www.h-hotels.com Open in urlscan Pro
2606:4700::6812:aa54 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://www.copitalone.com/
Effective URL:
https://www.h-hotels.com/
Submission: On August 12 via api (August 12th 2022, 1:01:29 am UTC) from US — Scanned from DE

Summary HTTP 103 Redirects Links 13 Behaviour Indicators

Summary

This website contacted 27 IPs in 4 countries across 26 domains to perform 103 HTTP transactions. The main IP is 2606:4700::6812:aa54, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.h-hotels.com.
TLS certificate: Issued by Cloudflare Inc ECC CA-3 on May 8th 2022. Valid for: a year.

This is the only time www.h-hotels.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
2 2	103.224.212.253 103.224.212.253	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1 5	103.224.182.206 103.224.182.206	133618 (TRELLIAN-...) (TRELLIAN-AS-AP Trellian Pty. Limited)
1	78.46.197.88 78.46.197.88	24940 (HETZNER-AS) (HETZNER-AS)
2	162.55.54.68 162.55.54.68	24940 (HETZNER-AS) (HETZNER-AS)
1 3	2606:4700:303... 2606:4700:3034::6815:2953	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1 1	2606:4700:303... 2606:4700:3037::6815:ed	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 35	2606:4700::68... 2606:4700::6812:aa54	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
1	2606:4700:440... 2606:4700:440e::ac40:9c1a	13335 (CLOUDFLAR...) (CLOUDFLARENET)
6	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
1	151.101.0.114 151.101.0.114	54113 (FASTLY) (FASTLY)
5	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	18.158.172.136 18.158.172.136	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:249... 2600:9000:2490:9400:f:8ce2:fb80:93a1	() ()
9	2606:4700:440... 2606:4700:4400::6812:26f3	13335 (CLOUDFLAR...) (CLOUDFLARENET)
4	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	172.217.18.2 172.217.18.2	15169 (GOOGLE) (GOOGLE)
1 4	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 5	2606:4700:10:... 2606:4700:10::6816:4788	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:400c:c00::9a	() ()
1	2a00:1450:400... 2a00:1450:4001:830::2002	() ()
2	2a00:1450:400... 2a00:1450:4001:813::2003	() ()
3	2620:1ec:27::... 2620:1ec:27::cafe:1806	() ()
2	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	() ()
1 3	20.234.93.27 20.234.93.27	() ()
1	20.62.48.180 20.62.48.180	() ()
103	27

2 103.224.212.253 (Australia) 2 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: lb-212-253.above.com

www.copitalone.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 103.224.182.206 (Australia) 1 redirects

ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU)
PTR: bidr.trellian.com

1redirc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 78.46.197.88 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.88.197.46.78.clients.your-server.de

clever-redirect.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 162.55.54.68 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.68.54.55.162.clients.your-server.de

spidershopping.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2606:4700:3034::6815:2953 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

shopbuttler.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:3037::6815:ed (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

www.smartredirect.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

35 2606:4700::6812:aa54 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

h-hotels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.h-hotels.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:440e::ac40:9c1a (United States)

ASN13335 (CLOUDFLARENET, US)

static.cloudflareinsights.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.0.114 (United States)

ASN54113 (FASTLY, US)

cdn.evgnet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.158.172.136 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-158-172-136.eu-central-1.compute.amazonaws.com

hhotelsag.germany-2.evergage.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2490:9400:f:8ce2:fb80:93a1 (None, )

ASN- ()

www.dwin1.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700:4400::6812:26f3 (United States)

ASN13335 (CLOUDFLARENET, US)

cookie-cdn.cookiepro.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 172.217.18.2 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s22-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2606:4700:10::6816:4788 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

onboard.triptease.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c00::9a (None, )

ASN- ()

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (None, )

ASN- ()

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2003 (None, )

ASN- ()

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:27::cafe:1806 (None, )

ASN- ()

www.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:181:face:b00c:0:25de (None, )

ASN- ()

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 20.234.93.27 (None, ) 1 redirects

ASN- ()

c.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.62.48.180 (None, )

ASN- ()

e.clarity.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
35	h-hotels.com 1 redirects h-hotels.com — Cisco Umbrella Rank: 101449 www.h-hotels.com	2 MB
9	cookiepro.com cookie-cdn.cookiepro.com — Cisco Umbrella Rank: 6850	145 KB
7	clarity.ms 1 redirects www.clarity.ms c.clarity.ms e.clarity.ms	28 KB
6	google.com www.google.com — Cisco Umbrella Rank: 10	25 KB
5	triptease.io 1 redirects onboard.triptease.io — Cisco Umbrella Rank: 25949	113 KB
5	gstatic.com www.gstatic.com	512 KB
5	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 52	40 KB
5	1redirc.com 1 redirects 1redirc.com — Cisco Umbrella Rank: 158453	8 KB
4	bing.com 1 redirects bat.bing.com — Cisco Umbrella Rank: 351 c.bing.com	14 KB
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 155	151 KB
3	shopbuttler.com 1 redirects shopbuttler.com — Cisco Umbrella Rank: 777464	4 KB
2	facebook.com www.facebook.com	382 B
2	google.de www.google.de	565 B
2	doubleclick.net stats.g.doubleclick.net googleads.g.doubleclick.net	2 KB
2	evergage.com hhotelsag.germany-2.evergage.com	1 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 94	131 KB
2	spidershopping.com spidershopping.com	1 KB
2	copitalone.com 2 redirects www.copitalone.com	2 KB
1	criteo.net static.criteo.net — Cisco Umbrella Rank: 627	14 KB
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 125	15 KB
1	dwin1.com www.dwin1.com	10 KB
1	evgnet.com cdn.evgnet.com — Cisco Umbrella Rank: 4216	44 KB
1	cloudflareinsights.com static.cloudflareinsights.com — Cisco Umbrella Rank: 1249	5 KB
1	smartredirect.de 1 redirects www.smartredirect.de — Cisco Umbrella Rank: 242322	697 B
1	clever-redirect.com clever-redirect.com — Cisco Umbrella Rank: 955687	693 B
0	criteo.com Failed gum.criteo.com Failed
103	26

	Domain	Requested by
34	www.h-hotels.com	shopbuttler.com www.h-hotels.com static.cloudflareinsights.com
9	cookie-cdn.cookiepro.com	www.googletagmanager.com cookie-cdn.cookiepro.com
6	www.google.com	www.h-hotels.com www.gstatic.com
5	onboard.triptease.io	1 redirects onboard.triptease.io
5	www.gstatic.com	www.google.com
5	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
5	1redirc.com	1 redirects 1redirc.com
4	connect.facebook.net	www.googletagmanager.com connect.facebook.net cookie-cdn.cookiepro.com
3	c.clarity.ms	1 redirects www.clarity.ms
3	www.clarity.ms	bat.bing.com www.clarity.ms
3	bat.bing.com	www.googletagmanager.com bat.bing.com cookie-cdn.cookiepro.com
3	shopbuttler.com	1 redirects spidershopping.com shopbuttler.com
2	www.facebook.com
2	www.google.de
2	hhotelsag.germany-2.evergage.com	cdn.evgnet.com
2	www.googletagmanager.com	shopbuttler.com 1redirc.com
2	spidershopping.com	clever-redirect.com
2	www.copitalone.com	2 redirects
1	e.clarity.ms	www.clarity.ms
1	c.bing.com	1 redirects
1	googleads.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	www.google-analytics.com
1	static.criteo.net	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.dwin1.com	www.googletagmanager.com
1	cdn.evgnet.com	www.h-hotels.com
1	static.cloudflareinsights.com	www.h-hotels.com
1	h-hotels.com	1 redirects
1	www.smartredirect.de	1 redirects
1	clever-redirect.com	1redirc.com
0	gum.criteo.com Failed	static.criteo.net
103	31

This site contains links to these domains. Also see Links.

Domain
blog.h-hotels.com
secure.h-hotels.com
www.h-hotels.jobs
www.facebook.com
www.instagram.com
de.linkedin.com
www.youtube.com
www.pinterest.de

Subject Issuer	Validity	Valid
tracker.clever-redirect.com R3	`2022-08-05` - `2022-11-03`	3 months	crt.sh
spidershopping.com R3	`2022-06-14` - `2022-09-12`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-01-26` - `2023-01-25`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
h-hotels.com Cloudflare Inc ECC CA-3	`2022-05-08` - `2023-05-08`	a year	crt.sh
www.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
cdn.evergage.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-13` - `2023-04-12`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.germany-2.evergage.com Amazon	`2022-08-04` - `2023-09-02`	a year	crt.sh
*.dwin1.com Amazon	`2021-11-19` - `2022-12-17`	a year	crt.sh
cookiepro.com Cloudflare Inc ECC CA-3	`2022-04-19` - `2023-04-19`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-05-21` - `2022-08-19`	3 months	crt.sh
www.googleadservices.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.bing.com Microsoft RSA TLS CA 01	`2022-06-10` - `2022-12-10`	6 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-06-21` - `2022-09-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-07-18` - `2022-10-10`	3 months	crt.sh
www.clarity.ms DigiCert TLS RSA SHA256 2020 CA1	`2022-02-27` - `2023-02-27`	a year	crt.sh
a.clarity.ms Microsoft Azure TLS Issuing CA 02	`2022-06-07` - `2023-06-02`	a year	crt.sh
c.msn.com Microsoft Azure TLS Issuing CA 01	`2022-07-25` - `2023-07-20`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.h-hotels.com/
Frame ID: 9791913EA2C7BC738C2DBD034E39D7A9
Requests: 103 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcWol0UAAAAAGDRzhC-80PzY0c1aaxV_b2JdDcK&co=aHR0cHM6Ly93d3cuaC1ob3RlbHMuY29tOjQ0Mw..&hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&size=compact&cb=hm2482z37n1g
Frame ID: 02A65EC5717992A55C2C033A434901C8
Requests: 4 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.h-hotels.com&origin=onetag
Frame ID: 771C5A4BBA217EAD810B078DE1FDFA43
Requests: 1 HTTP requests in this frame

Frame: https://onboard.triptease.io/kernel/v5676.60823/kernel-host.html?originHost=www.h-hotels.com
Frame ID: 2ACE40EE16CD0CAE3DA289F1A11C4125
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/bframe?hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&k=6LcWol0UAAAAAGDRzhC-80PzY0c1aaxV_b2JdDcK
Frame ID: 55DB046DE4BEA806EFCA09D882570C5F
Requests: 3 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 76E6872AD8E52B18E235A35BE6941A15
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

H-Hotels.com - Offizielle Website der Hyperion, H4, H2 & H+ Hotels

Page URL History Show full URLs

http://www.copitalone.com/ HTTP 302
https://www.copitalone.com/ HTTP 302
http://1redirc.com/r2.php?e=101Q3iV4eiK4UDyjOz6E5349fmNlT3JHTm5TQVdUK3k4dWliL0JmOE81NUNpMEpqL0J... Page URL
http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D12229... HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=1222989367&sid=20220812110122f897e10ec53ad1162c Page URL
https://spidershopping.com/search/a?t=21&f=1&u=389c27680892f9598f6853a43c8944f3&m=h-hotels.com&s1=72161... Page URL
https://spidershopping.com/search/r?u=https%3A%2F%2Fshopbuttler.com%2Fvisit%2Fo3%3Fd%3Dh-hotels.com%26s... Page URL
https://shopbuttler.com/visit/o3?d=h-hotels.com&sid1=8a196840fe4bb3db42cec4fc4f052d0c&nid=1 HTTP 302
https://shopbuttler.com/visit?site=h-hotels.com Page URL
https://www.smartredirect.de/redir/clickGate.php?u=uvD6yP8x&m=1&p=RWSbhNjcg0&t=plEfkhLf&s=o362ea5d16dfb92... HTTP 302
https://h-hotels.com/ HTTP 301
https://www.h-hotels.com/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

AWIN (Affiliate programs) Expand

Overall confidence: 100%
Detected patterns

dwin1\.com

Cloudflare Browser Insights (Analytics) Expand

Overall confidence: 100%
Detected patterns

static\.cloudflareinsights\.com/beacon(?:\.min)?\.js

Criteo (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

//static\.criteo\.net/js/ld/ld\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OneTrust (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

otSDKStub\.js

SWFObject (Miscellaneous) Expand

Overall confidence: 100%
Detected patterns

swfobject.*\.js

reCAPTCHA (Captchas) Expand

Overall confidence: 100%
Detected patterns

/recaptcha/api\.js

Page Statistics

103
Requests

91 %
HTTPS

68 %
IPv6

26
Domains

31
Subdomains

27
IPs

4
Countries

3260 kB
Transfer

6712 kB
Size

20
Cookies

13 Outgoing links

These are links going to different origins than the main page.

URL: https://blog.h-hotels.com/
Title: Reiseblog

Search URL Search Domain Scan URL

URL: https://secure.h-hotels.com/de/reservation_page
Title: Reservierung

Search URL Search Domain Scan URL

URL: https://secure.h-hotels.com/de/hotel/32630
Title: » Jetzt buchen

Search URL Search Domain Scan URL

URL: https://secure.h-hotels.com/de/hotel/91005/package/P05_HEIL
Title: Angebot

Search URL Search Domain Scan URL

URL: https://www.h-hotels.jobs/
Title: » Zum Karriereportal

Search URL Search Domain Scan URL

URL: https://www.h-hotels.jobs/de/ausbildung
Title: Ausbildung

Search URL Search Domain Scan URL

URL: https://www.h-hotels.jobs/de/stellenangebote
Title: Jobs

Search URL Search Domain Scan URL

URL: https://www.facebook.com/hhotelscom

Search URL Search Domain Scan URL

URL: https://www.instagram.com/h_hotels_com/

Search URL Search Domain Scan URL

URL: https://de.linkedin.com/company/h-hotels-com

Search URL Search Domain Scan URL

URL: https://www.youtube.com/c/Hhotels_com

Search URL Search Domain Scan URL

URL: https://www.pinterest.de/h_hotels/

Search URL Search Domain Scan URL

URL: https://secure.h-hotels.com/de
Title: Zur Buchung

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://www.copitalone.com/ HTTP 302
https://www.copitalone.com/ HTTP 302
http://1redirc.com/r2.php?e=101Q3iV4eiK4UDyjOz6E5349fmNlT3JHTm5TQVdUK3k4dWliL0JmOE81NUNpMEpqL0JqQm5Yd3RDeWY2Y0tsblVLRitBbk9ycE1WRmdRczVzclF0VFlwekU3Q1UrM3k5UnpoQTk1VExLNkluVjVVb0xHYW9kVHptTGRza0JiVlQyQ21xZzE4QkduNjA5SUZUU1ZlZTNDWjNNWGxnbU9xTEx3UFpsRDhVK3dhRU9ZZklxY2xoRnlnNFZtcThOZVRMMzRIQ1FqY1QxbTByZEdUb0FHMmhqNk1qaWtCOXFLL1JiVnNHdWYyc0c2Yy9SeHZtaTNReTRhVWMxL3h2TGUrRHNra3NYRGsyWFlPaTY0UFNQbUQrTVFwSXNVUmlXeFp5KzV3MlVxL0o5aDR6TWFxOTVPWE4yUVlXK0pzOWkzSzZLWjhKWjRwQ1BSUnYxZk8wYXF6RGVRdGZBWlp4ZzdaS3JkODd4djhYTTBZcktncFpYVExpakcycGpEeCtHVDEwMlpueGFlSlBxcWEyWEhQNUpSa1lyc1Q5d09qK1ZJZ2crRUhvRDZJSmlHRldYUG4zSjhOWXNWR0hpZlV3SW9ZY0d0YjNaUFhyMVd5TVl0RjMzTmduZ2RBaDhTUzFuSVovK0xib09FK3d0TyttaWZiSkNFWWNibDU4ZDRvVTltTDVQbWg5ZTU5ajV5Mk53S0RBbmRnRVRvc2xIMU85eXkzczgwWGhIV2ZsVFJ4c1g3TmlYT3ZXMnJ3NlJFbzE0LzFNSmhYNzBGL3BSTjNieEExTHQwU016dVlXNnEzRWcwWEk3ZHNIQyttYU94bFYvTVh4aHlsWXZyRWhXcnhzeTE1VXRmdW1wdnNoOUR1dXdJMFJVNllKK1ZIcnFCWVhrb1lVbndKM01FcUp0LzdzTWVkMmIvUzc5MFdNamg2N0lsektWYUdJdE1HQUQySS83OTdVdFpMWEZDSGl0UThHenFUVkNza0VweWxxNlQ5by9zdXo0MWNML0ZCRkRyZzI3Tk9LSkN6eUIxYTNUMGgwTU1rVnJEdDNwenJCNWtwU1B1VDVUYWJzZlI0bFE9PQ%3D%3D Page URL
http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1222989367%26sid%3D20220812110122f897e10ec53ad1162c&s=j&enc=uyb9KUKSL%2BdIo%2BMJzLwtTH49fnFCS2w4VnM3QTBweUEwUy9US2RqV1BMcHBSejMwdFZCTSsyQTJURmdFYnozN1VWRWlKSmRkUVl3VHBsc0sza2szSVd4M1BIRHRIRVlsQnl0aTBSOHN2SDdJclNlNkR5cVcxVWQzdy93Y2kwdytjcjF6RVBJWStseDYzbmxQZERjd0JPazdRdlBXMjQ2WHg2cVhxeGZDVzFnVXhLdjlCUlZCeDZYOGdwRVFiQzRwcCsyNUY1eVE3cHFoSTJtdlc4RHNWTHVhWU45TTMra3VEYlVGT2pINGRTNEd4aDNXSi9IZm95d3BLWnJwbUY3TWJadzcwKzhraE1kVjhWSDAyWHFpVjlwaDZjelJmSGYzcWlVaWRQeGtVRmcxMTA0bXpLTGRRc09FUlpGVTliRTlXazUrM3ZqS2hQVTkrKytDRnkrNUZjWEFlY2FSeUpKeTBTREhMWm50OFJGQ3dEYXM3YzAyK2lJYmx1dDF3YnppcHE2OTRPeUN5RDM4cEgrZGV4L1R4UXU4a0tyYktRY2lRdS9WTVdjNkIvTkpHNk9iSFYxU3N4dUMrNHRJdzZoMnpnakU0ZHZLQVJwd0tVREVmZFpiWEhzbkFsaHo3M0F3cCtSWGpCeW9IZVVpSnpLaDV0OGc2VldIN0VxMjVZL1ZjSG4wNHpHSVZLc0R5NnpSQzdCb2Y5eXp0YVN1VTVrM2tZczBvdzFKVVNpV0t2Y0NXVlovelVzKzlEVi9vbjgyZGhkbkUzNnl2MlUxRndCSWVKeHdjTWFNNmZSQWY1SVVQcDd0bFN1b3VTdDM4Z2trTnExUnd1ek1nUFdDYmxLMkZIRGNBd0kzQlltSzh1SVRMNU14Tlo0N1B6eEw0RFRZdjZvb0N2M3BpcFVwSllBUW5hWCtLc2M0UXo0UUo5QzBSYjluenJSbkRtaG45VTBZSFdLRzJ1ZHh4Rm00bnhxSzV6dzMzMTB4aWNzb3RQRXJzU3RwRFlJd3pSOVJ4eC9obXo2bFZHeFY3S0dTTHZkLzBBM0xPRm9mbFFyR2FJczBDY3NlSm14cEE5TUZKU3J4NmtaQ2s0dVNmbTdCeGdzT3RKdXhZeml0bnVqdENqakZOckhGT3pCd011OWN1R014cFU4UWF3bW5nPT0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=1222989367&sid=20220812110122f897e10ec53ad1162c Page URL
https://spidershopping.com/search/a?t=21&f=1&u=389c27680892f9598f6853a43c8944f3&m=h-hotels.com&s1=721614&s2=&s3=1222989367&s5=cf&it=46&in=1 Page URL
https://spidershopping.com/search/r?u=https%3A%2F%2Fshopbuttler.com%2Fvisit%2Fo3%3Fd%3Dh-hotels.com%26sid1%3D8a196840fe4bb3db42cec4fc4f052d0c%26nid%3D1&h=0967247a5fc03533ed65ead931a56807 Page URL
https://shopbuttler.com/visit/o3?d=h-hotels.com&sid1=8a196840fe4bb3db42cec4fc4f052d0c&nid=1 HTTP 302
https://shopbuttler.com/visit?site=h-hotels.com Page URL
https://www.smartredirect.de/redir/clickGate.php?u=uvD6yP8x&m=1&p=RWSbhNjcg0&t=plEfkhLf&s=o362ea5d16dfb92&url=https%3A%2F%2Fh-hotels.com&r=https%3A%2F%2Fshopbuttler.com HTTP 302
https://h-hotels.com/ HTTP 301
https://www.h-hotels.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 0

http://www.copitalone.com/ HTTP 302
https://www.copitalone.com/ HTTP 302
http://1redirc.com/r2.php?e=101Q3iV4eiK4UDyjOz6E5349fmNlT3JHTm5TQVdUK3k4dWliL0JmOE81NUNpMEpqL0JqQm5Yd3RDeWY2Y0tsblVLRitBbk9ycE1WRmdRczVzclF0VFlwekU3Q1UrM3k5UnpoQTk1VExLNkluVjVVb0xHYW9kVHptTGRza0JiVlQyQ21xZzE4QkduNjA5SUZUU1ZlZTNDWjNNWGxnbU9xTEx3UFpsRDhVK3dhRU9ZZklxY2xoRnlnNFZtcThOZVRMMzRIQ1FqY1QxbTByZEdUb0FHMmhqNk1qaWtCOXFLL1JiVnNHdWYyc0c2Yy9SeHZtaTNReTRhVWMxL3h2TGUrRHNra3NYRGsyWFlPaTY0UFNQbUQrTVFwSXNVUmlXeFp5KzV3MlVxL0o5aDR6TWFxOTVPWE4yUVlXK0pzOWkzSzZLWjhKWjRwQ1BSUnYxZk8wYXF6RGVRdGZBWlp4ZzdaS3JkODd4djhYTTBZcktncFpYVExpakcycGpEeCtHVDEwMlpueGFlSlBxcWEyWEhQNUpSa1lyc1Q5d09qK1ZJZ2crRUhvRDZJSmlHRldYUG4zSjhOWXNWR0hpZlV3SW9ZY0d0YjNaUFhyMVd5TVl0RjMzTmduZ2RBaDhTUzFuSVovK0xib09FK3d0TyttaWZiSkNFWWNibDU4ZDRvVTltTDVQbWg5ZTU5ajV5Mk53S0RBbmRnRVRvc2xIMU85eXkzczgwWGhIV2ZsVFJ4c1g3TmlYT3ZXMnJ3NlJFbzE0LzFNSmhYNzBGL3BSTjNieEExTHQwU016dVlXNnEzRWcwWEk3ZHNIQyttYU94bFYvTVh4aHlsWXZyRWhXcnhzeTE1VXRmdW1wdnNoOUR1dXdJMFJVNllKK1ZIcnFCWVhrb1lVbndKM01FcUp0LzdzTWVkMmIvUzc5MFdNamg2N0lsektWYUdJdE1HQUQySS83OTdVdFpMWEZDSGl0UThHenFUVkNza0VweWxxNlQ5by9zdXo0MWNML0ZCRkRyZzI3Tk9LSkN6eUIxYTNUMGgwTU1rVnJEdDNwenJCNWtwU1B1VDVUYWJzZlI0bFE9PQ%3D%3D

Request Chain 4

http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1222989367%26sid%3D20220812110122f897e10ec53ad1162c&s=j&enc=uyb9KUKSL%2BdIo%2BMJzLwtTH49fnFCS2w4VnM3QTBweUEwUy9US2RqV1BMcHBSejMwdFZCTSsyQTJURmdFYnozN1VWRWlKSmRkUVl3VHBsc0sza2szSVd4M1BIRHRIRVlsQnl0aTBSOHN2SDdJclNlNkR5cVcxVWQzdy93Y2kwdytjcjF6RVBJWStseDYzbmxQZERjd0JPazdRdlBXMjQ2WHg2cVhxeGZDVzFnVXhLdjlCUlZCeDZYOGdwRVFiQzRwcCsyNUY1eVE3cHFoSTJtdlc4RHNWTHVhWU45TTMra3VEYlVGT2pINGRTNEd4aDNXSi9IZm95d3BLWnJwbUY3TWJadzcwKzhraE1kVjhWSDAyWHFpVjlwaDZjelJmSGYzcWlVaWRQeGtVRmcxMTA0bXpLTGRRc09FUlpGVTliRTlXazUrM3ZqS2hQVTkrKytDRnkrNUZjWEFlY2FSeUpKeTBTREhMWm50OFJGQ3dEYXM3YzAyK2lJYmx1dDF3YnppcHE2OTRPeUN5RDM4cEgrZGV4L1R4UXU4a0tyYktRY2lRdS9WTVdjNkIvTkpHNk9iSFYxU3N4dUMrNHRJdzZoMnpnakU0ZHZLQVJwd0tVREVmZFpiWEhzbkFsaHo3M0F3cCtSWGpCeW9IZVVpSnpLaDV0OGc2VldIN0VxMjVZL1ZjSG4wNHpHSVZLc0R5NnpSQzdCb2Y5eXp0YVN1VTVrM2tZczBvdzFKVVNpV0t2Y0NXVlovelVzKzlEVi9vbjgyZGhkbkUzNnl2MlUxRndCSWVKeHdjTWFNNmZSQWY1SVVQcDd0bFN1b3VTdDM4Z2trTnExUnd1ek1nUFdDYmxLMkZIRGNBd0kzQlltSzh1SVRMNU14Tlo0N1B6eEw0RFRZdjZvb0N2M3BpcFVwSllBUW5hWCtLc2M0UXo0UUo5QzBSYjluenJSbkRtaG45VTBZSFdLRzJ1ZHh4Rm00bnhxSzV6dzMzMTB4aWNzb3RQRXJzU3RwRFlJd3pSOVJ4eC9obXo2bFZHeFY3S0dTTHZkLzBBM0xPRm9mbFFyR2FJczBDY3NlSm14cEE5TUZKU3J4NmtaQ2s0dVNmbTdCeGdzT3RKdXhZeml0bnVqdENqakZOckhGT3pCd011OWN1R014cFU4UWF3bW5nPT0%3D&vs=1600:1200&ds=1600:1200&sl=0:0&os=f&nos=f&swfV=0.0.0&if=f&sc=f&gpu=Intel%20Inc.%20-%20Intel%20Iris%20OpenGL%20Engine HTTP 302
https://clever-redirect.com/s/r6?s=721614&s3=1222989367&sid=20220812110122f897e10ec53ad1162c

Request Chain 7

https://shopbuttler.com/visit/o3?d=h-hotels.com&sid1=8a196840fe4bb3db42cec4fc4f052d0c&nid=1 HTTP 302
https://shopbuttler.com/visit?site=h-hotels.com

Request Chain 71

https://onboard.triptease.io/bootstrap.js?integrationId=01F7Y032KYE8569FY61NJWTPND HTTP 307
https://onboard.triptease.io/bootstrap/v5676.60823/bootstrap.js

Request Chain 107

https://c.clarity.ms/c.gif HTTP 302
https://c.bing.com/c.gif?CtsSyncId=AB41A79C53D543CCAE87527E6FAAB35C&RedC=c.clarity.ms&MXFR=26120E0BA56265A30EE41FF5A1626B3C HTTP 302
https://c.clarity.ms/c.gif?CtsSyncId=AB41A79C53D543CCAE87527E6FAAB35C&MUID=33A3BDFFEB7969B93CFAAC01EAAB68DA

103 HTTP transactions
11 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1

200
OK

r2.php Show response
1redirc.com/
Redirect Chain

http://www.copitalone.com/
https://www.copitalone.com/
http://1redirc.com/r2.php?e=101Q3iV4eiK4UDyjOz6E5349fmNlT3JHTm5TQVdUK3k4dWliL0JmOE81NUNpMEpqL0JqQm5Yd3RDeWY2Y0tsblVLRitBbk9ycE1WRmdRczVzclF0VFlwekU3Q1UrM3k5UnpoQTk1VExLNkluVjVVb0xHYW9kVHptTGRza0JiV...

4 KB
2 KB

886ms
175ms

Document
text/html

103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/r2.php?e=101Q3iV4eiK4UDyjOz6E5349fmNlT3JHTm5TQVdUK3k4dWliL0JmOE81NUNpMEpqL0JqQm5Yd3RDeWY2Y0tsblVLRitBbk9ycE1WRmdRczVzclF0VFlwekU3Q1UrM3k5UnpoQTk1VExLNkluVjVVb0xHYW9kVHptTGRza0JiVlQyQ21xZzE4QkduNjA5SUZUU1ZlZTNDWjNNWGxnbU9xTEx3UFpsRDhVK3dhRU9ZZklxY2xoRnlnNFZtcThOZVRMMzRIQ1FqY1QxbTByZEdUb0FHMmhqNk1qaWtCOXFLL1JiVnNHdWYyc0c2Yy9SeHZtaTNReTRhVWMxL3h2TGUrRHNra3NYRGsyWFlPaTY0UFNQbUQrTVFwSXNVUmlXeFp5KzV3MlVxL0o5aDR6TWFxOTVPWE4yUVlXK0pzOWkzSzZLWjhKWjRwQ1BSUnYxZk8wYXF6RGVRdGZBWlp4ZzdaS3JkODd4djhYTTBZcktncFpYVExpakcycGpEeCtHVDEwMlpueGFlSlBxcWEyWEhQNUpSa1lyc1Q5d09qK1ZJZ2crRUhvRDZJSmlHRldYUG4zSjhOWXNWR0hpZlV3SW9ZY0d0YjNaUFhyMVd5TVl0RjMzTmduZ2RBaDhTUzFuSVovK0xib09FK3d0TyttaWZiSkNFWWNibDU4ZDRvVTltTDVQbWg5ZTU5ajV5Mk53S0RBbmRnRVRvc2xIMU85eXkzczgwWGhIV2ZsVFJ4c1g3TmlYT3ZXMnJ3NlJFbzE0LzFNSmhYNzBGL3BSTjNieEExTHQwU016dVlXNnEzRWcwWEk3ZHNIQyttYU94bFYvTVh4aHlsWXZyRWhXcnhzeTE1VXRmdW1wdnNoOUR1dXdJMFJVNllKK1ZIcnFCWVhrb1lVbndKM01FcUp0LzdzTWVkMmIvUzc5MFdNamg2N0lsektWYUdJdE1HQUQySS83OTdVdFpMWEZDSGl0UThHenFUVkNza0VweWxxNlQ5by9zdXo0MWNML0ZCRkRyZzI3Tk9LSkN6eUIxYTNUMGgwTU1rVnJEdDNwenJCNWtwU1B1VDVUYWJzZlI0bFE9PQ%3D%3D
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 35248434e68e4c5ce5d13437079e3fa61a6717d16491658fe596107b0f610e3c

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: close
Content-Encoding: gzip
Content-Length: 2037
Content-Type: text/html; charset=UTF-8
Date: Fri, 12 Aug 2022 01:01:23 GMT
Server: Apache/2.4.38 (Debian)
Vary: Accept-Encoding

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Fri, 12 Aug 2022 01:01:22 GMT
Location: http://1redirc.com/r2.php?e=101Q3iV4eiK4UDyjOz6E5349fmNlT3JHTm5TQVdUK3k4dWliL0JmOE81NUNpMEpqL0JqQm5Yd3RDeWY2Y0tsblVLRitBbk9ycE1WRmdRczVzclF0VFlwekU3Q1UrM3k5UnpoQTk1VExLNkluVjVVb0xHYW9kVHptTGRza0JiVlQyQ21xZzE4QkduNjA5SUZUU1ZlZTNDWjNNWGxnbU9xTEx3UFpsRDhVK3dhRU9ZZklxY2xoRnlnNFZtcThOZVRMMzRIQ1FqY1QxbTByZEdUb0FHMmhqNk1qaWtCOXFLL1JiVnNHdWYyc0c2Yy9SeHZtaTNReTRhVWMxL3h2TGUrRHNra3NYRGsyWFlPaTY0UFNQbUQrTVFwSXNVUmlXeFp5KzV3MlVxL0o5aDR6TWFxOTVPWE4yUVlXK0pzOWkzSzZLWjhKWjRwQ1BSUnYxZk8wYXF6RGVRdGZBWlp4ZzdaS3JkODd4djhYTTBZcktncFpYVExpakcycGpEeCtHVDEwMlpueGFlSlBxcWEyWEhQNUpSa1lyc1Q5d09qK1ZJZ2crRUhvRDZJSmlHRldYUG4zSjhOWXNWR0hpZlV3SW9ZY0d0YjNaUFhyMVd5TVl0RjMzTmduZ2RBaDhTUzFuSVovK0xib09FK3d0TyttaWZiSkNFWWNibDU4ZDRvVTltTDVQbWg5ZTU5ajV5Mk53S0RBbmRnRVRvc2xIMU85eXkzczgwWGhIV2ZsVFJ4c1g3TmlYT3ZXMnJ3NlJFbzE0LzFNSmhYNzBGL3BSTjNieEExTHQwU016dVlXNnEzRWcwWEk3ZHNIQyttYU94bFYvTVh4aHlsWXZyRWhXcnhzeTE1VXRmdW1wdnNoOUR1dXdJMFJVNllKK1ZIcnFCWVhrb1lVbndKM01FcUp0LzdzTWVkMmIvUzc5MFdNamg2N0lsektWYUdJdE1HQUQySS83OTdVdFpMWEZDSGl0UThHenFUVkNza0VweWxxNlQ5by9zdXo0MWNML0ZCRkRyZzI3Tk9LSkN6eUIxYTNUMGgwTU1rVnJEdDNwenJCNWtwU1B1VDVUYWJzZlI0bFE9PQ%3D%3D
Server: Apache/2.4.38 (Debian)

GET
H/1.1 200
OK jscheck.js Show response
1redirc.com/javascript/ 899 B
718 B 337ms
169ms Script
application/javascript 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/javascript/jscheck.js
Requested by: Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=101Q3iV4eiK4UDyjOz6E5349fmNlT3JHTm5TQVdUK3k4dWliL0JmOE81NUNpMEpqL0JqQm5Yd3RDeWY2Y0tsblVLRitBbk9ycE1WRmdRczVzclF0VFlwekU3Q1UrM3k5UnpoQTk1VExLNkluVjVVb0xHYW9kVHptTGRza0JiVlQyQ21xZzE4QkduNjA5SUZUU1ZlZTNDWjNNWGxnbU9xTEx3UFpsRDhVK3dhRU9ZZklxY2xoRnlnNFZtcThOZVRMMzRIQ1FqY1QxbTByZEdUb0FHMmhqNk1qaWtCOXFLL1JiVnNHdWYyc0c2Yy9SeHZtaTNReTRhVWMxL3h2TGUrRHNra3NYRGsyWFlPaTY0UFNQbUQrTVFwSXNVUmlXeFp5KzV3MlVxL0o5aDR6TWFxOTVPWE4yUVlXK0pzOWkzSzZLWjhKWjRwQ1BSUnYxZk8wYXF6RGVRdGZBWlp4ZzdaS3JkODd4djhYTTBZcktncFpYVExpakcycGpEeCtHVDEwMlpueGFlSlBxcWEyWEhQNUpSa1lyc1Q5d09qK1ZJZ2crRUhvRDZJSmlHRldYUG4zSjhOWXNWR0hpZlV3SW9ZY0d0YjNaUFhyMVd5TVl0RjMzTmduZ2RBaDhTUzFuSVovK0xib09FK3d0TyttaWZiSkNFWWNibDU4ZDRvVTltTDVQbWg5ZTU5ajV5Mk53S0RBbmRnRVRvc2xIMU85eXkzczgwWGhIV2ZsVFJ4c1g3TmlYT3ZXMnJ3NlJFbzE0LzFNSmhYNzBGL3BSTjNieEExTHQwU016dVlXNnEzRWcwWEk3ZHNIQyttYU94bFYvTVh4aHlsWXZyRWhXcnhzeTE1VXRmdW1wdnNoOUR1dXdJMFJVNllKK1ZIcnFCWVhrb1lVbndKM01FcUp0LzdzTWVkMmIvUzc5MFdNamg2N0lsektWYUdJdE1HQUQySS83OTdVdFpMWEZDSGl0UThHenFUVkNza0VweWxxNlQ5by9zdXo0MWNML0ZCRkRyZzI3Tk9LSkN6eUIxYTNUMGgwTU1rVnJEdDNwenJCNWtwU1B1VDVUYWJzZlI0bFE9PQ%3D%3D
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: 40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://1redirc.com/r2.php?e=101Q3iV4eiK4UDyjOz6E5349fmNlT3JHTm5TQVdUK3k4dWliL0JmOE81NUNpMEpqL0JqQm5Yd3RDeWY2Y0tsblVLRitBbk9ycE1WRmdRczVzclF0VFlwekU3Q1UrM3k5UnpoQTk1VExLNkluVjVVb0xHYW9kVHptTGRza0JiVlQyQ21xZzE4QkduNjA5SUZUU1ZlZTNDWjNNWGxnbU9xTEx3UFpsRDhVK3dhRU9ZZklxY2xoRnlnNFZtcThOZVRMMzRIQ1FqY1QxbTByZEdUb0FHMmhqNk1qaWtCOXFLL1JiVnNHdWYyc0c2Yy9SeHZtaTNReTRhVWMxL3h2TGUrRHNra3NYRGsyWFlPaTY0UFNQbUQrTVFwSXNVUmlXeFp5KzV3MlVxL0o5aDR6TWFxOTVPWE4yUVlXK0pzOWkzSzZLWjhKWjRwQ1BSUnYxZk8wYXF6RGVRdGZBWlp4ZzdaS3JkODd4djhYTTBZcktncFpYVExpakcycGpEeCtHVDEwMlpueGFlSlBxcWEyWEhQNUpSa1lyc1Q5d09qK1ZJZ2crRUhvRDZJSmlHRldYUG4zSjhOWXNWR0hpZlV3SW9ZY0d0YjNaUFhyMVd5TVl0RjMzTmduZ2RBaDhTUzFuSVovK0xib09FK3d0TyttaWZiSkNFWWNibDU4ZDRvVTltTDVQbWg5ZTU5ajV5Mk53S0RBbmRnRVRvc2xIMU85eXkzczgwWGhIV2ZsVFJ4c1g3TmlYT3ZXMnJ3NlJFbzE0LzFNSmhYNzBGL3BSTjNieEExTHQwU016dVlXNnEzRWcwWEk3ZHNIQyttYU94bFYvTVh4aHlsWXZyRWhXcnhzeTE1VXRmdW1wdnNoOUR1dXdJMFJVNllKK1ZIcnFCWVhrb1lVbndKM01FcUp0LzdzTWVkMmIvUzc5MFdNamg2N0lsektWYUdJdE1HQUQySS83OTdVdFpMWEZDSGl0UThHenFUVkNza0VweWxxNlQ5by9zdXo0MWNML0ZCRkRyZzI3Tk9LSkN6eUIxYTNUMGgwTU1rVnJEdDNwenJCNWtwU1B1VDVUYWJzZlI0bFE9PQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 12 Aug 2022 01:01:23 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Aug 2022 05:34:01 GMT
Server: Apache/2.4.38 (Debian)
ETag: "383-5e52758de4440-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 405

GET
H/1.1 200
OK swfobject.js Show response
1redirc.com/javascript/ 10 KB
4 KB 345ms
173ms Script
application/javascript 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/javascript/swfobject.js
Requested by: Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=101Q3iV4eiK4UDyjOz6E5349fmNlT3JHTm5TQVdUK3k4dWliL0JmOE81NUNpMEpqL0JqQm5Yd3RDeWY2Y0tsblVLRitBbk9ycE1WRmdRczVzclF0VFlwekU3Q1UrM3k5UnpoQTk1VExLNkluVjVVb0xHYW9kVHptTGRza0JiVlQyQ21xZzE4QkduNjA5SUZUU1ZlZTNDWjNNWGxnbU9xTEx3UFpsRDhVK3dhRU9ZZklxY2xoRnlnNFZtcThOZVRMMzRIQ1FqY1QxbTByZEdUb0FHMmhqNk1qaWtCOXFLL1JiVnNHdWYyc0c2Yy9SeHZtaTNReTRhVWMxL3h2TGUrRHNra3NYRGsyWFlPaTY0UFNQbUQrTVFwSXNVUmlXeFp5KzV3MlVxL0o5aDR6TWFxOTVPWE4yUVlXK0pzOWkzSzZLWjhKWjRwQ1BSUnYxZk8wYXF6RGVRdGZBWlp4ZzdaS3JkODd4djhYTTBZcktncFpYVExpakcycGpEeCtHVDEwMlpueGFlSlBxcWEyWEhQNUpSa1lyc1Q5d09qK1ZJZ2crRUhvRDZJSmlHRldYUG4zSjhOWXNWR0hpZlV3SW9ZY0d0YjNaUFhyMVd5TVl0RjMzTmduZ2RBaDhTUzFuSVovK0xib09FK3d0TyttaWZiSkNFWWNibDU4ZDRvVTltTDVQbWg5ZTU5ajV5Mk53S0RBbmRnRVRvc2xIMU85eXkzczgwWGhIV2ZsVFJ4c1g3TmlYT3ZXMnJ3NlJFbzE0LzFNSmhYNzBGL3BSTjNieEExTHQwU016dVlXNnEzRWcwWEk3ZHNIQyttYU94bFYvTVh4aHlsWXZyRWhXcnhzeTE1VXRmdW1wdnNoOUR1dXdJMFJVNllKK1ZIcnFCWVhrb1lVbndKM01FcUp0LzdzTWVkMmIvUzc5MFdNamg2N0lsektWYUdJdE1HQUQySS83OTdVdFpMWEZDSGl0UThHenFUVkNza0VweWxxNlQ5by9zdXo0MWNML0ZCRkRyZzI3Tk9LSkN6eUIxYTNUMGgwTU1rVnJEdDNwenJCNWtwU1B1VDVUYWJzZlI0bFE9PQ%3D%3D
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash: a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://1redirc.com/r2.php?e=101Q3iV4eiK4UDyjOz6E5349fmNlT3JHTm5TQVdUK3k4dWliL0JmOE81NUNpMEpqL0JqQm5Yd3RDeWY2Y0tsblVLRitBbk9ycE1WRmdRczVzclF0VFlwekU3Q1UrM3k5UnpoQTk1VExLNkluVjVVb0xHYW9kVHptTGRza0JiVlQyQ21xZzE4QkduNjA5SUZUU1ZlZTNDWjNNWGxnbU9xTEx3UFpsRDhVK3dhRU9ZZklxY2xoRnlnNFZtcThOZVRMMzRIQ1FqY1QxbTByZEdUb0FHMmhqNk1qaWtCOXFLL1JiVnNHdWYyc0c2Yy9SeHZtaTNReTRhVWMxL3h2TGUrRHNra3NYRGsyWFlPaTY0UFNQbUQrTVFwSXNVUmlXeFp5KzV3MlVxL0o5aDR6TWFxOTVPWE4yUVlXK0pzOWkzSzZLWjhKWjRwQ1BSUnYxZk8wYXF6RGVRdGZBWlp4ZzdaS3JkODd4djhYTTBZcktncFpYVExpakcycGpEeCtHVDEwMlpueGFlSlBxcWEyWEhQNUpSa1lyc1Q5d09qK1ZJZ2crRUhvRDZJSmlHRldYUG4zSjhOWXNWR0hpZlV3SW9ZY0d0YjNaUFhyMVd5TVl0RjMzTmduZ2RBaDhTUzFuSVovK0xib09FK3d0TyttaWZiSkNFWWNibDU4ZDRvVTltTDVQbWg5ZTU5ajV5Mk53S0RBbmRnRVRvc2xIMU85eXkzczgwWGhIV2ZsVFJ4c1g3TmlYT3ZXMnJ3NlJFbzE0LzFNSmhYNzBGL3BSTjNieEExTHQwU016dVlXNnEzRWcwWEk3ZHNIQyttYU94bFYvTVh4aHlsWXZyRWhXcnhzeTE1VXRmdW1wdnNoOUR1dXdJMFJVNllKK1ZIcnFCWVhrb1lVbndKM01FcUp0LzdzTWVkMmIvUzc5MFdNamg2N0lsektWYUdJdE1HQUQySS83OTdVdFpMWEZDSGl0UThHenFUVkNza0VweWxxNlQ5by9zdXo0MWNML0ZCRkRyZzI3Tk9LSkN6eUIxYTNUMGgwTU1rVnJEdDNwenJCNWtwU1B1VDVUYWJzZlI0bFE9PQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 12 Aug 2022 01:01:23 GMT
Content-Encoding: gzip
Last-Modified: Mon, 01 Aug 2022 05:34:01 GMT
Server: Apache/2.4.38 (Debian)
ETag: "27ef-5e52758de4440-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: close
Accept-Ranges: bytes
Content-Length: 3949

GET
H/1.1 200
OK jscheck.php
1redirc.com/ 0
166 B 354ms
185ms XHR
text/html 103.224.182.206
TRELLIAN-AS-AP Tr...

General

Check archive.org

Show headers Download Go to

Full URL: http://1redirc.com/jscheck.php?enc=uyb9KUKSL%2BdIo%2BMJzLwtTH49fnFCS2w4VnM3QTBweUEwUy9US2RqV1BMcHBSejMwdFZCTSsyQTJURmdFYnozN1VWRWlKSmRkUVl3VHBsc0sza2szSVd4M1BIRHRIRVlsQnl0aTBSOHN2SDdJclNlNkR5cVcxVWQzdy93Y2kwdytjcjF6RVBJWStseDYzbmxQZERjd0JPazdRdlBXMjQ2WHg2cVhxeGZDVzFnVXhLdjlCUlZCeDZYOGdwRVFiQzRwcCsyNUY1eVE3cHFoSTJtdlc4RHNWTHVhWU45TTMra3VEYlVGT2pINGRTNEd4aDNXSi9IZm95d3BLWnJwbUY3TWJadzcwKzhraE1kVjhWSDAyWHFpVjlwaDZjelJmSGYzcWlVaWRQeGtVRmcxMTA0bXpLTGRRc09FUlpGVTliRTlXazUrM3ZqS2hQVTkrKytDRnkrNUZjWEFlY2FSeUpKeTBTREhMWm50OFJGQ3dEYXM3YzAyK2lJYmx1dDF3YnppcHE2OTRPeUN5RDM4cEgrZGV4L1R4UXU4a0tyYktRY2lRdS9WTVdjNkIvTkpHNk9iSFYxU3N4dUMrNHRJdzZoMnpnakU0ZHZLQVJwd0tVREVmZFpiWEhzbkFsaHo3M0F3cCtSWGpCeW9IZVVpSnpLaDV0OGc2VldIN0VxMjVZL1ZjSG4wNHpHSVZLc0R5NnpSQzdCb2Y5eXp0YVN1VTVrM2tZczBvdzFKVVNpV0t2Y0NXVlovelVzKzlEVi9vbjgyZGhkbkUzNnl2MlUxRndCSWVKeHdjTWFNNmZSQWY1SVVQcDd0bFN1b3VTdDM4Z2trTnExUnd1ek1nUFdDYmxLMkZIRGNBd0kzQlltSzh1SVRMNU14Tlo0N1B6eEw0RFRZdjZvb0N2M3BpcFVwSllBUW5hWCtLc2M0UXo0UUo5QzBSYjluenJSbkRtaG45VTBZSFdLRzJ1ZHh4Rm00bnhxSzV6dzMzMTB4aWNzb3RQRXJzU3RwRFlJd3pSOVJ4eC9obXo2bFZHeFY3S0dTTHZkLzBBM0xPRm9mbFFyR2FJczBDY3NlSm14cEE5TUZKU3J4NmtaQ2s0dVNmbTdCeGdzT3RKdXhZeml0bnVqdENqakZOckhGT3pCd011OWN1R014cFU4UWF3bW5nPT0%3D&rand=0.9433986770316962
Requested by: Host: 1redirc.com
URL: http://1redirc.com/javascript/jscheck.js
Protocol: HTTP/1.1
Server: 103.224.182.206 , Australia, ASN133618 (TRELLIAN-AS-AP Trellian Pty. Limited, AU),
Reverse DNS: bidr.trellian.com
Software: Apache/2.4.38 (Debian) /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://1redirc.com/r2.php?e=101Q3iV4eiK4UDyjOz6E5349fmNlT3JHTm5TQVdUK3k4dWliL0JmOE81NUNpMEpqL0JqQm5Yd3RDeWY2Y0tsblVLRitBbk9ycE1WRmdRczVzclF0VFlwekU3Q1UrM3k5UnpoQTk1VExLNkluVjVVb0xHYW9kVHptTGRza0JiVlQyQ21xZzE4QkduNjA5SUZUU1ZlZTNDWjNNWGxnbU9xTEx3UFpsRDhVK3dhRU9ZZklxY2xoRnlnNFZtcThOZVRMMzRIQ1FqY1QxbTByZEdUb0FHMmhqNk1qaWtCOXFLL1JiVnNHdWYyc0c2Yy9SeHZtaTNReTRhVWMxL3h2TGUrRHNra3NYRGsyWFlPaTY0UFNQbUQrTVFwSXNVUmlXeFp5KzV3MlVxL0o5aDR6TWFxOTVPWE4yUVlXK0pzOWkzSzZLWjhKWjRwQ1BSUnYxZk8wYXF6RGVRdGZBWlp4ZzdaS3JkODd4djhYTTBZcktncFpYVExpakcycGpEeCtHVDEwMlpueGFlSlBxcWEyWEhQNUpSa1lyc1Q5d09qK1ZJZ2crRUhvRDZJSmlHRldYUG4zSjhOWXNWR0hpZlV3SW9ZY0d0YjNaUFhyMVd5TVl0RjMzTmduZ2RBaDhTUzFuSVovK0xib09FK3d0TyttaWZiSkNFWWNibDU4ZDRvVTltTDVQbWg5ZTU5ajV5Mk53S0RBbmRnRVRvc2xIMU85eXkzczgwWGhIV2ZsVFJ4c1g3TmlYT3ZXMnJ3NlJFbzE0LzFNSmhYNzBGL3BSTjNieEExTHQwU016dVlXNnEzRWcwWEk3ZHNIQyttYU94bFYvTVh4aHlsWXZyRWhXcnhzeTE1VXRmdW1wdnNoOUR1dXdJMFJVNllKK1ZIcnFCWVhrb1lVbndKM01FcUp0LzdzTWVkMmIvUzc5MFdNamg2N0lsektWYUdJdE1HQUQySS83OTdVdFpMWEZDSGl0UThHenFUVkNza0VweWxxNlQ5by9zdXo0MWNML0ZCRkRyZzI3Tk9LSkN6eUIxYTNUMGgwTU1rVnJEdDNwenJCNWtwU1B1VDVUYWJzZlI0bFE9PQ%3D%3D
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Date: Fri, 12 Aug 2022 01:01:24 GMT
Server: Apache/2.4.38 (Debian)
Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8

GET
H2

200

r6
clever-redirect.com/s/
Redirect Chain

http://1redirc.com/r.php?u=https%3A%2F%2Fclever-redirect.com%2Fs%2Fr6%3Fs%3D721614%26s3%3D1222989367%26sid%3D20220812110122f897e10ec53ad1162c&s=j&enc=uyb9KUKSL%2BdIo%2BMJzLwtTH49fnFCS2w4VnM3QTBweUE...
https://clever-redirect.com/s/r6?s=721614&s3=1222989367&sid=20220812110122f897e10ec53ad1162c

344 B
693 B

150ms
77ms

Document
text/html

78.46.197.88
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://clever-redirect.com/s/r6?s=721614&s3=1222989367&sid=20220812110122f897e10ec53ad1162c
Requested by: Host: 1redirc.com
URL: http://1redirc.com/javascript/jscheck.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 78.46.197.88 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.88.197.46.78.clients.your-server.de
Software: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27 / PHP/7.4.27
Resource Hash

Request headers

Referer: http://1redirc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 344
content-type: text/html; charset=UTF-8
date: Fri, 12 Aug 2022 01:01:24 GMT
referrer-policy: no-referrer
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
x-powered-by: PHP/7.4.27

Redirect headers

Connection: close
Content-Length: 0
Content-Type: text/html; charset=UTF-8
Date: Fri, 12 Aug 2022 01:01:24 GMT
Location: https://clever-redirect.com/s/r6?s=721614&s3=1222989367&sid=20220812110122f897e10ec53ad1162c
Server: Apache/2.4.38 (Debian)

GET
H2 200 a
spidershopping.com/search/ 369 B
742 B 439ms
55ms Document
text/html 162.55.54.68
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://spidershopping.com/search/a?t=21&f=1&u=389c27680892f9598f6853a43c8944f3&m=h-hotels.com&s1=721614&s2=&s3=1222989367&s5=cf&it=46&in=1
Requested by: Host: clever-redirect.com
URL: https://clever-redirect.com/s/r6?s=721614&s3=1222989367&sid=20220812110122f897e10ec53ad1162c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.54.68 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.68.54.55.162.clients.your-server.de
Software: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27 / PHP/7.4.27
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 369
content-type: text/html; charset=UTF-8
date: Fri, 12 Aug 2022 01:01:25 GMT
referrer-policy: strict-origin-when-cross-origin
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
x-powered-by: PHP/7.4.27

GET
H2 200 r
spidershopping.com/search/ 296 B
326 B 32ms
31ms Document
text/html 162.55.54.68
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://spidershopping.com/search/r?u=https%3A%2F%2Fshopbuttler.com%2Fvisit%2Fo3%3Fd%3Dh-hotels.com%26sid1%3D8a196840fe4bb3db42cec4fc4f052d0c%26nid%3D1&h=0967247a5fc03533ed65ead931a56807
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 162.55.54.68 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.68.54.55.162.clients.your-server.de
Software: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27 / PHP/7.4.27
Resource Hash

Request headers

Referer: https://spidershopping.com/search/a?t=21&f=1&u=389c27680892f9598f6853a43c8944f3&m=h-hotels.com&s1=721614&s2=&s3=1222989367&s5=cf&it=46&in=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-length: 296
content-type: text/html; charset=UTF-8
date: Fri, 12 Aug 2022 01:01:25 GMT
referrer-policy: strict-origin-when-cross-origin
server: Apache/2.4.52 (codeit) OpenSSL/1.1.1m PHP/7.4.27
x-powered-by: PHP/7.4.27

GET
H2

200

visit
shopbuttler.com/
Redirect Chain

https://shopbuttler.com/visit/o3?d=h-hotels.com&sid1=8a196840fe4bb3db42cec4fc4f052d0c&nid=1
https://shopbuttler.com/visit?site=h-hotels.com

2 KB
2 KB

67ms
66ms

Document
text/html

2606:4700:3034::6815:2953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shopbuttler.com/visit?site=h-hotels.com
Requested by: Host: spidershopping.com
URL: https://spidershopping.com/search/r?u=https%3A%2F%2Fshopbuttler.com%2Fvisit%2Fo3%3Fd%3Dh-hotels.com%26sid1%3D8a196840fe4bb3db42cec4fc4f052d0c%26nid%3D1&h=0967247a5fc03533ed65ead931a56807
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:2953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

Referer: https://spidershopping.com/search/r?u=https%3A%2F%2Fshopbuttler.com%2Fvisit%2Fo3%3Fd%3Dh-hotels.com%26sid1%3D8a196840fe4bb3db42cec4fc4f052d0c%26nid%3D1&h=0967247a5fc03533ed65ead931a56807
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7395479beeec9c01-FRA
content-encoding: br
content-type: text/html; charset=UTF-8
date: Fri, 12 Aug 2022 01:01:25 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=B8qKfHI%2FRG2FEsiaAjeALtVmzaAQ49XfNna8KTC3c3iHQTfaMDKY73WQTZIYrLZNNwpRNY2iPOVW7OxxtiaPHjTg3ozyFTQPy%2F6Wl8lkzpLD4C5icJ4R4ts4SRX7sUJpurAnjLvsBRSnkZZjlxI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare
vary: Accept-Encoding

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: no-cache, private
cf-cache-status: DYNAMIC
cf-ray: 7395479b5e9b9c01-FRA
content-type: text/html; charset=UTF-8
date: Fri, 12 Aug 2022 01:01:25 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://shopbuttler.com/visit?site=h-hotels.com
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OdVbls%2FYv01jjEwq5pStwTyPo%2F3HPIriTYa4s4FdY%2BqZVDZA5MZacBEAJrGlIXF88IFxIORmGZv5sbwpb21Yr2ZdknkwnBy6%2FH9rFrJJMYA5zUVlO16%2FWITarJWj7ffuAS%2Fok%2BdrjtVYpRPh9JI%3D"}],"group":"cf-nel","max_age":604800}
server: cloudflare

GET
H2 200 js
www.googletagmanager.com/gtag/ 106 KB
41 KB 87ms
36ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-175809664-6

Requested by

Host: shopbuttler.com
URL: https://shopbuttler.com/visit?site=h-hotels.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shopbuttler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:25 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 41920
x-xss-protection: 0
last-modified: Fri, 12 Aug 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Aug 2022 01:01:25 GMT

GET
H3 200 b95da46d-5437-43b6-a886-d052b86de1ca
shopbuttler.com/r/2022-08-12/o3/ 0
1 KB 77ms
77ms Script
text/html 2606:4700:3034::6815:2953
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://shopbuttler.com/r/2022-08-12/o3/b95da46d-5437-43b6-a886-d052b86de1ca
Requested by: Host: shopbuttler.com
URL: https://shopbuttler.com/visit?site=h-hotels.com
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2606:4700:3034::6815:2953 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shopbuttler.com/visit?site=h-hotels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:25 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=KD9EkD0synNeq5WyZDGUH%2BnOT7HU1v3fqIb62gw32yM2AKK5i6tbYNnyW74Ah1743zsrbJTv3bgZN3ipX65OY9mxXNfpetPIXunwNXzsl1K6kcd7LmB%2BJagrAzbGmFpBZoddc87fon75kdk82Bs%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/html; charset=UTF-8
cache-control: no-cache, private
cf-ray: 7395479d095d6939-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H2

200

Primary Request / Show response
www.h-hotels.com/
Redirect Chain

https://www.smartredirect.de/redir/clickGate.php?u=uvD6yP8x&m=1&p=RWSbhNjcg0&t=plEfkhLf&s=o362ea5d16dfb92&url=https%3A%2F%2Fh-hotels.com&r=https%3A%2F%2Fshopbuttler.com
https://h-hotels.com/
https://www.h-hotels.com/

95 KB
20 KB

47ms
33ms

Document
text/html

2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.h-hotels.com/

Requested by

Host: shopbuttler.com
URL: https://shopbuttler.com/visit?site=h-hotels.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4db8632a639936d03de34afb7081affb5e8b65af6d3d7bf1abeed669dcdd9684

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://shopbuttler.com/visit?site=h-hotels.com
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 59905
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cf-cache-status: HIT
cf-ray: 7395479f2badbb74-FRA
content-encoding: br
content-type: text/html;charset=utf-8
date: Fri, 12 Aug 2022 01:01:26 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Sat, 12 Aug 2023 01:01:26 GMT
last-modified: Thu, 11 Aug 2022 08:23:01 GMT
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-flow-powered: Flow/7.3 Neos/7.3
x-forwarded-for: 172.70.246.17
x-processed-by: www.h-hotels.com
x-remote-addr: 185.15.194.163

Redirect headers

alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: DYNAMIC
cf-ray: 7395479e9b45bb74-FRA
content-type: text/html
date: Fri, 12 Aug 2022 01:01:26 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
location: https://www.h-hotels.com/
server: cloudflare
strict-transport-security: max-age=15552000; includeSubDomains; preload
x-content-type-options: nosniff

GET
H2 200 analytics.js
www.google-analytics.com/ 49 KB
20 KB 94ms
22ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-175809664-6

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shopbuttler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 7166
date: Thu, 11 Aug 2022 23:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 12 Aug 2022 01:02:00 GMT

POST
H3 200 collect
www.google-analytics.com/j/ 1 B
21 B 73ms
28ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1049192040&t=pageview&_s=1&dl=https%3A%2F%2Fshopbuttler.com%2Fvisit%3Fsite%3Dh-hotels.com&dr=https%3A%2F%2Fspidershopping.com%2F&ul=en-us&de=UTF-8&dt=Privacy-Dereferer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=837363344&gjid=668739153&cid=1099945410.1660266086&tid=UA-175809664-6&_gid=1258333774.1660266086&_r=1&gtm=2ou880&z=1021628903

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://shopbuttler.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 01:01:26 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://shopbuttler.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 64ms
21ms Image
image/gif 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1049192040&t=event&_s=2&dl=https%3A%2F%2Fshopbuttler.com%2Fvisit%3Fsite%3Dh-hotels.com&dr=https%3A%2F%2Fspidershopping.com%2F&ul=en-us&de=UTF-8&dt=Privacy-Dereferer&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=partner_o3&ea=network_1&el=b95da46d-5437-43b6-a886-d052b86de1ca&_u=YEBAAUABAAAAAC~&jid=&gjid=&cid=1099945410.1660266086&tid=UA-175809664-6&_gid=1258333774.1660266086&gtm=2ou880&z=950710655

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://shopbuttler.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Aug 2022 14:17:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 38658
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 Main.css
www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Styles/ 292 KB
46 KB 130ms
105ms Stylesheet
text/css 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Styles/Main.css?cb=6bbce00c-9c70-42b8-a552-10674b8724c3

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

60ccea923e0b559ac566d05b731feb8e79240b105db478e8cba4f659c7a2cf73

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 60606
cf-polished: origSize=1006549
x-forwarded-for: (null)
x-remote-addr: (null)
cf-bgj: minify
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 02 Aug 2022 12:09:37 GMT
server: cloudflare
etag: W/"bc0e13-f5bd5-5e540fd8021fb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/css
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7395479f88d8918f-FRA
expires: Sat, 12 Aug 2023 01:01:26 GMT

GET
H3 200 MarselisWebPro.woff2
www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Webfonts/ 27 KB
28 KB 136ms
112ms Font
text/plain 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Webfonts/MarselisWebPro.woff2?cb=6bbce00c-9c70-42b8-a552-10674b8724c3

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

2e597721b81e3be4d73c1b827192ab452e4259382d146b8a1e25ccd64b5c910c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.h-hotels.com/
Origin: https://www.h-hotels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 60606
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 02 Aug 2022 12:08:56 GMT
server: cloudflare
etag: W/"bc0e32-6d40-5e540fb0f6a0a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7395479f88da918f-FRA
expires: Sat, 12 Aug 2023 01:01:26 GMT

GET
H3 200 hhotels-icons.woff2
www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Iconfonts/ 7 KB
8 KB 131ms
106ms Font
text/plain 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Iconfonts/hhotels-icons.woff2?cb=6bbce00c-9c70-42b8-a552-10674b8724c3

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e9aecf640aef92ef2a7648fe47441ed248ebac3d86fc0fb359a34f30da7f4c2d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.h-hotels.com/
Origin: https://www.h-hotels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 60606
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 02 Aug 2022 12:08:56 GMT
server: cloudflare
etag: W/"bc0d71-1d94-5e540fb0f2b8a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7395479f88d9918f-FRA
expires: Sat, 12 Aug 2023 01:01:26 GMT

GET
H3 200 fontawesome-webfont.woff2
www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/fonts/ 65 KB
65 KB 118ms
93ms Font
text/plain 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/fonts/fontawesome-webfont.woff2?v=4.5.0&cb=6bbce00c-9c70-42b8-a552-10674b8724c3

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.h-hotels.com/
Origin: https://www.h-hotels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 60606
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 02 Aug 2022 12:08:56 GMT
server: cloudflare
etag: W/"bc0e38-10440-5e540fb0f79aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7395479f88dd918f-FRA
expires: Sat, 12 Aug 2023 01:01:26 GMT

GET
H3 200 h-hotels-logo-header.svg
www.h-hotels.com/_Resources/Persistent/8/e/5/5/8e5507e752d9e6177cf8e77c7ef2b25e2b86010b/ 4 KB
2 KB 108ms
91ms Image
image/svg+xml 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/8/e/5/5/8e5507e752d9e6177cf8e77c7ef2b25e2b86010b/h-hotels-logo-header.svg

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ce8b04c5832326994a174ea2b92baee7a9125f89db4b73f641ad73a122c3f0f5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 60606
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 04 Feb 2020 08:52:26 GMT
server: cloudflare
etag: W/"c06c5-e0c-59dbc28bd340c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7395479f88de918f-FRA
expires: Sat, 12 Aug 2023 01:01:26 GMT

GET
H3 200 flagge-deutschland.svg
www.h-hotels.com/_Resources/Persistent/d/c/3/e/dc3e34b433086386101f4185782c7ef56ccf1bbf/ 490 B
645 B 141ms
124ms Image
image/svg+xml 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/d/c/3/e/dc3e34b433086386101f4185782c7ef56ccf1bbf/flagge-deutschland.svg

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

85665020508de909a7508dc7919bbe84e446d779e4ed3025395a707d976ad198

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 60606
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 23 Nov 2017 13:32:53 GMT
server: cloudflare
etag: W/"da0a37-1ea-55ea67928d61c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7395479f88e5918f-FRA
expires: Sat, 12 Aug 2023 01:01:26 GMT

GET
H3 200 flagge-oesterreich.svg
www.h-hotels.com/_Resources/Persistent/a/c/6/5/ac657c572669c6472129487966cc22e284590571/ 505 B
638 B 141ms
124ms Image
image/svg+xml 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/a/c/6/5/ac657c572669c6472129487966cc22e284590571/flagge-oesterreich.svg

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

35f1eaa1dfb800aea1bf4d612b826986c4f7ced0050f7e6829d2d099edc8f27b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 60606
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 23 Nov 2017 13:58:41 GMT
server: cloudflare
etag: W/"4622ee-1f9-55ea6d564ee42"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7395479f88e6918f-FRA
expires: Sat, 12 Aug 2023 01:01:26 GMT

GET
H3 200 flagge-schweiz.svg
www.h-hotels.com/_Resources/Persistent/4/9/f/7/49f7a9b3d2a900944fb5ccc3e37e60ee9ccfcbc3/ 532 B
671 B 141ms
124ms Image
image/svg+xml 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/4/9/f/7/49f7a9b3d2a900944fb5ccc3e37e60ee9ccfcbc3/flagge-schweiz.svg

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ef7f93377ddc7256235cfe1cf2112c42aef89bd8ae886c2af806fd5a191d798a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 60606
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 23 Nov 2017 14:01:33 GMT
server: cloudflare
etag: W/"7e006d-214-55ea6dfa46cf9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7395479f88e7918f-FRA
expires: Sat, 12 Aug 2023 01:01:26 GMT

GET
H3 200 flagge-ungarn.svg
www.h-hotels.com/_Resources/Persistent/4/9/a/7/49a7d0fc2571609ed5bea424c3eb430104b28303/ 497 B
635 B 69ms
52ms Image
image/svg+xml 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/4/9/a/7/49a7d0fc2571609ed5bea424c3eb430104b28303/flagge-ungarn.svg

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

daf37bf9db426257646224b7a2f44c05f4c8c0f8ad2e310b5d75ad6a73642d44

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 60606
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 23 Aug 2018 08:38:41 GMT
server: cloudflare
etag: W/"86011f-1f1-574162fa9ec2b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7395479f88e9918f-FRA
expires: Sat, 12 Aug 2023 01:01:26 GMT

GET
H3 200 flagge-frankreich.svg
www.h-hotels.com/_Resources/Persistent/6/0/c/5/60c5c6bdd731c0c890c9cc550f3ba25205789e4c/ 607 B
676 B 141ms
125ms Image
image/svg+xml 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/6/0/c/5/60c5c6bdd731c0c890c9cc550f3ba25205789e4c/flagge-frankreich.svg

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8d79ab50b13be1d8e676266c67b60e5c7e08f7239ff333fe840864d16f96b9a2

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 60606
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 09 Dec 2021 10:37:26 GMT
server: cloudflare
etag: W/"100702e-25f-5d2b43150c644"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7395479f88eb918f-FRA
expires: Sat, 12 Aug 2023 01:01:26 GMT

GET
H3 200 hotmiles-logo.svg
www.h-hotels.com/_Resources/Persistent/3/b/b/2/3bb2c197a0f825137de5024f14a694312c641ed7/ 3 KB
2 KB 142ms
125ms Image
image/svg+xml 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/3/b/b/2/3bb2c197a0f825137de5024f14a694312c641ed7/hotmiles-logo.svg

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6df654521d0366f859476fc7bbbe344194d381ab297564ba3b867d18c0aa30cb

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 60606
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 11 Jul 2019 08:20:33 GMT
server: cloudflare
etag: W/"4fba1b-a83-58d6377b567c0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7395479f88ec918f-FRA
expires: Sat, 12 Aug 2023 01:01:26 GMT

GET
H3 200 mundm-logo.svg
www.h-hotels.com/_Resources/Persistent/c/6/7/6/c676d098916d549d90f52800b866301d58f59b61/ 3 KB
2 KB 142ms
125ms Image
image/svg+xml 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/c/6/7/6/c676d098916d549d90f52800b866301d58f59b61/mundm-logo.svg

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6d07f7e11a3a8b124282ce73051eabeb460577018c2ddaafe4426c9ec56922a3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 60606
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 11 Jul 2019 08:22:36 GMT
server: cloudflare
etag: W/"d024dc-a94-58d637f13e13e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7395479f88ed918f-FRA
expires: Sat, 12 Aug 2023 01:01:26 GMT

GET
H3 200 payback-logo.svg
www.h-hotels.com/_Resources/Persistent/9/9/5/6/99567e0745a88b4b281f677f8b124a2ad772d543/ 6 KB
2 KB 142ms
126ms Image
image/svg+xml 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/9/9/5/6/99567e0745a88b4b281f677f8b124a2ad772d543/payback-logo.svg

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

735d056f5cbd977749ec5f4c243f2f2a947b899cf54d1404e4d2b60271f7095a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 60606
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 11 Jul 2019 08:24:35 GMT
server: cloudflare
etag: W/"d20642-1666-58d638622565c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7395479f88ee918f-FRA
expires: Sat, 12 Aug 2023 01:01:26 GMT

GET
H3 200 zimmer-suite-offenes-bad-02-hyperion-hotel-salzburg-1459x1458-428x428.jpg
www.h-hotels.com/_Resources/Persistent/4/6/0/c/460c80a727d4726acd2d8501d4a9ba3cc0677262/ 25 KB
25 KB 142ms
126ms Image
image/webp 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/4/6/0/c/460c80a727d4726acd2d8501d4a9ba3cc0677262/zimmer-suite-offenes-bad-02-hyperion-hotel-salzburg-1459x1458-428x428.jpg

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

de247cd49ff0ae536feaa101feafa29471d7d357e735e522ded9ce9ad03d46a7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 60422
cf-polished: qual=85, origFmt=jpeg, origSize=26179
x-forwarded-for: (null)
x-remote-addr: (null)
content-disposition: inline; filename="zimmer-suite-offenes-bad-02-hyperion-hotel-salzburg-1459x1458-428x428.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25308
expires: Sat, 12 Aug 2023 01:01:26 GMT
last-modified: Tue, 02 Aug 2022 13:29:10 GMT
server: cloudflare
etag: "620302-6643-5e54219fda8ed"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
vary: Accept
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7395479f88f0918f-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 Teaser_HM_Praemienshop-03-1322x1322-428x428.png
www.h-hotels.com/_Resources/Persistent/8/3/d/3/83d32e0476cc2df45932ca6f24de4609a2d481f2/ 110 KB
110 KB 145ms
128ms Image
image/webp 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/8/3/d/3/83d32e0476cc2df45932ca6f24de4609a2d481f2/Teaser_HM_Praemienshop-03-1322x1322-428x428.png

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

9fcbfb456db0c234a32387b97a6f5d1f7f28fdd9bbf4eb815f1bec23f8ecb2c1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 60422
cf-polished: origFmt=png, origSize=228437
x-forwarded-for: (null)
x-remote-addr: (null)
content-disposition: inline; filename="Teaser_HM_Praemienshop-03-1322x1322-428x428.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 12 Aug 2023 01:01:26 GMT
last-modified: Fri, 15 Jul 2022 07:05:18 GMT
server: cloudflare
etag: "be17c2-37c55-5e3d2a40b3a10"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
vary: Accept
cache-control: public, max-age=31536000
cf-ray: 7395479f88f2918f-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 buehne-3-online-check-in-2400x1600-1601x1600-428x428.jpg
www.h-hotels.com/_Resources/Persistent/1/1/b/b/11bbe8002f3f8fe9a294e3ea4a8848b78843f4b9/ 25 KB
25 KB 147ms
130ms Image
image/webp 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/1/1/b/b/11bbe8002f3f8fe9a294e3ea4a8848b78843f4b9/buehne-3-online-check-in-2400x1600-1601x1600-428x428.jpg

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

314d4931da5b54a876ec1bd48879ff7213e38d21108d0085fd16aec7f7d2a8b4

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 60603
cf-polished: qual=85, origFmt=jpeg, origSize=27360
x-forwarded-for: (null)
x-remote-addr: (null)
content-disposition: inline; filename="buehne-3-online-check-in-2400x1600-1601x1600-428x428.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 25108
expires: Sat, 12 Aug 2023 01:01:26 GMT
last-modified: Wed, 30 Mar 2022 09:58:07 GMT
server: cloudflare
etag: "4008cb-6ae0-5db6c950e786b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
vary: Accept
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7395479f88f3918f-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 zimmer-suite-offenes-bad-02-hyperion-hotel-salzburg-2071x1164-1680x944.jpg
www.h-hotels.com/_Resources/Persistent/9/8/0/4/98043b84bfd8dfa32335aef04d94a86212c012fc/ 161 KB
162 KB 67ms
51ms Image
image/webp 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/9/8/0/4/98043b84bfd8dfa32335aef04d94a86212c012fc/zimmer-suite-offenes-bad-02-hyperion-hotel-salzburg-2071x1164-1680x944.jpg

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

521a98a5f03724bd4e29a6ed9834b450c7c7f44daa632f03430a5a8fdeccd0a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 60395
cf-polished: qual=85, origFmt=jpeg, origSize=179036
x-forwarded-for: (null)
x-remote-addr: (null)
content-disposition: inline; filename="zimmer-suite-offenes-bad-02-hyperion-hotel-salzburg-2071x1164-1680x944.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 12 Aug 2023 01:01:26 GMT
last-modified: Tue, 02 Aug 2022 13:29:17 GMT
server: cloudflare
etag: "d22638-2bb5c-5e5421a6b570d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
vary: Accept
cache-control: public, max-age=31536000
cf-ray: 7395479f88df918f-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 Teaser_HM_Praemienshop-03-200x133.png
www.h-hotels.com/_Resources/Persistent/a/f/7/0/af706c7bcff2ebd86474c88874e5644292eb643f/ 13 KB
14 KB 47ms
32ms Image
image/webp 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/a/f/7/0/af706c7bcff2ebd86474c88874e5644292eb643f/Teaser_HM_Praemienshop-03-200x133.png

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

c7cd381e47fdb146a3bc06b9fa65d04ce4d654d06240e368d83f0208bf254891

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 60422
cf-polished: origFmt=png, origSize=27187
x-forwarded-for: (null)
x-remote-addr: (null)
content-disposition: inline; filename="Teaser_HM_Praemienshop-03-200x133.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 13638
expires: Sat, 12 Aug 2023 01:01:26 GMT
last-modified: Fri, 15 Jul 2022 07:05:18 GMT
server: cloudflare
etag: "9819db-6a33-5e3d2a408d8b0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
vary: Accept
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7395479f88e1918f-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 buehne-3-online-check-in-2400x1600-2400x1349-200x112.jpg
www.h-hotels.com/_Resources/Persistent/3/8/7/3/3873321a0ca07b30f2596525234fa88ce687e841/ 5 KB
5 KB 59ms
44ms Image
image/webp 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/3/8/7/3/3873321a0ca07b30f2596525234fa88ce687e841/buehne-3-online-check-in-2400x1600-2400x1349-200x112.jpg

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b5ebc8296c528ca19120be423218d2b9c534352502d1c625d8829c3b299f0dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:26 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 60422
cf-polished: qual=85, origFmt=jpeg, origSize=5019
x-forwarded-for: (null)
x-remote-addr: (null)
content-disposition: inline; filename="buehne-3-online-check-in-2400x1600-2400x1349-200x112.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4844
expires: Sat, 12 Aug 2023 01:01:26 GMT
last-modified: Wed, 30 Mar 2022 09:57:39 GMT
server: cloudflare
etag: "160eb5-139b-5db6c9366e2eb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
vary: Accept
cache-control: public, max-age=31536000
accept-ranges: bytes
cf-ray: 7395479f88e2918f-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 ScrollHint.svg
www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Images/Global/ 574 B
712 B 138ms
123ms Image
image/svg+xml 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Images/Global/ScrollHint.svg

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddeef24de12dd7f5cb2478726eaa29d7e76260f240c7e6e785f8942639f8b4a8

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 60606
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 02 Aug 2022 12:08:56 GMT
server: cloudflare
etag: W/"bc0d9c-23e-5e540fb0f5a6a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/svg+xml
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 7395479f88e3918f-FRA
expires: Sat, 12 Aug 2023 01:01:26 GMT

GET
H3 200 rocket-loader.min.js Show response
www.h-hotels.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/ 12 KB
4 KB 39ms
24ms Script
application/javascript 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.h-hotels.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 09 Aug 2022 17:04:07 GMT
server: cloudflare
etag: W/"62f29387-302c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-frame-options: DENY
content-type: application/javascript
cache-control: max-age=172800, public
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 7395479f88e4918f-FRA
vary: Accept-Encoding
expires: Sun, 14 Aug 2022 01:01:26 GMT

GET
H2 200 v652eace1692a40cfa3763df669d7439c1639079717194 Show response
static.cloudflareinsights.com/beacon.min.js/ 14 KB
5 KB 106ms
48ms Script
text/javascript 2606:4700:440e::ac40:9c1a
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194
Requested by: Host: www.h-hotels.com
URL: https://www.h-hotels.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:440e::ac40:9c1a , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505

Request headers

Referer: https://www.h-hotels.com/
Origin: https://www.h-hotels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:26 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 19:55:17 GMT
server: cloudflare
etag: W/2021.12.0
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/javascript;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
cf-ray: 7395479fcc045bdd-FRA

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ad7a88feb119b4bbb93a6f05c4099a7266d105d73c0280a7e1b3dc421fdd55cb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e0b37e1546b6e82f61ddd26957aa81a0e1e7570565554c6b52bddfbc55534d90

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 78cdaeabec994c30004a02b76c4c9de2216289c12df5466c506456a8370b49cd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H3 200 MarselisWebPro.woff2
www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Webfonts/ 27 KB
28 KB 29ms
29ms Font
text/plain 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Webfonts/MarselisWebPro.woff2

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Styles/Main.css?cb=6bbce00c-9c70-42b8-a552-10674b8724c3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f39eb364660b14322fda06f13aa593ab8bbd27e6f8f3c9fb83dc4d2b7633348

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Styles/Main.css?cb=6bbce00c-9c70-42b8-a552-10674b8724c3
Origin: https://www.h-hotels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 60606
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 02 Aug 2022 12:08:56 GMT
server: cloudflare
etag: W/"bc0e32-6d40-5e540fb0f6a0a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 739547a069a5918f-FRA
expires: Sat, 12 Aug 2023 01:01:26 GMT

GET
H3 200 fontawesome-webfont.woff2
www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/fonts/ 65 KB
65 KB 43ms
42ms Font
text/plain 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/fonts/fontawesome-webfont.woff2?v=4.5.0

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Styles/Main.css?cb=6bbce00c-9c70-42b8-a552-10674b8724c3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4f2721fcaed5436f55432318b274d1542e96753b56c6ec6cdbd1c0fdd46bc66d

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Styles/Main.css?cb=6bbce00c-9c70-42b8-a552-10674b8724c3
Origin: https://www.h-hotels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 60606
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 02 Aug 2022 12:08:56 GMT
server: cloudflare
etag: W/"bc0e38-10440-5e540fb0f79aa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 739547a069a8918f-FRA
expires: Sat, 12 Aug 2023 01:01:26 GMT

GET
H3 200 hhotels-icons.woff2
www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Iconfonts/ 7 KB
8 KB 40ms
39ms Font
text/plain 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Iconfonts/hhotels-icons.woff2

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Styles/Main.css?cb=6bbce00c-9c70-42b8-a552-10674b8724c3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

278ab04061d7ab7eeb5fdc0efff5ea4e4d348580a18cba0318219430bc96a909

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/Styles/Main.css?cb=6bbce00c-9c70-42b8-a552-10674b8724c3
Origin: https://www.h-hotels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 60602
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 02 Aug 2022 12:08:56 GMT
server: cloudflare
etag: W/"bc0d71-1d94-5e540fb0f2b8a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/plain; charset=UTF-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 739547a069aa918f-FRA
expires: Sat, 12 Aug 2023 01:01:26 GMT

GET
H3 200 LastVisitedNode.js Show response
www.h-hotels.com/_Resources/Static/Packages/Neos.Neos/JavaScript/ 147 B
521 B 28ms
28ms Script
application/x-javascript 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.h-hotels.com/_Resources/Static/Packages/Neos.Neos/JavaScript/LastVisitedNode.js

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d232f1b6099ca4cd4a7fe5a32773ea44e2e4c61bed52bd7d3ffa8d58570b7f46

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 60602
cf-polished: origSize=183
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 12 Aug 2023 01:01:26 GMT
last-modified: Wed, 08 Dec 2021 13:27:32 GMT
server: cloudflare
etag: W/"bc29c1-b7-5d2a273bf3900"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/x-javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 739547a0a9e4918f-FRA
cf-bgj: minify

GET
H2 200 api.js Show response
www.google.com/recaptcha/ 850 B
966 B 81ms
31ms Script
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api.js?hl=de

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

33d533cede95a42fc46b7c65654e2cd019dd4ef3233357b326cc015a5aa0ea06

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
x-frame-options: SAMEORIGIN
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
cross-origin-resource-policy: cross-origin
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 553
x-xss-protection: 1; mode=block
expires: Fri, 12 Aug 2022 01:01:26 GMT

GET
H2 200 evergage.min.js Show response
cdn.evgnet.com/beacon/hhotelsag/engage/scripts/ 163 KB
44 KB 207ms
124ms Script
application/javascript 151.101.0.114
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.evgnet.com/beacon/hhotelsag/engage/scripts/evergage.min.js
Requested by: Host: www.h-hotels.com
URL: https://www.h-hotels.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.0.114 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 084d8f73a417f3844697f8920f7910354e85894a682f328d461126bc07a4b441

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: I4m1b.lBFfB1EJ3Y_TzEjNrvLu2uXV8Z
content-encoding: gzip
etag: "6ff54f9d8b4656aa7f6a14dead4cdce2"
timing-allow-origin: *
age: 0
x-cache: HIT, HIT
x-amz-replication-status: COMPLETED
content-length: 44077
x-amz-id-2: ZR8Nuv9gKEST+evySqCwhOnxSOR57vbyZjg4o3avdIIrCYv7OLgApSIiGo1/79nkM3c8Qd46k6E=
x-served-by: cache-iad-kiad7000116-IAD, cache-hhn4073-HHN
x-amz-meta-evergage-sum: 7d7568dcc3d57591b3c0cc985463e7dd9707982b
last-modified: Wed, 10 Aug 2022 12:40:40 GMT
server: AmazonS3
x-timer: S1660266087.592338,VS0,VE104
date: Fri, 12 Aug 2022 01:01:26 GMT
vary: Accept-Encoding
x-amz-request-id: 1V4F6QHVJPN5E81M
via: 1.1 varnish, 1.1 varnish
cache-control: max-age=120
accept-ranges: bytes
content-type: application/javascript; charset=utf-8
x-amz-meta-evergage-beacon-ver: 16
x-cache-hits: 1, 1

GET
H3 200 App.min.js Show response
www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/JavaScript/ 866 KB
235 KB 43ms
43ms Script
application/x-javascript 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/JavaScript/App.min.js?cb=6bbce00c-9c70-42b8-a552-10674b8724c3

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/cdn-cgi/scripts/7d0fa10a/cloudflare-static/rocket-loader.min.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

713e3b9a44b7483f499ffef6702ace15ddd1dadb3d1f4371cd9322c811c85f4e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 60602
x-forwarded-for: (null)
x-remote-addr: (null)
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Tue, 02 Aug 2022 12:09:56 GMT
server: cloudflare
etag: W/"bc0e0e-d8686-5e540fea63611"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: application/x-javascript
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 739547a0a9e6918f-FRA
expires: Sat, 12 Aug 2023 01:01:26 GMT

GET
H3 200 gtm.js Show response
www.googletagmanager.com/ 295 KB
90 KB 86ms
43ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-PF8D37&l=hh_gtm_dataLayer

Requested by

Host: 1redirc.com
URL: http://1redirc.com/r2.php?e=101Q3iV4eiK4UDyjOz6E5349fmNlT3JHTm5TQVdUK3k4dWliL0JmOE81NUNpMEpqL0JqQm5Yd3RDeWY2Y0tsblVLRitBbk9ycE1WRmdRczVzclF0VFlwekU3Q1UrM3k5UnpoQTk1VExLNkluVjVVb0xHYW9kVHptTGRza0JiVlQyQ21xZzE4QkduNjA5SUZUU1ZlZTNDWjNNWGxnbU9xTEx3UFpsRDhVK3dhRU9ZZklxY2xoRnlnNFZtcThOZVRMMzRIQ1FqY1QxbTByZEdUb0FHMmhqNk1qaWtCOXFLL1JiVnNHdWYyc0c2Yy9SeHZtaTNReTRhVWMxL3h2TGUrRHNra3NYRGsyWFlPaTY0UFNQbUQrTVFwSXNVUmlXeFp5KzV3MlVxL0o5aDR6TWFxOTVPWE4yUVlXK0pzOWkzSzZLWjhKWjRwQ1BSUnYxZk8wYXF6RGVRdGZBWlp4ZzdaS3JkODd4djhYTTBZcktncFpYVExpakcycGpEeCtHVDEwMlpueGFlSlBxcWEyWEhQNUpSa1lyc1Q5d09qK1ZJZ2crRUhvRDZJSmlHRldYUG4zSjhOWXNWR0hpZlV3SW9ZY0d0YjNaUFhyMVd5TVl0RjMzTmduZ2RBaDhTUzFuSVovK0xib09FK3d0TyttaWZiSkNFWWNibDU4ZDRvVTltTDVQbWg5ZTU5ajV5Mk53S0RBbmRnRVRvc2xIMU85eXkzczgwWGhIV2ZsVFJ4c1g3TmlYT3ZXMnJ3NlJFbzE0LzFNSmhYNzBGL3BSTjNieEExTHQwU016dVlXNnEzRWcwWEk3ZHNIQyttYU94bFYvTVh4aHlsWXZyRWhXcnhzeTE1VXRmdW1wdnNoOUR1dXdJMFJVNllKK1ZIcnFCWVhrb1lVbndKM01FcUp0LzdzTWVkMmIvUzc5MFdNamg2N0lsektWYUdJdE1HQUQySS83OTdVdFpMWEZDSGl0UThHenFUVkNza0VweWxxNlQ5by9zdXo0MWNML0ZCRkRyZzI3Tk9LSkN6eUIxYTNUMGgwTU1rVnJEdDNwenJCNWtwU1B1VDVUYWJzZlI0bFE9PQ%3D%3D

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a692f7016bc68010cb8a5b6da01c042072f94187b5a90c4f58795f9b07edbdaf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:26 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 91732
x-xss-protection: 0
last-modified: Fri, 12 Aug 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Aug 2022 01:01:26 GMT

GET
H2 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/ 387 KB
155 KB 606ms
20ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api.js?hl=de

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2e37877957a84efc2e5604969599edfa9be30f963d56f8a8ea5352443f72892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.h-hotels.com/
Origin: https://www.h-hotels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 18:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158422
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 04:00:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 18:41:43 GMT

GET
H3 200 userdata.html Show response
www.h-hotels.com/hotmiles/ 2 B
426 B 438ms
438ms Fetch
text/html 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.h-hotels.com/hotmiles/userdata.html

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/JavaScript/App.min.js?cb=6bbce00c-9c70-42b8-a552-10674b8724c3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.h-hotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 12 Aug 2022 01:01:27 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
x-forwarded-for: 2001:1b60:2:240:3247::7
content-type: text/html;charset=utf-8
x-remote-addr: 185.15.194.163
x-processed-by: www.h-hotels.com
x-flow-powered: Flow/7.3 Neos/7.3
strict-transport-security: max-age=15552000; includeSubDomains; preload
cf-ray: 739547a22ac0918f-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400

GET
H3 200 citysynonymslist Show response
www.h-hotels.com/hotel-search-api/api/ 7 KB
2 KB 32ms
31ms XHR
text/html 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.h-hotels.com/hotel-search-api/api/citysynonymslist

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/JavaScript/App.min.js?cb=6bbce00c-9c70-42b8-a552-10674b8724c3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

49b4b04aec4f16c1e800c81bef56ca5163f51424410f378bdf364ed752d357c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Cache-Control: no-cache
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Referer: https://www.h-hotels.com/

Response headers

date: Fri, 12 Aug 2022 01:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 60601
x-forwarded-for: 172.70.250.253
x-remote-addr: 185.15.194.163
x-processed-by: www.h-hotels.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 11 Aug 2022 08:11:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-flow-powered: Flow/7.3 Neos/7.3
cf-ray: 739547a25add918f-FRA
expires: Sat, 12 Aug 2023 01:01:26 GMT

GET
H3 200 citylist Show response
www.h-hotels.com/hotel-search-api/api/ 379 B
557 B 33ms
32ms XHR
text/html 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.h-hotels.com/hotel-search-api/api/citylist

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/JavaScript/App.min.js?cb=6bbce00c-9c70-42b8-a552-10674b8724c3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b23f50282d3f7bea86158c748d7478574eb8636cffc7b6579eb90fe5c9f14dce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Cache-Control: no-cache
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Referer: https://www.h-hotels.com/

Response headers

date: Fri, 12 Aug 2022 01:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 60601
x-forwarded-for: 172.70.251.68
x-remote-addr: 185.15.194.163
x-processed-by: www.h-hotels.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 11 Aug 2022 08:11:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-flow-powered: Flow/7.3 Neos/7.3
cf-ray: 739547a25adf918f-FRA
expires: Sat, 12 Aug 2023 01:01:26 GMT

GET
H3 200 hotellist Show response
www.h-hotels.com/hotel-search-api/api/ 9 KB
2 KB 34ms
33ms XHR
text/html 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.h-hotels.com/hotel-search-api/api/hotellist?workspaceName=live&dimensions%5Blanguage%5D%5B0%5D=de

Requested by

Host: www.h-hotels.com
URL: https://www.h-hotels.com/_Resources/Static/Packages/HospitalityAlliance.HHotelsCom/JavaScript/App.min.js?cb=6bbce00c-9c70-42b8-a552-10674b8724c3

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c9fefc8f5b37ce95d4352a73944fcbb6b9a9c03f3abfd9caf69b2d2aa3ad347

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept: */*
Cache-Control: no-cache
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Referer: https://www.h-hotels.com/

Response headers

date: Fri, 12 Aug 2022 01:01:26 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
age: 60601
x-forwarded-for: 172.70.251.38
x-remote-addr: 185.15.194.163
x-processed-by: www.h-hotels.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Thu, 11 Aug 2022 08:11:25 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: text/html;charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=31536000
x-flow-powered: Flow/7.3 Neos/7.3
cf-ray: 739547a25ae0918f-FRA
expires: Sat, 12 Aug 2023 01:01:26 GMT

POST
H3 200 rum Show response
www.h-hotels.com/cdn-cgi/ 0
167 B 23ms
23ms XHR
text/plain 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://www.h-hotels.com/cdn-cgi/rum?

Requested by

Host: static.cloudflareinsights.com
URL: https://static.cloudflareinsights.com/beacon.min.js/v652eace1692a40cfa3763df669d7439c1639079717194

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

Referer: https://www.h-hotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
content-type: application/json

Response headers

date: Fri, 12 Aug 2022 01:01:26 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cloudflare
x-frame-options: DENY
access-control-allow-methods: POST,OPTIONS
content-type: text/plain
access-control-allow-origin: https://www.h-hotels.com
access-control-max-age: 86400
access-control-allow-credentials: true
cf-ray: 739547a26af1918f-FRA
vary: Origin

GET
DATA 200
OK truncated
/ 199 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79a486a94eee24c83e86940bfd0a6f5c3f8bd4f035c46fc6dce795c5ccede58d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 528 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 70d62e3bff65be7f290bbb24afebab865c207efc463781868bf6c80ba872d7a1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 168 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 34caa9782480a25668f40eead52873b6261530cf1887d17e9fc811e040c7508c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 210 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 39f96edb0a030c2455e37c2a404650845e728078d0b01c8afeba1b08f29ade87

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 215 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6a0f5aaabd55992a1582eaa371291cff90f34a1f59e838c040eac377fa35f81d

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 208 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d5d0ca174174d3495824ca9c661ba0a7abc6ae7ab393f4743c859e2eef4d2177

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 213 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 398936a3ce23ff445338bb6c7bf5bdfbbdfa076de75212c3a15583fb7052cdf1

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 216 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 85436dbd9e2d34b2151ddef42e8af89df2e61129523710f335d941cbd6663b12

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 engage Show response
hhotelsag.germany-2.evergage.com/api2/event/ 137 B
692 B 379ms
35ms XHR
application/json 18.158.172.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hhotelsag.germany-2.evergage.com/api2/event/engage?event=eyJhY3Rpb24iOiJIb21lcGFnZSIsIml0ZW1BY3Rpb24iOm51bGwsInNvdXJjZSI6eyJwYWdlVHlwZSI6ImhvbWUiLCJjb250ZW50Wm9uZXMiOlsiZ2xvYmFsX3BvcHVwIiwiaG9tZV9maXJzdF9zbGlkZV9pbWciLCJob21lX2ZpcnN0X3NsaWRlX2tpY2tlciIsImhvbWVfZmlyc3Rfc2xpZGVfdGl0bGUiLCJob21lX2ZpcnN0X3NsaWRlX2J0biIsImhvbWVfZmlyc3Rfc2xpZGVfc21hbGxfaGVhZGVyIiwiaG9tZV9maXJzdF9zbGlkZV9zbWFsbF9pbWciLCJob21lX2ZpcnN0X3NsaWRlX3NtYWxsX2J0biJdLCJ1cmwiOiJodHRwczovL3d3dy5oLWhvdGVscy5jb20vIiwidXJsUmVmZXJyZXIiOiJodHRwczovL3Nob3BidXR0bGVyLmNvbS8iLCJjaGFubmVsIjoiV2ViIiwiYmVhY29uVmVyc2lvbiI6MTYsImNvbmZpZ1ZlcnNpb24iOiIyOCJ9LCJmbGFncyI6eyJwYWdlVmlldyI6dHJ1ZX0sInVzZXIiOnsiYW5vbklkIjoiYjBjZmQ1YTE0YTU0OTdlYyJ9LCJwZXJmb3JtYW5jZSI6e30sImRlYnVnIjp7ImV4cGxhbmF0aW9ucyI6dHJ1ZX0sImNhdGFsb2ciOnt9LCJjb25zZW50cyI6W10sImFjY291bnQiOnt9LCJfdG9vbHNFdmVudExpbmtJZCI6IjE3Mjc2MTUzNzQwNzI0ODY0In0%3D

Requested by

Host: cdn.evgnet.com
URL: https://cdn.evgnet.com/beacon/hhotelsag/engage/scripts/evergage.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.158.172.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-172-136.eu-central-1.compute.amazonaws.com

Software

Resource Hash

b8a280686d88366d1f15881f0776ec2c4239a620ed603d10fddef447f169fd7d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.h-hotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
vary: accept-encoding
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://www.h-hotels.com
access-control-allow-credentials: true
timing-allow-origin: *

GET
H3 200 technik-57-800x533.jpg
www.h-hotels.com/_Resources/Persistent/9/c/1/9/9c197d92e7eed709fa92280eee494305253f303d/ 65 KB
65 KB 30ms
30ms Image
image/jpeg 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/9/c/1/9/9c197d92e7eed709fa92280eee494305253f303d/technik-57-800x533.jpg

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74a24bf4359b94e434df47cfa958f12cd8b61e6587d43e4063902f764594766f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 58314
cf-polished: degrade=85, origSize=72427, status=webp_bigger
x-forwarded-for: (null)
x-remote-addr: (null)
cf-bgj: imgq:85,h2pri
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
last-modified: Fri, 03 Dec 2021 10:59:53 GMT
server: cloudflare
etag: "d22406-11aeb-5d23bce8bd2cb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/jpeg
vary: Accept-Encoding
cache-control: public, max-age=31536000
cf-ray: 739547a3bbea918f-FRA
expires: Sat, 12 Aug 2023 01:01:27 GMT

GET Teaser_HM_Praemienshop-03-200x133.png
www.h-hotels.com/_Resources/Persistent/a/f/7/0/af706c7bcff2ebd86474c88874e5644292eb643f/ 0
0

GET
H3 200 Teaser_HM_Praemienshop-03-1680x1120.png
www.h-hotels.com/_Resources/Persistent/2/d/a/1/2da1ac484305ae37fa926390988761ac242fd376/ 1 MB
1 MB 34ms
34ms Image
image/webp 2606:4700::6812:aa54
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.h-hotels.com/_Resources/Persistent/2/d/a/1/2da1ac484305ae37fa926390988761ac242fd376/Teaser_HM_Praemienshop-03-1680x1120.png

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6812:aa54 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

07293da7a4d5815445c8cd3f477656d32ba4e908474d706e580842db7c438f21

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:27 GMT
x-content-type-options: nosniff
cf-cache-status: HIT
age: 60394
cf-polished: origFmt=png, origSize=2235279
x-forwarded-for: (null)
x-remote-addr: (null)
content-disposition: inline; filename="Teaser_HM_Praemienshop-03-1680x1120.webp"
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Sat, 12 Aug 2023 01:01:27 GMT
last-modified: Tue, 19 Jul 2022 07:39:07 GMT
server: cloudflare
etag: "cea6de-221b8f-5e423945443b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000; includeSubDomains; preload
content-type: image/webp
vary: Accept
cache-control: public, max-age=31536000
cf-ray: 739547a48c8f918f-FRA
cf-bgj: imgq:85,h2pri

GET
H3 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 22ms
22ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PF8D37&l=hh_gtm_dataLayer

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 7167
date: Thu, 11 Aug 2022 23:02:00 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 12 Aug 2022 01:02:00 GMT

GET
H2 200 11601.js Show response
www.dwin1.com/ 37 KB
10 KB 178ms
119ms Script
application/javascript 2600:9000:2490:9400:f:8ce2:fb80:93a1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.dwin1.com/11601.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PF8D37&l=hh_gtm_dataLayer
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2490:9400:f:8ce2:fb80:93a1 -, , ASN (),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 022bc70e811cb3e0c20372e226824b44545eb7034d6029ccb35385ad49ac4e78

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-amz-version-id: tzJVV1M.G3FkyJTN8xZnfuMXKYwIgXCe
content-encoding: gzip
etag: W/"47bcb6cec21c0380c623ecb8df5f47ed"
x-amz-cf-pop: FRA56-P6
x-cache: RefreshHit from cloudfront
x-amz-replication-status: COMPLETED
access-control-allow-origin: *
last-modified: Fri, 05 Aug 2022 07:15:34 GMT
server: AmazonS3
date: Fri, 12 Aug 2022 01:01:28 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/javascript; charset=utf-8
via: 1.1 20a87151baa74b57c01624c82e244c6a.cloudfront.net (CloudFront)
cache-control: max-age=600, s-maxage=600
x-amz-cf-id: jqQ2il6IJoFHL5wywij6rBme6S61YZBGMwWXuH5-oLnc5g5zPLe62g==

GET
H2 200 OtAutoBlock.js Show response
cookie-cdn.cookiepro.com/consent/e51cbafe-d885-4f66-8ff7-7d5b9a621dc1/ 16 KB
4 KB 81ms
29ms Script
application/x-javascript 2606:4700:4400::6812:26f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/e51cbafe-d885-4f66-8ff7-7d5b9a621dc1/OtAutoBlock.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PF8D37&l=hh_gtm_dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:26f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d4dc3d1a6801247552d726e93806fea25c080f4ef8f0679b0a17a5e55eaece50

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Aug 2022 01:01:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: VzoudkbPrbbZfC/A1LrGrg==
age: 7199
x-ms-lease-status: unlocked
last-modified: Wed, 22 Jun 2022 06:34:28 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 5241e66c-f01e-005b-0a0a-860176000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 739547a648759bec-FRA

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 100 KB
27 KB 64ms
21ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PF8D37&l=hh_gtm_dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4ff1b9b91db584b19d20b4d02af9ff7673add161ce3f9ceae9391b3a84fddab1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 26515
x-xss-protection: 0
pragma: public
x-fb-debug: XkEjLVDUiRVQRo109e8ztjlelAI2dU3bCigicR02HzXIPfGQCyTbTXjSsM39yDxYrK7f/l+5psr4sbx4ZsE79Q==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Fri, 12 Aug 2022 01:01:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 40 KB
15 KB 100ms
38ms Script
text/javascript 172.217.18.2
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PF8D37&l=hh_gtm_dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.18.2 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s22-in-f2.1e100.net

Software

cafe /

Resource Hash

52e051d93279e14d8f19a0c8fb12c0ad0e5594e7621cd8db8212bd5ffece86d9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15161
x-xss-protection: 0
server: cafe
etag: 12862140795212465669
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 12 Aug 2022 01:01:27 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 38 KB
12 KB 107ms
50ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/bat.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PF8D37&l=hh_gtm_dataLayer

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
last-modified: Thu, 28 Jul 2022 17:32:37 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: DC877BE14FAB4467B22051017351EF7C Ref B: FRAEDGE1207 Ref C: 2022-08-12T01:01:27Z
etag: "80a8697a8a2d81:0"
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
date: Fri, 12 Aug 2022 01:01:27 GMT
accept-ranges: bytes
content-length: 11367

GET
H2 200 ld.js Show response
static.criteo.net/js/ld/ 42 KB
14 KB 110ms
33ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.criteo.net/js/ld/ld.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PF8D37&l=hh_gtm_dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

nginx /

Resource Hash

0e937847c7e07ed15db23b99d02385f8a76a534837159ec603319dab64a5a9ba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:27 GMT
content-encoding: gzip
last-modified: Wed, 29 Jun 2022 07:49:23 GMT
server: nginx
etag: W/"62bc0403-a792"
strict-transport-security: max-age=31536000; preload;
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Sat, 13 Aug 2022 01:01:27 GMT

GET
H3

200

bootstrap.js Show response
onboard.triptease.io/bootstrap/v5676.60823/
Redirect Chain

https://onboard.triptease.io/bootstrap.js?integrationId=01F7Y032KYE8569FY61NJWTPND
https://onboard.triptease.io/bootstrap/v5676.60823/bootstrap.js

99 KB
30 KB

114ms
89ms

Script
application/javascript

2606:4700:10::6816:4788
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/bootstrap/v5676.60823/bootstrap.js

Protocol

Server

2606:4700:10::6816:4788 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

ddfc448a2f6d5b3e179e0c8f078ac5c2d4e65c6646a3c6a1d41ca7c0c748d4f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-goog-meta-git-hash: 9f2467bb3d4645072955b0c61dd008a0959b75d5
age: 144913
x-guploader-uploadid: ADPycduCIeQz7LiwcQfL3yDlpqnQnhMIpCeLpNnGouhJfeVOlf9t5IdtwARS0Oin1s8AApBtjaiO2hKXlw2wr4-p-f3XOA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-meta-build-version: 5676.60823
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray: 739547a6f9349220-FRA
last-modified: Wed, 10 Aug 2022 08:39:54 GMT
server: cloudflare
etag: W/"70db2e32de6665ac1932dd3704833815"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
x-goog-hash: crc32c=7bLTqQ==, md5=cNsuMt5mZawZMt03BIM4FQ==
x-goog-generation: 1660120794899862
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
x-goog-stored-content-length: 101203
content-type: application/javascript; charset=utf-8
expires: Thu, 10 Aug 2023 08:45:41 GMT

Redirect headers

date: Fri, 12 Aug 2022 01:01:27 GMT
server: cloudflare
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
location: https://onboard.triptease.io/bootstrap/v5676.60823/bootstrap.js
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=600
strict-transport-security: max-age=15552000
cf-ray: 739547a679fd9180-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63

POST
H2 204 pr
hhotelsag.germany-2.evergage.com/ 0
445 B 26ms
24ms Ping
text/plain 18.158.172.136
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hhotelsag.germany-2.evergage.com/pr?.top=634&action=Homepage&.tt=380&.ttdns=39&.dt=578&.lt=613&.btdns=41&.bv=16&_ak=hhotelsag&_ds=engage&.scv=28&channel=Web&_r=170035&.anonId=b0cfd5a14a5497ec&_anon=true

Requested by

Host: cdn.evgnet.com
URL: https://cdn.evgnet.com/beacon/hhotelsag/engage/scripts/evergage.min.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

18.158.172.136 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-18-158-172-136.eu-central-1.compute.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.h-hotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.h-hotels.com
date: Fri, 12 Aug 2022 01:01:27 GMT
x-content-type-options: nosniff
timing-allow-origin: *

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 29ms
29ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&aip=1&a=1323419632&t=pageview&_s=1&dl=https%3A%2F%2Fwww.h-hotels.com%2F&dr=https%3A%2F%2Fshopbuttler.com%2F&dp=%2F&ul=en-us&de=UTF-8&dt=H-Hotels.com%20-%20Offizielle%20Website%20der%20Hyperion%2C%20H4%2C%20H2%20%26%20H%2B%20Hotels&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YGBACEABBAAAAC~&jid=1968824877&gjid=589587761&cid=290370763.1660266087&tid=UA-7626586-3&_gid=668012126.1660266087&_r=1&gtm=2wg880PF8D37&cd1=h-hotels20170804&cd2=default&cd3=empty&cd4=emtpy&cd10=420194888-1056218595&cd11=https%3A%2F%2Fshopbuttler.com%2F&cd14=https%3A%2F%2Fwww.h-hotels.com%2F&cd15=https%3A%2F%2Fshopbuttler.com%2F&cd8=290370763.1660266087&cd9=pageview&z=644366381

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.h-hotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 01:01:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.h-hotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 anchor Show response
www.google.com/recaptcha/api2/ Frame 02A6 43 KB
22 KB 82ms
39ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcWol0UAAAAAGDRzhC-80PzY0c1aaxV_b2JdDcK&co=aHR0cHM6Ly93d3cuaC1ob3RlbHMuY29tOjQ0Mw..&hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&size=compact&cb=hm2482z37n1g

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

213fb153eb80a72cebc67bf99da967f0c850d2ca9a26adf010be934a2e64487b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-FVOwZCUDiKRbRD8WtPY3cg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.h-hotels.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 22938
content-security-policy: script-src 'report-sample' 'nonce-FVOwZCUDiKRbRD8WtPY3cg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 12 Aug 2022 01:01:27 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
443 B 87ms
29ms XHR
text/plain 2a00:1450:400c:c00::9a

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-7626586-3&cid=290370763.1660266087&jid=1968824877&gjid=589587761&_gid=668012126.1660266087&_u=YGBACEAABAAAAC~&z=1879373644

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c00::9a -, , ASN (),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.h-hotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 12 Aug 2022 01:01:27 GMT
content-type: text/plain
access-control-allow-origin: https://www.h-hotels.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 otSDKStub.js Show response
cookie-cdn.cookiepro.com/scripttemplates/ 21 KB
7 KB 30ms
30ms Script
application/javascript 2606:4700:4400::6812:26f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-PF8D37&l=hh_gtm_dataLayer

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:26f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b193e73190db64bafdb99e78994418d143e8289717118e54fb1cc55f54f7a712

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Aug 2022 01:01:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: 9c22IGK2T1KyARgpJHRGhw==
age: 5761
x-ms-lease-status: unlocked
last-modified: Mon, 01 Aug 2022 16:40:16 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: d5b47ed0-801e-0051-68d4-a5a5c1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 739547a6a8aa9bec-FRA
expires: Fri, 12 Aug 2022 05:01:27 GMT

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 48ms
22ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.75

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20715
x-xss-protection: 0
pragma: public
x-fb-debug: k/TgsDIrnlBM37iGrXdM2BhsdOdueAsteztAGUgE5BhBNrEEhbf0StFe2qS1chcDOumDgfw5KKzQZUEZNHrKtw==
x-frame-options: DENY
date: Fri, 12 Aug 2022 01:01:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 1644892159084696 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 141ms
117ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1644892159084696?v=2.9.75&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6ed33f618d180b29c8dddd2a07ca9e14c0de7288f8e959ddffa203d8ffc8fd28

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
x-xss-protection: 0
pragma: public
x-fb-debug: St2isb4tYXTUBvaMebpK69vCAkWgmJtqOiNNee+3poJtHYvSKgE9bHomr6ebZxrELMA+uEo2HvD2mYL9+87OoA==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 12 Aug 2022 01:01:27 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-content-cdn-origin-ts: 1660266087593
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 4057839.js Show response
bat.bing.com/p/action/ 1 KB
850 B 176ms
175ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4057839.js

Requested by

Host: bat.bing.com
URL: https://bat.bing.com/bat.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e08d245ef89d7e09b7fbee8974b99036cb4560065caed177e8369375c3d662d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 0E999EB70A70403EA14EC1B6B6082A36 Ref B: FRAEDGE1207 Ref C: 2022-08-12T01:01:27Z
date: Fri, 12 Aug 2022 01:01:27 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 666

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1031705705/ 3 KB
2 KB 145ms
96ms Script
text/javascript 2a00:1450:4001:830::2002

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1031705705/?random=1660266087474&cv=9&fst=1660266087474&num=1&label=8JuACJHptwQQ6aj66wM&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg880&sendb=1&ig=1&data=hotel_pagetype%3Ddefault&frm=0&url=https%3A%2F%2Fwww.h-hotels.com%2F&ref=https%3A%2F%2Fshopbuttler.com%2F&tiba=H-Hotels.com%20-%20Offizielle%20Website%20der%20Hyperion%2C%20H4%2C%20H2%20%26%20H%2B%20Hotels&auid=1736555136.1660266087&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::2002 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

83f70c3626f2998f4d175156961ae6d520857d556759b44326aab9b915aac057

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 01:01:27 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1129
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 e51cbafe-d885-4f66-8ff7-7d5b9a621dc1.json Show response
cookie-cdn.cookiepro.com/consent/e51cbafe-d885-4f66-8ff7-7d5b9a621dc1/ 3 KB
2 KB 80ms
38ms XHR
application/x-javascript 2606:4700:4400::6812:26f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/e51cbafe-d885-4f66-8ff7-7d5b9a621dc1/e51cbafe-d885-4f66-8ff7-7d5b9a621dc1.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:26f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d29c24d2e3aa048c33684920290e4462a90077ab0125a63ed262787c5bea258f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Aug 2022 01:01:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: LKZLYER/Les0jMpABeJSxg==
age: 843
x-ms-lease-status: unlocked
last-modified: Wed, 22 Jun 2022 06:34:29 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: 73bc0bcb-d01e-0011-3908-86a2f9000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 739547a74aed905b-FRA

GET syncframe
gum.criteo.com/ Frame 771C 0
0

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 32ms
31ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-7626586-3&cid=290370763.1660266087&jid=1968824877&_u=YGBACEAABAAAAC~&z=1213226806

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 01:01:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 86ms
34ms Image
image/gif 2a00:1450:4001:813::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-7626586-3&cid=290370763.1660266087&jid=1968824877&_u=YGBACEAABAAAAC~&z=1213226806

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2003 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 01:01:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/ Frame 02A6 51 KB
24 KB 66ms
21ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcWol0UAAAAAGDRzhC-80PzY0c1aaxV_b2JdDcK&co=aHR0cHM6Ly93d3cuaC1ob3RlbHMuY29tOjQ0Mw..&hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&size=compact&cb=hm2482z37n1g

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 15:43:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33448
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 04:00:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 15:43:59 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/ Frame 02A6 387 KB
155 KB 77ms
33ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__de.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2e37877957a84efc2e5604969599edfa9be30f963d56f8a8ea5352443f72892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 18:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22784
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158422
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 04:00:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 18:41:43 GMT

GET
H2 200 otBannerSdk.js Show response
cookie-cdn.cookiepro.com/scripttemplates/6.35.0/ 360 KB
83 KB 36ms
36ms Script
application/javascript 2606:4700:4400::6812:26f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.35.0/otBannerSdk.js

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/otSDKStub.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:26f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d8132d45eef1f2500760399505fc221a79a3bbe60ed797bbc24599a650e69927

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Aug 2022 01:01:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: bDp57sS049dDkRqCL4m53Q==
age: 9053
x-ms-lease-status: unlocked
last-modified: Thu, 05 May 2022 01:37:09 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 04bd0eac-201e-0067-0b3c-6028b1000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 739547a7d96a9bec-FRA
expires: Fri, 12 Aug 2022 05:01:27 GMT

GET
H3 200 /
www.google.com/pagead/1p-user-list/1031705705/ 42 B
64 B 35ms
35ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1031705705/?random=1660266087474&cv=9&fst=1660266000000&num=1&label=8JuACJHptwQQ6aj66wM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg880&sendb=1&data=hotel_pagetype%3Ddefault&frm=0&url=https%3A%2F%2Fwww.h-hotels.com%2F&ref=https%3A%2F%2Fshopbuttler.com%2F&tiba=H-Hotels.com%20-%20Offizielle%20Website%20der%20Hyperion%2C%20H4%2C%20H2%20%26%20H%2B%20Hotels&async=1&fmt=3&is_vtc=1&random=334564659&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 01:01:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/1031705705/ 42 B
64 B 76ms
32ms Image
image/gif 2a00:1450:4001:813::2003

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1031705705/?random=1660266087474&cv=9&fst=1660266000000&num=1&label=8JuACJHptwQQ6aj66wM&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=3&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2wg880&sendb=1&data=hotel_pagetype%3Ddefault&frm=0&url=https%3A%2F%2Fwww.h-hotels.com%2F&ref=https%3A%2F%2Fshopbuttler.com%2F&tiba=H-Hotels.com%20-%20Offizielle%20Website%20der%20Hyperion%2C%20H4%2C%20H2%20%26%20H%2B%20Hotels&async=1&fmt=3&is_vtc=1&random=334564659&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2003 -, , ASN (),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 01:01:27 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 kernel-host.html Show response
onboard.triptease.io/kernel/v5676.60823/ Frame 2ACE 56 KB
18 KB 41ms
40ms Document
text/html 2606:4700:10::6816:4788
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/kernel/v5676.60823/kernel-host.html?originHost=www.h-hotels.com

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01F7Y032KYE8569FY61NJWTPND

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4788 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1c376aad686d4901e7d152495b7a1dc91f3f558e2bc028c1f1224edec99c6edc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.h-hotels.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-headers: Content-Type
age: 144881
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cache-control: public, max-age=31536000
cf-cache-status: HIT
cf-ray: 739547a7f9d29220-FRA
content-encoding: br
content-type: text/html; charset=utf-8
date: Fri, 12 Aug 2022 01:01:27 GMT
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
expires: Thu, 10 Aug 2023 08:46:27 GMT
last-modified: Wed, 10 Aug 2022 08:39:21 GMT
server: cloudflare
strict-transport-security: max-age=15552000
vary: Accept-Encoding
x-goog-generation: 1660120761126366
x-goog-hash: crc32c=MxwP4w== md5=7TOFLfvaYsevoGpBhWjsbg==
x-goog-meta-build-version: 5676.60823
x-goog-meta-git-hash: 9f2467bb3d4645072955b0c61dd008a0959b75d5
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 57568
x-guploader-uploadid: ADPycdsnZUECueP-U23T2GFvcFzOYoh7x4tCH9L07hQSXOh12cmaW96selFbX4yoKXf-I6iy3rx6HWAhZUqzIOXyj6qFgyrnSm_b

GET
H2 200 4057839 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 901ms
305ms Script
application/x-javascript 2620:1ec:27::cafe:1806

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/4057839
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/4057839.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1806 -, , ASN (),
Reverse DNS
Software: / ASP.NET
Resource Hash: 38b3f2e9cdc8329956531dc9a345dcb4dd9b16a55e3519e73d2a7037666a71c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:28 GMT
x-powered-by: ASP.NET
x-azure-ref: 0aKb1YgAAAACGCxE8gRZ/QIDRkYzlGxikTE9TMzBFREdFMDIxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
cache-control: no-cache, no-store
request-context: appId=cid-v1:593e4080-f032-4d00-a652-e17f01252a9d
content-length: 1638
expires: -1

GET
H2 200 /
www.facebook.com/tr/ 44 B
159 B 601ms
21ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1644892159084696&ev=PageView&dl=https%3A%2F%2Fwww.h-hotels.com%2F&rl=https%3A%2F%2Fshopbuttler.com%2F&if=false&ts=1660266087677&sw=1600&sh=1200&v=2.9.75&r=stable&ec=0&o=30&fbp=fb.1.1660266087677.1102509680&it=1660266087462&coo=false&tm=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:28 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 44
expires: Fri, 12 Aug 2022 01:01:28 GMT

GET
H2 200 en.json Show response
cookie-cdn.cookiepro.com/consent/e51cbafe-d885-4f66-8ff7-7d5b9a621dc1/f0558728-4205-42d6-b4b5-35b441f1f713/ 141 KB
24 KB 30ms
30ms Fetch
application/x-javascript 2606:4700:4400::6812:26f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/consent/e51cbafe-d885-4f66-8ff7-7d5b9a621dc1/f0558728-4205-42d6-b4b5-35b441f1f713/en.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.35.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:26f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cad08459c90bb1639f552a8dc762df507d722a339966d6d65e40437ab421884b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Aug 2022 01:01:27 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: vr+3ApCMbtJ8YdDKuS68RA==
age: 13377
x-ms-lease-status: unlocked
last-modified: Wed, 22 Jun 2022 06:34:33 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/x-javascript
access-control-allow-origin: *
x-ms-request-id: a5c7bb85-a01e-00b2-4f1c-86c73c000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: max-age=14400
x-ms-version: 2009-09-19
cf-ray: 739547a87b90905b-FRA

GET
H3 200 bframe Show response
www.google.com/recaptcha/api2/ Frame 55DB 7 KB
1 KB 32ms
31ms Document
text/html 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/bframe?hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&k=6LcWol0UAAAAAGDRzhC-80PzY0c1aaxV_b2JdDcK

Requested by

Host: www.gstatic.com
URL: https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__de.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

5f889d2e384c756d2a808e365b168bb174608d97f0de39913a49503331caed20

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-Ce8nskCZvCuLwjca3ObhZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.h-hotels.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: gzip
content-length: 1113
content-security-policy: script-src 'report-sample' 'nonce-Ce8nskCZvCuLwjca3ObhZg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-type: text/html; charset=utf-8
cross-origin-embedder-policy: require-corp
cross-origin-resource-policy: cross-origin
date: Fri, 12 Aug 2022 01:01:28 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
pragma: no-cache
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
server: GSE
x-content-type-options: nosniff
x-xss-protection: 1; mode=block

POST
H2 200 / Show response
www.facebook.com/tr/ Frame 76E6 0
223 B 23ms
21ms Document
text/plain 2a03:2880:f12d:181:face:b00c:0:25de

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de -, , ASN (),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Content-Type: application/x-www-form-urlencoded
Origin: https://www.h-hotels.com
Referer: https://www.h-hotels.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

access-control-allow-credentials: true
access-control-allow-origin: https://www.h-hotels.com
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 0
content-type: text/plain
cross-origin-resource-policy: cross-origin
date: Fri, 12 Aug 2022 01:01:28 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 webworker.js
www.google.com/recaptcha/api2/ Frame 02A6 102 B
133 B 34ms
34ms Other
text/javascript 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/webworker.js?hl=de&v=gWN_U6xTIPevg0vuq7g1hct0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

49e3d3c02d2e66e6d545c98e1249a2de848e7c17c0c676d883e764794eb22021

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcWol0UAAAAAGDRzhC-80PzY0c1aaxV_b2JdDcK&co=aHR0cHM6Ly93d3cuaC1ob3RlbHMuY29tOjQ0Mw..&hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&size=compact&cb=hm2482z37n1g
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:28 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: GSE
cross-origin-embedder-policy: require-corp
x-frame-options: SAMEORIGIN
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=300
content-security-policy: frame-ancestors 'self'
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 111
x-xss-protection: 1; mode=block
expires: Fri, 12 Aug 2022 01:01:28 GMT

GET
H3 200 kernel.js
onboard.triptease.io/kernel/v5676.60823/ Frame 2ACE 62 KB
20 KB 44ms
44ms Other
application/javascript 2606:4700:10::6816:4788
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/kernel/v5676.60823/kernel.js?

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4788 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82bce146a942a5354e40a92a6166bcc18166e73262644f69488973028b4ecae1

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://onboard.triptease.io/kernel/v5676.60823/kernel-host.html?originHost=www.h-hotels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-goog-meta-git-hash: 9f2467bb3d4645072955b0c61dd008a0959b75d5
age: 144933
x-guploader-uploadid: ADPycdtrn3SNmsUDITrXkbH0adLltU4XW0ECel_65E3GQRsa9wjnTDAcDZOwkYXeo_MlM4n6NJR9-drJjRyVM6xKr2TDYA
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-meta-build-version: 5676.60823
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray: 739547abcc2c9220-FRA
last-modified: Wed, 10 Aug 2022 08:39:21 GMT
server: cloudflare
etag: W/"5ff33fe42f778d6a501337f55c0d7d30"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
x-goog-hash: crc32c=nIt4nA==, md5=X/M/5C93jWpQEzf1XA19MA==
x-goog-generation: 1660120761079059
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 63311
content-type: application/javascript; charset=utf-8
expires: Thu, 10 Aug 2023 08:45:51 GMT

GET
H2 200 otFlat.json Show response
cookie-cdn.cookiepro.com/scripttemplates/6.35.0/assets/ 13 KB
3 KB 30ms
29ms Fetch
application/json 2606:4700:4400::6812:26f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.35.0/assets/otFlat.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.35.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:26f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8ae30f6f2162279a812bf9e00efd0c985e20e76efece9444125b410f3a6822a6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Aug 2022 01:01:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: zJSOtjdWnPd+0Wb9iMNyXw==
age: 844
x-ms-lease-status: unlocked
last-modified: Thu, 05 May 2022 01:36:54 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: a3cb46e9-f01e-0064-4208-7bc9d5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 739547abfdd2905b-FRA
expires: Fri, 12 Aug 2022 05:01:28 GMT

GET
H2 200 otPcTab.json Show response
cookie-cdn.cookiepro.com/scripttemplates/6.35.0/assets/v2/ 60 KB
14 KB 37ms
36ms Fetch
application/json 2606:4700:4400::6812:26f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.35.0/assets/v2/otPcTab.json

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.35.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:26f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f909a5e70e295f988f59a91bfbf9a4717b6432a959be54dea955a2ee7e522ebc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Aug 2022 01:01:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: FpnL0cFFASD+AoL9ZhPlUA==
age: 2632
x-ms-lease-status: unlocked
last-modified: Thu, 05 May 2022 01:36:57 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json
access-control-allow-origin: *
x-ms-request-id: 2a53bd6e-e01e-0047-4f08-7b5316000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 739547abfdd3905b-FRA
expires: Fri, 12 Aug 2022 05:01:28 GMT

GET
H2 200 otCommonStyles.css Show response
cookie-cdn.cookiepro.com/scripttemplates/6.35.0/assets/ 21 KB
4 KB 38ms
37ms Fetch
text/css 2606:4700:4400::6812:26f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cookie-cdn.cookiepro.com/scripttemplates/6.35.0/assets/otCommonStyles.css

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.35.0/otBannerSdk.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:26f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Aug 2022 01:01:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: /wtHD+oYY7dZRzCx50GZrQ==
age: 8419
x-ms-lease-status: unlocked
last-modified: Thu, 05 May 2022 01:37:22 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/css
access-control-allow-origin: *
x-ms-request-id: 7efafbb0-401e-004e-1e05-6616c5000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 739547abfdd4905b-FRA
expires: Fri, 12 Aug 2022 05:01:28 GMT

GET
H3 200 styles__ltr.css
www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/ Frame 55DB 51 KB
24 KB 22ms
21ms Stylesheet
text/css 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/styles__ltr.css

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&k=6LcWol0UAAAAAGDRzhC-80PzY0c1aaxV_b2JdDcK

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 15:43:59 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 33449
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 24237
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 04:00:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 15:43:59 GMT

GET
H3 200 recaptcha__de.js Show response
www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/ Frame 55DB 387 KB
155 KB 24ms
24ms Script
text/javascript 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/recaptcha/releases/gWN_U6xTIPevg0vuq7g1hct0/recaptcha__de.js

Requested by

Host: www.google.com
URL: https://www.google.com/recaptcha/api2/bframe?hl=de&v=gWN_U6xTIPevg0vuq7g1hct0&k=6LcWol0UAAAAAGDRzhC-80PzY0c1aaxV_b2JdDcK

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c2e37877957a84efc2e5604969599edfa9be30f963d56f8a8ea5352443f72892

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.google.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Thu, 11 Aug 2022 18:41:43 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 22785
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/recaptcha
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 158422
x-xss-protection: 0
last-modified: Mon, 01 Aug 2022 04:00:16 GMT
server: sffe
cross-origin-opener-policy: same-origin-allow-popups; report-to="recaptcha"
vary: Accept-Encoding
report-to: {"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Fri, 11 Aug 2023 18:41:43 GMT

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 22ms
22ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.75

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.35.0/otBannerSdk.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
content-length: 20715
x-xss-protection: 0
pragma: public
x-fb-debug: k/TgsDIrnlBM37iGrXdM2BhsdOdueAsteztAGUgE5BhBNrEEhbf0StFe2qS1chcDOumDgfw5KKzQZUEZNHrKtw==
x-frame-options: DENY
date: Fri, 12 Aug 2022 01:01:28 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 4057839.js Show response
bat.bing.com/p/action/ 1 KB
797 B 330ms
330ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://bat.bing.com/p/action/4057839.js

Requested by

Host: cookie-cdn.cookiepro.com
URL: https://cookie-cdn.cookiepro.com/scripttemplates/6.35.0/otBannerSdk.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e08d245ef89d7e09b7fbee8974b99036cb4560065caed177e8369375c3d662d2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: A380B75320B84C1196FEB7BC3A3D64BC Ref B: FRAEDGE1207 Ref C: 2022-08-12T01:01:28Z
date: Fri, 12 Aug 2022 01:01:28 GMT
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private,max-age=60
content-length: 666

GET
H2 200 poweredBy_cp_logo.svg
cookie-cdn.cookiepro.com/logos/static/ 5 KB
2 KB 38ms
37ms Image
image/svg+xml 2606:4700:4400::6812:26f3
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookie-cdn.cookiepro.com/logos/static/poweredBy_cp_logo.svg

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:4400::6812:26f3 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

8df4e2508308452516a8972eb7d993d970eefeea6705487b0e100c0fa7b4b447

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
date: Fri, 12 Aug 2022 01:01:28 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
content-md5: uInNdQwuuw8s7lYl3cE7eQ==
age: 4606
x-ms-lease-status: unlocked
last-modified: Mon, 01 Aug 2022 16:40:21 GMT
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/svg+xml
access-control-allow-origin: *
x-ms-request-id: ed197ed6-701e-0045-60de-a5edae000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=14400
x-ms-version: 2009-09-19
cf-ray: 739547acccb09bec-FRA
expires: Fri, 12 Aug 2022 05:01:28 GMT

GET
H2 200 clarity.js Show response
www.clarity.ms/eus2-b/s/0.6.37/ 53 KB
23 KB 303ms
301ms Script
application/javascript 2620:1ec:27::cafe:1806

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/eus2-b/s/0.6.37/clarity.js
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/4057839
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1806 -, , ASN (),
Reverse DNS
Software: / ASP.NET
Resource Hash: 9e8ba124b0c73a351df657b54d58db545fe810e16c0d9b07824a64864792a20d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:28 GMT
content-encoding: br
etag: "1d8aa4ff65ff896"
last-modified: Wed, 01 Jun 2022 12:22:22 GMT
x-powered-by: ASP.NET
vary: Accept-Encoding
x-cache: CONFIG_NOCACHE
content-type: application/javascript;charset=utf-8
cache-control: public,max-age=86400
x-azure-ref: 0aKb1YgAAAABlxe81O/DUQoKSL7yVujaoTE9TMzBFREdFMDIxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
accept-ranges: bytes
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2

200

c.gif
c.clarity.ms/
Redirect Chain

https://c.clarity.ms/c.gif
https://c.bing.com/c.gif?CtsSyncId=AB41A79C53D543CCAE87527E6FAAB35C&RedC=c.clarity.ms&MXFR=26120E0BA56265A30EE41FF5A1626B3C
https://c.clarity.ms/c.gif?CtsSyncId=AB41A79C53D543CCAE87527E6FAAB35C&MUID=33A3BDFFEB7969B93CFAAC01EAAB68DA

42 B
369 B

42ms
42ms

Image
image/gif

20.234.93.27

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif?CtsSyncId=AB41A79C53D543CCAE87527E6FAAB35C&MUID=33A3BDFFEB7969B93CFAAC01EAAB68DA
Protocol: H2
Server: 20.234.93.27 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 01:01:28 GMT
last-modified: Thu, 28 Jul 2022 20:41:52 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "82531c78c2a2d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

Redirect headers

pragma: no-cache
date: Fri, 12 Aug 2022 01:01:28 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B54378DDB49744B3B73E3E56A54FE0E7 Ref B: FRAEDGE1207 Ref C: 2022-08-12T01:01:28Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://c.clarity.ms/c.gif?CtsSyncId=AB41A79C53D543CCAE87527E6FAAB35C&MUID=33A3BDFFEB7969B93CFAAC01EAAB68DA
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 4057839 Show response
www.clarity.ms/tag/uet/ 2 KB
2 KB 305ms
304ms Script
application/x-javascript 2620:1ec:27::cafe:1806

General

Check archive.org

Show headers Download Go to

Full URL: https://www.clarity.ms/tag/uet/4057839
Requested by: Host: bat.bing.com
URL: https://bat.bing.com/p/action/4057839.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:27::cafe:1806 -, , ASN (),
Reverse DNS
Software: / ASP.NET
Resource Hash: 38b3f2e9cdc8329956531dc9a345dcb4dd9b16a55e3519e73d2a7037666a71c6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:28 GMT
x-powered-by: ASP.NET
x-azure-ref: 0aKb1YgAAAAD+Y2Ud0ffPTYMFpOCzu6dUTE9TMzBFREdFMDIxNgA2Y2ZiZWVlMC01MDI3LTQ4NGItODk2Ny00YTI5YWY3N2YxZTE=
x-cache: CONFIG_NOCACHE
content-type: application/x-javascript
expires: -1
cache-control: no-cache, no-store
request-context: appId=cid-v1:2f7711a9-b21e-4abe-a9d6-5b0ce5d18b64

POST
H2 204 collect Show response
e.clarity.ms/ 0
176 B 354ms
113ms XHR
text/plain 20.62.48.180

General

Check archive.org

Show headers Download Go to

Full URL: https://e.clarity.ms/collect
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/eus2-b/s/0.6.37/clarity.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 20.62.48.180 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept: application/x-clarity-gzip
Referer: https://www.h-hotels.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

access-control-allow-origin: https://www.h-hotels.com
date: Fri, 12 Aug 2022 01:01:28 GMT
access-control-allow-credentials: true
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
request-context: appId=cid-v1:bdfb7149-d2ee-45f0-9a22-f0b1c5035608

GET
H2 200 c.gif
c.clarity.ms/ 42 B
81 B 45ms
45ms Image
image/gif 20.234.93.27

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://c.clarity.ms/c.gif
Requested by: Host: www.clarity.ms
URL: https://www.clarity.ms/tag/uet/4057839
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 20.234.93.27 -, , ASN (),
Reverse DNS
Software: Microsoft-IIS/10.0 / ASP.NET
Resource Hash: 99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.h-hotels.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Aug 2022 01:01:28 GMT
last-modified: Thu, 28 Jul 2022 20:41:52 GMT
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
etag: "82531c78c2a2d81:0"
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
cache-control: private, no-cache, proxy-revalidate, no-store
accept-ranges: bytes
content-type: image/gif
content-length: 42

POST collect
e.clarity.ms/ 0
0

GET
H3 200 h-hotels.js Show response
onboard.triptease.io/integrations/v5676.60823/ 139 KB
44 KB 92ms
69ms Script
application/javascript 2606:4700:10::6816:4788
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/integrations/v5676.60823/h-hotels.js

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01F7Y032KYE8569FY61NJWTPND

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700:10::6816:4788 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

3c66a585adba4d41ebdec2570d0c3c3457b69a4152f3158c3c27156fff30005f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.h-hotels.com/
Origin: https://www.h-hotels.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Safari/537.36

Response headers

date: Fri, 12 Aug 2022 01:01:29 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-goog-meta-git-hash: 9f2467bb3d4645072955b0c61dd008a0959b75d5
age: 144922
x-guploader-uploadid: ADPycdvL3Y8Riry1o4gsFpkYTUMJHsXg_tvJoaDktwg5q5wAazTsdIRd5AMDQX9RYi4m4UL9ypYWVMiIXEQibnU5zZhRsX-fuVDs
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-meta-build-version: 5676.60823
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-ray: 739547b29fd2bbef-FRA
last-modified: Wed, 10 Aug 2022 08:43:44 GMT
server: cloudflare
etag: W/"78d2124be65c23048bf5b4416a7bece9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
x-goog-hash: crc32c=O17B2g==, md5=eNISS+ZcIwSL9bRBanvs6Q==
x-goog-generation: 1660121024718946
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
x-goog-stored-content-length: 142459
content-type: application/javascript; charset=utf-8
expires: Thu, 10 Aug 2023 08:45:58 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.h-hotels.com
URL: https://www.h-hotels.com/_Resources/Persistent/a/f/7/0/af706c7bcff2ebd86474c88874e5644292eb643f/Teaser_HM_Praemienshop-03-200x133.png

Domain: gum.criteo.com
URL: https://gum.criteo.com/syncframe?topUrl=www.h-hotels.com&origin=onetag

Domain: e.clarity.ms
URL: https://e.clarity.ms/collect

Verdicts & Comments Add Verdict or Comment

79 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.copitalone.com/	1970-01-20 14:47:06	Name: __tad Value: 1660266081.1930601
.1redirc.com/	1970-01-20 13:56:42	Name: __dsnsid Value: 20220812110122f897e10ec53ad1162c
clever-redirect.com/	1970-01-20 05:12:32	Name: 043ad963b88ab23cb7da28dfae8cf6ff Value: 10df8c9f92fca8437cfa908cf7375ef5fd340c266bae433a65815c5ee15ce1dfa%3A2%3A%7Bi%3A0%3Bs%3A32%3A%22043ad963b88ab23cb7da28dfae8cf6ff%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
spidershopping.com/	1970-01-20 05:12:32	Name: 4ed49c494f92371c85f609ea6816cc0f Value: 062a87f17526526a25a118dee0e863dd9a0fd733f505a1be415196c76ed1491ea%3A2%3A%7Bi%3A0%3Bs%3A32%3A%224ed49c494f92371c85f609ea6816cc0f%22%3Bi%3A1%3Bs%3A1%3A%221%22%3B%7D
shopbuttler.com/	1970-01-20 05:11:13	Name: XSRF-TOKEN Value: eyJpdiI6IjB5a3gxc3ZsblpXSkJ1RDA5QWl4RlE9PSIsInZhbHVlIjoieTcyU3BudzhRdy9yNUhzMCtlcnNnVmVUaVRqbW9hK2NaUWF0S1dTalJoaTJ1c1NxbktzSTlDS1VrSXFGNGtlUGI2V1l6M2RxU1Z4djJ1ZXhGS0taV2w1MHdMbzdUMlUyT1lLbjlUOXErQWJtQU9Zd1AzM2JvOUNzQXl4emgyNVgiLCJtYWMiOiJhNDI3MTQ0ZGIyNjI3OTQ5MWFmOWE3ZDBhMWFlYWE4Y2Y1YTg3NGZiNThjMzAyNTEyOTBmNjk3MjhiYWE3MzkxIiwidGFnIjoiIn0%3D
shopbuttler.com/	1970-01-20 05:11:13	Name: shopbuttler_session Value: eyJpdiI6IkpGRE9LSEtSRnNEck9uWVdPUmxwV2c9PSIsInZhbHVlIjoiaGFrM2VwTEFpb0Zmc0FOOTBYdHlDZFlGaGNkSmhuWmRzcHdUb3praVJoMFBtR2FMNWNFMFhEZ3VkMFNHTG5EUGt5TWdqaGNTUzhtWGdIenA5L3U4RzIydFdycFhnWjhvVlBXem10dWo1dzc1QWsxQ0JnYkh5MFZhaEk0Z2dXaUQiLCJtYWMiOiIyODQxYjg0ODYxOGY3YmJkZDJkYzQ0NTZiMTg0MGUwNWQ1YWRmOWM0MzlhYjNhYjc2ZDM0MDVhOGFjYWNhYTZjIiwidGFnIjoiIn0%3D
.shopbuttler.com/	1970-01-20 14:47:06	Name: _ga Value: GA1.2.1099945410.1660266086
.shopbuttler.com/	1970-01-20 05:12:32	Name: _gid Value: GA1.2.1258333774.1660266086
.shopbuttler.com/	1970-01-20 05:11:06	Name: _gat_gtag_UA_175809664_6 Value: 1
.h-hotels.com/	1970-01-20 14:47:06	Name: _evga_309b Value: {%22uuid%22:%22b0cfd5a14a5497ec%22}
.h-hotels.com/	1970-01-20 14:47:06	Name: _sfid_ff03 Value: {%22anonymousId%22:%22b0cfd5a14a5497ec%22%2C%22consents%22:[]}
www.h-hotels.com/	1969-12-31 23:59:59	Name: Neos_Session Value: RZlYvFJwMQvYbO7ttqrpAG4UqQdLZUES
.h-hotels.com/	1970-01-20 07:20:42	Name: _gcl_au Value: 1.1.1736555136.1660266087
.h-hotels.com/	1970-01-20 14:47:06	Name: _ga Value: GA1.2.290370763.1660266087
.h-hotels.com/	1970-01-20 05:12:32	Name: _gid Value: GA1.2.668012126.1660266087
.h-hotels.com/	1970-01-20 05:11:06	Name: _gat_UA-7626586-3 Value: 1
hhotelsag.germany-2.evergage.com/	1970-01-20 05:21:10	Name: AWSALBCORS Value: EMbZnC+cyHttCFirfkbgxbPfg8ikktwYEHyppSeSXRf4+CzUjkiFD3eelCa+o/UNYR6Hoam8LPnTO3TLenvBoH/er+VFfU7cfCAQP51Y/zM7kXZaVVqWKNIUGuSN
.bing.com/	1970-01-20 14:32:42	Name: MUID Value: 33A3BDFFEB7969B93CFAAC01EAAB68DA
.h-hotels.com/	1970-01-20 05:12:32	Name: _uetsid Value: 4b449e8019da11edb59e7db4f5e6bf01
.h-hotels.com/	1970-01-20 14:32:42	Name: _uetvid Value: 4b44cd1019da11eda47f19255f809a3d

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

1redirc.com
bat.bing.com
c.bing.com
c.clarity.ms
cdn.evgnet.com
clever-redirect.com
connect.facebook.net
cookie-cdn.cookiepro.com
e.clarity.ms
googleads.g.doubleclick.net
gum.criteo.com
h-hotels.com
hhotelsag.germany-2.evergage.com
onboard.triptease.io
shopbuttler.com
spidershopping.com
static.cloudflareinsights.com
static.criteo.net
stats.g.doubleclick.net
www.clarity.ms
www.copitalone.com
www.dwin1.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.gstatic.com
www.h-hotels.com
www.smartredirect.de
e.clarity.ms
gum.criteo.com
www.h-hotels.com
103.224.182.206
103.224.212.253
151.101.0.114
162.55.54.68
172.217.18.2
18.158.172.136
20.234.93.27
20.62.48.180
2600:9000:2490:9400:f:8ce2:fb80:93a1
2606:4700:10::6816:4788
2606:4700:3034::6815:2953
2606:4700:3037::6815:ed
2606:4700:4400::6812:26f3
2606:4700:440e::ac40:9c1a
2606:4700::6812:aa54
2620:1ec:27::cafe:1806
2620:1ec:c11::200
2a00:1450:4001:813::2003
2a00:1450:4001:813::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2004
2a00:1450:4001:82f::2008
2a00:1450:4001:830::2002
2a00:1450:400c:c00::9a
2a02:2638::3
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
78.46.197.88
022bc70e811cb3e0c20372e226824b44545eb7034d6029ccb35385ad49ac4e78
07293da7a4d5815445c8cd3f477656d32ba4e908474d706e580842db7c438f21
084d8f73a417f3844697f8920f7910354e85894a682f328d461126bc07a4b441
0c9fefc8f5b37ce95d4352a73944fcbb6b9a9c03f3abfd9caf69b2d2aa3ad347
0e937847c7e07ed15db23b99d02385f8a76a534837159ec603319dab64a5a9ba
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1b5ebc8296c528ca19120be423218d2b9c534352502d1c625d8829c3b299f0dc
1c376aad686d4901e7d152495b7a1dc91f3f558e2bc028c1f1224edec99c6edc
213fb153eb80a72cebc67bf99da967f0c850d2ca9a26adf010be934a2e64487b
278ab04061d7ab7eeb5fdc0efff5ea4e4d348580a18cba0318219430bc96a909
2e597721b81e3be4d73c1b827192ab452e4259382d146b8a1e25ccd64b5c910c
30153b15b4cb898c421e657f6de21dc27435cb990e7888367bdee12e06398da7
314d4931da5b54a876ec1bd48879ff7213e38d21108d0085fd16aec7f7d2a8b4
33d533cede95a42fc46b7c65654e2cd019dd4ef3233357b326cc015a5aa0ea06
34caa9782480a25668f40eead52873b6261530cf1887d17e9fc811e040c7508c
35248434e68e4c5ce5d13437079e3fa61a6717d16491658fe596107b0f610e3c
35f1eaa1dfb800aea1bf4d612b826986c4f7ced0050f7e6829d2d099edc8f27b
38b3f2e9cdc8329956531dc9a345dcb4dd9b16a55e3519e73d2a7037666a71c6
398936a3ce23ff445338bb6c7bf5bdfbbdfa076de75212c3a15583fb7052cdf1
39f96edb0a030c2455e37c2a404650845e728078d0b01c8afeba1b08f29ade87
3c66a585adba4d41ebdec2570d0c3c3457b69a4152f3158c3c27156fff30005f
40daba765e68df81072dba603adecbd49b4c9b0ee836189af681c3a7827bfd9e
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
49b4b04aec4f16c1e800c81bef56ca5163f51424410f378bdf364ed752d357c9
49e3d3c02d2e66e6d545c98e1249a2de848e7c17c0c676d883e764794eb22021
4db8632a639936d03de34afb7081affb5e8b65af6d3d7bf1abeed669dcdd9684
4f2721fcaed5436f55432318b274d1542e96753b56c6ec6cdbd1c0fdd46bc66d
4f39eb364660b14322fda06f13aa593ab8bbd27e6f8f3c9fb83dc4d2b7633348
4ff1b9b91db584b19d20b4d02af9ff7673add161ce3f9ceae9391b3a84fddab1
521a98a5f03724bd4e29a6ed9834b450c7c7f44daa632f03430a5a8fdeccd0a1
52e051d93279e14d8f19a0c8fb12c0ad0e5594e7621cd8db8212bd5ffece86d9
5f889d2e384c756d2a808e365b168bb174608d97f0de39913a49503331caed20
60ccea923e0b559ac566d05b731feb8e79240b105db478e8cba4f659c7a2cf73
6a0f5aaabd55992a1582eaa371291cff90f34a1f59e838c040eac377fa35f81d
6d07f7e11a3a8b124282ce73051eabeb460577018c2ddaafe4426c9ec56922a3
6df654521d0366f859476fc7bbbe344194d381ab297564ba3b867d18c0aa30cb
6ed33f618d180b29c8dddd2a07ca9e14c0de7288f8e959ddffa203d8ffc8fd28
70d62e3bff65be7f290bbb24afebab865c207efc463781868bf6c80ba872d7a1
713e3b9a44b7483f499ffef6702ace15ddd1dadb3d1f4371cd9322c811c85f4e
735d056f5cbd977749ec5f4c243f2f2a947b899cf54d1404e4d2b60271f7095a
74a24bf4359b94e434df47cfa958f12cd8b61e6587d43e4063902f764594766f
74c39b5ec5a61c19ff20d81c0418fabd61d6deb6ac0c967da28761d6b895ff7d
78cdaeabec994c30004a02b76c4c9de2216289c12df5466c506456a8370b49cd
79a486a94eee24c83e86940bfd0a6f5c3f8bd4f035c46fc6dce795c5ccede58d
82bce146a942a5354e40a92a6166bcc18166e73262644f69488973028b4ecae1
83f70c3626f2998f4d175156961ae6d520857d556759b44326aab9b915aac057
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
85436dbd9e2d34b2151ddef42e8af89df2e61129523710f335d941cbd6663b12
85665020508de909a7508dc7919bbe84e446d779e4ed3025395a707d976ad198
8ae30f6f2162279a812bf9e00efd0c985e20e76efece9444125b410f3a6822a6
8d79ab50b13be1d8e676266c67b60e5c7e08f7239ff333fe840864d16f96b9a2
8df4e2508308452516a8972eb7d993d970eefeea6705487b0e100c0fa7b4b447
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
9e8ba124b0c73a351df657b54d58db545fe810e16c0d9b07824a64864792a20d
9fcbfb456db0c234a32387b97a6f5d1f7f28fdd9bbf4eb815f1bec23f8ecb2c1
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a2d68e4530bbf55b595085ad00ef6999cb64574eb58b44b53ef0516fa7fa4aed
a692f7016bc68010cb8a5b6da01c042072f94187b5a90c4f58795f9b07edbdaf
ad7a88feb119b4bbb93a6f05c4099a7266d105d73c0280a7e1b3dc421fdd55cb
b193e73190db64bafdb99e78994418d143e8289717118e54fb1cc55f54f7a712
b23f50282d3f7bea86158c748d7478574eb8636cffc7b6579eb90fe5c9f14dce
b8a280686d88366d1f15881f0776ec2c4239a620ed603d10fddef447f169fd7d
c2e37877957a84efc2e5604969599edfa9be30f963d56f8a8ea5352443f72892
c7cd381e47fdb146a3bc06b9fa65d04ce4d654d06240e368d83f0208bf254891
cad08459c90bb1639f552a8dc762df507d722a339966d6d65e40437ab421884b
ccf00d1923b0131a10e0c6d26f95e5dee6ebf8621a27e83c5a2f68a2e0093142
ce8b04c5832326994a174ea2b92baee7a9125f89db4b73f641ad73a122c3f0f5
d232f1b6099ca4cd4a7fe5a32773ea44e2e4c61bed52bd7d3ffa8d58570b7f46
d29c24d2e3aa048c33684920290e4462a90077ab0125a63ed262787c5bea258f
d4dc3d1a6801247552d726e93806fea25c080f4ef8f0679b0a17a5e55eaece50
d4edbbe1037c50c8ffa90860286c8166860ad9da450ed5e16a28e2fc9bce3c23
d5d0ca174174d3495824ca9c661ba0a7abc6ae7ab393f4743c859e2eef4d2177
d8132d45eef1f2500760399505fc221a79a3bbe60ed797bbc24599a650e69927
daf37bf9db426257646224b7a2f44c05f4c8c0f8ad2e310b5d75ad6a73642d44
ddeef24de12dd7f5cb2478726eaa29d7e76260f240c7e6e785f8942639f8b4a8
ddfc448a2f6d5b3e179e0c8f078ac5c2d4e65c6646a3c6a1d41ca7c0c748d4f0
de247cd49ff0ae536feaa101feafa29471d7d357e735e522ded9ce9ad03d46a7
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e08d245ef89d7e09b7fbee8974b99036cb4560065caed177e8369375c3d662d2
e0b37e1546b6e82f61ddd26957aa81a0e1e7570565554c6b52bddfbc55534d90
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9aecf640aef92ef2a7648fe47441ed248ebac3d86fc0fb359a34f30da7f4c2d
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef7f93377ddc7256235cfe1cf2112c42aef89bd8ae886c2af806fd5a191d798a
f6d032132eed5aa1a417456f07864c51fe631858b190224cf7d1a50116d15f48
f909a5e70e295f988f59a91bfbf9a4717b6432a959be54dea955a2ee7e522ebc
fd0a1ac929c11b08e819fe4b0a18c5574012c44f09de8987c6be99a0f055a505
ff82aeed6b9bb6701696c84d1b223d2e682eb78c89117a438ce6cfea8c498995

www.h-hotels.com Open in urlscan Pro 2606:4700::6812:aa54 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

103 Requests

91 %HTTPS

68 %IPv6

26 Domains

31 Subdomains

27 IPs

4 Countries

3260 kBTransfer

6712 kBSize

20 Cookies

13 Outgoing links

Page URL History

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 11 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.h-hotels.com Open in urlscan Pro
2606:4700::6812:aa54 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

91 %
HTTPS

68 %
IPv6

26
Domains

31
Subdomains

27
IPs

4
Countries

3260 kB
Transfer

6712 kB
Size

20
Cookies

103 HTTP transactions
11 data transactions