urlscan.io logo urlscan.io
SecurityTrails logo

www.nextguest.com Open in urlscan Pro
34.234.198.47  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://www.contactlessmenu.app/
Effective URL: https://www.nextguest.com/
Submission: On May 03 via automatic, source certstream-suspicious
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 13 IPs in 2 countries across 10 domains to perform 64 HTTP transactions. The main IP is 34.234.198.47, located in Ashburn, United States and belongs to AMAZON-AES, US. The main domain is www.nextguest.com.
TLS certificate: Issued by R3 on March 22nd 2021. Valid for: 3 months.
This is the only time www.nextguest.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 52.205.248.143 14618 (AMAZON-AES)
20 34.234.198.47 14618 (AMAZON-AES)
1 104.16.92.80 13335 (CLOUDFLAR...)
2 3 151.101.12.217 54113 (FASTLY)
2 2a02:26f0:6c0... 20940 (AKAMAI-ASN1)
5 54.230.183.85 16509 (AMAZON-02)
9 2600:9000:206... 16509 (AMAZON-02)
1 52.216.170.181 16509 (AMAZON-02)
6 151.101.114.109 54113 (FASTLY)
1 151.101.192.217 54113 (FASTLY)
15 13.32.21.39 16509 (AMAZON-02)
1 34.120.202.204 15169 (GOOGLE)
1 65.9.84.121 16509 (AMAZON-02)
1 3.232.192.25 14618 (AMAZON-AES)
64 13
1    52.205.248.143 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-205-248-143.compute-1.amazonaws.com
www.contactlessmenu.app
20    34.234.198.47 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-234-198-47.compute-1.amazonaws.com
www.nextguest.com
1    104.16.92.80 (United States)

ASN13335 (CLOUDFLARENET, US)
app-ab32.marketo.com
3    151.101.12.217 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
player.vimeo.com
2    2a02:26f0:6c00::210:ba20 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
vod-progressive.akamaized.net
5    54.230.183.85 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-54-230-183-85.ham50.r.cloudfront.net
consent.trustarc.com
9    2600:9000:206f:e000:f:61c:aa80:21 (United States)

ASN16509 (AMAZON-02, US)
d138unkswby3sa.cloudfront.net
1    52.216.170.181 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com
s3.amazonaws.com
6    151.101.114.109 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)
i.vimeocdn.com
f.vimeocdn.com
1    151.101.192.217 (United States)

ASN54113 (FASTLY, US)
vimeo.com
15    13.32.21.39 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-32-21-39.fra56.r.cloudfront.net
consent-pref.trustarc.com
1    34.120.202.204 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 204.202.120.34.bc.googleusercontent.com
fresnel.vimeocdn.com
1    65.9.84.121 (United States)

ASN16509 (AMAZON-02, US)
consent-st.trustarc.com
1    3.232.192.25 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-232-192-25.compute-1.amazonaws.com
prefmgr-cookie.truste-svc.net
Domain Requested by
20 www.nextguest.com www.nextguest.com
15 consent-pref.trustarc.com consent.trustarc.com
consent-pref.trustarc.com
prefmgr-cookie.truste-svc.net
9 d138unkswby3sa.cloudfront.net www.nextguest.com
5 consent.trustarc.com www.nextguest.com
consent.trustarc.com
3 f.vimeocdn.com player.vimeo.com
3 i.vimeocdn.com player.vimeo.com
3 player.vimeo.com 2 redirects www.nextguest.com
2 vod-progressive.akamaized.net www.nextguest.com
1 prefmgr-cookie.truste-svc.net www.nextguest.com
1 consent-st.trustarc.com consent-pref.trustarc.com
1 fresnel.vimeocdn.com f.vimeocdn.com
1 vimeo.com f.vimeocdn.com
1 s3.amazonaws.com www.nextguest.com
1 app-ab32.marketo.com www.nextguest.com
1 www.contactlessmenu.app 1 redirects
64 15

This site contains links to these domains. Also see Links.

Domain
www.facebook.com
twitter.com
www.instagram.com
www.linkedin.com
www.youtube.com
www.xing.com
Subject Issuer Validity Valid
nextguest.com
R3		 2021-03-22 -
2021-06-20		 3 months crt.sh
app-ab32.marketo.com
Cloudflare Inc ECC CA-3		 2020-07-02 -
2021-07-02		 a year crt.sh
a248.e.akamai.net
DigiCert Secure Site ECC CA-1		 2020-07-15 -
2021-09-13		 a year crt.sh
vimeo.map.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-04-12 -
2022-04-13		 a year crt.sh
*.trustarc.com
Go Daddy Secure Certificate Authority - G2		 2020-05-21 -
2022-07-17		 2 years crt.sh
*.cloudfront.net
DigiCert Global CA G2		 2021-02-22 -
2022-02-21		 a year crt.sh
s3.amazonaws.com
DigiCert Baltimore CA-2 G2		 2020-08-04 -
2021-08-09		 a year crt.sh
f3.shared.global.fastly.net
GlobalSign CloudSSL CA - SHA256 - G3		 2021-04-26 -
2022-03-26		 a year crt.sh
fresnel.vimeocdn.com
GTS CA 1D4		 2021-05-01 -
2021-07-30		 3 months crt.sh
*.truste-svc.net
Go Daddy Secure Certificate Authority - G2		 2020-04-25 -
2022-06-23		 2 years crt.sh

This page contains 6 frames:

Primary Page: https://www.nextguest.com/
Frame ID: B08378079C3890B6B5BF0473C967E34D
Requests: 37 HTTP requests in this frame

Frame: https://player.vimeo.com/video/513785047
Frame ID: E6805D87E9E87DF4224D4B1421CCC966
Requests: 9 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?type=hebsdigitaltype&site=nextguest.com&action=notice&country=ch&locale=en&behavior=expressed&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
Frame ID: 589150696CE1A3A7855671698E116A0D
Requests: 15 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/defaultpreferencemanager/67B873F492AD87C25B322202223D7A22.cache.html
Frame ID: EDC536109459C044D06E7A1A17B769A9
Requests: 1 HTTP requests in this frame

Frame: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=hebsdigitaltype&site=nextguest.com&action=notice&country=ch&locale=en&behavior=expressed&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
Frame ID: D0CBCADF09527BCE3BA5ED1B90DB031D
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/cookie_inneriframe.html
Frame ID: 4254759DC3863A5AFDCB528E8351F80B
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page URL History Show full URLs

  1. https://www.contactlessmenu.app/ HTTP 301
    https://www.nextguest.com/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Page Statistics

64
Requests

100 %
HTTPS

14 %
IPv6

10
Domains

15
Subdomains

13
IPs

2
Countries

13811 kB
Transfer

15483 kB
Size

2
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://www.contactlessmenu.app/ HTTP 301
    https://www.nextguest.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 10
  • https://player.vimeo.com/external/382498987.hd.mp4?s=d7476c9847a9dd7b2d6735e63ebce069cba18e95&profile_id=174 HTTP 302
  • https://vod-progressive.akamaized.net/exp=1620080266~acl=%2Fvimeo-prod-skyfire-std-us%2F01%2F1499%2F15%2F382498987%2F1605495407.mp4~hmac=2f915b65fc274c8f4a65a53dfd87ada04d6b8b110b33459907d07daa73f59466/vimeo-prod-skyfire-std-us/01/1499/15/382498987/1605495407.mp4?filename=NXG+Video.mp4
Request Chain 12
  • https://player.vimeo.com/external/382499562.hd.mp4?s=1c798ce2446ea30f61f001fe85e7f6cb20f747ce&profile_id=174 HTTP 302
  • https://vod-progressive.akamaized.net/exp=1620069466~acl=%2Fvimeo-prod-skyfire-std-us%2F01%2F1499%2F15%2F382499562%2F1605498372.mp4~hmac=d778506257b5de44948f6c7fc3ba936e8723662ecf473e1a515b63e983cf381c/vimeo-prod-skyfire-std-us/01/1499/15/382499562/1605498372.mp4?filename=NXG+Waves+video.mp4

64 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.nextguest.com/
Redirect Chain
  • https://www.contactlessmenu.app/
  • https://www.nextguest.com/
78 KB
18 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.nextguest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.234.198.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-198-47.compute-1.amazonaws.com
Software
nginx / NextGuest CMS
Resource Hash
6284f7c97f9e4e93f7b29edaa0195c2439fdbb9555ff9176aa49176700f2ee1f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:method
GET
:authority
www.nextguest.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
none
sec-fetch-mode
navigate
sec-fetch-user
?1
sec-fetch-dest
document
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

server
nginx
date
Mon, 03 May 2021 18:17:46 GMT
content-type
text/html; charset=UTF-8
vary
Accept-Encoding
x-consent-required
1
x-hebs-cache-status
hit
last-modified
Mon, 04 Jan 2021 21:29:37 GMT
etag
W/"2366344fe8947f3316e942e28dee369de2939b28"
cache-control
private, max-age=7200, must-revalidate, pre-check=30, post-check=30
pragma
expires
Mon, 03 May 2021 18:43:35 GMT
access-control-allow-origin
https://www.nextguest.com
access-control-allow-methods
GET, POST
x-served-by
nextguest-com-002
x-trace-id
23740199-1
content-security-policy
upgrade-insecure-requests
x-content-type-options
nosniff
strict-transport-security
max-age=63072000; includeSubDomains
x-powered-by
NextGuest CMS
service-worker-allowed
/
x-frame-options
SAMEORIGIN
content-encoding
gzip

Redirect headers

Date
Mon, 03 May 2021 18:17:45 GMT
Server
Apache
X-Powered-By
PHP/7.3.15
X-Frame-Options
SAMEORIGIN
Location
https://www.nextguest.com/
Content-Length
0
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
styles.min.css
www.nextguest.com/skins/nextguest-tech/1620063809/assets/desktop/styles/ 		132 KB
20 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.nextguest.com/skins/nextguest-tech/1620063809/assets/desktop/styles/styles.min.css
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.234.198.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-198-47.compute-1.amazonaws.com
Software
nginx / NextGuest CMS
Resource Hash
736eb7318ddbf61c5e5550378932b602613844532d6ed38bf20ca47604bb7ad5
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/skins/nextguest-tech/1620063809/assets/desktop/styles/styles.min.css
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
text/css,*/*;q=0.1
cache-control
no-cache
sec-fetch-dest
style
:authority
www.nextguest.com
referer
https://www.nextguest.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.nextguest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 18:17:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
NextGuest CMS
vary
Accept-Encoding
service-worker-allowed
/
x-served-by
nextguest-com-002
x-trace-id
23740199-2
last-modified
Wed, 24 Mar 2021 09:31:28 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"605b06f0-20f27"
strict-transport-security
max-age=63072000; includeSubDomains
access-control-allow-methods
GET, POST
content-type
text/css
access-control-allow-origin
https://www.nextguest.com
cache-control
max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Tue, 03 May 2022 18:17:46 GMT
scripts.min.js
www.nextguest.com/skins/nextguest-tech/1620063809/assets/desktop/scripts/ 		481 KB
141 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nextguest.com/skins/nextguest-tech/1620063809/assets/desktop/scripts/scripts.min.js
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.234.198.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-198-47.compute-1.amazonaws.com
Software
nginx / NextGuest CMS
Resource Hash
764c0df528977ad4c3d6bed60a5751efb45d7d74900b6b0787dbf036db398047
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/skins/nextguest-tech/1620063809/assets/desktop/scripts/scripts.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.nextguest.com
referer
https://www.nextguest.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.nextguest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 18:17:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
NextGuest CMS
vary
Accept-Encoding
service-worker-allowed
/
x-served-by
nextguest-com-002
x-trace-id
23740199-3
last-modified
Wed, 24 Mar 2021 09:29:12 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"605b0668-785d7"
strict-transport-security
max-age=63072000; includeSubDomains
access-control-allow-methods
GET, POST
content-type
application/javascript
access-control-allow-origin
https://www.nextguest.com
cache-control
max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Tue, 03 May 2022 18:17:46 GMT
forms2.min.js
app-ab32.marketo.com/js/forms2/js/ 		204 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://app-ab32.marketo.com/js/forms2/js/forms2.min.js
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.16.92.80 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
014de295141a456ceda8e3c4762085e53dca50f91ddf65906d227f70cf0b1a55
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.nextguest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 18:17:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
cf-cache-status
HIT
last-modified
Wed, 10 Mar 2021 20:12:10 GMT
server
cloudflare
age
1090
etag
"2c044a-33187-5bd344826ba80"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
content-type
application/x-javascript
cache-control
public, max-age=14400
cf-ray
649b7cf31ddbdfad-FRA
cf-request-id
09d50c6bf40000dfadc584b000000001
expires
Mon, 03 May 2021 22:17:46 GMT
DidotLTStd-regular.woff2
www.nextguest.com/skins/nextguest-tech/assets/desktop/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nextguest.com/skins/nextguest-tech/assets/desktop/fonts/DidotLTStd-regular.woff2
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.234.198.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-198-47.compute-1.amazonaws.com
Software
nginx /
Resource Hash
fa3cd2c0c1dd46e39f84383f41fb814ec524c634dec9bb99fcc886021f7677c3

Request headers

:path
/skins/nextguest-tech/assets/desktop/fonts/DidotLTStd-regular.woff2
pragma
no-cache
origin
https://www.nextguest.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.nextguest.com
referer
https://www.nextguest.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.nextguest.com
Referer
https://www.nextguest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 18:17:46 GMT
last-modified
Tue, 23 Mar 2021 13:54:40 GMT
server
nginx
etag
"6059f320-4b14"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
19220
expires
Tue, 03 May 2022 18:17:46 GMT
DidotLTStd-italic.woff2
www.nextguest.com/skins/nextguest-tech/assets/desktop/fonts/ 		16 KB
16 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nextguest.com/skins/nextguest-tech/assets/desktop/fonts/DidotLTStd-italic.woff2
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.234.198.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-198-47.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7f2ba4ed550556889fba885c7e6e115085bc073cddf4a3da84450b6d78ffa187

Request headers

:path
/skins/nextguest-tech/assets/desktop/fonts/DidotLTStd-italic.woff2
pragma
no-cache
origin
https://www.nextguest.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.nextguest.com
referer
https://www.nextguest.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.nextguest.com
Referer
https://www.nextguest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 18:17:46 GMT
last-modified
Tue, 23 Mar 2021 13:54:40 GMT
server
nginx
etag
"6059f320-3e0c"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
15884
expires
Tue, 03 May 2022 18:17:46 GMT
proxima_nova_light-webfont.woff2
www.nextguest.com/skins/nextguest-tech/assets/desktop/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nextguest.com/skins/nextguest-tech/assets/desktop/fonts/proxima_nova_light-webfont.woff2
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.234.198.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-198-47.compute-1.amazonaws.com
Software
nginx /
Resource Hash
7e7eb6100e0d2a10ceca31510a5428abff2126181f68de596c510d943debf0cf

Request headers

:path
/skins/nextguest-tech/assets/desktop/fonts/proxima_nova_light-webfont.woff2
pragma
no-cache
origin
https://www.nextguest.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.nextguest.com
referer
https://www.nextguest.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.nextguest.com
Referer
https://www.nextguest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 18:17:46 GMT
last-modified
Tue, 23 Mar 2021 13:54:40 GMT
server
nginx
etag
"6059f320-4cb4"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
19636
expires
Tue, 03 May 2022 18:17:46 GMT
proxima_nova_regular-webfont.woff2
www.nextguest.com/skins/nextguest-tech/assets/desktop/fonts/ 		19 KB
20 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nextguest.com/skins/nextguest-tech/assets/desktop/fonts/proxima_nova_regular-webfont.woff2
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.234.198.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-198-47.compute-1.amazonaws.com
Software
nginx /
Resource Hash
5b26c9be03ecea227a1ba69e93b9c8db2b76b0129f1177efb4f63d48c9815958

Request headers

:path
/skins/nextguest-tech/assets/desktop/fonts/proxima_nova_regular-webfont.woff2
pragma
no-cache
origin
https://www.nextguest.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.nextguest.com
referer
https://www.nextguest.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.nextguest.com
Referer
https://www.nextguest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 18:17:46 GMT
last-modified
Tue, 23 Mar 2021 13:54:40 GMT
server
nginx
etag
"6059f320-4dec"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
19948
expires
Tue, 03 May 2022 18:17:46 GMT
proxima_nova_bold-webfont.woff2
www.nextguest.com/skins/nextguest-tech/assets/desktop/fonts/ 		19 KB
19 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.nextguest.com/skins/nextguest-tech/assets/desktop/fonts/proxima_nova_bold-webfont.woff2
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.234.198.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-198-47.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4376f40964fc499ccf0ee5cfca30f86f83c641b90864630d7bd1ed354d9054aa

Request headers

:path
/skins/nextguest-tech/assets/desktop/fonts/proxima_nova_bold-webfont.woff2
pragma
no-cache
origin
https://www.nextguest.com
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
font
:authority
www.nextguest.com
referer
https://www.nextguest.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Origin
https://www.nextguest.com
Referer
https://www.nextguest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 18:17:46 GMT
last-modified
Tue, 23 Mar 2021 13:54:40 GMT
server
nginx
etag
"6059f320-4bc4"
content-type
application/octet-stream
access-control-allow-origin
*
cache-control
max-age=31536000
accept-ranges
bytes
content-length
19396
expires
Tue, 03 May 2022 18:17:46 GMT
short-logo.svg
www.nextguest.com/skins/nextguest-tech/assets/desktop/images/ 		2 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nextguest.com/skins/nextguest-tech/assets/desktop/images/short-logo.svg
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.234.198.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-198-47.compute-1.amazonaws.com
Software
nginx / NextGuest CMS
Resource Hash
48e0cd808211710c2ef9cfc41506a41a289c16fbf819d669f7b94595cb2e6690
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/skins/nextguest-tech/assets/desktop/images/short-logo.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.nextguest.com
referer
https://www.nextguest.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.nextguest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 18:17:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
NextGuest CMS
vary
Accept-Encoding
service-worker-allowed
/
x-served-by
nextguest-com-002
x-trace-id
23740199-12
last-modified
Tue, 23 Mar 2021 13:54:40 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"6059f320-7eb"
strict-transport-security
max-age=63072000; includeSubDomains
access-control-allow-methods
GET, POST
content-type
image/svg+xml
access-control-allow-origin
https://www.nextguest.com
cache-control
max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Tue, 03 May 2022 18:17:46 GMT
logo.svg
www.nextguest.com/skins/nextguest-tech/assets/desktop/images/ 		6 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nextguest.com/skins/nextguest-tech/assets/desktop/images/logo.svg
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.234.198.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-198-47.compute-1.amazonaws.com
Software
nginx / NextGuest CMS
Resource Hash
c0fda763c25e51e0b4e138ff59689bfaf0c89852ab2c1488b0a9bf5d3ef3145c
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/skins/nextguest-tech/assets/desktop/images/logo.svg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.nextguest.com
referer
https://www.nextguest.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.nextguest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 18:17:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
NextGuest CMS
vary
Accept-Encoding
service-worker-allowed
/
x-served-by
nextguest-com-002
x-trace-id
23740199-11
last-modified
Tue, 23 Mar 2021 13:54:40 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"6059f320-1648"
strict-transport-security
max-age=63072000; includeSubDomains
access-control-allow-methods
GET, POST
content-type
image/svg+xml
access-control-allow-origin
https://www.nextguest.com
cache-control
max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Tue, 03 May 2022 18:17:46 GMT
1605495407.mp4
vod-progressive.akamaized.net/exp=1620080266~acl=%2Fvimeo-prod-skyfire-std-us%2F01%2F1499%2F15%2F382498987%2F1605495407.mp4~hmac=2f915b65fc274c8f4a65a53dfd87ada04d6b8b110b33459907d07daa73f59466/vim...
Redirect Chain
  • https://player.vimeo.com/external/382498987.hd.mp4?s=d7476c9847a9dd7b2d6735e63ebce069cba18e95&profile_id=174
  • https://vod-progressive.akamaized.net/exp=1620080266~acl=%2Fvimeo-prod-skyfire-std-us%2F01%2F1499%2F15%2F382498987%2F1605495407.mp4~hmac=2f915b65fc274c8f4a65a53dfd87ada04d6b8b110b33459907d07daa73f5...
7 MB
7 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://vod-progressive.akamaized.net/exp=1620080266~acl=%2Fvimeo-prod-skyfire-std-us%2F01%2F1499%2F15%2F382498987%2F1605495407.mp4~hmac=2f915b65fc274c8f4a65a53dfd87ada04d6b8b110b33459907d07daa73f59466/vimeo-prod-skyfire-std-us/01/1499/15/382498987/1605495407.mp4?filename=NXG+Video.mp4
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
7b4764604f4064366033f65f4aaf8f9dc3da05bb564d03dd797c28ab23d83010

Request headers

Referer
https://www.nextguest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 03 May 2021 18:17:47 GMT
X-VIM-CACHEBC
EP:H11,E:m,TD0:h
X-GUploader-UploadID
AEnB2Urm6keDUleB9AazhKsglO9uOX8vomlHbxdIHklB0RalWaN6L6PwVB5SG93cf2AspEniZZLja4fmfBF2-LhO2lxXvYXLwg
x-goog-storage-class
STANDARD
Connection
keep-alive
Content-Length
6920470
AK-REFERENCE-ID
0.1cba1002.1620065867.100799fc
Content-Range
bytes 0-6920469/6920470
Akamai-Mon-Iucid-Del
875210
Last-Modified
Thu, 02 Jan 2020 23:01:19 GMT
Server
UploadServer
Aka-c-hit
cache-hit
ETag
"3a7c204f3b61520c28deeca3ae86429f"
x-goog-hash
crc32c=1qyNwg==, md5=OnwgTzthUgwo3uyjroZCnw==
Content-Type
video/mp4
Access-Control-Expose-Headers
Akamai-Edge-IP, X-VIM-CACHEBC, AK-REFERENCE-ID
Cache-Control
private, max-age=0
Akamai-Edge-IP
2a02:26f0:6c00::210:ba20
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Mon, 03 May 2021 18:17:47 GMT

Redirect headers

X-Varnish-Cache
0
Content-Security-Policy
default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://i.vimeocdn.com https://f.vimeocdn.com
Via
1.1 varnish, 1.1 varnish
X-Content-Type-Options
nosniff
Age
0
X-Cache
MISS
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Connection
keep-alive
X-VServer
infra-playproxy-a-6
Content-Length
0
X-Xss-Protection
1; mode=block
X-Served-By
cache-fra19144-FRA
X-Player-Backend
p
Expires
Mon, 03 May 2021 22:17:46 GMT
Server
nginx
Cache-Control
private, max-age=14400
X-Timer
S1620065867.649413,VS0,VE338
Location
https://vod-progressive.akamaized.net/exp=1620080266~acl=%2Fvimeo-prod-skyfire-std-us%2F01%2F1499%2F15%2F382498987%2F1605495407.mp4~hmac=2f915b65fc274c8f4a65a53dfd87ada04d6b8b110b33459907d07daa73f59466/vimeo-prod-skyfire-std-us/01/1499/15/382498987/1605495407.mp4?filename=NXG+Video.mp4
Date
Mon, 03 May 2021 18:17:46 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Vary
Accept-Encoding
X-Vimeo-DC
ge
Accept-Ranges
bytes
X-Cache-Hits
0
513785047
player.vimeo.com/video/ Frame E680 		15 KB
13 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://player.vimeo.com/video/513785047
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.12.217 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
d20c24fe4dc7df739e2d765c71a8adeeed72fba24358d2630b2d69746d6e54cd
Security Headers
Name Value
Content-Security-Policy script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com; report-uri /_csp
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Host
player.vimeo.com
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
cross-site
Sec-Fetch-Mode
navigate
Sec-Fetch-Dest
iframe
Referer
https://www.nextguest.com/
Accept-Encoding
gzip, deflate, br
Accept-Language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.nextguest.com/

Response headers

Connection
keep-alive
Content-Length
10652
Server
nginx
Content-Type
text/html; charset=UTF-8
X-Xss-Protection
1; mode=block
Content-Security-Policy
script-src 'self' 'unsafe-inline' blob: resource: https://f.vimeocdn.com https://vimeo.com https://js-agent.newrelic.com https://imasdk.googleapis.com/ https://adservice.google.com/ https://s0.2mdn.net/instream/video/ https://bam.nr-data.net https://src.litix.io https://www.gstatic.com https://cdn.streamroot.io https://f.vimeocdn.com; style-src 'self' 'unsafe-inline' https://f.vimeocdn.com https://f.vimeocdn.com; connect-src 'self' ws: wss: https://vimeo.com https://vimeo.dev https://api.vimeo.com https://api.vimeo.dev https://*.ci.vimeows.com https://csi.gstatic.com https://fresnel.vimeocdn.com https://fresnel-player-staging.vimeows.com https://player-telemetry.vimeo.com https://*.akamaized.net https://*.akamaized-staging.net https://*.vimeocdn.com https://netflux.cloud.vimeo.com https://lic.staging.drmtoday.com https://lic.drmtoday.com https://wv.service.expressplay.com https://fp.service.expressplay.com https://pr.service.expressplay.com https://sentry.io https://*.ingest.sentry.io https://storage.googleapis.com https://bam.nr-data.net https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com https://*.litix.io/ https://collector.vhx.tv https://collector.vhxstaging.com https://backend.dna-delivery.com https://mimir.cloud.vimeo.com; media-src 'self' blob: https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net https://*.gvt1.com https://live-api.cloud.vimeo.com https://live-api-dev.cloud.vimeo.com; object-src 'self' https://*.vimeocdn.com https://*.akamaized.net https://*.akamaized-staging.net; default-src 'none'; img-src 'self' data: https://i.vimeocdn.com https://secure-b.vimeocdn.com https://f.vimeocdn.com https://vimeo.com https://secure.gravatar.com https://i0.wp.com https://i1.wp.com https://i2.wp.com https://pagead2.googlesyndication.com https://player.vimeo.com https://*.ci.vimeows.com https://videoapi-sprites.vimeocdn.com https://i.vimeocdn.com https://f.vimeocdn.com; frame-src 'self' https://imasdk.googleapis.com/ https://f.vimeocdn.com; report-uri /_csp
X-Content-Type-Options
nosniff
Content-Encoding
gzip
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Link
<https://i.vimeocdn.com>; rel=preconnect; crossorigin <https://f.vimeocdn.com>; rel=preconnect; crossorigin <https://fresnel.vimeocdn.com>; rel=preconnect; crossorigin
P3p
CP="This is not a P3P policy! See https://vimeo.com/privacy"
Expires
Mon, 03 May 2021 18:27:22 GMT
Via
1.1 varnish, 1.1 varnish
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-Varnish-Cache
1
X-VServer
infra-playproxy-a-5
X-Vimeo-DC
ge
Accept-Ranges
bytes
Date
Mon, 03 May 2021 18:17:46 GMT
Age
0
X-Served-By
cache-fra19182-FRA
X-Cache
MISS
X-Cache-Hits
0
X-Timer
S1620065867.640183,VS0,VE104
Vary
Accept-Encoding
X-Player-Backend
p
1605498372.mp4
vod-progressive.akamaized.net/exp=1620069466~acl=%2Fvimeo-prod-skyfire-std-us%2F01%2F1499%2F15%2F382499562%2F1605498372.mp4~hmac=d778506257b5de44948f6c7fc3ba936e8723662ecf473e1a515b63e983cf381c/vim...
Redirect Chain
  • https://player.vimeo.com/external/382499562.hd.mp4?s=1c798ce2446ea30f61f001fe85e7f6cb20f747ce&profile_id=174
  • https://vod-progressive.akamaized.net/exp=1620069466~acl=%2Fvimeo-prod-skyfire-std-us%2F01%2F1499%2F15%2F382499562%2F1605498372.mp4~hmac=d778506257b5de44948f6c7fc3ba936e8723662ecf473e1a515b63e983cf...
3 MB
3 MB 		Media
General
Check archive.org
Download Go to
Full URL
https://vod-progressive.akamaized.net/exp=1620069466~acl=%2Fvimeo-prod-skyfire-std-us%2F01%2F1499%2F15%2F382499562%2F1605498372.mp4~hmac=d778506257b5de44948f6c7fc3ba936e8723662ecf473e1a515b63e983cf381c/vimeo-prod-skyfire-std-us/01/1499/15/382499562/1605498372.mp4?filename=NXG+Waves+video.mp4
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:26f0:6c00::210:ba20 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software
UploadServer /
Resource Hash
838db8c6b4007e5a3ce422e4b5c7388365abac342e586c8b525742f2ea0f79e2

Request headers

Referer
https://www.nextguest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 03 May 2021 18:17:47 GMT
X-VIM-CACHEBC
EP:H11,E:m,TD0:h
X-GUploader-UploadID
AEnB2UqQOjquo6nwJPtGSMqyVt5zHY86KYR497DerU03bv25isAYDBrkUQ4lAvMPNZHrm6l7NynwZ8iF7s9MolpiAPQjEbEp2A
x-goog-storage-class
STANDARD
Connection
keep-alive
Content-Length
3180809
AK-REFERENCE-ID
0.1cba1002.1620065867.1007981a
Content-Range
bytes 0-3180808/3180809
Akamai-Mon-Iucid-Del
875210
Last-Modified
Thu, 02 Jan 2020 23:04:59 GMT
Server
UploadServer
Aka-c-hit
cache-hit
ETag
"df154ef73f5c36c1de38a3825443bb99"
x-goog-hash
crc32c=0LcBHA==, md5=3xVO9z9cNsHeOKOCVEO7mQ==
Content-Type
video/mp4
Access-Control-Expose-Headers
Akamai-Edge-IP, X-VIM-CACHEBC, AK-REFERENCE-ID
Cache-Control
private, max-age=0
Akamai-Edge-IP
2a02:26f0:6c00::210:ba20
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Mon, 03 May 2021 18:17:47 GMT

Redirect headers

Content-Security-Policy
default-src 'self'; script-src 'self' https://f.vimeocdn.com; style-src 'self' https://f.vimeocdn.com; img-src 'self' https://f.vimeocdn.com https://i.vimeocdn.com
Via
1.1 google, 1.1 varnish
X-Content-Type-Options
nosniff
Age
0
X-Cache
MISS
X-Host
player-backend-98c54c9f5-42xf9
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
0
X-Xss-Protection
1; mode=block
X-Served-By
cache-fra19141-FRA
X-Player-Backend
g
X-Timer
S1620065867.649466,VS0,VE239
Date
Mon, 03 May 2021 18:17:46 GMT
Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Location
https://vod-progressive.akamaized.net/exp=1620069466~acl=%2Fvimeo-prod-skyfire-std-us%2F01%2F1499%2F15%2F382499562%2F1605498372.mp4~hmac=d778506257b5de44948f6c7fc3ba936e8723662ecf473e1a515b63e983cf381c/vimeo-prod-skyfire-std-us/01/1499/15/382499562/1605498372.mp4?filename=NXG+Waves+video.mp4
Expires
Fri, 15 Dec 1985 19:30:00 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Accept-Ranges
bytes
Access-Control-Allow-Origin
*
X-Cache-Hits
0
digitalData.min.js
www.nextguest.com/skins/master/assets/tracking/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.nextguest.com/skins/master/assets/tracking/digitalData.min.js
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.234.198.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-198-47.compute-1.amazonaws.com
Software
nginx / NextGuest CMS
Resource Hash
3a93efdd6e3fc06eda81580b11218166e4019ba6796bd7f3821925af90d43ce2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/skins/master/assets/tracking/digitalData.min.js
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
*/*
cache-control
no-cache
sec-fetch-dest
script
:authority
www.nextguest.com
referer
https://www.nextguest.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.nextguest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 18:17:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-powered-by
NextGuest CMS
vary
Accept-Encoding
service-worker-allowed
/
x-served-by
nextguest-com-002
x-trace-id
23740199-9
last-modified
Mon, 03 May 2021 17:41:56 GMT
server
nginx
x-frame-options
SAMEORIGIN
etag
W/"609035e4-68e"
strict-transport-security
max-age=63072000; includeSubDomains
access-control-allow-methods
GET, POST
content-type
application/javascript
access-control-allow-origin
https://www.nextguest.com
cache-control
max-age=31536000
content-security-policy
upgrade-insecure-requests
expires
Tue, 03 May 2022 18:17:46 GMT
notice
consent.trustarc.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/notice?domain=nextguest.com&c=teconsent&noticeType=bb&js=nj&text=true
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-85.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
a7f101c156dd40eb0cf0c0fe76229049d4e57b989f0754a3b1e2413d6b86af5b
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Origin
https://www.nextguest.com
Referer
https://www.nextguest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 18:17:46 GMT
content-encoding
gzip
x-content-type-options
nosniff
x-amz-cf-pop
HAM50-C3
x-cache
Miss from cloudfront
cloudfront-viewer-country
CH
content-length
3531
x-xss-protection
1; mode=block
timing-allow-origin
*
access-control-allow-origin
*
server
nginx
x-frame-options
SAMEORIGIN
vary
Accept-Encoding
content-type
text/javascript;charset=UTF-8
via
1.1 150f57582a5422af77de04444db8acf9.cloudfront.net (CloudFront)
cache-control
max-age=3600
cloudfront-viewer-country-region
ZH
x-amz-cf-id
VBc6X0R-L6yB4D1LWGe8ZQLHWLMlUt5razCsfk5axz9Oti2qT74jHg==
expires
Mon, 03 May 2021 19:17:46 GMT
6fd28fd67877a7d91bdcbb6b30be21eb.jpg
d138unkswby3sa.cloudfront.net/nextguest.com-3427875836/cms/cache/v2/5dfa45a876fdf.JPG/1920x1080/fit/80/ 		140 KB
141 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d138unkswby3sa.cloudfront.net/nextguest.com-3427875836/cms/cache/v2/5dfa45a876fdf.JPG/1920x1080/fit/80/6fd28fd67877a7d91bdcbb6b30be21eb.jpg
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:e000:f:61c:aa80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
18f23ecb18b56073eb0c9e2107e80068285095f6bfea14525f646b82a81ce21e

Request headers

Referer
https://www.nextguest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sat, 06 Feb 2021 08:16:03 GMT
via
1.1 6def1f0ddc805dce17407cce01d5b32d.cloudfront.net (CloudFront)
last-modified
Wed, 18 Dec 2019 15:30:25 GMT
server
AmazonS3
age
7466504
etag
"e3eeb01c68dcf86b30619f9a46c511c7"
x-cache
Hit from cloudfront
x-amz-version-id
hEXnv23cAnY11UilkWFJEsYa8fEJWNbg
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA56-C1
content-type
image/jpeg
content-length
143505
x-amz-cf-id
QQ33GQ3AJP-rmttXE098-SDdNEfXoGVN6fdgXwAmm9iheRl6gXedXQ==
x-popup.png
www.nextguest.com/skins/nextguest-tech/assets/desktop/images/ 		16 KB
17 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nextguest.com/skins/nextguest-tech/assets/desktop/images/x-popup.png
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.234.198.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-198-47.compute-1.amazonaws.com
Software
nginx / NextGuest CMS
Resource Hash
b076bbaf669e577f602e6953438f25fac09dd4af3a7c12a1971e19bf23a0f560
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/skins/nextguest-tech/assets/desktop/images/x-popup.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.nextguest.com
referer
https://www.nextguest.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.nextguest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 18:17:46 GMT
x-content-type-options
nosniff
x-powered-by
NextGuest CMS
strict-transport-security
max-age=63072000; includeSubDomains
content-length
16569
service-worker-allowed
/
x-served-by
nextguest-com-002
x-trace-id
23740199-10
last-modified
Tue, 23 Mar 2021 13:54:40 GMT
server
nginx
etag
"6059f320-40b9"
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.nextguest.com
cache-control
max-age=31536000
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
expires
Tue, 03 May 2022 18:17:46 GMT
b0999a0019b79b84e6d8f7197cca01e9.jpg
d138unkswby3sa.cloudfront.net/nextguest.com-3427875836/cms/cache/v2/5e0e0e2e3dc17.jpg/2000x1060/fit/80/ 		164 KB
165 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d138unkswby3sa.cloudfront.net/nextguest.com-3427875836/cms/cache/v2/5e0e0e2e3dc17.jpg/2000x1060/fit/80/b0999a0019b79b84e6d8f7197cca01e9.jpg
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:e000:f:61c:aa80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
89a999f4a62db2e4307ca10a099d915d62de260ff7bc45ed0886738027377823

Request headers

Referer
https://www.nextguest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Fri, 29 Jan 2021 09:05:28 GMT
via
1.1 6def1f0ddc805dce17407cce01d5b32d.cloudfront.net (CloudFront)
last-modified
Mon, 13 Jan 2020 22:09:04 GMT
server
AmazonS3
age
8154740
etag
"74935bb24f57a8bfdc80d5a5e88b92df"
x-cache
Hit from cloudfront
x-amz-version-id
mvpsaF4W9MbSNp_WcdzYjwRhnN7NKyQU
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA56-C1
content-type
image/jpeg
content-length
167994
x-amz-cf-id
fHGpzMnFGJeNJrCet56r_T6h6h7cy6ubr8xEE1j8cJ2kyF7fpongKw==
927889e7b78a0a4bb9f37062324131e3.jpg
d138unkswby3sa.cloudfront.net/nextguest.com-3427875836/cms/cache/v2/5ece78b9e5121.jpg/2000x1060/fit/80/ 		324 KB
325 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d138unkswby3sa.cloudfront.net/nextguest.com-3427875836/cms/cache/v2/5ece78b9e5121.jpg/2000x1060/fit/80/927889e7b78a0a4bb9f37062324131e3.jpg
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:e000:f:61c:aa80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
f89b326b7c7ebe70ef1ce63507b0feef3caf1c7325ec010a28f34adbdda84548

Request headers

Referer
https://www.nextguest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 20 Apr 2021 06:00:31 GMT
via
1.1 6def1f0ddc805dce17407cce01d5b32d.cloudfront.net (CloudFront)
last-modified
Wed, 27 May 2020 14:29:37 GMT
server
AmazonS3
age
1167437
etag
"e13ce9891bbbacf50e8ff4297a526d02"
x-cache
Hit from cloudfront
x-amz-version-id
WD7UesoWLAh1FmZzkPniQ2sFDniqNhGE
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA56-C1
content-type
image/jpeg
content-length
332129
x-amz-cf-id
CGtdyqtN1o9LwTVAm0dKIob4ifITkZFihjClUxiISBBHcCuf-TaU1Q==
f600707987f9f6339073c0179d5a9eb0.jpg
d138unkswby3sa.cloudfront.net/nextguest.com-3427875836/cms/cache/v2/5e0e62091aab8.jpg/2000x1060/fit/80/ 		182 KB
183 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d138unkswby3sa.cloudfront.net/nextguest.com-3427875836/cms/cache/v2/5e0e62091aab8.jpg/2000x1060/fit/80/f600707987f9f6339073c0179d5a9eb0.jpg
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:e000:f:61c:aa80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
efbd5d4c7abc2c9238345ca9aa9e6086a40865e48de6b9f6cf57396b588315b3

Request headers

Referer
https://www.nextguest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Wed, 28 Apr 2021 15:21:52 GMT
via
1.1 6def1f0ddc805dce17407cce01d5b32d.cloudfront.net (CloudFront)
last-modified
Mon, 13 Jan 2020 21:59:03 GMT
server
AmazonS3
age
442555
etag
"d8dd85f77fc107ac34cdcb7c678ee2dd"
x-cache
Hit from cloudfront
x-amz-version-id
7Ry6MfEAB8mn02FxxlrBt6JKKFunUMdu
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA56-C1
content-type
image/jpeg
content-length
186413
x-amz-cf-id
NY3Xgu0cEFv3CuSlKvb2pwvfIHzGDjLN57GZCy0crEvB2gFtfiCJHw==
37c22f2a17954b4ae920df8240a62fb1.jpg
d138unkswby3sa.cloudfront.net/nextguest.com-3427875836/cms/cache/v2/5e0e6279d02f4.jpg/2000x1060/fit/80/ 		186 KB
187 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d138unkswby3sa.cloudfront.net/nextguest.com-3427875836/cms/cache/v2/5e0e6279d02f4.jpg/2000x1060/fit/80/37c22f2a17954b4ae920df8240a62fb1.jpg
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:e000:f:61c:aa80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
6528a977b69b5b4ab0685efe25d766d2247bacb351b028eab42ff56611d643c2

Request headers

Referer
https://www.nextguest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Sun, 31 Jan 2021 13:00:03 GMT
via
1.1 6def1f0ddc805dce17407cce01d5b32d.cloudfront.net (CloudFront)
last-modified
Mon, 13 Jan 2020 21:59:02 GMT
server
AmazonS3
age
7967865
etag
"f1082c5bb5f9f6ba146109da02d54b29"
x-cache
Hit from cloudfront
x-amz-version-id
5b36ZRElXSDOWF2uuXV00OQQoMudQttw
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA56-C1
content-type
image/jpeg
content-length
190955
x-amz-cf-id
Cpax960_Nt_rwJ12fV7CmXp1oJo0CG92C9AbccBX0AYxbQlOr-FTWA==
cfcf13f4b35d3b23d85eb410f8472dbe.jpg
d138unkswby3sa.cloudfront.net/nextguest.com-3427875836/cms/cache/v2/5e0e049e76565.jpg/2000x1060/fit/80/ 		209 KB
210 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d138unkswby3sa.cloudfront.net/nextguest.com-3427875836/cms/cache/v2/5e0e049e76565.jpg/2000x1060/fit/80/cfcf13f4b35d3b23d85eb410f8472dbe.jpg
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:e000:f:61c:aa80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
88ae5db079adb1f2718abcd87ab533e74ccf6bd066a06410bbd1f38f776fe528

Request headers

Referer
https://www.nextguest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 22:55:59 GMT
via
1.1 6def1f0ddc805dce17407cce01d5b32d.cloudfront.net (CloudFront)
last-modified
Mon, 13 Jan 2020 21:59:02 GMT
server
AmazonS3
age
5167309
etag
"314f1fdb54701c9662a8acdc69d78d7c"
x-cache
Hit from cloudfront
x-amz-version-id
18TUz6fKkihfrTHggzG7KAHJG1m2MmWN
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA56-C1
content-type
image/jpeg
content-length
214460
x-amz-cf-id
4zWxNoz1j1Xap0bMsd8_4XTGL9GYrmV2yeTSW_v0h4RqqmaxvZL1PA==
c27c97df7536d7ff3fce409a9a123fe2.jpg
d138unkswby3sa.cloudfront.net/nextguest.com-3427875836/cms/cache/v2/5deadd848a237.jpg/2000x1060/fit;c:0,218,5000,2868/80/ 		228 KB
229 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d138unkswby3sa.cloudfront.net/nextguest.com-3427875836/cms/cache/v2/5deadd848a237.jpg/2000x1060/fit;c:0,218,5000,2868/80/c27c97df7536d7ff3fce409a9a123fe2.jpg
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:e000:f:61c:aa80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
71ab7bc6acaa8f57e5f10f231e328e1bdc2f866e2d1b1c8b7c22d5d14721d7ec

Request headers

Referer
https://www.nextguest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Thu, 04 Mar 2021 22:55:59 GMT
via
1.1 6def1f0ddc805dce17407cce01d5b32d.cloudfront.net (CloudFront)
last-modified
Thu, 02 Jan 2020 21:06:29 GMT
server
AmazonS3
age
5167309
etag
"1189921550045c2f15dc1eae0e9a6962"
x-cache
Hit from cloudfront
x-amz-version-id
KmTkTTZmWcafLt2jp3Qe.tBu6hYoYnbo
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA56-C1
content-type
image/jpeg
content-length
233514
x-amz-cf-id
qKrVuDmzuBRLm3daaEai3NmZ9D_mwHe-YUvJWJPPdgmkeJS39Znzbw==
fcbcbadb060b03e81c7eea8ffb3dd300.jpg
d138unkswby3sa.cloudfront.net/nextguest.com-3427875836/cms/cache/v2/5deed2c663a1d.jpg/2000x1060/fit;c:0,898,2515,2230/80/ 		242 KB
242 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d138unkswby3sa.cloudfront.net/nextguest.com-3427875836/cms/cache/v2/5deed2c663a1d.jpg/2000x1060/fit;c:0,898,2515,2230/80/fcbcbadb060b03e81c7eea8ffb3dd300.jpg
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:e000:f:61c:aa80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
78c53c06dab259c95f0396014ed3454572c5f75f682060a540f5fceb5f10831e

Request headers

Referer
https://www.nextguest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 08 Feb 2021 02:57:20 GMT
via
1.1 6def1f0ddc805dce17407cce01d5b32d.cloudfront.net (CloudFront)
last-modified
Mon, 16 Dec 2019 22:13:09 GMT
server
AmazonS3
age
7312828
etag
"5a82e6b38bf138b48fbd31492964eb1c"
x-cache
Hit from cloudfront
x-amz-version-id
EIc3CdYPgDJW6Tf8IGWh00SCjaH_.5vn
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA56-C1
content-type
image/jpeg
content-length
247540
x-amz-cf-id
BztpxzzQh6ErejOjQh4f6jHsQhMup-Uf9-FwWWBCJNjl-HuL5poTSA==
bde91dec007663ad3df0af5cc31e4d21.jpg
d138unkswby3sa.cloudfront.net/nextguest.com-3427875836/cms/cache/v2/5de83962e2a78.jpg/2000x1060/fit;c:0,1656,2073,2754/80/ 		217 KB
218 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://d138unkswby3sa.cloudfront.net/nextguest.com-3427875836/cms/cache/v2/5de83962e2a78.jpg/2000x1060/fit;c:0,1656,2073,2754/80/bde91dec007663ad3df0af5cc31e4d21.jpg
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2600:9000:206f:e000:f:61c:aa80:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
AmazonS3 /
Resource Hash
4cc82be747929c37f9ea6de31edc5de02ed0fcafd8c715588b3a3b240980ba29

Request headers

Referer
https://www.nextguest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Tue, 26 Jan 2021 02:16:08 GMT
via
1.1 6def1f0ddc805dce17407cce01d5b32d.cloudfront.net (CloudFront)
last-modified
Mon, 16 Dec 2019 22:13:09 GMT
server
AmazonS3
age
8438500
etag
"433417e5f51b3b9ddfb90f0879e751ce"
x-cache
Hit from cloudfront
x-amz-version-id
S6LZU6tBOKK6BJy1kH00Ep81SEMPOFpP
cache-control
public, max-age=31536000
x-amz-cf-pop
FRA56-C1
content-type
image/jpeg
content-length
222351
x-amz-cf-id
gUPukVFRcrw1ptyux1e7m-edlSi3AB551eIRBPpIF2q2_HQRRfKZMw==
video.php
www.nextguest.com/skins/nextguest-tech/assets/desktop/php/ 		17 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nextguest.com/skins/nextguest-tech/assets/desktop/php/video.php?video-id=undefined
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/skins/nextguest-tech/1620063809/assets/desktop/scripts/scripts.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.234.198.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-198-47.compute-1.amazonaws.com
Software
nginx / NextGuest CMS
Resource Hash
afaf00cbf93b64c2c27eaf134c4d6223712c0386bbdb93bf0f677b77ec1405d1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/skins/nextguest-tech/assets/desktop/php/video.php?video-id=undefined
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.nextguest.com
x-requested-with
XMLHttpRequest
:scheme
https
sec-fetch-site
same-origin
referer
https://www.nextguest.com/
:method
GET
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.nextguest.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id
23740199-13
date
Mon, 03 May 2021 18:17:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-powered-by
NextGuest CMS
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
https://www.nextguest.com
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
service-worker-allowed
/
x-served-by
nextguest-com-002
video.php
www.nextguest.com/skins/nextguest-tech/assets/desktop/php/ 		17 B
414 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nextguest.com/skins/nextguest-tech/assets/desktop/php/video.php?video-id=undefined
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/skins/nextguest-tech/1620063809/assets/desktop/scripts/scripts.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.234.198.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-198-47.compute-1.amazonaws.com
Software
nginx / NextGuest CMS
Resource Hash
afaf00cbf93b64c2c27eaf134c4d6223712c0386bbdb93bf0f677b77ec1405d1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/skins/nextguest-tech/assets/desktop/php/video.php?video-id=undefined
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.nextguest.com
x-requested-with
XMLHttpRequest
:scheme
https
sec-fetch-site
same-origin
referer
https://www.nextguest.com/
:method
GET
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.nextguest.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id
23740199-14
date
Mon, 03 May 2021 18:17:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-powered-by
NextGuest CMS
x-frame-options
SAMEORIGIN
access-control-allow-methods
GET, POST
content-type
application/json
access-control-allow-origin
https://www.nextguest.com
content-security-policy
upgrade-insecure-requests
strict-transport-security
max-age=63072000; includeSubDomains
vary
Accept-Encoding
service-worker-allowed
/
x-served-by
nextguest-com-002
blog-feed.php
www.nextguest.com/skins/nextguest-tech/assets/desktop/php/ 		24 KB
25 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.nextguest.com/skins/nextguest-tech/assets/desktop/php/blog-feed.php?posts_limit=30
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/skins/nextguest-tech/1620063809/assets/desktop/scripts/scripts.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.234.198.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-198-47.compute-1.amazonaws.com
Software
nginx / NextGuest CMS
Resource Hash
6b7faae398cdfaae06edb5155901c21a00b6ca507009f952697d5043902d1e3f
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Request headers

:path
/skins/nextguest-tech/assets/desktop/php/blog-feed.php?posts_limit=30
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
cors
accept
application/json, text/javascript, */*; q=0.01
cache-control
no-cache
sec-fetch-dest
empty
:authority
www.nextguest.com
x-requested-with
XMLHttpRequest
:scheme
https
sec-fetch-site
same-origin
referer
https://www.nextguest.com/
:method
GET
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.nextguest.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 18:17:48 GMT
x-content-type-options
nosniff
x-powered-by
NextGuest CMS
service-worker-allowed
/
x-served-by
nextguest-com-002
x-trace-id
23740199-15
pragma
public
server
nginx
x-frame-options
SAMEORIGIN
strict-transport-security
max-age=63072000; includeSubDomains
access-control-allow-methods
GET, POST
content-type
text/json;charset=UTF-8
access-control-allow-origin
https://www.nextguest.com
cache-control
max-age=3600, must-revalidate
content-security-policy
upgrade-insecure-requests
expires
Mon, 03 May 2021 19:17:47 GMT
trackpush.min.js
s3.amazonaws.com/trackpush/ 		46 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://s3.amazonaws.com/trackpush/trackpush.min.js
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.216.170.181 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
s3-1.amazonaws.com
Software
AmazonS3 /
Resource Hash
f36ec990e288461510e49902bbdc754a6ae3b1e6574373792833d6a979ed40c3

Request headers

Referer
https://www.nextguest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

Date
Mon, 03 May 2021 18:17:48 GMT
Content-Encoding
gzip
Last-Modified
Fri, 16 Apr 2021 18:04:47 GMT
Server
AmazonS3
x-amz-request-id
8TQFXNCKK4BGA9S6
ETag
"7539a80e5c40ac29eb4bbd68096b712f"
Content-Type
text/javascript
Cache-Control
max-age=86400
Accept-Ranges
bytes
Content-Length
12972
x-amz-id-2
/tHJkKJID/KncdUkXPX3NhNJh4EuWxpwAXJyLVPskZNS6zqkY6eoqFVX/vpUQo21jhyKYbhVbBY=
1063931099.jpg
i.vimeocdn.com/video/ Frame E680 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/1063931099.jpg?mw=80&q=85
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/513785047
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
260001a5b25bfba92e6e3be4a006dd0dd0ca6905b53236751ba4e87dbc15f886

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 18:17:47 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
369377
etag
08cbc29eecc518d1e11e471f1cab3067
x-served-by
cache-dfw18642-DFW, cache-hhn4048-HHN
x-cache
miss, HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-timer
S1620065867.480480,VS0,VE1
x-backend-server
varnish
content-length
1096
viewmaster-server
viewmaster-us-central1-sx6q
x-cache-hits
1, 1
player.js
f.vimeocdn.com/p/3.32.0/js/ Frame E680 		626 KB
148 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/3.32.0/js/player.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/513785047
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
e42a9909a0645eaca6935d5246e93ba3548bd82cc946e22dc2c35a1370829bb2

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 18:17:47 GMT
via
1.1 varnish, 1.1 varnish
age
248938
x-guploader-uploadid
ABg5-Ux_PhFIMyegSAfWALYYo5w4Ov5AXYMkejbk7ahd3jh_bPObnuDQFz__fN-LbH1YeqPKyLnc0pdaNVy_sSXPeFk
x-cache
MISS, HIT
content-encoding
br
content-length
150744
x-served-by
cache-bwi5121-BWI, cache-hhn4033-HHN
last-modified
Fri, 30 Apr 2021 20:45:56 GMT
server
UploadServer
x-timer
S1620065868.504179,VS0,VE0
etag
"8341d32a856aacc073770f02659176eb"
vary
Accept-Encoding,x-http-method-override
content-type
application/javascript
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
0, 168175
player.css
f.vimeocdn.com/p/3.32.0/css/ Frame E680 		162 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/p/3.32.0/css/player.css
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/513785047
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
UploadServer /
Resource Hash
4434519d30b23792c3a113614db077e024330e7ef33880233986300c1acb0f3d

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 18:17:47 GMT
via
1.1 varnish, 1.1 varnish
age
248938
x-guploader-uploadid
ABg5-UwBNmWgAIxrptmTIehFDkgyuBfl_ofc1T-BtGPuyfILwGK2NsLatUrhO5kf1A-F0cx2EH0_LfETpJPXCDNlhLwnlWnBUA
x-cache
MISS, HIT
content-encoding
br
content-length
17592
x-served-by
cache-bwi5157-BWI, cache-hhn4033-HHN
last-modified
Fri, 30 Apr 2021 20:45:56 GMT
server
UploadServer
x-timer
S1620065868.504191,VS0,VE0
etag
"ac308083cf703fbb22da21cddc601c85"
vary
Accept-Encoding,x-http-method-override
content-type
text/css
access-control-allow-origin
*
cache-control
max-age=1209600
accept-ranges
bytes
x-cache-hits
0, 285151
vuid.min.js
f.vimeocdn.com/js_opt/modules/utils/ Frame E680 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/513785047
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
Apache /
Resource Hash
d7d00e88ba46fbfafd5c03c54553c1146fd850e7128fc85ae6d6e52b171837f4

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 18:17:47 GMT
content-encoding
gzip
age
1727554
x-cache
HIT, HIT
x-cache-hits
2, 405809
content-length
1238
x-served-by
cache-bwi5153-BWI, cache-hhn4033-HHN
last-modified
Tue, 13 Apr 2021 16:24:13 GMT
server
Apache
cache-control
max-age=315360000
x-timer
S1620065868.504167,VS0,VE0
etag
"a68-5bfdd0f8b0540"
vary
Accept-Encoding
content-type
text/javascript; charset=utf-8
via
1.1 varnish, 1.1 varnish
x-vimeo-dc
ge
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 11 Apr 2031 18:25:13 GMT
v1.7-123
consent.trustarc.com/asset/notice.js/v/ 		70 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent.trustarc.com/asset/notice.js/v/v1.7-123
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=nextguest.com&c=teconsent&noticeType=bb&js=nj&text=true
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-85.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
8952ccc09c989c9864dc4d80fc2ff261a1aec5ce7e02ad9bfe4d0c71b51928a0

Request headers

Origin
https://www.nextguest.com
Referer
https://www.nextguest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 17:59:48 GMT
content-encoding
gzip
age
1079
x-cache
Hit from cloudfront
pragma
public
access-control-allow-origin
*
last-modified
Thu, 29 Apr 2021 01:48:31 GMT
server
nginx
vary
Accept-Encoding
content-type
text/javascript
via
1.1 150f57582a5422af77de04444db8acf9.cloudfront.net (CloudFront)
cache-control
max-age=2592000
x-amz-cf-pop
HAM50-C3
timing-allow-origin
*
x-amz-cf-id
ZbDgR7DB52Ng49Vmbs0qelXmwJXSIU38ixMFz-y7vewuBmE72RP5hg==
expires
Wed, 02 Jun 2021 17:59:48 GMT
log
consent.trustarc.com/ 		43 B
385 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/log?domain=nextguest.com&country=ch&state=&behavior=expressed&c=e0fc
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-85.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Request headers

Referer
https://www.nextguest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
no-cache
date
Mon, 03 May 2021 18:17:47 GMT
via
1.1 c25a7e7126dfc9a3b0a377e34949f435.cloudfront.net (CloudFront)
server
nginx
x-amz-cf-pop
HAM50-C3
x-cache
Miss from cloudfront
content-type
image/gif
cache-control
private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length
43
x-amz-cf-id
SjdwPcAZ4ZNYzrnlDX9FOWQWUqBuBE7wwd1znVug6TN8nwGsxxvLhw==
expires
Mon, 26 Jul 1997 05:00:00 GMT
vuid
vimeo.com/ablincoln/ Frame E680 		0
790 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://vimeo.com/ablincoln/vuid?pid=6b37fe228ecbbfa4b3630b1b3799847d36d58cfa1620065866
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/js_opt/modules/utils/vuid.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.192.217 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains; preload
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

Strict-Transport-Security
max-age=31536000; includeSubDomains; preload
Via
1.1 varnish, 1.1 varnish
X-Content-Type-Options
nosniff
Content-Security-Policy-Report-Only
default-src https: data: blob: wss: 'unsafe-inline' 'unsafe-eval'; report-uri /_csp
X-Cache
MISS, MISS
Connection
keep-alive
X-XSS-Protection
1; mode=block
X-Served-By
cache-bwi5148-BWI, cache-hhn4046-HHN
X-Vimeo-DC
ge
Server
nginx
X-Timer
S1620065868.735784,VS0,VE115
X-Frame-Options
sameorigin
Date
Mon, 03 May 2021 18:17:47 GMT
Vary
User-Agent
Expires
Mon, 03 May 2021 06:17:47 GMT
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
X-BApp-Server
pweb-v10203-28g8h
X-UA-Compatible
IE=edge
Accept-Ranges
bytes
X-Cache-Hits
0, 0
/
consent-pref.trustarc.com/ Frame 5891 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/?type=hebsdigitaltype&site=nextguest.com&action=notice&country=ch&locale=en&behavior=expressed&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
Requested by
Host: consent.trustarc.com
URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-123
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
consent-pref.trustarc.com
:scheme
https
:path
/?type=hebsdigitaltype&site=nextguest.com&action=notice&country=ch&locale=en&behavior=expressed&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://www.nextguest.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://www.nextguest.com/

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 03 May 2021 18:17:47 GMT
server
nginx
etag
W/"5147-1618561290000"
last-modified
Fri, 16 Apr 2021 08:21:30 GMT
x-xss-protection
1; mode=block
x-content-type-options
nosniff
access-control-allow-origin
*
content-encoding
gzip
vary
Accept-Encoding
x-cache
Miss from cloudfront
via
1.1 9928105291571d6cae52bcb916c898d9.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
Sr_fpgY5XStN4GZMwu1ThC92-MWd2qrxNiW_lzNw-NtRmU6vCOZG6w==
noticemsg
consent.trustarc.com/ 		43 B
505 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/noticemsg?action=consent&domain=nextguest.com&behavior=expressed&country=ch&language=en&rand=0.8456382038820696
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-85.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.nextguest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 18:17:47 GMT
via
1.1 c25a7e7126dfc9a3b0a377e34949f435.cloudfront.net (CloudFront)
x-content-type-options
nosniff
timing-allow-origin
*
x-amz-cf-pop
HAM50-C3
x-cache
Miss from cloudfront
cloudfront-viewer-country
CH
content-length
43
x-xss-protection
1; mode=block
pragma
no-cache
server
nginx
x-frame-options
SAMEORIGIN
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
cloudfront-viewer-country-region
ZH
x-amz-cf-id
Z_p6MNun22-Ly_Vlsp5k1dtGaYNm1uOG-w7Uxa5tmNZuw_PbCMzrBw==
expires
Mon, 03 May 2021 19:17:47 GMT
45861631_60x60.jpg
i.vimeocdn.com/portrait/ Frame E680 		1 KB
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/portrait/45861631_60x60.jpg?subrect=43%2C0%2C350%2C307&r=cover
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/513785047
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
2b82e2341333dffc0273cc62fc600ff8a7fd9edeef661efad6d45eb7330f06be

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 18:17:47 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
361240
etag
400b9f8703a60de73933cf7aeedc61f0
x-served-by
cache-dfw18641-DFW, cache-hhn4048-HHN
x-cache
miss, HIT, HIT
content-type
image/jpeg
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-timer
S1620065868.969370,VS0,VE1
x-backend-server
varnish
content-length
1178
viewmaster-server
viewmaster-us-central1-1c8h
x-cache-hits
1, 1
1063931099.webp
i.vimeocdn.com/video/ Frame E680 		19 KB
19 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://i.vimeocdn.com/video/1063931099.webp?mw=1100&mh=619
Requested by
Host: player.vimeo.com
URL: https://player.vimeo.com/video/513785047
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
151.101.114.109 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software
/
Resource Hash
6e94722e02b776ad24b2054896fbda915761aaa3820c10ec17b835802ddc025a

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 18:17:48 GMT
via
vvarnish, 1.1 varnish, 1.1 varnish
age
2011752
x-cache
miss, HIT, HIT
x-backend-server
varnish
content-length
19374
viewmaster-server
viewmaster-us-central1-bgh6
x-served-by
cache-dfw18660-DFW, cache-hhn4048-HHN
x-timer
S1620065868.244750,VS0,VE116
etag
ad3dcf86c700e00d1cd71b26e7d32bdb
x-viewmaster-webp-format
lossy
content-type
image/webp
access-control-allow-origin
*
cache-control
public, max-age=2592000
accept-ranges
bytes
x-cache-hits
1, 1
player-stats
fresnel.vimeocdn.com/add/ Frame E680 		0
110 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://fresnel.vimeocdn.com/add/player-stats?beacon=1&session-id=6b37fe228ecbbfa4b3630b1b3799847d36d58cfa1620065866
Requested by
Host: f.vimeocdn.com
URL: https://f.vimeocdn.com/p/3.32.0/js/player.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.120.202.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
204.202.120.34.bc.googleusercontent.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://player.vimeo.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

access-control-allow-origin
https://player.vimeo.com
date
Mon, 03 May 2021 18:17:48 GMT
via
1.1 google
access-control-allow-credentials
true
alt-svc
clear
content-length
0
fabio-fistarol-qai_Clhyq0s-unsplash-768x768.jpg
www.nextguest.com/blog/wp-content/uploads/2021/02/ 		105 KB
106 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nextguest.com/blog/wp-content/uploads/2021/02/fabio-fistarol-qai_Clhyq0s-unsplash-768x768.jpg
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.234.198.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-198-47.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e1851a602f6a52a83dc271015ffadb83f8ed6b265df168c3ce043efd60abdf84
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/blog/wp-content/uploads/2021/02/fabio-fistarol-qai_Clhyq0s-unsplash-768x768.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.nextguest.com
referer
https://www.nextguest.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.nextguest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id
8330349-1
date
Mon, 03 May 2021 18:17:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 16 Feb 2021 21:34:18 GMT
server
nginx
etag
"602c3a5a-1a4a7"
strict-transport-security
max-age=63072000; includeSubDomains
access-control-allow-methods
GET, POST
content-type
image/jpeg
access-control-allow-origin
https://www.nextguest.com/
x-host
www.nextguest.com
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
107687
x-served-by
blog-nextguest-com-001
Mikael-Photo-768x768.png
www.nextguest.com/blog/wp-content/uploads/2021/01/ 		833 KB
834 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nextguest.com/blog/wp-content/uploads/2021/01/Mikael-Photo-768x768.png
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.234.198.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-198-47.compute-1.amazonaws.com
Software
nginx /
Resource Hash
1f1e58b6bf6feb5c97ffd3ac3a93f2b9285e70d8cbd74f94ac4359c41d1a8808
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/blog/wp-content/uploads/2021/01/Mikael-Photo-768x768.png
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.nextguest.com
referer
https://www.nextguest.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.nextguest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id
8330350-1
date
Mon, 03 May 2021 18:17:48 GMT
x-content-type-options
nosniff
last-modified
Thu, 28 Jan 2021 16:54:36 GMT
server
nginx
etag
"6012ec4c-d0277"
strict-transport-security
max-age=63072000; includeSubDomains
access-control-allow-methods
GET, POST
content-type
image/png
access-control-allow-origin
https://www.nextguest.com/
x-host
www.nextguest.com
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
852599
x-served-by
blog-nextguest-com-001
claudia-lorusso-_sy4j-T-Do8-unsplash-2-768x768.jpg
www.nextguest.com/blog/wp-content/uploads/2021/01/ 		109 KB
110 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nextguest.com/blog/wp-content/uploads/2021/01/claudia-lorusso-_sy4j-T-Do8-unsplash-2-768x768.jpg
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.234.198.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-198-47.compute-1.amazonaws.com
Software
nginx /
Resource Hash
f94a3201c222bdff01df1e481cefbdc871b07af4e1bcf902471caa6c636407b1
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/blog/wp-content/uploads/2021/01/claudia-lorusso-_sy4j-T-Do8-unsplash-2-768x768.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.nextguest.com
referer
https://www.nextguest.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.nextguest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id
8330351-1
date
Mon, 03 May 2021 18:17:48 GMT
x-content-type-options
nosniff
last-modified
Wed, 20 Jan 2021 16:56:34 GMT
server
nginx
etag
"600860c2-1b410"
strict-transport-security
max-age=63072000; includeSubDomains
access-control-allow-methods
GET, POST
content-type
image/jpeg
access-control-allow-origin
https://www.nextguest.com/
x-host
www.nextguest.com
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
111632
x-served-by
blog-nextguest-com-001
nik-guiney-U0J-7yLdsbY-unsplash-768x768.jpg
www.nextguest.com/blog/wp-content/uploads/2020/12/ 		102 KB
103 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nextguest.com/blog/wp-content/uploads/2020/12/nik-guiney-U0J-7yLdsbY-unsplash-768x768.jpg
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.234.198.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-198-47.compute-1.amazonaws.com
Software
nginx /
Resource Hash
4f8e6186c0f1e52ae36a2495d65af6a48a6342fc7b6572fa25e244d773d677e2
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/blog/wp-content/uploads/2020/12/nik-guiney-U0J-7yLdsbY-unsplash-768x768.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.nextguest.com
referer
https://www.nextguest.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.nextguest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id
8330352-1
date
Mon, 03 May 2021 18:17:48 GMT
x-content-type-options
nosniff
last-modified
Fri, 18 Dec 2020 21:27:44 GMT
server
nginx
etag
"5fdd1ed0-198a0"
strict-transport-security
max-age=63072000; includeSubDomains
access-control-allow-methods
GET, POST
content-type
image/jpeg
access-control-allow-origin
https://www.nextguest.com/
x-host
www.nextguest.com
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
104608
x-served-by
blog-nextguest-com-001
georgia-de-lotz-L8Q-Lk14LzY-unsplash-768x768.jpg
www.nextguest.com/blog/wp-content/uploads/2020/12/ 		66 KB
66 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.nextguest.com/blog/wp-content/uploads/2020/12/georgia-de-lotz-L8Q-Lk14LzY-unsplash-768x768.jpg
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
34.234.198.47 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-234-198-47.compute-1.amazonaws.com
Software
nginx /
Resource Hash
66be4a504e9b1a9fdf1db820323698ea9ab5d7bfe7929ae6e3fb9d5b366bf1a8
Security Headers
Name Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

:path
/blog/wp-content/uploads/2020/12/georgia-de-lotz-L8Q-Lk14LzY-unsplash-768x768.jpg
pragma
no-cache
accept-encoding
gzip, deflate, br
accept-language
en-US
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
sec-fetch-mode
no-cors
accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control
no-cache
sec-fetch-dest
image
:authority
www.nextguest.com
referer
https://www.nextguest.com/
:scheme
https
sec-fetch-site
same-origin
:method
GET
Referer
https://www.nextguest.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

x-trace-id
8330353-1
date
Mon, 03 May 2021 18:17:48 GMT
x-content-type-options
nosniff
last-modified
Tue, 01 Dec 2020 14:32:56 GMT
server
nginx
etag
"5fc65418-10822"
strict-transport-security
max-age=63072000; includeSubDomains
access-control-allow-methods
GET, POST
content-type
image/jpeg
access-control-allow-origin
https://www.nextguest.com/
x-host
www.nextguest.com
content-security-policy
upgrade-insecure-requests
accept-ranges
bytes
content-length
67618
x-served-by
blog-nextguest-com-001
defaultpreferencemanager.nocache.js
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 5891 		5 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=hebsdigitaltype&site=nextguest.com&action=notice&country=ch&locale=en&behavior=expressed&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
038f25dc1d79521cf797f505812cd4aa3b301292dda0c33b6e6d62c368008fc7

Request headers

Referer
https://consent-pref.trustarc.com/?type=hebsdigitaltype&site=nextguest.com&action=notice&country=ch&locale=en&behavior=expressed&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 18:17:48 GMT
content-encoding
gzip
last-modified
Fri, 16 Apr 2021 08:21:48 GMT
server
nginx
x-amz-cf-pop
FRA56-C2
etag
W/"4867-1618561308000"
vary
Accept-Encoding
x-cache
Miss from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
wGwKX4T4p3csS0non8xkTn2Gz5RUDh1NpxV8WBX13DOySdWj-9XLmg==
via
1.1 9928105291571d6cae52bcb916c898d9.cloudfront.net (CloudFront)
expires
Mon, 03 May 2021 18:17:47 GMT
get
consent-st.trustarc.com/ Frame 5891 		20 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://consent-st.trustarc.com/get?name=combined_static_cm_minified.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=hebsdigitaltype&site=nextguest.com&action=notice&country=ch&locale=en&behavior=expressed&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
65.9.84.121 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software
nginx /
Resource Hash
f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880

Request headers

Referer
https://consent-pref.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Mon, 05 Apr 2021 01:02:14 GMT
content-encoding
gzip
server
nginx
age
2481334
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
AMS1-C1
timing-allow-origin
*
x-amz-cf-id
Sc6wR1qGOXZW2rRyOooMEF6nlC7ZNmOn2ObsVzK6rOVCTiKgTDKLiQ==
via
1.1 e328b143eb69c36369a2def78300d502.cloudfront.net (CloudFront)
expires
Wed, 05 May 2021 01:02:14 GMT
loading.gif
consent-pref.trustarc.com/images/ Frame 5891 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent-pref.trustarc.com/images/loading.gif
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=hebsdigitaltype&site=nextguest.com&action=notice&country=ch&locale=en&behavior=expressed&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://consent-pref.trustarc.com/?type=hebsdigitaltype&site=nextguest.com&action=notice&country=ch&locale=en&behavior=expressed&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 05:55:53 GMT
via
1.1 9928105291571d6cae52bcb916c898d9.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Fri, 16 Apr 2021 08:21:30 GMT
server
nginx
age
44515
etag
W/"2608-1618561290000"
x-cache
Hit from cloudfront
content-type
image/gif
access-control-allow-origin
*
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
2608
x-xss-protection
1; mode=block
x-amz-cf-id
8AI4UABJZOoai7VgfD5KZgd2AXsfANiVg-LD7QkfUmGJVbq5RZS_kg==
67B873F492AD87C25B322202223D7A22.cache.html
consent-pref.trustarc.com/defaultpreferencemanager/ Frame EDC5 		140 KB
46 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/67B873F492AD87C25B322202223D7A22.cache.html
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
636435d9e1b631536ba8fbd41b01b1d75246eafc97e68a4fad7585f09409d596

Request headers

:method
GET
:authority
consent-pref.trustarc.com
:scheme
https
:path
/defaultpreferencemanager/67B873F492AD87C25B322202223D7A22.cache.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
same-origin
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/?type=hebsdigitaltype&site=nextguest.com&action=notice&country=ch&locale=en&behavior=expressed&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/?type=hebsdigitaltype&site=nextguest.com&action=notice&country=ch&locale=en&behavior=expressed&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 03 May 2021 05:55:53 GMT
server
nginx
etag
W/"143674-1618561308000"
last-modified
Fri, 16 Apr 2021 08:21:48 GMT
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000
access-control-allow-origin
*
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 9928105291571d6cae52bcb916c898d9.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
KxG-H9Y1uTkGr-gmPaLW7oo_c1NvT6SnoFYpZISsv-l1dqMk63T6Gg==
age
44515
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 5891 		969 B
826 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/truste
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/67B873F492AD87C25B322202223D7A22.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
d4bef2d91bd01eaeba3c9d62545eb98cec13e41bfacdbf28cf1c17bc7f1a35e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-GWT-Module-Base
https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation
67B873F492AD87C25B322202223D7A22
Referer
https://consent-pref.trustarc.com/?type=hebsdigitaltype&site=nextguest.com&action=notice&country=ch&locale=en&behavior=expressed&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Mon, 03 May 2021 18:17:48 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
application/json;charset=utf-8
via
1.1 9928105291571d6cae52bcb916c898d9.cloudfront.net (CloudFront)
content-disposition
attachment
access-control-allow-origin
*
content-length
465
x-xss-protection
1; mode=block
x-amz-cf-id
l1_j7XRQYhUECRXxOH_x1gmkFU_bR9hvyyffgeahvEQtqiosGHzZKw==
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 5891 		48 B
390 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/truste
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/67B873F492AD87C25B322202223D7A22.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
4a7320b38d7569ae1d7b6bed397f88186a25611ed97ad5ffe3ef8ae104ef7287
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-GWT-Module-Base
https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation
67B873F492AD87C25B322202223D7A22
Referer
https://consent-pref.trustarc.com/?type=hebsdigitaltype&site=nextguest.com&action=notice&country=ch&locale=en&behavior=expressed&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Mon, 03 May 2021 18:17:48 GMT
via
1.1 9928105291571d6cae52bcb916c898d9.cloudfront.net (CloudFront)
x-content-type-options
nosniff
server
nginx
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
application/json;charset=utf-8
access-control-allow-origin
*
content-disposition
attachment
content-length
48
x-xss-protection
1; mode=block
x-amz-cf-id
cJ2GG_pikaxltL4XYTT7NXNZh34yHPiqmpqXb1uWbR-rK0t-MuKRVQ==
EuPreferenceManager.css
consent-pref.trustarc.com/ Frame 5891 		27 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/EuPreferenceManager.css
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/67B873F492AD87C25B322202223D7A22.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
1ea22ef5cc12712e650ac15269e8e7b75904f47246ce6eb04bf0fcd42f8bed77

Request headers

Referer
https://consent-pref.trustarc.com/?type=hebsdigitaltype&site=nextguest.com&action=notice&country=ch&locale=en&behavior=expressed&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 18:17:48 GMT
content-encoding
gzip
last-modified
Fri, 16 Apr 2021 08:21:30 GMT
server
nginx
x-amz-cf-pop
FRA56-C2
etag
W/"27745-1618561290000"
vary
Accept-Encoding
x-cache
RefreshHit from cloudfront
content-type
text/css
access-control-allow-origin
*
cache-control
no-cache
x-amz-cf-id
-xqxxB-hMk8EVcnPu2cJt7MYcDdeJw45iNAMJKL-yw2NApVA2AJljA==
via
1.1 9928105291571d6cae52bcb916c898d9.cloudfront.net (CloudFront)
expires
Mon, 03 May 2021 18:17:47 GMT
10.cache.js
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/67B873F492AD87C25B322202223D7A22/ Frame 5891 		242 KB
84 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/67B873F492AD87C25B322202223D7A22/10.cache.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/67B873F492AD87C25B322202223D7A22.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
0a9073f8a864d021091181726653951f100dfcabb6d1c04d91c4fd0e74a4e35a

Request headers

Referer
https://consent-pref.trustarc.com/?type=hebsdigitaltype&site=nextguest.com&action=notice&country=ch&locale=en&behavior=expressed&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 05:55:53 GMT
content-encoding
gzip
last-modified
Fri, 16 Apr 2021 08:21:48 GMT
server
nginx
age
44515
etag
W/"248272-1618561308000"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
LC_588g3MrhD_bS5oibHM82quBdJe3ZnHm4NQfq0ZEWmBmrl_evz4g==
via
1.1 9928105291571d6cae52bcb916c898d9.cloudfront.net (CloudFront)
expires
Thu, 31 Dec 2037 23:55:55 GMT
1.cache.js
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/67B873F492AD87C25B322202223D7A22/ Frame 5891 		19 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/67B873F492AD87C25B322202223D7A22/1.cache.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/67B873F492AD87C25B322202223D7A22.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
5f20b1d763177090f7027d3a021e2962ac5d18132e3b33f418cc873e991761de

Request headers

Referer
https://consent-pref.trustarc.com/?type=hebsdigitaltype&site=nextguest.com&action=notice&country=ch&locale=en&behavior=expressed&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 05:55:53 GMT
content-encoding
gzip
last-modified
Fri, 16 Apr 2021 08:21:48 GMT
server
nginx
age
44515
etag
W/"19413-1618561308000"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
lHBwD7zP-qwTm4DTOnDMF-kBPsNpEf4RNFxftEZWQu7GmfS1VAkgQw==
via
1.1 9928105291571d6cae52bcb916c898d9.cloudfront.net (CloudFront)
expires
Thu, 31 Dec 2037 23:55:55 GMT
cookie_iframe.html
prefmgr-cookie.truste-svc.net/cookie_js/ Frame D0CB 		5 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=hebsdigitaltype&site=nextguest.com&action=notice&country=ch&locale=en&behavior=expressed&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
Requested by
Host: www.nextguest.com
URL: https://www.nextguest.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
3.232.192.25 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-3-232-192-25.compute-1.amazonaws.com
Software
nginx /
Resource Hash
e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8

Request headers

:method
GET
:authority
prefmgr-cookie.truste-svc.net
:scheme
https
:path
/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=hebsdigitaltype&site=nextguest.com&action=notice&country=ch&locale=en&behavior=expressed&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://consent-pref.trustarc.com/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://consent-pref.trustarc.com/

Response headers

date
Mon, 03 May 2021 18:17:49 GMT
content-type
text/html; charset=UTF-8
server
nginx
vary
Accept-Encoding
etag
W/"5014-1597208285000"
last-modified
Wed, 12 Aug 2020 04:58:05 GMT
content-encoding
gzip
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 5891 		791 B
709 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/truste
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/67B873F492AD87C25B322202223D7A22.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
fc1e3adee41f384fce69223e35398c9d5be0a46078c9b17c368057652508496a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-GWT-Module-Base
https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation
67B873F492AD87C25B322202223D7A22
Referer
https://consent-pref.trustarc.com/?type=hebsdigitaltype&site=nextguest.com&action=notice&country=ch&locale=en&behavior=expressed&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Mon, 03 May 2021 18:17:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
application/json;charset=utf-8
via
1.1 9928105291571d6cae52bcb916c898d9.cloudfront.net (CloudFront)
content-disposition
attachment
access-control-allow-origin
*
content-length
349
x-xss-protection
1; mode=block
x-amz-cf-id
YtbDk9CjuQ9zL5gzEsLyYl16oG0sDaGAS0vrbe2-VSfEu8gMXyEVIQ==
truste
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 5891 		22 KB
6 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/truste
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/67B873F492AD87C25B322202223D7A22.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
1a6ad850cd5e50136bac960a97064a8ecde69aa17392be4b58b4666cb56f6fec
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

X-GWT-Module-Base
https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation
67B873F492AD87C25B322202223D7A22
Referer
https://consent-pref.trustarc.com/?type=hebsdigitaltype&site=nextguest.com&action=notice&country=ch&locale=en&behavior=expressed&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Content-Type
text/x-gwt-rpc; charset=UTF-8

Response headers

date
Mon, 03 May 2021 18:17:49 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
nginx
x-amz-cf-pop
FRA56-C2
x-cache
Miss from cloudfront
content-type
application/json;charset=utf-8
via
1.1 9928105291571d6cae52bcb916c898d9.cloudfront.net (CloudFront)
content-disposition
attachment
access-control-allow-origin
*
content-length
5734
x-xss-protection
1; mode=block
x-amz-cf-id
WkQOO4ubOURnxfU-ZbrBVe6oGINeWRFDaILlwI_-3bViMajftRe1WA==
trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame 5891 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent-pref.trustarc.com/images/trustarc-logo-small.png
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://consent-pref.trustarc.com/?type=hebsdigitaltype&site=nextguest.com&action=notice&country=ch&locale=en&behavior=expressed&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 05:55:54 GMT
via
1.1 9928105291571d6cae52bcb916c898d9.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Fri, 16 Apr 2021 08:21:30 GMT
server
nginx
age
44515
etag
W/"4197-1618561290000"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
4197
x-xss-protection
1; mode=block
x-amz-cf-id
bTVKGv1uz9tP0rVLFlYwIw7PIDdaSUb83zFh6uHVw38ESUek-fPYkg==
6.cache.js
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/67B873F492AD87C25B322202223D7A22/ Frame 5891 		7 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/67B873F492AD87C25B322202223D7A22/6.cache.js
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/67B873F492AD87C25B322202223D7A22.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
9ebd1bce8f64bad3c33692061797d87b35c3ade8604eb1121e32234967427151

Request headers

Referer
https://consent-pref.trustarc.com/?type=hebsdigitaltype&site=nextguest.com&action=notice&country=ch&locale=en&behavior=expressed&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 05:55:53 GMT
content-encoding
gzip
last-modified
Fri, 16 Apr 2021 08:21:48 GMT
server
nginx
age
44516
etag
W/"6754-1618561308000"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
max-age=315360000
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
Q0Kl3QJFLhyL9gS71ub6Av9HwDVH5puY01DGOFINFNWEQZnO4kGSYw==
via
1.1 9928105291571d6cae52bcb916c898d9.cloudfront.net (CloudFront)
expires
Thu, 31 Dec 2037 23:55:55 GMT
get
consent.trustarc.com/ Frame 5891 		15 KB
15 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent.trustarc.com/get?name=NextGuest_Black.jpeg
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
54.230.183.85 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-54-230-183-85.ham50.r.cloudfront.net
Software
nginx /
Resource Hash
6707360f02d3602079600a466b40ee947f6f7aa5009003358d05ccf9af18ae83

Request headers

Referer
https://consent-pref.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

pragma
public
date
Mon, 03 May 2021 17:22:07 GMT
via
1.1 c25a7e7126dfc9a3b0a377e34949f435.cloudfront.net (CloudFront)
server
nginx
age
3342
x-cache
Hit from cloudfront
content-type
image/jpeg
access-control-allow-origin
*
cache-control
max-age=2592000
x-amz-cf-pop
HAM50-C3
timing-allow-origin
*
content-length
15064
x-amz-cf-id
k90hYIaZLiG2XMKGzLIQNriUWd8IAg1LLkAv3Lrw9Y3uDQV1H7-HlQ==
expires
Wed, 02 Jun 2021 17:22:07 GMT
cookie_inneriframe.html
consent-pref.trustarc.com/ Frame 4254 		2 KB
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://consent-pref.trustarc.com/cookie_inneriframe.html
Requested by
Host: prefmgr-cookie.truste-svc.net
URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=hebsdigitaltype&site=nextguest.com&action=notice&country=ch&locale=en&behavior=expressed&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
consent-pref.trustarc.com
:scheme
https
:path
/cookie_inneriframe.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://prefmgr-cookie.truste-svc.net/
accept-encoding
gzip, deflate, br
accept-language
en-US
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36
Referer
https://prefmgr-cookie.truste-svc.net/

Response headers

content-type
text/html; charset=UTF-8
date
Mon, 03 May 2021 05:55:53 GMT
server
nginx
etag
W/"2008-1618561290000"
last-modified
Fri, 16 Apr 2021 08:21:30 GMT
x-xss-protection
1; mode=block
x-content-type-options
nosniff
access-control-allow-origin
*
content-encoding
gzip
vary
Accept-Encoding
x-cache
Hit from cloudfront
via
1.1 9928105291571d6cae52bcb916c898d9.cloudfront.net (CloudFront)
x-amz-cf-pop
FRA56-C2
x-amz-cf-id
V7azM0buRhiafjcgMk6Eb23jU5RpC2L1XmsuxbuTR6tWxiPVjOp_hw==
age
44517
trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame 5891 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://consent-pref.trustarc.com/images/trustarc-logo-small.png
Requested by
Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/67B873F492AD87C25B322202223D7A22.cache.html
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
13.32.21.39 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-13-32-21-39.fra56.r.cloudfront.net
Software
nginx /
Resource Hash
91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://consent-pref.trustarc.com/?type=hebsdigitaltype&site=nextguest.com&action=notice&country=ch&locale=en&behavior=expressed&layout=default_eu&irm=undefined&from=https://consent.trustarc.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36

Response headers

date
Mon, 03 May 2021 05:55:54 GMT
via
1.1 9928105291571d6cae52bcb916c898d9.cloudfront.net (CloudFront)
x-content-type-options
nosniff
last-modified
Fri, 16 Apr 2021 08:21:30 GMT
server
nginx
age
44516
etag
W/"4197-1618561290000"
x-cache
Hit from cloudfront
content-type
image/png
access-control-allow-origin
*
x-amz-cf-pop
FRA56-C2
accept-ranges
bytes
content-length
4197
x-xss-protection
1; mode=block
x-amz-cf-id
aB-7WGC7Bm47IIG6p67DXag-OYAFmrMt36Xo06fcBgvGXVgtwKCRmA==

Verdicts & Comments Add Verdict or Comment

242 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| onbeforexrselect object| ontransitionrun object| ontransitionstart object| ontransitioncancel object| cookieStore function| showDirectoryPicker function| showOpenFilePicker function| showSaveFilePicker boolean| originAgentCluster object| trustedTypes boolean| crossOriginIsolated string| templateURL object| siteSettings object| currentPropertyId object| propertySettings object| bookingEngineVars object| tempWindowObject object| tempRootObject object| firstTimePopup function| getCookie string| firstTimePopupCookie object| digitalData object| s string| s_account string| s_sites object| __pageCategory object| __clientInfo function| leadingZero function| ordinal_suffix_of number| _windowHeight number| _windowHeightExtra boolean| _safari boolean| _mobile function| positionParallax function| animateParallax function| calculateHeight function| universalParallax object| windowObject number| windowWidth number| windowHeight number| windowCurrentScroll object| documentObject object| rootObject object| headObject object| bodyObject object| header number| headerHeight object| acmNavigation undefined| acmNavigationHeight object| booking object| photos object| mobileNavigation object| mobileNavigationMainMenu object| mobileNavigationParent object| mobileNavigationTrigger object| photosMobileNavigationTrigger object| mobileNavigationClose number| photosMobileNavigationTriggerOffsetTop object| events string| googleApiKey object| googleApiReady object| reviews object| slideshows boolean| keyboardNavigation object| fadeOnScrollElements string| transitionEndEvent string| currentScreen object| isMobileDevice boolean| fadeOnScrollSupport function| fixBodyHeight object| lozadObserver function| checkVisibleElements function| searchForText object| skipToContentButton object| skipToTarget object| allForms function| mobileNavigationExpandSubmenu function| mobileNavigationCollapseSubmenu function| setMainMenuParentsState object| headerLanguageSelector object| footerAddresses object| footerHeadings object| footerContent boolean| slideshowsStopped function| processCheckinCheckoutInputs function| processCategorySelectors function| processSelects function| disableKeyboardNavigation function| restoreKeyboardNavigation object| contentReadMore function| resolveGoogleMap function| initGallery function| printCalendar boolean| videoBusy function| getVideoMeta function| videoReadyCallback function| appendVideo function| renderVideo undefined| pageVideoID undefined| timestamp undefined| video_meta function| $ function| jQuery function| lozad object| whatInput function| Swiper function| Galleria function| TuringType object| html5 object| Modernizr object| MktoForms2 object| _at function| _truste_eumap object| truste function| _truste_eu object| PREF_MGR_API_DEBUG object| PrivacyManagerAPI object| TRUSTE_CMAPI_DEBUG undefined| _aimtellPushToken boolean| _aimtellRanScript undefined| _aimtellSubscriberID undefined| _aimtellRefreshResult undefined| trackData undefined| _aimtellTrackData undefined| _aimtellDebug undefined| aimtellDebugBox string| _aimtellAPI boolean| _aimtellSWInitiated boolean| _aimtellNewSubscriberID number| _aimtellVersion object| _aimtellDebugQueue number| _aimtellDebugQueueActive boolean| _aimtellPrompted string| _aimtellUserDefinedWorker object| _aimtellWebsiteConfiguration object| _aimtellFunnelPixel object| _aimtellUpdateViaCache string| _aimtellWorkerScope object| _aimtellPreSubscriberTrackData object| _aimtellServiceWorker object| _aimtellPageLoadAttributes function| _aimtellDeferred function| _aimtellGetUrlVars function| _aimtellGetDeviceType function| _aimtellGetPageDetails function| _aimtellLoadBeacon function| _aimtellCrossDomainSubscriberID function| _aimtellCrossDomainSuppression function| _aimtellGetReferrer function| _aimtellGetLanguage function| _aimtellAbandonedFunnel function| _aimtellAbandonPage function| _aimtellGetResolution function| _aimtellGetBrowserInfo function| _aimtellGetSystemInfo function| _aimtellDebugger function| _aimtellDebugQueueProcess function| _aimtellLogDebug function| _aimtellInitialize function| _aimtellEnablePageDelayPrompt function| _aimtellEnableScrollDelayPrompt function| _aimtellEnableSecondsDelayPrompt function| _aimtellGetSiteConfig function| _aimtellGetPercentageScrolled function| _aimtellLoadPrompt function| _aimtellPromptApprove function| _aimtellPromptDeny function| _aimtellPromptCancel function| _aimtellGetSubscriberID function| _aimtellIsNewData function| _aimtellTrack function| _aimtellAppendManifestHeader function| _aimtellGetManifestLocation function| _aimtellGetWebsiteConfiguration function| _aimtellGetGCMID function| _aimtellLogError function| _aimtellGetSubscriberIDFromToken function| _aimtellGetSubscriberAttributes function| _aimtellGenerateID function| _aimtellGetCookie function| _aimtellSetCookie function| _aimtellDeleteCookie function| _aimtellHashString function| _aimtellTrackAttributes function| _aimtellForcePrompt function| _aimtellPrompt function| _aimtellAlias function| _aimtellTrackEvent function| _aimtellAbandonedCart function| _aimtellTc undefined| logid undefined| subscriber_uid undefined| webURL function| _aimtellGetPushToken function| _aimtellSupportsPush function| _aimtellCheckHTTPS function| _aimtellListener function| _webpushCheckPermissions function| _webpushSupportsPush function| _webpushPrompt function| _webpushRunNative function| _webpushGetSubscriberIDFromToken function| _webpushTrackAttributes function| _webpushGetToken function| _webpushTrackEvent function| _webpushGetSubscriberID function| _aimtellCheckPermissions function| _aimtellRunNative function| _aimtellSafariRun function| _aimtellDelWidgetNotification function| _aimtellDelAllWidgetNotification function| _aimtellCheckNotificationRemaining function| _aimtellClickedNotification function| _aimtellShowNotificationCenter function| _aimtellHideNotificationCenter function| _aimtellAppendNotification function| _aimtellShowNoNotifications function| _aimtellShowNotSubscribed function| _aimtellLaunchNotificationCenter function| _aimtellGetWidgetNotifications function| _aimtellFillNotifications function| _aimtellWidgetPermissionGrantedCallback function| _aimtellPermissionDeniedCallbacks function| _aimtellPermissionIgnoredCallbacks function| _aimtellWebhook function| _aimtellPermissionGrantedCallbacks function| _aimtellSubscribe function| _aimtellUrlBase64ToUint8Array function| _aimtellExtractSubscriptionId function| _aimtellSendSubscriptionToServer function| _aimtellAmplifySubscriberWorkerData function| _aimtellRegisterWorker function| _aimtellValidateWorker function| _aimtellSendWorkerMessage function| _aimtellLoadIntegrations function| _aimtellLoad function| _aimtellProcessQueue function| _aimtellCheckConflictWorker function| _aimtellInitWorker function| _aimtellForceRefreshSW

2 Cookies

Domain/Path Name / Value
.vimeo.com/ Name: vuid
Value: pl1689345991.1607249650
www.nextguest.com/ Name: first-time-popup
Value: shown

1 Console Messages

Source Level URL
Text
console-api error URL: https://s3.amazonaws.com/trackpush/trackpush.min.js(Line 1)
Message:
[aimtell] Browser does not support push

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Content-Security-Policy upgrade-insecure-requests
Strict-Transport-Security max-age=63072000; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

app-ab32.marketo.com
consent-pref.trustarc.com
consent-st.trustarc.com
consent.trustarc.com
d138unkswby3sa.cloudfront.net
f.vimeocdn.com
fresnel.vimeocdn.com
i.vimeocdn.com
player.vimeo.com
prefmgr-cookie.truste-svc.net
s3.amazonaws.com
vimeo.com
vod-progressive.akamaized.net
www.contactlessmenu.app
www.nextguest.com
104.16.92.80
13.32.21.39
151.101.114.109
151.101.12.217
151.101.192.217
2600:9000:206f:e000:f:61c:aa80:21
2a02:26f0:6c00::210:ba20
3.232.192.25
34.120.202.204
34.234.198.47
52.205.248.143
52.216.170.181
54.230.183.85
65.9.84.121
014de295141a456ceda8e3c4762085e53dca50f91ddf65906d227f70cf0b1a55
038f25dc1d79521cf797f505812cd4aa3b301292dda0c33b6e6d62c368008fc7
0a9073f8a864d021091181726653951f100dfcabb6d1c04d91c4fd0e74a4e35a
18f23ecb18b56073eb0c9e2107e80068285095f6bfea14525f646b82a81ce21e
1a6ad850cd5e50136bac960a97064a8ecde69aa17392be4b58b4666cb56f6fec
1ea22ef5cc12712e650ac15269e8e7b75904f47246ce6eb04bf0fcd42f8bed77
1f1e58b6bf6feb5c97ffd3ac3a93f2b9285e70d8cbd74f94ac4359c41d1a8808
260001a5b25bfba92e6e3be4a006dd0dd0ca6905b53236751ba4e87dbc15f886
2b82e2341333dffc0273cc62fc600ff8a7fd9edeef661efad6d45eb7330f06be
3a93efdd6e3fc06eda81580b11218166e4019ba6796bd7f3821925af90d43ce2
4376f40964fc499ccf0ee5cfca30f86f83c641b90864630d7bd1ed354d9054aa
4434519d30b23792c3a113614db077e024330e7ef33880233986300c1acb0f3d
48e0cd808211710c2ef9cfc41506a41a289c16fbf819d669f7b94595cb2e6690
4a7320b38d7569ae1d7b6bed397f88186a25611ed97ad5ffe3ef8ae104ef7287
4cc82be747929c37f9ea6de31edc5de02ed0fcafd8c715588b3a3b240980ba29
4f8e6186c0f1e52ae36a2495d65af6a48a6342fc7b6572fa25e244d773d677e2
5b26c9be03ecea227a1ba69e93b9c8db2b76b0129f1177efb4f63d48c9815958
5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe
5f20b1d763177090f7027d3a021e2962ac5d18132e3b33f418cc873e991761de
6284f7c97f9e4e93f7b29edaa0195c2439fdbb9555ff9176aa49176700f2ee1f
636435d9e1b631536ba8fbd41b01b1d75246eafc97e68a4fad7585f09409d596
6528a977b69b5b4ab0685efe25d766d2247bacb351b028eab42ff56611d643c2
66be4a504e9b1a9fdf1db820323698ea9ab5d7bfe7929ae6e3fb9d5b366bf1a8
6707360f02d3602079600a466b40ee947f6f7aa5009003358d05ccf9af18ae83
6b7faae398cdfaae06edb5155901c21a00b6ca507009f952697d5043902d1e3f
6e94722e02b776ad24b2054896fbda915761aaa3820c10ec17b835802ddc025a
71ab7bc6acaa8f57e5f10f231e328e1bdc2f866e2d1b1c8b7c22d5d14721d7ec
736eb7318ddbf61c5e5550378932b602613844532d6ed38bf20ca47604bb7ad5
764c0df528977ad4c3d6bed60a5751efb45d7d74900b6b0787dbf036db398047
78c53c06dab259c95f0396014ed3454572c5f75f682060a540f5fceb5f10831e
7b4764604f4064366033f65f4aaf8f9dc3da05bb564d03dd797c28ab23d83010
7e7eb6100e0d2a10ceca31510a5428abff2126181f68de596c510d943debf0cf
7f2ba4ed550556889fba885c7e6e115085bc073cddf4a3da84450b6d78ffa187
838db8c6b4007e5a3ce422e4b5c7388365abac342e586c8b525742f2ea0f79e2
88ae5db079adb1f2718abcd87ab533e74ccf6bd066a06410bbd1f38f776fe528
8952ccc09c989c9864dc4d80fc2ff261a1aec5ce7e02ad9bfe4d0c71b51928a0
89a999f4a62db2e4307ca10a099d915d62de260ff7bc45ed0886738027377823
91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9ebd1bce8f64bad3c33692061797d87b35c3ade8604eb1121e32234967427151
a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed
a7f101c156dd40eb0cf0c0fe76229049d4e57b989f0754a3b1e2413d6b86af5b
afaf00cbf93b64c2c27eaf134c4d6223712c0386bbdb93bf0f677b77ec1405d1
b076bbaf669e577f602e6953438f25fac09dd4af3a7c12a1971e19bf23a0f560
c0fda763c25e51e0b4e138ff59689bfaf0c89852ab2c1488b0a9bf5d3ef3145c
d20c24fe4dc7df739e2d765c71a8adeeed72fba24358d2630b2d69746d6e54cd
d4bef2d91bd01eaeba3c9d62545eb98cec13e41bfacdbf28cf1c17bc7f1a35e4
d7d00e88ba46fbfafd5c03c54553c1146fd850e7128fc85ae6d6e52b171837f4
e1851a602f6a52a83dc271015ffadb83f8ed6b265df168c3ce043efd60abdf84
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e42a9909a0645eaca6935d5246e93ba3548bd82cc946e22dc2c35a1370829bb2
e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
efbd5d4c7abc2c9238345ca9aa9e6086a40865e48de6b9f6cf57396b588315b3
f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880
f36ec990e288461510e49902bbdc754a6ae3b1e6574373792833d6a979ed40c3
f89b326b7c7ebe70ef1ce63507b0feef3caf1c7325ec010a28f34adbdda84548
f94a3201c222bdff01df1e481cefbdc871b07af4e1bcf902471caa6c636407b1
fa3cd2c0c1dd46e39f84383f41fb814ec524c634dec9bb99fcc886021f7677c3
fc1e3adee41f384fce69223e35398c9d5be0a46078c9b17c368057652508496a