37i32l00 HTTP 301
https://www.flemings-hotels.com/de/?pl=136i39y35n38a32i32334g3b33be34g37i32l00 HTTP 301
https://www.flemings-hotels.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 20

https://3510645.fls.doubleclick.net/activityi;src=3510645;type=websi050;cat=webi123;ord=1;num=7401717554266;gtm=45He3310;auiddc=2092517816.1677837648;~oref=https%3A%2F%2Fwww.flemings-hotels.com%2F HTTP 302
https://3510645.fls.doubleclick.net/activityi;dc_pre=CMi9_afAv_0CFdDxmgodQ9EISw;src=3510645;type=websi050;cat=webi123;ord=1;num=7401717554266;gtm=45He3310;auiddc=2092517816.1677837648;~oref=https%3A%2F%2Fwww.flemings-hotels.com%2F

63 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.flemings-hotels.com/
Redirect Chain

http://tcgms.net/tr/c/136i39y35n38a32i32334g3b33be34g37i32l00/1287302
https://tcgms.net/tr/c/136i39y35n38a32i32334g3b33be34g37i32l00/1287302
https://www.flemings-hotels.de/?pl=136i39y35n38a32i32334g3b33be34g37i32l00
https://www.flemings-hotels.com/de/?pl=136i39y35n38a32i32334g3b33be34g37i32l00
https://www.flemings-hotels.com/

163 KB
24 KB

132ms
132ms

Document
text/html

2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flemings-hotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

38267790fae07dd480bcaef3143cb7994862ebb0747e7727b4469654fb41ebf8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7a2108cc8d319162-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 03 Mar 2023 10:00:46 GMT
last-modified: Fri, 03 Mar 2023 09:35:05 GMT
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=31536000; includeSubdomains; preload
vary: Accept-Encoding
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
x-amz-cf-id: ySH60GvBR2VRXMRcx8bVUuWCB0e71s83pTuI3eGR4h56W_ZiUctE4w==
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache
cf-cache-status: DYNAMIC
cf-ray: 7a2108cbcc269162-FRA
content-length: 0
content-type: text/html; charset=utf-8
date: Fri, 03 Mar 2023 10:00:46 GMT
location: /
referrer-policy: no-referrer-when-downgrade
server: cloudflare
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 6b25d4ce9efa3f2699980e1915129606.cloudfront.net (CloudFront)
x-amz-cf-id: dvA7WgYuI4mKvyR99TkLJqVH1J0zZI2WXggvfj8Ne6zCfU6XphW-9g==
x-amz-cf-pop: FRA60-P4
x-cache: Error from cloudfront
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 62261c929d267ca63f82784c.js Show response
app.secureprivacy.ai/script/ 7 KB
8 KB 118ms
48ms Script
application/octet-stream 104.26.3.32
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://app.secureprivacy.ai/script/62261c929d267ca63f82784c.js
Requested by: Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 104.26.3.32 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6be8c702ecf7e676b3f8124253d6c97eb1cb0ab1c7d5a267983461f54658c4d4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:47 GMT
cf-cache-status: DYNAMIC
last-modified: Mon, 27 Feb 2023 21:34:27 GMT
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
content-md5: RpDpjN4cY1Z7bnO77Ytazg==
server: cloudflare
etag: "0x8DB190A67073E3D"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bS3z3GUSSRTFd4Zp%2FWkUqOstblYAE%2FIwXABiKaNARLxPvEx%2F%2BvF2GAedAu8vJvxvOJN9fO6EeKWPx6QfKP9FGjV7nsPwo7wtrfopPKVGkioiT7tRCo8jR53%2BoCCC3dPoUq9tU1EF"}],"group":"cf-nel","max_age":604800}
content-type: application/octet-stream
x-ms-request-id: 4566ec85-f01e-0060-6bb7-4ddd34000000
x-ms-version: 2018-03-28
accept-ranges: bytes
cf-ray: 7a2108cdce773a66-FRA
content-length: 7195

GET
H3 200 main.css
www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/ 451 KB
55 KB 97ms
97ms Stylesheet
text/css 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b45e4a5049146af2d13f095faf4857790d38a2b5b0949c391ef539fba7698c36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:47 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 03 Mar 2023 09:35:09 GMT
server: cloudflare
etag: W/"3dcbb42854cc2a2a3cd157ccd2f4b468"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css
cache-control: no-cache
cf-ray: 7a2108cd6ecb381f-FRA
x-amz-cf-id: jOKw9tteDlQM1Ii2sO2gPZMkq0ark7Fe4xF2KOMjAZ-Dm1b5wCvzhg==

GET
H2 200 gms-latest.min.js Show response
cdn.galaxy.tf/asset-galaxy/js/ 148 KB
46 KB 438ms
357ms Script
application/javascript 2606:4700::6811:b63a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.galaxy.tf/asset-galaxy/js/gms-latest.min.js?v19d44e94291151bfdcd1444d5caca497

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b63a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce4f1b48eedafeaa3d9b02d15dc642b4cc9a995b6e517d6d9bd91d007a420a6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:47 GMT
strict-transport-security: max-age=15768000
content-encoding: br
cf-cache-status: DYNAMIC
last-modified: Tue, 23 Aug 2022 10:13:34 GMT
server: cloudflare
etag: W/"250c8-5e6e5d1230d79-gzip"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=604800
cf-ray: 7a2108cdee739116-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Fri, 10 Mar 2023 10:00:47 GMT

GET
H3 200 main.bundle.js Show response
www.flemings-hotels.com/integration/flemings-hotels/public/shared-gms-v2/js/ 205 KB
65 KB 101ms
99ms Script
application/javascript 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flemings-hotels.com/integration/flemings-hotels/public/shared-gms-v2/js/main.bundle.js?v19d44e94291151bfdcd1444d5caca497

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cd2e6e286b2c1237bdf2cc4b970bf6c3930c9e405d69f68f3231044cfa405a0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:47 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 70d755f7200c02162c7545e4ce74649a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 16 Nov 2022 15:57:58 GMT
server: cloudflare
etag: W/"a806a390a2b0119f049fddd7e926f986"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 7a2108d0caf4381f-FRA
x-amz-cf-id: TT82OqgxhG-z6-ZI9z6OGGPfHM0ckoGZZpzPxpAHhW58MXL5D8M6kg==

GET
H2 200 logo-header.svg
image-tc.galaxy.tf/wisvg-47mb3rv9uuaif5oivatbeuyj2/ 5 KB
2 KB 635ms
577ms Image
image/svg+xml 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wisvg-47mb3rv9uuaif5oivatbeuyj2/logo-header.svg?width=392

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82f50bcd7dbcf2a6c6aa63cd5fe368d98f94a1b3a7bc2758046eaab4558a9e25

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:48 GMT
x-amz-version-id: 5HE2Nv1O1IxrnAnG.mMFZO4dlIkXTLqT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 38fc40d2e799d9e91b382cc792e964ec.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: BCN50-P2
cf-cache-status: DYNAMIC
content-encoding: br
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Mar 2022 03:48:54 GMT
server: cloudflare
etag: W/"4723d460444af6e8c145e61a8d9c344e"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: no-cache
vary: Accept-Encoding
cf-ray: 7a2108d11acb3609-FRA
x-amz-cf-id: t4-mTz6m_VCIyoJFa8uW4qknoHkySQxxDYP37eufmUS4ATzv0COQIg==

GET
H3 200 galaxy-helpers.js Show response
www.flemings-hotels.com/frontend/galaxy-helpers/public/ 56 KB
21 KB 166ms
166ms Script
application/javascript 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flemings-hotels.com/frontend/galaxy-helpers/public/galaxy-helpers.js?v=l-676494c8-7126-41cd-8b37-49a9ecd71ccc

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e1af5c26a6ca0cf6e1efcd25d203b5d1b890d8d2756d58ca0cfdfafa2f488576

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:47 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 09 Nov 2022 10:35:47 GMT
server: cloudflare
etag: W/"ef1febd8b777272d6178f74661f8347e"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 7a2108ce4fc0381f-FRA
x-amz-cf-id: MrkCDO4oakK-J3ljr-WC2UQRveqnagsW3F6WzVlDy40YLj_ac6OYKg==

GET
H3 200 bundle.js Show response
www.flemings-hotels.com/integration/flemings-hotels/public/js/ 9 MB
2 MB 138ms
137ms Script
application/javascript 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flemings-hotels.com/integration/flemings-hotels/public/js/bundle.js?v19d44e94291151bfdcd1444d5caca497

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

14cc66e8f9f632f795f3677df20755edfec2da56ce5391d3808046a63fafb05a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:47 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 01 Mar 2023 14:32:02 GMT
server: cloudflare
etag: W/"e71c62cfca54bd653db38b1b29d4ddb3"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 7a2108cf58ed381f-FRA
x-amz-cf-id: xd5qL9EbAJkiG0w3bGeof7Wni90w4Gad3YCgvpdeJucNra8NBJVkzw==

GET
H/1.1 200
OK iframeResizer.min.js Show response
api.trustyou.com/static/3rdparty/iframe-resizer/js/ 13 KB
5 KB 105ms
30ms Script
application/javascript 88.198.114.6
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://api.trustyou.com/static/3rdparty/iframe-resizer/js/iframeResizer.min.js
Requested by: Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 88.198.114.6 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: app8.trustyou.com
Software: Apache /
Resource Hash: e7954b62653e3d7d5a7b455589a7238d661dfbaebd18650bc4b9d82089ab7156

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Date: Fri, 03 Mar 2023 10:00:47 GMT
Content-Encoding: gzip
Last-Modified: Tue, 13 Feb 2018 09:07:35 GMT
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=15, max=100
Content-Length: 5154

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 906 B
892 B 151ms
58ms Script
text/javascript 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?onload=onLoadCaptcha

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

e57a18673369c39a2d5459f7ea0b6aafb0e2f7e5584d2bfde9850eb1e5c35768

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy: frame-ancestors 'self'
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 572
x-xss-protection: 1; mode=block
expires: Fri, 03 Mar 2023 10:00:47 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 209 KB
64 KB 86ms
29ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d22f369c86d675099838940e5eff2d08b3323b56e6f06989d4bbdad69a6c79d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 65369
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Mar 2023 10:00:47 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 263 KB
78 KB 122ms
65ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PC9F8W6

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

f0d7324ee5af96dd606239d0642341472587b69b2abc82515899be1200701734

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:47 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 79358
x-xss-protection: 0
last-modified: Fri, 03 Mar 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 03 Mar 2023 10:00:47 GMT

GET
H3 200 RingsideCompressedSSm-Bold_Web.woff2
www.flemings-hotels.com/integration/flemings-hotels/public/fonts/Ringside-Bold/ 56 KB
57 KB 419ms
419ms Font
application/font-woff2 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flemings-hotels.com/integration/flemings-hotels/public/fonts/Ringside-Bold/RingsideCompressedSSm-Bold_Web.woff2

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

dc1a649c2c24afe3072a5c478ca103e81a5f35f862e119d4a245b0b570f8c6ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css
Origin: https://www.flemings-hotels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:47 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 26f9a94e9be2a827a3f2e1cdb64a8fa6.cloudfront.net (CloudFront)
x-amz-cf-pop: BCN50-P2
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 57592
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 25 Apr 2022 12:33:45 GMT
server: cloudflare
etag: "e66afeb7e7f13ea6dee08d360e765bd7"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: no-cache
cf-ray: 7a2108d0cafd381f-FRA
x-amz-cf-id: MGF3JR90-brFqstMEXDlBcbsrm6Pe9FShVs8VKa-GmeBunqwoUMgCA==

GET
H3 200 RingsideCompressedSSm-Book_Web.woff2
www.flemings-hotels.com/integration/flemings-hotels/public/fonts/Ringside/ 59 KB
60 KB 104ms
104ms Font
application/font-woff2 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flemings-hotels.com/integration/flemings-hotels/public/fonts/Ringside/RingsideCompressedSSm-Book_Web.woff2

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58e9e1b97cb14d612b4fc1e52a34e161c8d4baa8e0d37bdbf4893b4dc25069f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css
Origin: https://www.flemings-hotels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:47 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 02cd8164e89a1598d410a9198582d47c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 60884
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 25 Apr 2022 12:33:43 GMT
server: cloudflare
etag: "99c11ed45a9131b625d5405ae73539eb"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: no-cache
cf-ray: 7a2108d0cafe381f-FRA
x-amz-cf-id: 6lJ0ry-V7zz_fHHhmp8b1c8l7t_RjfgakTmwtkUkieIljNrNdolJgA==

GET
H3 200 Practice-Regular.woff2
www.flemings-hotels.com/integration/flemings-hotels/public/fonts/Practice-Regular/ 47 KB
47 KB 88ms
88ms Font
application/font-woff2 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flemings-hotels.com/integration/flemings-hotels/public/fonts/Practice-Regular/Practice-Regular.woff2

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

02fa4759cedac98b71d5cb98f7b84390ec4ee11a86186a0e27479a50262109e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css
Origin: https://www.flemings-hotels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:47 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 f7aba4a0337c5f98c4703e2b10f1940a.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 47968
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 25 Apr 2022 12:33:43 GMT
server: cloudflare
etag: "1588782f1d98e5d15e7b8ff9e58fec2f"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: no-cache
cf-ray: 7a2108d0db08381f-FRA
x-amz-cf-id: g5Jljwbr7_v7t7xoy4fxPunrR472bTfoTeclKcXq0RD_KUFDz0WxFA==

GET
DATA 200
OK truncated
/ 43 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Content-Type: image/gif

GET
H3 200 bm_default_info_icon.svg
www.flemings-hotels.com/integration/flemings-hotels/public/images/icons/ 1 KB
1018 B 420ms
420ms Image
image/svg+xml 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flemings-hotels.com/integration/flemings-hotels/public/images/icons/bm_default_info_icon.svg

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

fce68f8947c03e8e8e627e6f5ba7bf0affd0cd3c55e518ff6262f5280496036b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:47 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 38eead3884c31255db5826ec949fe624.cloudfront.net (CloudFront)
x-amz-cf-pop: BCN50-P2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 12 Dec 2022 06:48:01 GMT
server: cloudflare
etag: W/"e64f434960bee7da0997c63815325573"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: no-cache
cf-ray: 7a2108d0eb21381f-FRA
x-amz-cf-id: KqYDzEbcqrROK6EYKGdGy0IRxE-Oi3jW6CMJJ1dB7m5hI8XIC8PaZA==

GET
H3 200 shape_overlay_hero.svg
www.flemings-hotels.com/integration/flemings-hotels/public/images/backgrounds/ 617 B
799 B 397ms
397ms Image
image/svg+xml 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flemings-hotels.com/integration/flemings-hotels/public/images/backgrounds/shape_overlay_hero.svg

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b11f420f3b20058e1ca2cd4cb645d5ef166128ac33149e3fdabb51ce9fdef886

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:47 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 1fc7b0202754f4920b9cc9b22707365c.cloudfront.net (CloudFront)
x-amz-cf-pop: BCN50-P2
content-encoding: br
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 25 Apr 2022 12:33:51 GMT
server: cloudflare
etag: W/"aeae4cbb5a58c0f11f2281898b020093"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: no-cache
cf-ray: 7a2108d11b45381f-FRA
x-amz-cf-id: PBj7CBpTO0wSsa9xUEvo3l9LlTC2PWzfq-KKS3OtfUaNzimMhLspDg==

GET
H3 200 Practice-Italic.woff2
www.flemings-hotels.com/integration/flemings-hotels/public/fonts/Practice-Italic/ 49 KB
49 KB 143ms
142ms Font
application/font-woff2 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flemings-hotels.com/integration/flemings-hotels/public/fonts/Practice-Italic/Practice-Italic.woff2

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7937fd6e1b04aaaae3549fd2a6e2d9c7a773124879db28cf22e4cc13c1ffa0b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css
Origin: https://www.flemings-hotels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:47 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 da392114e7046bd9720a70f40c796f62.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 49864
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 25 Apr 2022 12:33:44 GMT
server: cloudflare
etag: "ea39c9bcf709fd5ffe958cc37d3a205b"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/font-woff2
cache-control: no-cache
cf-ray: 7a2108d11b49381f-FRA
x-amz-cf-id: we_vTu2zrkhxqLcqGoxwXU5ilxrd5XS_liFDIWC2S4Cv70J8Pikxpg==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10790894489/ 3 KB
1 KB 391ms
94ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10790894489/?random=1677837647638&cv=11&fst=1677837647638&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.flemings-hotels.com%2F&tiba=Flemings%20Hotels%20%7C%20Offizielle%20Webseite%20%7C%20Direkt%20Online%20Buchen&auid=2092517816.1677837648&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PC9F8W6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

572fa63afe279e0d812fdce151eeec2edada050bbc48792580250870531da057

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:00:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1221
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/10790794923/ 3 KB
2 KB 389ms
93ms Script
text/javascript 2a00:1450:400d:805::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/10790794923/?random=1677837647642&cv=11&fst=1677837647642&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.flemings-hotels.com%2F&tiba=Flemings%20Hotels%20%7C%20Offizielle%20Webseite%20%7C%20Direkt%20Online%20Buchen&auid=2092517816.1677837648&uamb=0&uaw=0&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PC9F8W6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:805::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

8f30eb6c106814ed231be24ed185b20bb265fbb20439b3b6e2f3f6d2b8dfb384

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:00:47 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 1221
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

activityi;dc_pre=CMi9_afAv_0CFdDxmgodQ9EISw;src=3510645;type=websi050;cat=webi123;ord=1;num=7401717554266;gtm=45He3310;auiddc=2092517816.1677837648;~oref=https%3A%2F%2Fwww.flemings-hotels.com%2F Show response
3510645.fls.doubleclick.net/ Frame DBED
Redirect Chain

https://3510645.fls.doubleclick.net/activityi;src=3510645;type=websi050;cat=webi123;ord=1;num=7401717554266;gtm=45He3310;auiddc=2092517816.1677837648;~oref=https%3A%2F%2Fwww.flemings-hotels.com%2F?
https://3510645.fls.doubleclick.net/activityi;dc_pre=CMi9_afAv_0CFdDxmgodQ9EISw;src=3510645;type=websi050;cat=webi123;ord=1;num=7401717554266;gtm=45He3310;auiddc=2092517816.1677837648;~oref=https%3...

499 B
447 B

61ms
61ms

Document
text/html

142.250.186.70
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://3510645.fls.doubleclick.net/activityi;dc_pre=CMi9_afAv_0CFdDxmgodQ9EISw;src=3510645;type=websi050;cat=webi123;ord=1;num=7401717554266;gtm=45He3310;auiddc=2092517816.1677837648;~oref=https%3A%2F%2Fwww.flemings-hotels.com%2F?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PC9F8W6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.70 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s05-in-f6.1e100.net

Software

cafe /

Resource Hash

4d4078acb3c6ad5495ce2a8cec218c2a6bf95e0d43be01a83b4e9e430bc2c873

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flemings-hotels.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 272
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 10:00:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 10:00:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://3510645.fls.doubleclick.net/activityi;dc_pre=CMi9_afAv_0CFdDxmgodQ9EISw;src=3510645;type=websi050;cat=webi123;ord=1;num=7401717554266;gtm=45He3310;auiddc=2092517816.1677837648;~oref=https%3A%2F%2Fwww.flemings-hotels.com%2F?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 404 undefinedasync
www.flemings-hotels.com/ 0
0 710ms
709ms Script
text/html 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flemings-hotels.com/undefinedasync

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PC9F8W6

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 10a6624f4fad72aa8dec483940cdef8a.cloudfront.net (CloudFront)
x-amz-cf-pop: BCN50-P2
content-encoding: br
x-cache: Error from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
server: cloudflare
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/html; charset=utf-8
cache-control: no-cache
cf-ray: 7a2108d1ec2a381f-FRA
x-amz-cf-id: _U3NZhurXpTvjEtiTjHsyDdNGlLAdjiY0HxLSRnQbFm--kdeUhz7bA==

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 106 KB
28 KB 289ms
25ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cab52dc3525d23d87fc3337ea17253060c6f723389a33e62699d510f1878972b

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 03 Mar 2023 10:00:47 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27843
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: hIx75fHxFoGC912ruLUkrPa8F7Xqy6qN3bISjbWvQ6Yi7upc4uuB90FvKeaAOkPkSamkeYPFTBCMcIzFL7nnXw==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 flemings-hotels-easter-special.jpg
image-tc.galaxy.tf/wijpeg-euk8gy63y0k7cjl7jx0w829is/ 201 KB
201 KB 610ms
609ms Image
image/jpeg 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-euk8gy63y0k7cjl7jx0w829is/flemings-hotels-easter-special.jpg?width=3840

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

75d531ae26f5f2096588186796c42a4a8df39ede4e04de0c5cc687e54d9c559c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:48 GMT
x-amz-version-id: 1A3t4rABFBvm73V6Q6dNmBipYyAteKcw
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 d9b4f7932dd39e3cb7eccebd62e86aae.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: BCN50-P2
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
cf-cache-status: DYNAMIC
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 205437
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 27 Feb 2023 12:09:34 GMT
server: cloudflare
etag: "e72524e782da87d2f3c1c9727582712f"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7a2108d658e03609-FRA
x-amz-cf-id: idErS88vojeYn_W6xIx23tU5NVLQGgUjtwi9cc7hIRvgZ2Y8yO04Ng==

GET
H2 200 dc_pre=CMi9_afAv_0CFdDxmgodQ9EISw;src=3510645;type=websi050;cat=webi123;ord=1;num=7401717554266;gtm=45He3310;auiddc=2092517816.1677837648;~oref=https%3A%2F%2Fwww.flemings-hotels.com%2F Show response
adservice.google.com/ddm/fls/i/ Frame C7C9 498 B
648 B 175ms
70ms Document
text/html 2a00:1450:400d:80d::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/ddm/fls/i/dc_pre=CMi9_afAv_0CFdDxmgodQ9EISw;src=3510645;type=websi050;cat=webi123;ord=1;num=7401717554266;gtm=45He3310;auiddc=2092517816.1677837648;~oref=https%3A%2F%2Fwww.flemings-hotels.com%2F

Requested by

Host: 3510645.fls.doubleclick.net
URL: https://3510645.fls.doubleclick.net/activityi;dc_pre=CMi9_afAv_0CFdDxmgodQ9EISw;src=3510645;type=websi050;cat=webi123;ord=1;num=7401717554266;gtm=45He3310;auiddc=2092517816.1677837648;~oref=https%3A%2F%2Fwww.flemings-hotels.com%2F?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80d::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

017dff1935dfd5292fe549ef1b24d3d6ed4b3e1df5445de488f5f046bb12640f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://3510645.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: no-cache, must-revalidate
content-encoding: br
content-length: 273
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 10:00:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
pragma: no-cache
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/ 408 KB
163 KB 132ms
38ms Script
text/javascript 2a00:1450:400d:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/Nh10qRQB5k2ucc5SCBLAQ4nA/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?onload=onLoadCaptcha

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.flemings-hotels.com/
Origin: https://www.flemings-hotels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Thu, 02 Mar 2023 06:11:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 100169
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 166391
x-xss-protection: 0
last-modified: Mon, 20 Feb 2023 05:03:28 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 01 Mar 2024 06:11:19 GMT

POST
H/1.1 200
OK 1 Show response
dynamic.travelclick-websolutions.com/token/ 686 B
1 KB 432ms
134ms XHR
application/json 195.244.31.25
IGUANA-WORLDWIDE

General

Check archive.org

Show headers Download Go to

Full URL

https://dynamic.travelclick-websolutions.com/token/1

Requested by

Host: cdn.galaxy.tf
URL: https://cdn.galaxy.tf/asset-galaxy/js/gms-latest.min.js?v19d44e94291151bfdcd1444d5caca497

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

195.244.31.25 Newark, United States, ASN63140 (IGUANA-WORLDWIDE, US),

Reverse DNS

xo7-viplb-01-new.ny.ig-1.net

Software

Apache /

Resource Hash

c5b0c0ba1acecc2e0e5353111ad66bb55a8c7737cb7812c0656b8716faaaad2e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 03 Mar 2023 10:00:48 GMT
Content-Encoding: gzip
Strict-Transport-Security: max-age=15768000
Server: Apache
Vary: Accept-Encoding
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate
X-Real-Hostname: xo7-web-02
Content-Length: 555
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 invisible.js Show response
www.flemings-hotels.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/ Frame 5D7A 39 KB
16 KB 30ms
30ms Script
application/javascript 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.flemings-hotels.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1677830400
Requested by: Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b5493b4e6fab99c195e5f1c878d34f4aa84cd3fd4fea932c8a9ebbe172621086

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:48 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7a2108d679b7381f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 859822401569438 Show response
connect.facebook.net/signals/config/ 377 KB
108 KB 25ms
25ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/859822401569438?v=2.9.97&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

5af0c53b5878d54664c7bb957ac58b9bc162f338c6e29723fa5dfd9e52137e5f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Fri, 03 Mar 2023 10:00:48 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 110200
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: SchWrJ28XUuwXwzn51+zXg4cfR5A4FpYbQzmEe8o7TszJKoiFwDIZ61ran9y9/L7QlY8NumZ3wkzvGGbW2GZ4w==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
x-frame-options: DENY
origin-agent-cluster: ?0
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10790794923/ 42 B
327 B 61ms
59ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10790794923/?random=1677837647642&cv=11&fst=1677837600000&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.flemings-hotels.com%2F&tiba=Flemings%20Hotels%20%7C%20Offizielle%20Webseite%20%7C%20Direkt%20Online%20Buchen&fmt=3&is_vtc=1&random=2203768157&rmt_tld=0&ipr=y

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:00:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10790794923/ 42 B
455 B 85ms
33ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10790794923/?random=1677837647642&cv=11&fst=1677837600000&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.flemings-hotels.com%2F&tiba=Flemings%20Hotels%20%7C%20Offizielle%20Webseite%20%7C%20Direkt%20Online%20Buchen&fmt=3&is_vtc=1&random=2203768157&rmt_tld=1&ipr=y

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:00:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/10790894489/ 42 B
108 B 61ms
60ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/10790894489/?random=1677837647638&cv=11&fst=1677837600000&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.flemings-hotels.com%2F&tiba=Flemings%20Hotels%20%7C%20Offizielle%20Webseite%20%7C%20Direkt%20Online%20Buchen&fmt=3&is_vtc=1&random=2425141721&rmt_tld=0&ipr=y

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:00:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/10790894489/ 42 B
108 B 85ms
34ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/10790894489/?random=1677837647638&cv=11&fst=1677837600000&bg=ffffff&guid=ON&async=1&gtm=45He3310&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.flemings-hotels.com%2F&tiba=Flemings%20Hotels%20%7C%20Offizielle%20Webseite%20%7C%20Direkt%20Online%20Buchen&fmt=3&is_vtc=1&random=2425141721&rmt_tld=1&ipr=y

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:00:48 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

OPTIONS
H2 200 369350
api.tsa-db.com/v1/data/BID/ Frame 0
0 126ms
24ms Preflight
application/json 2600:9000:21f3:6a00:16:41f8:18c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.tsa-db.com/v1/data/BID/369350
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:6a00:16:41f8:18c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://www.flemings-hotels.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

access-control-allow-headers: Content-Type,X-Amz-Date,Authorization,X-Api-Key,X-Amz-Security-Token,X-Amz-User-Agent
access-control-allow-methods: OPTIONS,GET
access-control-allow-origin: *
access-control-max-age: 86400
age: 8121
cache-control: max-age=86400, s-maxage=86400, proxy-revalidate
content-length: 0
content-type: application/json
date: Fri, 03 Mar 2023 07:45:27 GMT
via: 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-apigw-id: BMbPpGxSDoEFgkQ=
x-amz-cf-id: jSZxyYNQR_HC6y7jigwDvLSWtQMEHUwJazUPDIFR9ksbwEhApx2GgA==
x-amz-cf-pop: FRA2-C2
x-amzn-requestid: 8468433b-aef9-4147-ae89-79cfd660a93e
x-cache: Hit from cloudfront

GET
H2 200 369350 Show response
api.tsa-db.com/v1/data/BID/ 659 B
1 KB 26ms
26ms XHR
application/json 2600:9000:21f3:6a00:16:41f8:18c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://api.tsa-db.com/v1/data/BID/369350
Requested by: Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:21f3:6a00:16:41f8:18c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 51421b6614b6f64a093b89713160032c17539dcd2f2a251e92c9ca26180440f9

Request headers

Referer: https://www.flemings-hotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 03 Mar 2023 09:53:27 GMT
via: 1.1 90cf045072373c2c671297de3161846e.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
age: 441
x-amzn-trace-id: Root=1-6401c397-2ea23a79137f8be10ff83c66;Sampled=0
x-amzn-requestid: 7bb75d7f-380f-473f-b80e-fc2ed5bced6e
x-cache: Hit from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=600
access-control-allow-credentials: true
x-amz-apigw-id: BMt_tEZcjoEFjnQ=
content-length: 659
x-amz-cf-id: 36UjVPn4E2rAJKRG7LRJJWDFLCFBAq8cegR0e4WV0MC2_O3N8UPoiA==

GET
H3 200 down-arrow-head-sm.png
www.flemings-hotels.com/integration/flemings-hotels/public/images/icons/ 251 B
678 B 107ms
107ms Image
image/png 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flemings-hotels.com/integration/flemings-hotels/public/images/icons/down-arrow-head-sm.png

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

58f1e19458d16afbd89a03103832d3e5cb4be73e49723eaea8fc60baa3a4fe98

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 ad3c90e13b86d72e2a5e6bf65eab3450.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 251
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 25 Apr 2022 12:33:41 GMT
server: cloudflare
etag: "80ac92094562ebba0148d532ba845bf8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: no-cache
cf-ray: 7a2108d699dd381f-FRA
x-amz-cf-id: dmmE6N8BKO882YES-GYcwDjDKKgKIRq95EX1s4qD4MefPNo4UD4r-g==

GET
H3 200 down-arrow-head-black.png
www.flemings-hotels.com/integration/flemings-hotels/public/images/icons/ 230 B
658 B 107ms
107ms Image
image/png 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flemings-hotels.com/integration/flemings-hotels/public/images/icons/down-arrow-head-black.png

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cb3a1ca037b6d51cc737131d8156df29ff02852690656c9068a0acb5e3573c45

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 da78abc509aafffb42eec33ca2dc60d4.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 230
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 25 Apr 2022 12:33:41 GMT
server: cloudflare
etag: "fc97430977357247e34cf585b9015b5c"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: no-cache
cf-ray: 7a2108d6a9ef381f-FRA
x-amz-cf-id: 2HRsn6-QkCcZr7LzSWRg0kQMMWpl9ALJoIvjo8E5f_DZJgqidqgQIQ==

GET
H3 200 left-arrow.png
www.flemings-hotels.com/integration/flemings-hotels/public/images/icons/ 242 B
671 B 143ms
142ms Image
image/png 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flemings-hotels.com/integration/flemings-hotels/public/images/icons/left-arrow.png

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3000a1f92a8cfcd17c13323aee766905256c11b1f33e279f0ca4c3a77dd30c75

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 83e65135bbd5c350d37dc79cfa0bcf7c.cloudfront.net (CloudFront)
x-amz-cf-pop: BCN50-P2
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 242
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 25 Apr 2022 12:34:11 GMT
server: cloudflare
etag: "b6b15e028b601dd413fe880f634aaad8"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: no-cache
cf-ray: 7a2108d6ca14381f-FRA
x-amz-cf-id: Rfo_KiRa-r7loiw3I2J5sYnn8bwP4N-aohJ9slYchPca1V3qQ5EE5A==

GET
H3 200 right-arrow.png
www.flemings-hotels.com/integration/flemings-hotels/public/images/icons/ 328 B
755 B 101ms
101ms Image
image/png 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.flemings-hotels.com/integration/flemings-hotels/public/images/icons/right-arrow.png

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

bbfbbf0c2b2d2a0247cc87d46008fa902a0bb13ea03ebd2b08e1e5e9b9dd011f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/css/custom/5331/285/66002e1c23f508381b12a692e13de19a/main.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 12e62b05f63a1a2118cca20014b15012.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA60-P4
x-cache: Miss from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 328
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 25 Apr 2022 12:34:13 GMT
server: cloudflare
etag: "3e5a460ad4ff936924acbed3f66714dc"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/png
cache-control: no-cache
cf-ray: 7a2108d6ca16381f-FRA
x-amz-cf-id: ModPsRIcsGN7d9tc4J1yCeXb2j7bdHZ6mdWlk2sUwmL78dbZUBJ2Tg==

GET
H3 200 initPersonalization.bundle.js Show response
www.flemings-hotels.com/frontend/galaxy-helpers/public/ 20 KB
8 KB 207ms
207ms Script
application/javascript 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.flemings-hotels.com/frontend/galaxy-helpers/public/initPersonalization.bundle.js?ver=9e12c2ffed8b366e72d7

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/frontend/galaxy-helpers/public/galaxy-helpers.js?v=l-676494c8-7126-41cd-8b37-49a9ecd71ccc

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7022cad501999201306c3542290df7945db17d5249478c3b8295b4e4d85ba6eb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:48 GMT
strict-transport-security: max-age=31536000; includeSubdomains; preload
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
via: 1.1 1fc7b0202754f4920b9cc9b22707365c.cloudfront.net (CloudFront)
x-amz-cf-pop: BCN50-P2
content-encoding: br
x-cache: RefreshHit from cloudfront
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 09 Nov 2022 10:36:02 GMT
server: cloudflare
etag: W/"b7eaa1851b39189f3089e87af9633eb2"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript
cache-control: no-cache
cf-ray: 7a2108d6da23381f-FRA
x-amz-cf-id: 5Pet78UMft2XerNIEWhroPa4qR8ITdfGWzkLtQlGqsySS8okJ2MCLw==

GET
H3 200 pica.js
www.flemings-hotels.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame 5D7A 17 KB
8 KB 27ms
27ms Other
application/javascript 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.flemings-hotels.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Requested by: Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0ac0ea26e605f6ddbca2dd1ec5d45f9de5c3b65be8643e248ce37d9c8827e390

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:48 GMT
content-encoding: br
server: cloudflare
vary: accept-encoding
content-type: application/javascript; charset=UTF-8
cache-control: max-age=14400, public
x-control-type-options: nosniff
cf-ray: 7a2108d6fa53381f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 71ms
24ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=859822401569438&ev=PageView&dl=https%3A%2F%2Fwww.flemings-hotels.com%2F&rl=&if=false&ts=1677837648489&sw=1600&sh=1200&v=2.9.97&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1677837648488.1907302680&it=1677837648396&coo=false&dpo=LDU&dpoco=0&dpost=0&rqm=GET

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 03 Mar 2023 10:00:48 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 flemings-hotel-ma-nchen-schwabing-signature-suite-room-354-4.jpg
image-tc.galaxy.tf/wijpeg-56npmku6o1zmvz9gmquyv0xaw/ 197 KB
198 KB 463ms
463ms Image
image/jpeg 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-56npmku6o1zmvz9gmquyv0xaw/flemings-hotel-ma-nchen-schwabing-signature-suite-room-354-4.jpg?width=3840

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d042413afc090a7d14aa77f2844de5f1191c96e6849fa3fdd38adec16d0dc5a1

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:48 GMT
x-amz-version-id: AXQ_O7_jOoMsY_JYzC6C9OWLxsyYrG0H
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 1277de71b2472d19ca0bfc510db9ec54.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
cf-cache-status: DYNAMIC
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 202103
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 14 Dec 2022 09:37:46 GMT
server: cloudflare
etag: "baf193f1187f52aabc309866df841bff"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7a2108d77f0c90fb-FRA
x-amz-cf-id: xVwkDDAoPhhM6t2EfpudAXKDa3lzj2nfs42Kugc8Mm4pvY39Z2Ik4Q==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 130ms
35ms Script
text/javascript 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 03 Mar 2023 09:17:30 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 2598
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 03 Mar 2023 11:17:30 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 202 KB
73 KB 30ms
29ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-3R5SJEDWK4&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TL2MM4B

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

425350da69e5988590738404fd5183555caadfb38e5c1a8c185f9c09900733ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 74304
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 03 Mar 2023 10:00:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 224 KB
78 KB 36ms
36ms Script
application/javascript 2a00:1450:4001:813::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-YV6V62NPF3&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PC9F8W6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3775aa9de42d65b9dfd749257fefab0d2d1234661046a75dc89fbe14dda33ca4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:48 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79370
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 03 Mar 2023 10:00:48 GMT

GET
H2 200 dc_pre=CMi9_afAv_0CFdDxmgodQ9EISw;src=3510645;type=websi050;cat=webi123;ord=1;num=7401717554266;gtm=45He3310;auiddc=2092517816.1677837648;~oref=https%3A%2F%2Fwww.flemings-hotels.com%2F Show response
adservice.google.de/ddm/fls/i/ Frame B72E 194 B
515 B 145ms
60ms Document
text/html 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/ddm/fls/i/dc_pre=CMi9_afAv_0CFdDxmgodQ9EISw;src=3510645;type=websi050;cat=webi123;ord=1;num=7401717554266;gtm=45He3310;auiddc=2092517816.1677837648;~oref=https%3A%2F%2Fwww.flemings-hotels.com%2F

Requested by

Host: adservice.google.com
URL: https://adservice.google.com/ddm/fls/i/dc_pre=CMi9_afAv_0CFdDxmgodQ9EISw;src=3510645;type=websi050;cat=webi123;ord=1;num=7401717554266;gtm=45He3310;auiddc=2092517816.1677837648;~oref=https%3A%2F%2Fwww.flemings-hotels.com%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
cache-control: private, max-age=0
content-encoding: br
content-length: 85
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Fri, 03 Mar 2023 10:00:48 GMT
expires: Fri, 03 Mar 2023 10:00:48 GMT
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
server: cafe
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

POST
H3 200 7a2108cc8d319162 Show response
www.flemings-hotels.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame 5D7A 2 B
397 B 50ms
47ms XHR
text/plain 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.flemings-hotels.com/cdn-cgi/challenge-platform/h/g/cv/result/7a2108cc8d319162
Requested by: Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/cdn-cgi/challenge-platform/h/g/scripts/alpha/invisible.js?ts=1677830400
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 03 Mar 2023 10:00:48 GMT
content-encoding: br
server: cloudflare
cf-ray: 7a2108d88cb5381f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-type: text/plain; charset=UTF-8

GET
H3 200 lobby-im-selection-02.jpg
image-tc.galaxy.tf/wijpeg-6jd1z416s4amiwh1hoti5ftim/ 340 KB
340 KB 600ms
599ms Image
image/jpeg 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-6jd1z416s4amiwh1hoti5ftim/lobby-im-selection-02.jpg?width=3840

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a34c18369e58224acd6cf0594418dd49f7e766f2a6d2f3029f7a0c883156be52

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:49 GMT
x-amz-version-id: dr6LG43VgPTZtTFDgAoUl4TBL4hCfUX7
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 e32e2bffc79fb8fcf5f4db62ca190200.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: MSP50-P1
cf-cache-status: DYNAMIC
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 347693
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Mon, 07 Feb 2022 02:40:44 GMT
server: cloudflare
etag: "538b64229ac85ea2d9644c5bff7b6b04"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7a2108d8a82990fb-FRA
x-amz-cf-id: dcJh3RTR6gCjwb0195iy88b5xJ0rRKxSvMxh3jBcz0hk4lN-PTmqiw==

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
214 B 57ms
56ms XHR
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=1101657908&t=pageview&_s=1&dl=https%3A%2F%2Fwww.flemings-hotels.com%2F&ul=en-us&de=UTF-8&dt=Flemings%20Hotels%20%7C%20Offizielle%20Webseite%20%7C%20Direkt%20Online%20Buchen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAACAEK~&jid=1137427488&gjid=1115541888&cid=1135207507.1677837649&tid=UA-162681275-1&_gid=410240928.1677837649&_r=1&_slc=1&gtm=45He3310n81TL2MM4B&cg1=web&cg2=not_applicable&cg3=group_property&cd1=369350&cd2=FLE&cd3=Flemings%20Hotels&cd4=not_applicable&cd5=not_applicable&cd6=not_applicable&cd7=not_applicable&cd8=not_applicable&cd9=not_applicable&cd10=not_applicable&cd11=not_applicable&cd12=galaxy&cd13=custom&cd19=tvs_no&cd20=not_applicable&cd21=group_property&cd22=not_applicable&cd23=not_applicable&cd24=2&cd25=de&cd26=web&cd27=not_applicable&cd28=not_applicable&cd29=not_applicable&cd30=no&cd31=no&cd34=%7C&cd36=%7C&cd38=https%3A%2F%2Fwww.flemings-hotels.com%2F&cd39=not_applicable&cd40=flemings-hotels.com&cd41=GTM-TL2MM4B&cd42=62&cd54=be4&cd59=0&z=332555814

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.flemings-hotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:00:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.flemings-hotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
71 B 58ms
58ms XHR
text/plain 2a00:1450:400d:80a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&aip=1&a=1101657908&t=pageview&_s=1&dl=https%3A%2F%2Fwww.flemings-hotels.com%2F&ul=en-us&de=UTF-8&dt=Flemings%20Hotels%20%7C%20Offizielle%20Webseite%20%7C%20Direkt%20Online%20Buchen&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGDACEABBAAAACAEK~&jid=1373823387&gjid=1956492072&cid=1135207507.1677837649&tid=UA-10492420-1&_gid=410240928.1677837649&_r=1&_slc=1&gtm=45He3310n81PC9F8W6&cg1=not_applicable&cd1=not_set&cd2=not_applicable&cd3=not_applicable&cd4=not_applicable&cd5=https%3A%2F%2Fwww.flemings-hotels.com%2F&cd6=not_applicable&cd7=not_applicable&cd8=not_applicable&cd9=de&cd10=not_applicable&cd11=not_applicable&cd12=not_applicable&cd13=not_applicable&cd14=no&cd20=no&z=1273732921

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::200e , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.flemings-hotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:00:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.flemings-hotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
260 B 83ms
29ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-3R5SJEDWK4&gtm=45je3310&_p=1101657908&cid=1135207507.1677837649&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1677837648&sct=1&seg=0&dl=https%3A%2F%2Fwww.flemings-hotels.com%2F&dt=Flemings%20Hotels%20%7C%20Offizielle%20Webseite%20%7C%20Direkt%20Online%20Buchen&en=page_view&_fv=1&_ss=1&ep.hotel_name=not_applicable&ep.hotel_id=not_applicable&ep.hotel_bid=369350&ep.hotel_brand_name=Flemings%20Hotels&ep.hotel_chain_id=FLE&ep.hotel_city=not_applicable&ep.hotel_continent=not_applicable&ep.hotel_country=not_applicable&ep.hotel_state=not_applicable&ep.hotel_sub_brand_name=not_applicable&ep.hotel_tc_region=not_applicable&ep.hotel_booking_engine=not_applicable&ep.page_has_tvs=no&ep.page_language=de&ep.page_section=not_applicable&ep.page_subsection=not_applicable&ep.site_cms=galaxy&ep.site_galaxy_product=custom&ep.site_tvs=tvs_no&ep.hotel_property_type=group_property&ep.hotel_star_rating=not_applicable&ep.hotel_room_types_count=not_applicable&epn.site_number_of_languages=2&ep.site_global_product=web&ep.page_content_group=not_applicable&ep.site_be_version=be4&epn.page_tvs_videos_count=0&up.user_logged_in=no
Requested by: Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:00:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.flemings-hotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.google-analytics.com/g/ 0
54 B 54ms
30ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.google-analytics.com/g/collect?v=2&tid=G-YV6V62NPF3&gtm=45je3310&_p=1101657908&cid=1135207507.1677837649&ul=en-us&sr=1600x1200&ir=1&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_eu=EA&_s=1&sid=1677837648&sct=1&seg=0&dl=https%3A%2F%2Fwww.flemings-hotels.com%2F&dt=Flemings%20Hotels%20%7C%20Offizielle%20Webseite%20%7C%20Direkt%20Online%20Buchen&en=page_view&_fv=1&_ss=1&ep.page_section=not_applicable&ep.page_subsection=not_applicable&ep.page_content_group=not_applicable&ep.page_full_url=https%3A%2F%2Fwww.flemings-hotels.com%2F&ep.page_language=de&ep.page_containing_tvs=no&ep.hotel_city=not_applicable&ep.hotel_country=not_applicable&ep.hotel_state=not_applicable&ep.hotel_continent=not_applicable&ep.hotel_brand_name=not_applicable&ep.hotel_id=not_applicable&ep.hotel_name=not_applicable&ep.hotel_star_rating=not_applicable&ep.hotel_property_type=group_property&ep.hotel_booking_engine_provider=not_applicable&up.user_logged_in_session=no
Requested by: Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:00:48 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.flemings-hotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
355 B 90ms
30ms XHR
text/plain 2a00:1450:400c:c00::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-10492420-1&cid=1135207507.1677837649&jid=1373823387&gjid=1956492072&_gid=410240928.1677837649&_u=YGDACEABBAAAACAEK~&z=617088515

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.flemings-hotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 03 Mar 2023 10:00:48 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.flemings-hotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 83ms
82ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-10492420-1&cid=1135207507.1677837649&jid=1373823387&_u=YGDACEABBAAAACAEK~&z=96452012

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:00:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 45ms
44ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-10492420-1&cid=1135207507.1677837649&jid=1373823387&_u=YGDACEABBAAAACAEK~&z=96452012

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 03 Mar 2023 10:00:48 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
54 B 23ms
22ms Image
text/plain 2a03:2880:f177:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=859822401569438&ev=Microdata&dl=https%3A%2F%2Fwww.flemings-hotels.com%2F&rl=&if=false&ts=1677837648992&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Flemings%20Hotels%20%7C%20Offizielle%20Webseite%20%7C%20Direkt%20Online%20Buchen%22%2C%22meta%3Adescription%22%3A%22Besuchen%20Sie%20die%20offizielle%20Seite%20der%20Flemings%20Hotels%20und%20buchen%20Sie%20unsere%20zentral%20gelegenen%20Hotels%20in%20Frankfurt%2C%20M%C3%BCnchen%2C%20Wuppertal%2C%20Wien%20und%20Bremen!%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%22og%3Asite_name%22%3A%22Flemings%20Hotels%22%2C%22og%3Aurl%22%3A%22https%3A%2F%2Fwww.flemings-hotels.com%2F%22%2C%22og%3Atitle%22%3A%22Flemings%20Hotels%20%7C%20Offizielle%20Webseite%20%7C%20Direkt%20Online%20Buchen%22%2C%22og%3Adescription%22%3A%22Besuchen%20Sie%20die%20offizielle%20Seite%20der%20Flemings%20Hotels%20und%20buchen%20Sie%20unsere%20zentral%20gelegenen%20Hotels%20in%20Frankfurt%2C%20M%C3%BCnchen%2C%20Wuppertal%2C%20Wien%20und%20Bremen!%22%2C%22og%3Alocale%22%3A%22de_DE%22%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%7B%22%40context%22%3A%22http%3A%2F%2Fschema.org%22%2C%22%40type%22%3A%22BreadcrumbList%22%2C%22itemListElement%22%3A%5B%7B%22%40type%22%3A%22ListItem%22%2C%22position%22%3A1%2C%22item%22%3A%7B%22%40id%22%3A%22https%3A%2F%2Fwww.flemings-hotels.com%2F%22%2C%22name%22%3A%22Home%22%7D%7D%5D%7D%5D&sw=1600&sh=1200&v=2.9.97&r=stable&ec=1&o=30&fbp=fb.1.1677837648488.1907302680&it=1677837648396&coo=false&dpo=LDU&dpoco=0&dpost=0&es=automatic&tm=3&rqm=GET

Requested by

Host: www.flemings-hotels.com
URL: https://www.flemings-hotels.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Fri, 03 Mar 2023 10:00:49 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H3 200 flemings-hotels-occhio-d-oro-food_portrait.jpg
image-tc.galaxy.tf/wijpeg-3a8i02bvi8avzeo743n8gs1jx/ 202 KB
203 KB 463ms
463ms Image
image/jpeg 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-3a8i02bvi8avzeo743n8gs1jx/flemings-hotels-occhio-d-oro-food_portrait.jpg?crop=510%2C0%2C900%2C1200&width=1920

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8c19a133c4ca38507ce26ba3104a86c3ed86741e3e74dc8aad6423567711c2f7

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:50 GMT
x-amz-version-id: dtxzeuRZ7D6oiAANEB8vnBjAEMhPPEnH
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 2f471134491a4de5cfcaef646caf9dde.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA6-C1
cf-cache-status: DYNAMIC
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 206954
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 19 Jul 2022 07:44:15 GMT
server: cloudflare
etag: "1d95f0a9a1ed77705aaf7ad03dc6b937"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7a2108dede0d90fb-FRA
x-amz-cf-id: afzR_Vxjsmt74o9vaMprwIq1pqYnoouQlY0UwmO0RS9BUezRwBYKeQ==

GET
H3 200 man-walking-on-street-with-shopping-bags.svg
image-tc.galaxy.tf/wisvg-dxnn6cq56zca554ppm84mzoap/ 19 KB
9 KB 507ms
507ms Image
image/svg+xml 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wisvg-dxnn6cq56zca554ppm84mzoap/man-walking-on-street-with-shopping-bags.svg?width=275

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

5602bdc542141d1a9efdb277fcd04c798b9cd5a2035487bf1732b992fbe2f327

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:50 GMT
x-amz-version-id: _8IBeBOA3BJpCs8H3qdwmyzjnFc4ghow
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA6-C1
cf-cache-status: DYNAMIC
content-encoding: br
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Mar 2022 03:52:24 GMT
server: cloudflare
etag: W/"eb609bb8c59e35b086447bd69c26cbc1"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/svg+xml
access-control-allow-origin: *
cache-control: no-cache
vary: Accept-Encoding
cf-ray: 7a2108dede0e90fb-FRA
x-amz-cf-id: 2nRWb0AUeyY4IjaWx4glsqPD2U3bEK2iMIbNxInXdYjAhI0l34RJNg==

GET
H3 200 flemings-hotels-bubbly-ball-special_portrait.jpg
image-tc.galaxy.tf/wijpeg-612h1tynsfet9mzv4jp9um2b5/ 132 KB
133 KB 487ms
487ms Image
image/jpeg 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-612h1tynsfet9mzv4jp9um2b5/flemings-hotels-bubbly-ball-special_portrait.jpg?crop=510%2C0%2C900%2C1200&width=1920

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

26bff5b5bbc3682ce9ad937b5f2887c3c972aa1a695e2c888ad7ff2d1097451f

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:50 GMT
x-amz-version-id: 4mvaQVcEkSeyl01lpJ7kXkJauo4jqpIu
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 d5fb859c39a16d7f218b4c7fb1528ad6.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA6-C1
cf-cache-status: DYNAMIC
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 135630
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Fri, 25 Nov 2022 11:38:33 GMT
server: cloudflare
etag: "e5022f87ae995dea86cd851feae3c783"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7a2108dede1090fb-FRA
x-amz-cf-id: ZCijSsYnfA1wdF4ZczihKKUxUCucBbY52vFoWmrEEoXCjfePwX2Rew==

GET
H3 200 file.png
image-tc.galaxy.tf/wipng-7tdxgisykidvpxtb6xcpnnh0l/ 42 KB
42 KB 501ms
501ms Image
image/png 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wipng-7tdxgisykidvpxtb6xcpnnh0l/file.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

718da8fbbe01f93258d41e6cfae4aae4902aa7d78bd324978bdc2a49c2743783

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:54 GMT
x-amz-version-id: WrG4gMnNiMXZeLN3_KFQDDEnxTEkGqTk
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 c275031486c6f7b744b8d30847e98b14.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA6-C1
x-amz-server-side-encryption: AES256
x-cache: RefreshHit from cloudfront
cf-cache-status: DYNAMIC
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 42542
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 20 Dec 2022 10:11:31 GMT
server: cloudflare
etag: "aa2c212d526700fd0de3e8b9a8d45c7c"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/png
access-control-allow-origin: *
cache-control: no-cache
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7a2108f81be190fb-FRA
x-amz-cf-id: NixeKCX8D4tqj5T1TeshjR4wlssmn4J3jMVk6l427pXi_lTguUzdEQ==

GET
H3 200 flemings-hotels-family-special-drinks_portrait.jpg
image-tc.galaxy.tf/wijpeg-8u33tmiyd0nx2p0wlbpi59aum/ 104 KB
104 KB 474ms
474ms Image
image/jpeg 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-8u33tmiyd0nx2p0wlbpi59aum/flemings-hotels-family-special-drinks_portrait.jpg?crop=510%2C0%2C900%2C1200&width=1920

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a67b76c7933fa2682fd1d11cde2efa3247d028a24966dc7d9f17900078dcd756

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:54 GMT
x-amz-version-id: JAyhGrAZIUkOZvlt0VuwkN3bDL3V7qCz
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 b8e900270aa30d899882e71796feca9c.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA6-C1
cf-cache-status: DYNAMIC
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 106050
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Wed, 20 Jul 2022 03:16:41 GMT
server: cloudflare
etag: "77b390773e21221100b6de65e990fe76"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7a2108f81be990fb-FRA
x-amz-cf-id: m2WG26pjTO9NtBa-2X2QUTxSJnqFZTh4cmKJmIJQyX4AyFjWDiSv7g==

GET
H3 200 fassade-flemings-express-hotel-frankfurt.jpg
image-tc.galaxy.tf/wijpeg-a4xdwentm1h7s9pgza1fjapqv/ 359 KB
359 KB 452ms
452ms Image
image/jpeg 2606:4700::6811:b83a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://image-tc.galaxy.tf/wijpeg-a4xdwentm1h7s9pgza1fjapqv/fassade-flemings-express-hotel-frankfurt.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6811:b83a , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4618a35ec16d094f7c2b1d329857f55deaff72777709124f4d855a5e18074f7c

Security Headers

Name	Value
Content-Security-Policy	default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.flemings-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.177 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 10:00:54 GMT
x-amz-version-id: 5vgrP3eYV70ww1ntSpPgE2l2M3SP_vcT
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains; preload
via: 1.1 49140b838a62cd29e30f20e39a82dad0.cloudfront.net (CloudFront)
content-security-policy: default-src 'self'; style-src 'self' 'unsafe-inline'; img-src 'self' data:; object-src 'none'
x-amz-cf-pop: FRA6-C1
cf-cache-status: DYNAMIC
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 367333
x-xss-protection: 1; mode=block
referrer-policy: no-referrer-when-downgrade
last-modified: Tue, 01 Feb 2022 12:22:15 GMT
server: cloudflare
etag: "71b81317191333daf4592d22d975746b"
x-frame-options: SAMEORIGIN
access-control-allow-methods: GET, HEAD, OPTIONS
content-type: image/jpeg
access-control-allow-origin: *
cache-control: no-cache
vary: Accept-Encoding
accept-ranges: bytes
cf-ray: 7a2108f81beb90fb-FRA
x-amz-cf-id: efZMviwYsDP23JGqeN-B2UrQBpmDpJj8Bg6cbLXnsRJFx5NLCmnB5w==

Verdicts & Comments Add Verdict or Comment

84 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

13 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
tcgms.net/tr	1969-12-31 23:59:59	Name: GMS_REDIRECT Value: 3E0151A5BF4BEF799EA7699BC4275F61
tcgms.net/	1970-01-20 10:47:09	Name: 9547360029925 Value: b865363345984
.flemings-hotels.com/	1970-01-20 12:13:33	Name: _gcl_au Value: 1.1.2092517816.1677837648
.doubleclick.net/	1970-01-20 10:03:58	Name: test_cookie Value: CheckForPermission
.flemings-hotels.com/	1970-01-20 12:13:33	Name: _fbp Value: fb.1.1677837648488.1907302680
www.flemings-hotels.com/	1970-01-20 10:03:59	Name: galaxy-session-cookie-de Value: true
.flemings-hotels.com/	1970-01-20 10:05:24	Name: _gid Value: GA1.2.410240928.1677837649
.flemings-hotels.com/	1970-01-20 10:03:57	Name: _gat_tct Value: 1
.flemings-hotels.com/	1970-01-20 10:03:57	Name: _gat_UA-10492420-1 Value: 1
.www.flemings-hotels.com/	1970-01-20 10:03:59	Name: __cf_bm Value: LtUp4_yX.K2xVZKzV4VR_swDXSAsIX9lurIPjrWJj64-1677837648-0-AYeypJs3V/dUNR9vYtCY/Qyivcuq7CNoM3R+bAjaOeUjM8SZQAjtTmgH3h2NQQAuwiQujyuHyIN7jRIJLo7K0GISJOF7WRLcOy4UGzXA4SWzFCcc2nNeUZh3VnPniIXOMjMyAKmJQF/tpAnlZ3AUj1Y=
.flemings-hotels.com/	1970-01-20 19:39:57	Name: _ga_3R5SJEDWK4 Value: GS1.1.1677837648.1.0.1677837648.0.0.0
.flemings-hotels.com/	1970-01-20 19:39:57	Name: _ga Value: GA1.1.1135207507.1677837649
.flemings-hotels.com/	1970-01-20 19:39:57	Name: _ga_YV6V62NPF3 Value: GS1.1.1677837648.1.0.1677837648.0.0.0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://www.flemings-hotels.com/undefinedasync Message: Failed to load resource: the server responded with a status of 404 ()
security	error	URL: https://www.flemings-hotels.com/(Line 2063) Message: Refused to execute script from 'https://www.flemings-hotels.com/undefinedasync' because its MIME type ('text/html') is not executable, and strict MIME type checking is enabled.

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

3510645.fls.doubleclick.net
adservice.google.com
adservice.google.de
api.trustyou.com
api.tsa-db.com
app.secureprivacy.ai
cdn.galaxy.tf
connect.facebook.net
dynamic.travelclick-websolutions.com
googleads.g.doubleclick.net
image-tc.galaxy.tf
region1.google-analytics.com
stats.g.doubleclick.net
tcgms.net
www.facebook.com
www.flemings-hotels.com
www.flemings-hotels.de
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
www.gstatic.com
104.26.3.32
104.96.154.58
142.250.186.70
195.244.31.25
2001:4860:4802:32::36
2600:9000:21f3:6a00:16:41f8:18c0:93a1
2606:4700::6811:b63a
2606:4700::6811:b73a
2606:4700::6811:b83a
2a00:1450:4001:813::2008
2a00:1450:4001:828::2002
2a00:1450:4001:829::2003
2a00:1450:400c:c00::9b
2a00:1450:400d:802::2003
2a00:1450:400d:805::2002
2a00:1450:400d:80a::2004
2a00:1450:400d:80a::200e
2a00:1450:400d:80d::2002
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
88.198.114.6
017dff1935dfd5292fe549ef1b24d3d6ed4b3e1df5445de488f5f046bb12640f
02fa4759cedac98b71d5cb98f7b84390ec4ee11a86186a0e27479a50262109e0
05978957c6c8b028f2785dc77271c286bfac76e30b7bcd7e835c2927fbe897cf
0ac0ea26e605f6ddbca2dd1ec5d45f9de5c3b65be8643e248ce37d9c8827e390
14cc66e8f9f632f795f3677df20755edfec2da56ce5391d3808046a63fafb05a
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
26bff5b5bbc3682ce9ad937b5f2887c3c972aa1a695e2c888ad7ff2d1097451f
3000a1f92a8cfcd17c13323aee766905256c11b1f33e279f0ca4c3a77dd30c75
3775aa9de42d65b9dfd749257fefab0d2d1234661046a75dc89fbe14dda33ca4
38267790fae07dd480bcaef3143cb7994862ebb0747e7727b4469654fb41ebf8
425350da69e5988590738404fd5183555caadfb38e5c1a8c185f9c09900733ae
4618a35ec16d094f7c2b1d329857f55deaff72777709124f4d855a5e18074f7c
4d4078acb3c6ad5495ce2a8cec218c2a6bf95e0d43be01a83b4e9e430bc2c873
51421b6614b6f64a093b89713160032c17539dcd2f2a251e92c9ca26180440f9
5602bdc542141d1a9efdb277fcd04c798b9cd5a2035487bf1732b992fbe2f327
572fa63afe279e0d812fdce151eeec2edada050bbc48792580250870531da057
58e9e1b97cb14d612b4fc1e52a34e161c8d4baa8e0d37bdbf4893b4dc25069f5
58f1e19458d16afbd89a03103832d3e5cb4be73e49723eaea8fc60baa3a4fe98
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
5a064c8f9ca44c02248a7e18e762f6ca616477ebc3b9e13a896fa4d6f74ef202
5af0c53b5878d54664c7bb957ac58b9bc162f338c6e29723fa5dfd9e52137e5f
6be8c702ecf7e676b3f8124253d6c97eb1cb0ab1c7d5a267983461f54658c4d4
7022cad501999201306c3542290df7945db17d5249478c3b8295b4e4d85ba6eb
718da8fbbe01f93258d41e6cfae4aae4902aa7d78bd324978bdc2a49c2743783
75d531ae26f5f2096588186796c42a4a8df39ede4e04de0c5cc687e54d9c559c
7937fd6e1b04aaaae3549fd2a6e2d9c7a773124879db28cf22e4cc13c1ffa0b2
82f50bcd7dbcf2a6c6aa63cd5fe368d98f94a1b3a7bc2758046eaab4558a9e25
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8c19a133c4ca38507ce26ba3104a86c3ed86741e3e74dc8aad6423567711c2f7
8f30eb6c106814ed231be24ed185b20bb265fbb20439b3b6e2f3f6d2b8dfb384
a34c18369e58224acd6cf0594418dd49f7e766f2a6d2f3029f7a0c883156be52
a67b76c7933fa2682fd1d11cde2efa3247d028a24966dc7d9f17900078dcd756
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b11f420f3b20058e1ca2cd4cb645d5ef166128ac33149e3fdabb51ce9fdef886
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b45e4a5049146af2d13f095faf4857790d38a2b5b0949c391ef539fba7698c36
b5493b4e6fab99c195e5f1c878d34f4aa84cd3fd4fea932c8a9ebbe172621086
bbfbbf0c2b2d2a0247cc87d46008fa902a0bb13ea03ebd2b08e1e5e9b9dd011f
c5b0c0ba1acecc2e0e5353111ad66bb55a8c7737cb7812c0656b8716faaaad2e
cab52dc3525d23d87fc3337ea17253060c6f723389a33e62699d510f1878972b
cb3a1ca037b6d51cc737131d8156df29ff02852690656c9068a0acb5e3573c45
cd2e6e286b2c1237bdf2cc4b970bf6c3930c9e405d69f68f3231044cfa405a0c
ce4f1b48eedafeaa3d9b02d15dc642b4cc9a995b6e517d6d9bd91d007a420a6c
d042413afc090a7d14aa77f2844de5f1191c96e6849fa3fdd38adec16d0dc5a1
d22f369c86d675099838940e5eff2d08b3323b56e6f06989d4bbdad69a6c79d0
dc1a649c2c24afe3072a5c478ca103e81a5f35f862e119d4a245b0b570f8c6ce
e1af5c26a6ca0cf6e1efcd25d203b5d1b890d8d2756d58ca0cfdfafa2f488576
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e57a18673369c39a2d5459f7ea0b6aafb0e2f7e5584d2bfde9850eb1e5c35768
e7954b62653e3d7d5a7b455589a7238d661dfbaebd18650bc4b9d82089ab7156
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f0d7324ee5af96dd606239d0642341472587b69b2abc82515899be1200701734
fce68f8947c03e8e8e627e6f5ba7bf0affd0cd3c55e518ff6262f5280496036b

www.flemings-hotels.com Open in urlscan Pro 2606:4700::6811:b83a Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

63 Requests

100 %HTTPS

76 %IPv6

16 Domains

22 Subdomains

20 IPs

5 Countries

4569 kBTransfer

14405 kBSize

13 Cookies

7 Outgoing links

Page URL History

Redirected requests

63 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.flemings-hotels.com Open in urlscan Pro
2606:4700::6811:b83a Public Scan

Screenshot
Live screenshot

Full Image

63
Requests

100 %
HTTPS

76 %
IPv6

16
Domains

22
Subdomains

20
IPs

5
Countries

4569 kB
Transfer

14405 kB
Size

13
Cookies

63 HTTP transactions
1 data transactions