Submitted URL: http://www.kempinski.com/
Effective URL: https://www.kempinski.com/
Submission: On September 11 via api from CH

Summary

This website contacted 24 IPs in 7 countries across 19 domains to perform 63 HTTP transactions.
The main IP is 107.154.192.108, located in United States and belongs to INCAPSULA - Incapsula Inc, US. The main domain is www.kempinski.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 27th 2019. Valid for: a year.
This is the first time this domain was scanned on urlscan.io!

Verdict: Unknown

Domain & IP information

IP Address AS Autonomous System
5 21 107.154.192.108 19551 (INCAPSULA)
2 2606:4700::68... 13335 (CLOUDFLAR...)
1 2.16.186.56 20940 (AKAMAI-ASN1)
1 2a00:1450:400... 15169 (GOOGLE)
1 172.217.22.98 15169 (GOOGLE)
3 2a00:1450:400... 15169 (GOOGLE)
1 2a02:26f0:10c... 20940 (AKAMAI-ASN1)
3 2a03:2880:f01... 32934 (FACEBOOK)
1 172.217.16.198 15169 (GOOGLE)
2 46.228.164.13 56396 (TURN)
2 2620:1ec:c11:... 8068 (MICROSOFT...)
4 63.32.77.13 16509 (AMAZON-02)
1 4 2a02:6b8::1:119 13238 (YANDEX)
1 52.49.49.248 16509 (AMAZON-02)
1 2a05:f500:11:... 14413 (LINKEDIN)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2 2a00:1450:400... 15169 (GOOGLE)
2 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
1 216.58.206.2 15169 (GOOGLE)
1 3 2a03:2880:f11... 32934 (FACEBOOK)
1 46.228.164.11 56396 (TURN)
1 2a03:2880:f0f... 32934 (FACEBOOK)
63 24
Domain
Subdomains
Transfer
25 kempinski.com
www.kempinski.com Failed
media.kempinski.com Failed
235 KB
4 yandex.ru
93 KB
4 doubleclick.net
5 KB
3 facebook.com
740 B
3 turn.com
18 KB
3 facebook.net
120 KB
3 google-analytics.com
18 KB
2 google.de
219 B
2 google.com
293 B
2 bing.com
8 KB
2 cloudflare.com
48 KB
1 atdmt.com
403 B
1 googletagservices.com
29 KB
1 linkedin.com
103 B
1 usabilla.com
90 B
1 bizographics.com
5 KB
1 googleadservices.com
9 KB
1 googletagmanager.com
53 KB
1 akamaihd.net
117 KB
63 19
Domain Requested by
18 www.kempinski.com 5 redirects www.kempinski.com
4 mc.yandex.ru 1 redirects www.kempinski.com
4 almanac.kempinski.com www.kempinski.com
3 www.facebook.com 1 redirects
3 connect.facebook.net www.kempinski.com
connect.facebook.net
3 www.google-analytics.com www.googletagmanager.com
www.google-analytics.com
3 media.kempinski.com www.kempinski.com
2 www.google.de
2 www.google.com 1 redirects
2 bat.bing.com www.kempinski.com
2 d.turn.com www.kempinski.com
d.turn.com
2 cdnjs.cloudflare.com www.kempinski.com
1 cx.atdmt.com
1 r.turn.com
1 googleads4.g.doubleclick.net
1 www.googletagservices.com ad.doubleclick.net
1 googleads.g.doubleclick.net www.googleadservices.com
1 stats.g.doubleclick.net 1 redirects
1 px.ads.linkedin.com sjs.bizographics.com
1 w.usabilla.com www.kempinski.com
1 ad.doubleclick.net www.kempinski.com
1 sjs.bizographics.com www.googletagmanager.com
1 www.googleadservices.com www.googletagmanager.com
1 www.googletagmanager.com www.kempinski.com
1 photorankstatics-a.akamaihd.net www.kempinski.com
63 25
Subject / Issuer Validity Valid
*.kempinski.com
DigiCert SHA2 Secure Server CA
2019-02-27 -
2020-03-12
a year
ssl412106.cloudflaressl.com
COMODO ECC Domain Validation Secure Server CA 2
2019-08-10 -
2020-02-16
6 months
a248.e.akamai.net
DigiCert ECC Secure Server CA
2018-10-18 -
2019-10-18
a year
*.google-analytics.com
GTS CA 1O1
2019-08-23 -
2019-11-21
3 months
www.googleadservices.com
GTS CA 1O1
2019-08-23 -
2019-11-21
3 months
js.bizographics.com
DigiCert SHA2 Secure Server CA
2018-04-13 -
2020-04-17
2 years
*.facebook.com
DigiCert SHA2 High Assurance Server CA
2019-08-24 -
2019-10-19
2 months
*.doubleclick.net
GTS CA 1O1
2019-08-23 -
2019-11-21
3 months
*.turn.com
DigiCert SHA2 Secure Server CA
2019-01-25 -
2020-03-31
a year
www.bing.com
Microsoft IT TLS CA 2
2019-04-30 -
2021-04-30
2 years
almanac.kempinski.com
Let's Encrypt Authority X3
2019-08-03 -
2019-11-01
3 months
bs.yandex.ru
Yandex CA
2018-10-03 -
2019-10-03
a year
w.usabilla.com
Amazon
2019-05-08 -
2020-06-08
a year
px.ads.linkedin.com
DigiCert SHA2 Secure Server CA
2019-05-29 -
2021-06-29
2 years
www.google.de
GTS CA 1O1
2019-08-23 -
2019-11-21
3 months
*.g.doubleclick.net
GTS CA 1O1
2019-08-23 -
2019-11-21
3 months
www.google.com
GTS CA 1O1
2019-08-23 -
2019-11-21
3 months
*.atlassolutions.com
DigiCert SHA2 High Assurance Server CA
2019-07-11 -
2019-10-09
3 months

Screenshot


Detected technologies

Web
Overall confidence: 100%
Detected patterns
  • script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Web
Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i


Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

63 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
/

Redirect Chain
  • http://www.kempinski.com/
  • https://www.kempinski.com/
210 B
524 B
Document
General
Full URL
https://www.kempinski.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.192.108 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
107.154.192.108.ip.incapdns.net
Software
/
Resource Hash
d2f3e642df0b6c754c71f80502056d952f874ef92da84205a158c21c012f616d

Request headers

:method
GET
:authority
www.kempinski.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
content-type
text/html
cache-control
no-cache
content-length
210
x-iinfo
7-311226-0 0CNN RT(1568199458155 0) q(0 -1 -1 0) r(0 -1) B10(4,314,0)
set-cookie
visid_incap_2028118=TwPUfj9xTOeOPglTfpCOUCLTeF0AAAAAQUIPAAAAAAC+/VU1VYVP2n7Jkvg8qxeM; expires=Thu, 10 Sep 2020 09:18:45 GMT; path=/; Domain=.kempinski.com incap_ses_775_2028118=7Kf9ENx/0272KHRxflrBCiLTeF0AAAAAf+P8F6VGO6cwho4w0dr+ZA==; path=/; Domain=.kempinski.com

Redirect headers

Location
https://www.kempinski.com/
Content-Length
0
Connection
close
_Incapsula_Resource?SWJIYLWA=5074a744e2e3d891814e9a2dace20bd4,719d34d31c8e3a6e6fffd425f7e032f3
148 KB
22 KB
Script
General
Full URL
https://www.kempinski.com/_Incapsula_Resource?SWJIYLWA=5074a744e2e3d891814e9a2dace20bd4,719d34d31c8e3a6e6fffd425f7e032f3
Requested by
Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.192.108 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
107.154.192.108.ip.incapdns.net
Software
/
Resource Hash
931d74da5a115f0a87519132f1b175200f36fea93b4858bf82267ffb81f6070c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
content-encoding
gzip
cache-control
no-cache
content-length
22235
content-type
application/javascript
_Incapsula_Resource?SWHANEDL=1168539970493161299,14562820668344233502,2645239227215678453,6100
29 B
55 B
XHR
General
Full URL
https://www.kempinski.com/_Incapsula_Resource?SWHANEDL=1168539970493161299,14562820668344233502,2645239227215678453,6100
Requested by
Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.192.108 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
107.154.192.108.ip.incapdns.net
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
cache-control
no-cache
content-length
29
content-type
application/javascript
/
219 KB
58 KB
Document
General
Full URL
https://www.kempinski.com/
Requested by
Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.192.108 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
107.154.192.108.ip.incapdns.net
Software
/
Resource Hash
d6bf2b88ada07c05e7d7123479195887c82cc443896a8522f500e659a1935cd6

Request headers

:method
GET
:authority
www.kempinski.com
:scheme
https
:path
/
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode
navigate
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
same-origin
referer
https://www.kempinski.com/
accept-encoding
gzip, deflate, br
cookie
visid_incap_2028118=TwPUfj9xTOeOPglTfpCOUCLTeF0AAAAAQUIPAAAAAAC+/VU1VYVP2n7Jkvg8qxeM; incap_ses_775_2028118=7Kf9ENx/0272KHRxflrBCiLTeF0AAAAAf+P8F6VGO6cwho4w0dr+ZA==
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
navigate
Referer
https://www.kempinski.com/

Response headers

status
200
etag
"3b3876bd"
content-type
text/html; charset=utf-8
content-length
59399
content-encoding
gzip
access-control-allow-origin
https://www.kempinski.com
cache-control
max-age=900, public
age
592
date
Wed, 11 Sep 2019 10:57:38 GMT
x-iinfo
7-311257-0 0CNN RT(1568199458805 0) q(0 -1 -1 -1) r(0 -1)
x-cdn
Incapsula
_Incapsula_Resource?SWKMTFSR=1&e=0.09494631483078675
0
0

_Incapsula_Resource?ES2LURCT=67&t=78&d=complete%20(s%3A2%2Cc%3A145%2Cr%3A300)
0
0

new.main_v225.css
media.kempinski.com/css
0
0
Stylesheet
General
Full URL
https://media.kempinski.com/css/new.main_v225.css
Requested by
Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.192.108 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
107.154.192.108.ip.incapdns.net
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

moment_v225.js
media.kempinski.com/scripts
0
0
Script
General
Full URL
https://media.kempinski.com/scripts/moment_v225.js
Requested by
Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.192.108 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
107.154.192.108.ip.incapdns.net
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

bs_v225.js
media.kempinski.com/scripts
0
0

date-range-picker_v225.js
media.kempinski.com/scripts
0
0

lazysizes_v225.js
media.kempinski.com/scripts
0
0

ScrollMagic.min_v225.js
media.kempinski.com/scripts
0
0

select2.min.js
cdnjs.cloudflare.com/ajax/libs/select2/4.0.7/js
67 KB
18 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.7/js/select2.min.js
Requested by
Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1870b7c456eb7af4346917168392449543a7717617c53b4c3ae03be1c5803d3c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 10:57:39 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
10936857
status
200
served-in-seconds
0.002
timing-allow-origin
*
last-modified
Tue, 07 May 2019 20:30:59 GMT
server
cloudflare
etag
W/"5cd1eb03-10b24"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
51491f3befae5952-VIE
expires
Mon, 31 Aug 2020 10:57:39 GMT
swiper.min.js
cdnjs.cloudflare.com/ajax/libs/Swiper/4.4.2/js
122 KB
30 KB
Script
General
Full URL
https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.4.2/js/swiper.min.js
Requested by
Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
df178d935914fb63c2880bd93c76c7cae03e199962799b58cfff6916f60b9e3c
Security Headers
Name Value
Strict-Transport-Security max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 10:57:39 GMT
content-encoding
br
vary
Accept-Encoding
cf-cache-status
HIT
age
3514377
status
200
served-in-seconds
0.004
timing-allow-origin
*
last-modified
Thu, 01 Nov 2018 15:55:26 GMT
server
cloudflare
etag
W/"5bdb21ee-1e744"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security
max-age=15780000; includeSubDomains
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
cf-ray
51491f3befaf5952-VIE
expires
Mon, 31 Aug 2020 10:57:39 GMT
new.main_v225.js
media.kempinski.com/scripts
0
0

Helvetica.woff
/fonts/Helvetica
0
0
Font
General
Full URL
https://www.kempinski.com/fonts/Helvetica/Helvetica.woff
Requested by
Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.192.108 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
107.154.192.108.ip.incapdns.net
Software
/
Resource Hash

Request headers

Sec-Fetch-Mode
cors
Referer
https://www.kempinski.com/
Origin
https://www.kempinski.com
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
403
x-iinfo
5-379628-0 0CNN RT(1568199459391 0) q(0 -1 -1 -1) r(0 -1) B15(11,179450,0)
cache-control
no-cache
content-length
726
content-type
text/html
Helvetica-Bold.woff
/fonts/Helvetica
0
0

Helvetica-Light.woff
/fonts/Helvetica
0
0

KingsCaslonItalic.woff
/fonts/KingsCaslon
0
0

icomoon.woff2?vfviym
/fonts
0
0

build.min.js
photorankstatics-a.akamaihd.net/81b03e40475846d5883661ff57b34ece/static/frontend/latest
392 KB
117 KB
Script
General
Full URL
https://photorankstatics-a.akamaihd.net/81b03e40475846d5883661ff57b34ece/static/frontend/latest/build.min.js
Requested by
Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server
2.16.186.56 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
a2-16-186-56.deploy.static.akamaitechnologies.com
Software
AmazonS3 /
Resource Hash
ab4e97c4c56de795a1f8a9a67783608d08ff9aef8d2a4b262ae71841a0e0e3e4

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 10:57:39 GMT
Content-Encoding
gzip
Vary
Accept-Encoding
x-amz-request-id
9E8B53215C33826A
Connection
keep-alive
Content-Length
118932
x-amz-id-2
PaOgyc5vGZ2yFHATjRaZXb04LHUUt3KFlFU1msTMiE6yY1j4pvORRBLEbN/SYxPDUsHgBjnvGKc=
Last-Modified
Mon, 09 Sep 2019 15:03:05 GMT
Server
AmazonS3
ETag
"ad5c413e02e15e6a90ef727832c07e26"
Access-Control-Max-Age
3000
Access-Control-Allow-Methods
GET
Content-Type
application/javascript; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=1110
Accept-Ranges
bytes
corp_logo_website_576x364px.svg
media.kempinski.com/34370159
8 KB
4 KB
Image
General
Full URL
https://media.kempinski.com/34370159/corp_logo_website_576x364px.svg
Requested by
Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.192.108 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
107.154.192.108.ip.incapdns.net
Software
/
Resource Hash
275d80be4508379dd44186f1ad929368d9c0924f18dce5cd833b03a4c1618f6f

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 10:57:39 GMT
content-encoding
gzip
x-cdn
Incapsula
etag
"ec70c175"
content-type
image/svg+xml
status
200
x-iinfo
2-185331-0 0CNN RT(1568199459816 0) q(0 -1 -1 0) r(0 -1)
cache-control
max-age=14515200
content-length
3290
KingsCaslonItalic.ttf
/fonts/KingsCaslon
Redirect Chain
  • https://www.kempinski.com/fonts/KingsCaslon/KingsCaslonItalic.ttf
  • https://www.kempinski.com/fonts/KingsCaslon/KingsCaslonItalic.ttf
86 KB
87 KB
Font
General
Full URL
https://www.kempinski.com/fonts/KingsCaslon/KingsCaslonItalic.ttf
Requested by
Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.192.108 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
107.154.192.108.ip.incapdns.net
Software
/
Resource Hash
9532737d4cc0760314d9a1f33f0a9692d0debe1a68e79b2bdfc3619a0724a523

Request headers

Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 10:57:39 GMT
last-modified
Fri, 10 May 2019 05:57:32 GMT
x-cdn
Incapsula
age
10201
etag
"4b13742f56d51:0"
content-type
application/octet-stream
status
200
x-iinfo
2-185338-184963 2CNN RT(1568199459977 0) q(0 0 0 -1) r(0 0) U18
cache-control
max-age=14515200
content-length
88048

Redirect headers

status
302
x-iinfo
2-185332-0 2NNN RT(1568199459834 0) q(0 -1 -1 0) r(0 -1) B11(8,881023,0) U18
cache-control
no-cache
content-length
122
location
https://www.kempinski.com/fonts/KingsCaslon/KingsCaslonItalic.ttf
content-type
text/html
icomoon.ttf?vfviym
/fonts
Redirect Chain
  • https://www.kempinski.com/fonts/icomoon.ttf?vfviym
  • https://www.kempinski.com/fonts/icomoon.ttf?vfviym
10 KB
10 KB
Font
General
Full URL
https://www.kempinski.com/fonts/icomoon.ttf?vfviym
Requested by
Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.192.108 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
107.154.192.108.ip.incapdns.net
Software
/
Resource Hash
50af97b182fc35c1ecac8d0a753dbbfe5ae0a12bb1c49db16fc580a8aae0f804

Request headers

Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 10:57:39 GMT
last-modified
Thu, 08 Aug 2019 06:35:02 GMT
x-cdn
Incapsula
etag
"dc16b468b34dd51:0"
content-type
application/octet-stream
status
200
x-iinfo
2-185339-0 0CNN RT(1568199459979 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=14515200
content-length
10208

Redirect headers

status
302
x-iinfo
2-185333-0 2CNN RT(1568199459834 0) q(0 -1 -1 2) r(0 -1) B11(8,881023,0)
cache-control
no-cache
content-length
122
location
https://www.kempinski.com/fonts/icomoon.ttf?vfviym
content-type
text/html
GetEmergencyMessage
/umbraco/Surface/Core
Redirect Chain
  • https://www.kempinski.com/umbraco/Surface/Core/GetEmergencyMessage
  • https://www.kempinski.com/umbraco/Surface/Core/GetEmergencyMessage
210 B
298 B
XHR
General
Full URL
https://www.kempinski.com/umbraco/Surface/Core/GetEmergencyMessage
Requested by
Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.192.108 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
107.154.192.108.ip.incapdns.net
Software
/
Resource Hash
d2f3e642df0b6c754c71f80502056d952f874ef92da84205a158c21c012f616d

Request headers

Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
x-iinfo
2-185341-0 2NNN RT(1568199459980 0) q(0 -1 -1 -1) r(0 -1) B10(4,314,0) U18
cache-control
no-cache
content-length
210
content-type
text/html

Redirect headers

status
302
x-iinfo
2-185334-0 0NNN RT(1568199459836 0) q(0 -1 -1 1) r(0 -1) B11(8,881023,0) U6
cache-control
no-cache
content-length
122
location
https://www.kempinski.com/umbraco/Surface/Core/GetEmergencyMessage
content-type
text/html
GetNewsletterMessage
/umbraco/Surface/Core
Redirect Chain
  • https://www.kempinski.com/umbraco/Surface/Core/GetNewsletterMessage
  • https://www.kempinski.com/umbraco/Surface/Core/GetNewsletterMessage
210 B
297 B
XHR
General
Full URL
https://www.kempinski.com/umbraco/Surface/Core/GetNewsletterMessage
Requested by
Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.192.108 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
107.154.192.108.ip.incapdns.net
Software
/
Resource Hash
d2f3e642df0b6c754c71f80502056d952f874ef92da84205a158c21c012f616d

Request headers

Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
x-iinfo
2-185342-0 2NNN RT(1568199459981 0) q(0 -1 -1 -1) r(0 -1) B10(4,314,0) U18
cache-control
no-cache
content-length
210
content-type
text/html

Redirect headers

status
302
x-iinfo
2-185335-0 0NNN RT(1568199459838 0) q(0 -1 -1 0) r(0 -1) B11(8,881023,0) U6
cache-control
no-cache
content-length
122
location
https://www.kempinski.com/umbraco/Surface/Core/GetNewsletterMessage
content-type
text/html
/
/combres.axd/newSiteJs/-2047052710
81 KB
24 KB
Script
General
Full URL
https://www.kempinski.com/combres.axd/newSiteJs/-2047052710/
Requested by
Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.192.108 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
107.154.192.108.ip.incapdns.net
Software
/
Resource Hash
1912fe9b4e138526375fda418185fb5e2ba4ac6fb0935109ac6265e08104915c

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 10:57:40 GMT
content-encoding
gzip
x-cdn
Incapsula
etag
"bc33d6a5"
content-type
application/x-javascript; charset=utf-8
status
200
x-iinfo
2-185345-0 0CNN RT(1568199460380 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=14515200
content-length
24269
/
/combres.axd/newSiteWidgetCorpJs/-1406425899
11 KB
3 KB
Script
General
Full URL
https://www.kempinski.com/combres.axd/newSiteWidgetCorpJs/-1406425899/
Requested by
Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.192.108 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
107.154.192.108.ip.incapdns.net
Software
/
Resource Hash
3a645e14da9c3c3d67d2cca59cc8d7b1648724e0d156c16f359be621629b4dbb

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 10:57:40 GMT
content-encoding
gzip
x-cdn
Incapsula
etag
"45e0f294"
content-type
application/x-javascript; charset=utf-8
status
200
x-iinfo
2-185349-0 0CNN RT(1568199460530 0) q(0 -1 -1 -1) r(0 -1)
cache-control
max-age=14515200
content-length
3053
RenderHeaderAccountInformation
/umbraco/Surface/Account
2 KB
893 B
XHR
General
Full URL
https://www.kempinski.com/umbraco/Surface/Account/RenderHeaderAccountInformation
Requested by
Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.192.108 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
107.154.192.108.ip.incapdns.net
Software
/
Resource Hash
d02a2ecc6abe9ace13324e5e6d91b51b3d4d74d814d0c5c75eb34d74e05ff15c

Request headers

Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.kempinski.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma
no-cache
date
Wed, 11 Sep 2019 10:58:03 GMT
content-encoding
gzip
x-cdn
Incapsula
vary
Origin
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
application/json; charset=utf-8
status
200
x-iinfo
2-185350-185351 NNNN CT(0 0 0) RT(1568199460536 0) q(0 0 0 -1) r(9 9) U6
cache-control
no-cache, no-store
access-control-allow-headers
origin, x-requested-with, content-type
content-length
647
expires
-1
GetDataLayer
/umbraco/Surface/Core
1018 B
1 KB
XHR
General
Full URL
https://www.kempinski.com/umbraco/Surface/Core/GetDataLayer
Requested by
Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
107.154.192.108 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS
107.154.192.108.ip.incapdns.net
Software
/
Resource Hash
7e78dae8d3f638d01a955e3d32d02ac2d2d29ba2419696f46f4df312255a024a

Request headers

Accept
text/html, */*; q=0.01
Referer
https://www.kempinski.com/
X-Requested-With
XMLHttpRequest
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode
cors
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Wed, 11 Sep 2019 10:56:40 GMT
content-encoding
gzip
x-cdn
Incapsula
vary
Origin
access-control-allow-methods
GET, OPTIONS, HEAD
content-type
text/html; charset=utf-8
status
200
x-iinfo
2-185355-185356 NNNN CT(0 0 0) RT(1568199460674 0) q(0 0 0 0) r(2 2) U6
cache-control
private
access-control-allow-headers
origin, x-requested-with, content-type
Adblocked gtm.js?id=GTM-WTL3DB
www.googletagmanager.com
225 KB
53 KB
Script
General
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-WTL3DB
Requested by
Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
6b3a0793b5c30c8433ed1347207d403745b61adc88b4b40a2c17286016561850
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 10:57:41 GMT
content-encoding
br
last-modified
Wed, 11 Sep 2019 09:00:00 GMT
server
Google Tag Manager
access-control-allow-headers
Cache-Control
status
200
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
http://www.googletagmanager.com
cache-control
private, max-age=900
access-control-allow-credentials
true
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
53853
x-xss-protection
0
expires
Wed, 11 Sep 2019 10:57:41 GMT
Adblocked conversion_async.js
www.googleadservices.com/pagead
24 KB
9 KB
Script
General
Full URL
https://www.googleadservices.com/pagead/conversion_async.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTL3DB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.22.98 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra15s18-in-f98.1e100.net
Software
cafe /
Resource Hash
8c88d6a0ae774f43c52a16b37d0134231b235ddf98ce9eb7f28c587c31b59d5a
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 10:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
content-disposition
attachment; filename="f.txt"
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
9186
x-xss-protection
0
server
cafe
etag
1827501119694548318
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Wed, 11 Sep 2019 10:57:41 GMT
Adblocked analytics.js
www.google-analytics.com
43 KB
17 KB
Script
General
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTL3DB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
848
date
Wed, 11 Sep 2019 10:43:33 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
17803
expires
Wed, 11 Sep 2019 12:43:33 GMT
Adblocked insight.min.js
sjs.bizographics.com
15 KB
5 KB
Script
General
Full URL
https://sjs.bizographics.com/insight.min.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTL3DB
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
2a02:26f0:10c:399::3adf , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software
/
Resource Hash
bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 10:57:41 GMT
Content-Encoding
gzip
Last-Modified
Mon, 03 Dec 2018 23:03:30 GMT
X-CDN
AKAM
Vary
Accept-Encoding
Content-Type
application/x-javascript;charset=utf-8
Cache-Control
max-age=17614
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4571
Adblocked fbevents.js
connect.facebook.net/en_US
121 KB
32 KB
Script
General
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
31604
x-xss-protection
0
pragma
public
x-fb-debug
pLJ32cnDNCu29I0D4rCEmWpKHgqp88tUK7Ue3tEZ9HXBTeDFE7hTS3pnCWOr3xzHUHhAYhBfz0kJNU0uiukeKQ==
x-fb-trip-id
194532234
x-frame-options
DENY
date
Wed, 11 Sep 2019 10:57:41 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
Adblocked B20278285.204596525;sz=1x2;ord=8599020502?
ad.doubleclick.net/ddm/adj/N326205.197812NSO.CODESRV
8 KB
4 KB
Script
General
Full URL
https://ad.doubleclick.net/ddm/adj/N326205.197812NSO.CODESRV/B20278285.204596525;sz=1x2;ord=8599020502?
Requested by
Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.198 , United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s08-in-f6.1e100.net
Software
cafe /
Resource Hash
77bac9273c552d24ad13f63fa39a2edd06ba0f9d1b5090bb7f7c01d594f2d5bc
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Sep 2019 10:57:41 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
3112
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Adblocked L21rdC8xMTIxL3BpZC85MTAzMTA2OS90LzA
d.turn.com/r/dft/id
17 KB
17 KB
Script
General
Full URL
https://d.turn.com/r/dft/id/L21rdC8xMTIxL3BpZC85MTAzMTA2OS90LzA
Requested by
Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.228.164.13 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
3c2bdc173bf507f678858e0097dd73e3b916a02e57aeb5af7d06e92ab06d60dc
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
cache
Date
Wed, 11 Sep 2019 10:57:40 GMT
Cache-Control
private, max-age=7200
Server
Apache-Coyote/1.1
P3P
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Transfer-Encoding
chunked
Content-Type
application/javascript
Adblocked bat.js
bat.bing.com
23 KB
7 KB
Script
General
Full URL
https://bat.bing.com/bat.js
Requested by
Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 10:57:40 GMT
content-encoding
gzip
last-modified
Tue, 10 Sep 2019 18:57:28 GMT
x-msedge-ref
Ref A: A176F9BF05E14B6BA060ACCFD96CC983 Ref B: VIEEDGE0610 Ref C: 2019-09-11T10:57:41Z
status
200
etag
"09c5197968d51:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
private,max-age=1800
accept-ranges
bytes
content-length
7148
almanac.js
almanac.kempinski.com
66 KB
23 KB
Script
General
Full URL
https://almanac.kempinski.com/almanac.js
Requested by
Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.32.77.13 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-63-32-77-13.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
e3c39364dd866add4ea7fdf25aecc692c8d738387f3bab1720012919aab3c835

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 10:57:41 GMT
Content-Encoding
gzip
Last-Modified
Tue, 26 Mar 2019 14:04:40 GMT
Server
Apache/2.4.29 (Ubuntu)
ETag
"106ad-584ffcd5bea56-gzip"
Vary
Accept-Encoding
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
22700
Adblocked tag.js
mc.yandex.ru/metrika
353 KB
91 KB
Script
General
Full URL
https://mc.yandex.ru/metrika/tag.js
Requested by
Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
e43f50a325a5a83f020dd452365a66f18ccbbb271151a63748df361fbd96938f
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 10:57:41 GMT
Content-Encoding
br
Last-Modified
Tue, 10 Sep 2019 11:49:48 GMT
Server
nginx/1.14.2
ETag
"5d778ddc-16999"
Strict-Transport-Security
max-age=31536000
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
92569
Expires
Wed, 11 Sep 2019 11:57:41 GMT
Adblocked 13bc0997f025.js?lv=1
w.usabilla.com
0
90 B
Script
General
Full URL
https://w.usabilla.com/13bc0997f025.js?lv=1
Requested by
Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.49.49.248 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-52-49-49-248.eu-west-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Wed, 11 Sep 2019 10:57:41 GMT
cache-control
public, max-age=60
x-widget-server
2.1
Adblocked linkid.js
www.google-analytics.com/plugins/ua
2 KB
952 B
Script
General
Full URL
https://www.google-analytics.com/plugins/ua/linkid.js
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 10:32:37 GMT
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Thu, 21 Apr 2016 03:17:22 GMT
server
sffe
age
1504
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=3600
accept-ranges
bytes
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
856
x-xss-protection
0
expires
Wed, 11 Sep 2019 11:32:37 GMT
Adblocked ?time=1568199461180&pid=1349852&url=https%3A%2F%2Fwww.kempinski.com%2F&fmt=js&s=1
px.ads.linkedin.com/collect
0
103 B
Script
General
Full URL
https://px.ads.linkedin.com/collect/?time=1568199461180&pid=1349852&url=https%3A%2F%2Fwww.kempinski.com%2F&fmt=js&s=1
Requested by
Host: sjs.bizographics.com
URL: https://sjs.bizographics.com/insight.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software
Play /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 10:57:41 GMT
content-encoding
gzip
server
Play
vary
Accept-Encoding
x-li-fabric
prod-lor1
status
200
x-li-proto
http/2
x-li-pop
prod-tln1
content-type
application/javascript
content-length
20
x-li-uuid
MF+FiCJdwxUgwoUWbysAAA==
Adblocked collect?v=1&_v=j79&aip=1&a=1977941504&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kempinski.com%2F&ul=en-us&de=UTF-8&dt=Luxury%20Five%20Star%20Hotels%20%26%20Resorts%20%7C%20Kempinski%20Hotels&sd=24-bit&s...
www.google-analytics.com
35 B
111 B
Image
General
Full URL
https://www.google-analytics.com/collect?v=1&_v=j79&aip=1&a=1977941504&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kempinski.com%2F&ul=en-us&de=UTF-8&dt=Luxury%20Five%20Star%20Hotels%20%26%20Resorts%20%7C%20Kempinski%20Hotels&sd=24-bit&sr=1600x1200&vp=1585x1185&je=0&_u=aGBAgEAj~&jid=36004714&gjid=416802014&cid=961976210.1568199461&tid=UA-46236206-1&_gid=1277625555.1568199461&gtm=2wg8l2WTL3DB&cg1=welcome&cd1=KISA&cd2=en&cd16=%7Cclient&cd17=logged-out&z=2136213924
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 03 Sep 2019 18:49:27 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
age
662894
status
200
content-type
image/gif
access-control-allow-origin
*
cache-control
no-cache, no-store, must-revalidate
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
35
expires
Mon, 01 Jan 1990 00:00:00 GMT
ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46236206-1&cid=961976210.1568199461&jid=36004714&_v=j79&z=1974599134&slf_rd=1&random=3891361433
www.google.de/ads
Redirect Chain
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-46236206-1&cid=961976210.1568199461&jid=36004714&gjid=416802014&_gid=1277625555.1568199461&_u=aGBAgEAj~&z=1974599134
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46236206-1&cid=961976210.1568199461&jid=36004714&_v=j79&z=1974599134
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46236206-1&cid=961976210.1568199461&jid=36004714&_v=j79&z=1974599134&slf_rd=1&random=3891361433
42 B
109 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46236206-1&cid=961976210.1568199461&jid=36004714&_v=j79&z=1974599134&slf_rd=1&random=3891361433
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Sep 2019 10:57:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Wed, 11 Sep 2019 10:57:41 GMT
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
content-type
text/html; charset=UTF-8
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46236206-1&cid=961976210.1568199461&jid=36004714&_v=j79&z=1974599134&slf_rd=1&random=3891361433
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Adblocked 1363478017106996?v=2.9.4&r=stable
connect.facebook.net/signals/config
307 KB
78 KB
Script
General
Full URL
https://connect.facebook.net/signals/config/1363478017106996?v=2.9.4&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
af76e682477a19e6ae3ccbb57c0c122f9bb3da8977c5c59254022c41e59590e0
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
79753
x-xss-protection
0
pragma
public
x-fb-debug
8je3ha1CGa9UakjZfrlZFlkW9GcxkzakYpZ2sqO3BDCpllJjWmIbvaq6RxXaBifSwaHcv/rs9a7i0yyo4HLJsw==
x-fb-trip-id
194532234
x-frame-options
DENY
date
Wed, 11 Sep 2019 10:57:41 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
Adblocked ?random=1568199461206&cv=9&fst=1568199461206&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8l2&sendb=1&i...
googleads.g.doubleclick.net/pagead/viewthroughconversion/1008065145
2 KB
1 KB
Script
General
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1008065145/?random=1568199461206&cv=9&fst=1568199461206&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8l2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.kempinski.com%2F&ref=https%3A%2F%2Fwww.kempinski.com%2F&tiba=Luxury%20Five%20Star%20Hotels%20%26%20Resorts%20%7C%20Kempinski%20Hotels&async=1&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
48c0637895684419c377fa9a4c6382630486350ffd82422ec066a2dc4abf341e
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Sep 2019 10:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status
200
cache-control
no-cache, must-revalidate
content-disposition
attachment; filename="f.txt"
content-type
text/javascript; charset=UTF-8
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
969
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
lidar.js?cache=r20110914
www.googletagservices.com/activeview/js/current
80 KB
29 KB
Script
General
Full URL
https://www.googletagservices.com/activeview/js/current/lidar.js?cache=r20110914
Requested by
Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N326205.197812NSO.CODESRV/B20278285.204596525;sz=1x2;ord=8599020502?
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
sffe /
Resource Hash
d561b087eb84f9a1a6bef617010f9d2536280828ec34514a7b67e8dfc5dc04aa
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 10:57:41 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1568027754411643"
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
29415
x-xss-protection
0
expires
Wed, 11 Sep 2019 10:57:41 GMT
Adblocked view?xai=AKAOjstakmUgKOjcq8z2s5OXloe89TD87szgb1lrbaY45wQqXjweDNELgtCJRROHsguKP04scDJl_SrldKZ4jTAKXcvm3bl3f_UwFecevSQaLlLHBpH4ZlU7l75Ubay_Otj6QZBrkkGkQqGeQhKFyas&sig=Cg0ArKJSzA_lNsju3ZUaEAE&urlfix=1...
googleads4.g.doubleclick.net/pcs
0
356 B
Image
General
Full URL
https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstakmUgKOjcq8z2s5OXloe89TD87szgb1lrbaY45wQqXjweDNELgtCJRROHsguKP04scDJl_SrldKZ4jTAKXcvm3bl3f_UwFecevSQaLlLHBpH4ZlU7l75Ubay_Otj6QZBrkkGkQqGeQhKFyas&sig=Cg0ArKJSzA_lNsju3ZUaEAE&urlfix=1&adurl=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
fra16s20-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin
*
date
Wed, 11 Sep 2019 10:57:41 GMT
x-content-type-options
nosniff
server
cafe
status
200
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin
*
cache-control
private
content-type
image/gif
alt-svc
quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length
0
x-xss-protection
0
Adblocked 91509781=https%3A%2F%2Fwww.kempinski.com%2F,91919117=KISA,91919115=en,91509784=https%3A%2F%2Fwww.kempinski.com%2F,91921486=www%3Aen%3Ahotels%3Awelcome,92668785=False,91919118=client,91919119=logged...
d.turn.com/r/dd/id/L21rdC8xMTIxL3BpZC85MTAzMTA2OS90LzA/pdata
0
443 B
Script
General
Full URL
https://d.turn.com/r/dd/id/L21rdC8xMTIxL3BpZC85MTAzMTA2OS90LzA/pdata/91509781=https%3A%2F%2Fwww.kempinski.com%2F,91919117=KISA,91919115=en,91509784=https%3A%2F%2Fwww.kempinski.com%2F,91921486=www%3Aen%3Ahotels%3Awelcome,92668785=False,91919118=client,91919119=logged-out,91509785=%2F
Requested by
Host: d.turn.com
URL: https://d.turn.com/r/dft/id/L21rdC8xMTIxL3BpZC85MTAzMTA2OS90LzA
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.228.164.13 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Sep 2019 10:57:40 GMT
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Server
Apache-Coyote/1.1
P3P
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Content-Length
0
Content-Type
text/javascript;charset=UTF-8
Adblocked inferredEvents.js?v=2.9.4
connect.facebook.net/signals/plugins
35 KB
10 KB
Script
General
Full URL
https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.4
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Content-Security-Policy default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; preload; includeSubDomains
content-encoding
gzip
x-content-type-options
nosniff
status
200
content-length
10218
x-xss-protection
0
pragma
public
x-fb-debug
HiajSMJYUK3bEkmyqTgY5AaMeQNGCwZPmF5i1jndGAlCi5eiRtjzR4K69aU5OQ6SjLMOanyammN8UNnTA4zI6A==
x-fb-trip-id
194532234
x-frame-options
DENY
date
Wed, 11 Sep 2019 10:57:41 GMT
vary
Origin, Accept-Encoding
access-control-allow-methods
OPTIONS
content-type
application/x-javascript; charset=utf-8
access-control-allow-origin
https://connect.facebook.net
access-control-expose-headers
X-FB-Debug, X-Loader-Length
cache-control
public, max-age=1200
access-control-allow-credentials
true
content-security-policy
default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires
Sat, 01 Jan 2000 00:00:00 GMT
Adblocked ?random=1568199461206&cv=9&fst=1568196000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8l2&sendb=1&frm=0&url=https%3A%2F%2...
www.google.com/pagead/1p-user-list/1008065145
42 B
111 B
Image
General
Full URL
https://www.google.com/pagead/1p-user-list/1008065145/?random=1568199461206&cv=9&fst=1568196000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8l2&sendb=1&frm=0&url=https%3A%2F%2Fwww.kempinski.com%2F&ref=https%3A%2F%2Fwww.kempinski.com%2F&tiba=Luxury%20Five%20Star%20Hotels%20%26%20Resorts%20%7C%20Kempinski%20Hotels&async=1&fmt=3&is_vtc=1&random=4095543717&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Sep 2019 10:57:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
?random=1568199461206&cv=9&fst=1568196000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8l2&sendb=1&frm=0&url=https%3A%2F%2...
www.google.de/pagead/1p-user-list/1008065145
42 B
110 B
Image
General
Full URL
https://www.google.de/pagead/1p-user-list/1008065145/?random=1568199461206&cv=9&fst=1568196000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8l2&sendb=1&frm=0&url=https%3A%2F%2Fwww.kempinski.com%2F&ref=https%3A%2F%2Fwww.kempinski.com%2F&tiba=Luxury%20Five%20Star%20Hotels%20%26%20Resorts%20%7C%20Kempinski%20Hotels&async=1&fmt=3&is_vtc=1&random=4095543717&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Wed, 11 Sep 2019 10:57:41 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
content-security-policy
script-src 'none'; object-src 'none'
content-type
image/gif
alt-svc
quic=":443"; ma=2592000; v="46,43,39"
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
Adblocked 0?ti=5438241&Ver=2&mid=b1253609-7d06-5001-2cb2-92f72c7cf50d&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Luxury%20Five%20Star%20Hotels%20%26%20Resorts%20%7C%20Kempinski%20Hotels&p=https%3A%2F%2Fwww.kempi...
bat.bing.com/action
0
148 B
Image
General
Full URL
https://bat.bing.com/action/0?ti=5438241&Ver=2&mid=b1253609-7d06-5001-2cb2-92f72c7cf50d&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Luxury%20Five%20Star%20Hotels%20%26%20Resorts%20%7C%20Kempinski%20Hotels&p=https%3A%2F%2Fwww.kempinski.com%2F&r=https%3A%2F%2Fwww.kempinski.com%2F&lt=1593&evt=pageLoad&msclkid=N&rn=859336
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
204
pragma
no-cache
date
Wed, 11 Sep 2019 10:57:40 GMT
cache-control
no-cache, must-revalidate
x-msedge-ref
Ref A: B5A37C0BCED4465480505D21737D16C7 Ref B: VIEEDGE0610 Ref C: 2019-09-11T10:57:41Z
access-control-allow-origin
*
expires
Fri, 01 Jan 1990 00:00:00 GMT
Adblocked ?id=1363478017106996&ev=PageView&dl=https%3A%2F%2Fwww.kempinski.com%2F&rl=https%3A%2F%2Fwww.kempinski.com%2F&if=false&ts=1568199461292&cd[hotelCode]=KISA&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=30&...
www.facebook.com/tr
44 B
250 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1363478017106996&ev=PageView&dl=https%3A%2F%2Fwww.kempinski.com%2F&rl=https%3A%2F%2Fwww.kempinski.com%2F&if=false&ts=1568199461292&cd[hotelCode]=KISA&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=30&fbp=fb.1.1568199461291.174659309&it=1568199461200&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 10:57:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 11 Sep 2019 10:57:41 GMT
Adblocked ?id=1363478017106996&ev=ViewContent&dl=https%3A%2F%2Fwww.kempinski.com%2F&rl=https%3A%2F%2Fwww.kempinski.com%2F&if=false&ts=1568199461294&cd[hotelCode]=KISA&cd[content_ids]=%5B%22KISA%22%5D&cd[cont...
www.facebook.com/tr
44 B
204 B
Image
General
Full URL
https://www.facebook.com/tr/?id=1363478017106996&ev=ViewContent&dl=https%3A%2F%2Fwww.kempinski.com%2F&rl=https%3A%2F%2Fwww.kempinski.com%2F&if=false&ts=1568199461294&cd[hotelCode]=KISA&cd[content_ids]=%5B%22KISA%22%5D&cd[content_type]=product&sw=1600&sh=1200&v=2.9.4&r=stable&ec=1&o=30&fbp=fb.1.1568199461291.174659309&it=1568199461200&coo=false&rqm=GET
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Wed, 11 Sep 2019 10:57:41 GMT
last-modified
Fri, 21 Dec 2012 00:00:01 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
content-type
image/gif
status
200
cache-control
no-cache, must-revalidate, max-age=0
content-length
44
expires
Wed, 11 Sep 2019 10:57:41 GMT
Verified Adblocked almanac.php?action_name=Luxury%20Five%20Star%20Hotels%20%26%20Resorts%20%7C%20Kempinski%20Hotels&idsite=1&rec=1&r=314300&h=12&m=57&s=41&url=https%3A%2F%2Fwww.kempinski.com%2F&urlref=https%3A%2F%2Fw...
almanac.kempinski.com
43 B
244 B
Image
General
Full URL
https://almanac.kempinski.com/almanac.php?action_name=Luxury%20Five%20Star%20Hotels%20%26%20Resorts%20%7C%20Kempinski%20Hotels&idsite=1&rec=1&r=314300&h=12&m=57&s=41&url=https%3A%2F%2Fwww.kempinski.com%2F&urlref=https%3A%2F%2Fwww.kempinski.com%2F&_id=b6b2e5e446916bfd&_idts=1568199461&_idvc=1&_idn=0&_refts=0&_viewts=1568199461&send_image=1&cookie=1&res=1600x1200&cvar=%7B%221%22%3A%5B%22Hotel%20Code%22%2C%22KISA%22%5D%2C%222%22%3A%5B%22Login%20Status%22%2C%22logged-out%22%5D%7D&_cvar=%7B%221%22%3A%5B%22User%20Type%22%2C%22client%22%5D%2C%222%22%3A%5B%22Opera%20Source%22%2C%22%22%5D%7D&gt_ms=283&pv_id=l8uAG9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.32.77.13 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-63-32-77-13.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Verified resource
ckeditor/4.2/plugins/fakeobjects/images/spacer.gif at cdnjs.com, project ckeditor
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 10:57:41 GMT
Cache-Control
no-store
Server
Apache/2.4.29 (Ubuntu)
Connection
close
Content-Encoding
none
Content-Length
43
Content-Type
image/gif
Adblocked beacon?b2=nnCZkIDUfELJ8qesdnCmTPVTthqcHOwW3zvqNEuX8d08vMQie2EQ167eO-qRD1htzIiqHATFmLb5WKgWR31QOQ&cid=b6b2e5e446916bfd&gtmcb=227889626
r.turn.com/r
43 B
467 B
Image
General
Full URL
https://r.turn.com/r/beacon?b2=nnCZkIDUfELJ8qesdnCmTPVTthqcHOwW3zvqNEuX8d08vMQie2EQ167eO-qRD1htzIiqHATFmLb5WKgWR31QOQ&cid=b6b2e5e446916bfd&gtmcb=227889626
Protocol
HTTP/1.1
Security
TLS 1.2, RSA, AES_128_CBC
Server
46.228.164.11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software
Apache-Coyote/1.1 /
Resource Hash
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Blocked
Source: easylist, Type: ads (This would have been blocked)

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Sep 2019 10:57:41 GMT
Cache-Control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Server
Apache-Coyote/1.1
P3P
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Content-Length
43
Content-Type
image/gif
Adblocked 1?wmode=7&page-ref=https%3A%2F%2Fwww.kempinski.com%2F&page-url=https%3A%2F%2Fwww.kempinski.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1568199458889%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr...
mc.yandex.ru/watch/53765194
Redirect Chain
  • https://mc.yandex.ru/watch/53765194?wmode=7&page-ref=https%3A%2F%2Fwww.kempinski.com%2F&page-url=https%3A%2F%2Fwww.kempinski.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1568199458889%3As%3A160...
  • https://mc.yandex.ru/watch/53765194/1?wmode=7&page-ref=https%3A%2F%2Fwww.kempinski.com%2F&page-url=https%3A%2F%2Fwww.kempinski.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1568199458889%3As%3A1...
152 B
705 B
XHR
General
Full URL
https://mc.yandex.ru/watch/53765194/1?wmode=7&page-ref=https%3A%2F%2Fwww.kempinski.com%2F&page-url=https%3A%2F%2Fwww.kempinski.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1568199458889%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1185%3Az%3A120%3Ai%3A20190911125741%3Aet%3A1568199462%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A642394538%3Ahid%3A650826044%3Ads%3A0%2C0%2C153%2C130%2C0%2C0%2C0%2C606%2C1%2C1574%2C1574%2C19%2C763%3Afp%3A777%3Agdpr%3A14%3Av%3A1708%3Awv%3A2%3Ast%3A1568199462%3Au%3A1568199461721787336%3At%3ALuxury%20Five%20Star%20Hotels%20%26%20Resorts%20%7C%20Kempinski%20Hotels
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
a423cd63fb8cc5415cea8f242c9351624d8b1702904fba662854a892fa063668
Blocked
Source: easylist, Type: privacy (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma
no-cache
Date
Wed, 11 Sep 2019 10:57:41 GMT
X-Content-Type-Options
nosniff
Last-Modified
Wed, 11-Sep-2019 10:57:41 GMT
Server
nginx/1.14.2
Strict-Transport-Security
max-age=31536000
Content-Type
application/json; charset=utf-8
Access-Control-Allow-Origin
https://www.kempinski.com
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
152
X-XSS-Protection
1; mode=block
Expires
Wed, 11-Sep-2019 10:57:41 GMT

Redirect headers

Pragma
no-cache
Date
Wed, 11 Sep 2019 10:57:41 GMT
Last-Modified
Wed, 11-Sep-2019 10:57:41 GMT
Server
nginx/1.14.2
Access-Control-Allow-Origin
https://www.kempinski.com
Strict-Transport-Security
max-age=31536000
Location
/watch/53765194/1?wmode=7&page-ref=https%3A%2F%2Fwww.kempinski.com%2F&page-url=https%3A%2F%2Fwww.kempinski.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1568199458889%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1185%3Az%3A120%3Ai%3A20190911125741%3Aet%3A1568199462%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A642394538%3Ahid%3A650826044%3Ads%3A0%2C0%2C153%2C130%2C0%2C0%2C0%2C606%2C1%2C1574%2C1574%2C19%2C763%3Afp%3A777%3Agdpr%3A14%3Av%3A1708%3Awv%3A2%3Ast%3A1568199462%3Au%3A1568199461721787336%3At%3ALuxury%20Five%20Star%20Hotels%20%26%20Resorts%20%7C%20Kempinski%20Hotels
Cache-Control
private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials
true
Connection
keep-alive
Content-Length
0
X-XSS-Protection
1; mode=block
Expires
Wed, 11-Sep-2019 10:57:41 GMT
Verified Adblocked advert.gif
mc.yandex.ru/metrika
43 B
445 B
Image
General
Full URL
https://mc.yandex.ru/metrika/advert.gif
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
Software
nginx/1.14.2 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Verified resource
ckeditor/4.2/plugins/fakeobjects/images/spacer.gif at cdnjs.com, project ckeditor
Blocked
Source: easylist, Type: ads (This would have been blocked)
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 10:57:41 GMT
Content-Encoding
gzip
Last-Modified
Mon, 12 Oct 2015 13:09:09 GMT
Server
nginx/1.14.2
ETag
"561bb0f5-3d"
Strict-Transport-Security
max-age=31536000
Content-Type
image/gif
Access-Control-Allow-Origin
*
Cache-Control
max-age=3600
Connection
keep-alive
Content-Length
61
Expires
Wed, 11 Sep 2019 11:57:41 GMT
Adblocked ?c=15076222838454038759&f=AYwolSrt1WvsqZXd-Syvd8Jv26p26xEN3_jWhVT7NDaP_vKgsMZpX4eBWsJpj2Zfhr2awsPaukme8OhG3uHLVPfP&id=1363478017106996&l=3&v=0
cx.atdmt.com
Redirect Chain
  • https://www.facebook.com/tr/?id=1363478017106996&ev=Microdata&dl=https%3A%2F%2Fwww.kempinski.com%2F&rl=https%3A%2F%2Fwww.kempinski.com%2F&if=false&ts=1568199461795&cd[DataLayer]=%5B%5D&cd[Meta]=%7B...
  • https://cx.atdmt.com/?c=15076222838454038759&f=AYwolSrt1WvsqZXd-Syvd8Jv26p26xEN3_jWhVT7NDaP_vKgsMZpX4eBWsJpj2Zfhr2awsPaukme8OhG3uHLVPfP&id=1363478017106996&l=3&v=0
42 B
403 B
Image
General
Full URL
https://cx.atdmt.com/?c=15076222838454038759&f=AYwolSrt1WvsqZXd-Syvd8Jv26p26xEN3_jWhVT7NDaP_vKgsMZpX4eBWsJpj2Zfhr2awsPaukme8OhG3uHLVPfP&id=1363478017106996&l=3&v=0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f0ff:2:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software
/
Resource Hash
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Blocked
Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Wed, 11 Sep 2019 10:57:41 GMT
content-type
image/gif
content-length
42
p3p
CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"

Redirect headers

pragma
no-cache
date
Wed, 11 Sep 2019 10:57:41 GMT
server
proxygen-bolt
status
302
content-type
text/plain
location
https://cx.atdmt.com/?c=15076222838454038759&f=AYwolSrt1WvsqZXd-Syvd8Jv26p26xEN3_jWhVT7NDaP_vKgsMZpX4eBWsJpj2Zfhr2awsPaukme8OhG3uHLVPfP&id=1363478017106996&l=3&v=0
cache-control
no-cache, no-store, must-revalidate
content-length
0
expires
0
Verified almanac.php?e_c=User%20Detail&e_a=User%20Type&e_n=client&idsite=1&rec=1&r=260709&h=12&m=57&s=41&url=https%3A%2F%2Fwww.kempinski.com%2F&urlref=https%3A%2F%2Fwww.kempinski.com%2F&_id=b6b2e5e446916bfd...
almanac.kempinski.com
43 B
244 B
Image
General
Full URL
https://almanac.kempinski.com/almanac.php?e_c=User%20Detail&e_a=User%20Type&e_n=client&idsite=1&rec=1&r=260709&h=12&m=57&s=41&url=https%3A%2F%2Fwww.kempinski.com%2F&urlref=https%3A%2F%2Fwww.kempinski.com%2F&_id=b6b2e5e446916bfd&_idts=1568199461&_idvc=1&_idn=0&_refts=0&_viewts=1568199461&send_image=1&cookie=1&res=1600x1200&cvar=%7B%221%22%3A%5B%22Hotel%20Code%22%2C%22KISA%22%5D%2C%222%22%3A%5B%22Login%20Status%22%2C%22logged-out%22%5D%7D&_cvar=%7B%221%22%3A%5B%22User%20Type%22%2C%22client%22%5D%7D&gt_ms=283&pv_id=l8uAG9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.32.77.13 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-63-32-77-13.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Verified resource
ckeditor/4.2/plugins/fakeobjects/images/spacer.gif at cdnjs.com, project ckeditor

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 10:57:42 GMT
Cache-Control
no-store
Server
Apache/2.4.29 (Ubuntu)
Connection
close
Content-Encoding
none
Content-Length
43
Content-Type
image/gif
Verified almanac.php?e_c=User%20Detail&e_a=Amobee%20Linker&e_n=Pixel%20Fired&idsite=1&rec=1&r=165838&h=12&m=57&s=41&url=https%3A%2F%2Fwww.kempinski.com%2F&urlref=https%3A%2F%2Fwww.kempinski.com%2F&_id=b6b2e...
almanac.kempinski.com
43 B
244 B
Image
General
Full URL
https://almanac.kempinski.com/almanac.php?e_c=User%20Detail&e_a=Amobee%20Linker&e_n=Pixel%20Fired&idsite=1&rec=1&r=165838&h=12&m=57&s=41&url=https%3A%2F%2Fwww.kempinski.com%2F&urlref=https%3A%2F%2Fwww.kempinski.com%2F&_id=b6b2e5e446916bfd&_idts=1568199461&_idvc=1&_idn=0&_refts=0&_viewts=1568199461&send_image=1&cookie=1&res=1600x1200&cvar=%7B%221%22%3A%5B%22Hotel%20Code%22%2C%22KISA%22%5D%2C%222%22%3A%5B%22Login%20Status%22%2C%22logged-out%22%5D%7D&_cvar=%7B%221%22%3A%5B%22User%20Type%22%2C%22client%22%5D%7D&gt_ms=283&pv_id=l8uAG9
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
63.32.77.13 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS
ec2-63-32-77-13.eu-west-1.compute.amazonaws.com
Software
Apache/2.4.29 (Ubuntu) /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Verified resource
ckeditor/4.2/plugins/fakeobjects/images/spacer.gif at cdnjs.com, project ckeditor

Request headers

Sec-Fetch-Mode
no-cors
Referer
https://www.kempinski.com/
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date
Wed, 11 Sep 2019 10:57:42 GMT
Cache-Control
no-store
Server
Apache/2.4.29 (Ubuntu)
Connection
close
Content-Encoding
none
Content-Length
43
Content-Type
image/gif

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 0
  • http://www.kempinski.com/
  • https://www.kempinski.com/
Request 22
  • https://www.kempinski.com/fonts/KingsCaslon/KingsCaslonItalic.ttf
  • https://www.kempinski.com/fonts/KingsCaslon/KingsCaslonItalic.ttf
Request 23
  • https://www.kempinski.com/fonts/icomoon.ttf?vfviym
  • https://www.kempinski.com/fonts/icomoon.ttf?vfviym
Request 24
  • https://www.kempinski.com/umbraco/Surface/Core/GetEmergencyMessage
  • https://www.kempinski.com/umbraco/Surface/Core/GetEmergencyMessage
Request 25
  • https://www.kempinski.com/umbraco/Surface/Core/GetNewsletterMessage
  • https://www.kempinski.com/umbraco/Surface/Core/GetNewsletterMessage
Request 44
  • https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-46236206-1&cid=961976210.1568199461&jid=36004714&gjid=416802014&_gid=1277625555.1568199461&_u=aGBAgEAj~&z=1974599134
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46236206-1&cid=961976210.1568199461&jid=36004714&_v=j79&z=1974599134
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46236206-1&cid=961976210.1568199461&jid=36004714&_v=j79&z=1974599134&slf_rd=1&random=3891361433
Request 58
  • https://mc.yandex.ru/watch/53765194?wmode=7&page-ref=https%3A%2F%2Fwww.kempinski.com%2F&page-url=https%3A%2F%2Fwww.kempinski.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1568199458889%3As%3A160...
  • https://mc.yandex.ru/watch/53765194/1?wmode=7&page-ref=https%3A%2F%2Fwww.kempinski.com%2F&page-url=https%3A%2F%2Fwww.kempinski.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1568199458889%3As%3A1...
Request 60
  • https://www.facebook.com/tr/?id=1363478017106996&ev=Microdata&dl=https%3A%2F%2Fwww.kempinski.com%2F&rl=https%3A%2F%2Fwww.kempinski.com%2F&if=false&ts=1568199461795&cd[DataLayer]=%5B%5D&cd[Meta]=%7B...
  • https://cx.atdmt.com/?c=15076222838454038759&f=AYwolSrt1WvsqZXd-Syvd8Jv26p26xEN3_jWhVT7NDaP_vKgsMZpX4eBWsJpj2Zfhr2awsPaukme8OhG3uHLVPfP&id=1363478017106996&l=3&v=0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
www.kempinski.com
URL
https://www.kempinski.com/_Incapsula_Resource?SWKMTFSR=1&e=0.09494631483078675
Domain
www.kempinski.com
URL
https://www.kempinski.com/_Incapsula_Resource?ES2LURCT=67&t=78&d=complete%20(s%3A2%2Cc%3A145%2Cr%3A300)
Domain
media.kempinski.com
URL
https://media.kempinski.com/scripts/bs_v225.js
Domain
media.kempinski.com
URL
https://media.kempinski.com/scripts/date-range-picker_v225.js
Domain
media.kempinski.com
URL
https://media.kempinski.com/scripts/lazysizes_v225.js
Domain
media.kempinski.com
URL
https://media.kempinski.com/scripts/ScrollMagic.min_v225.js
Domain
media.kempinski.com
URL
https://media.kempinski.com/scripts/new.main_v225.js
Domain
www.kempinski.com
URL
https://www.kempinski.com/fonts/Helvetica/Helvetica-Bold.woff
Domain
www.kempinski.com
URL
https://www.kempinski.com/fonts/Helvetica/Helvetica-Light.woff
Domain
www.kempinski.com
URL
https://www.kempinski.com/fonts/KingsCaslon/KingsCaslonItalic.woff
Domain
www.kempinski.com
URL
https://www.kempinski.com/fonts/icomoon.woff2?vfviym

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

function| $ function| jQuery function| is_rtl function| Swiper object| EmergencyMessageModule undefined| NewsletterMessageModule string| messageRequired string| messageCreditCardValid string| messageCreditCardExpired string| messageMinLenght string| messageMaxLenght string| messageEmailValid string| messageNumberValid string| messageRequiredBookingWidget string| messageSpecialCharacterValid string| processingDomain string| feDomain string| messageConfirmPasswordNotMatch string| newsletterSuccessMessage string| newsletterErrorMessage string| messageGhaPasswordPolicy string| memberRatesFromText string| ratesFromText string| messageFutureDate string| messageNoAvailableLocalExperiences string| messageSelectedDateMustBeWithinCheckinAndCheckoutDate function| isStringNotEmpty boolean| windowLoaded function| loadScript boolean| isTurnOffTheBookingEngine boolean| isResidenceHotel function| oQuery object| OlapicSDK function| OlapicDevKit function| OlapicViewPortTracker object| oEventsFactory function| OneViewWidget object| KempinskiCore string| doNotNeedDeckChair function| formatNumber object| OfferModule function| GetQueryString object| dataLayer object| google_tag_manager function| postscribe string| GoogleAnalyticsObject function| ga string| _bizo_data_partner_id undefined| _bizo_data_partner_title undefined| _bizo_data_partner_domain undefined| _bizo_data_partner_company undefined| _bizo_data_partner_location undefined| _bizo_data_partner_employee_range undefined| _bizo_data_partner_sics undefined| _bizo_data_partner_email string| gtmFacebookIds undefined| gtmFacebookIdsSplit undefined| gtmI function| fbq function| _fbq number| randomNumber object| scriptTag object| insertionNode string| conversionTag function| lightningjs function| usabilla_live object| uetqEpiphany object| a undefined| newQuery object| _paq object| jaywingAlmanac function| ym object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| _bizo_local_logger function| _bizo_fire_partners boolean| _bizo_main_already_called function| GooglemKTybQhCsO function| google_trackConversion object| GooglebQhCsO function| pdib object| google_image_requests function| FlexTag function| UET object| google_js_reporting_queue number| __google_lidar_ function| __google_lidar_radf_ object| JSON_PIWIK object| Piwik object| Matomo object| AnalyticsTracker function| piwik_log object| Ya object| yaCounter53765194 number| __google_lidar_adblocks_count_

2 Cookies

Domain/Path Name / Value
.kempinski.com/ Name: incap_ses_775_2028118
Value: WRLZXaera3U+KXRxflrBCiPTeF0AAAAAn4QxIU8I676u4F/eKAzwXA==
.kempinski.com/ Name: visid_incap_2028118
Value: HvRq2XRdQt+gaqmprhNqwCPTeF0AAAAAQUIPAAAAAABkoPHL4BCVkXEYUdrxdg/i

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

ad.doubleclick.net
almanac.kempinski.com
bat.bing.com
cdnjs.cloudflare.com
connect.facebook.net
cx.atdmt.com
d.turn.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
mc.yandex.ru
media.kempinski.com
photorankstatics-a.akamaihd.net
px.ads.linkedin.com
r.turn.com
sjs.bizographics.com
stats.g.doubleclick.net
w.usabilla.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.kempinski.com

media.kempinski.com
www.kempinski.com

107.154.192.108
172.217.16.198
172.217.22.98
2.16.186.56
216.58.206.2
2606:4700::6813:c697
2620:1ec:c11::200
2a00:1450:4001:808::2002
2a00:1450:4001:819::2008
2a00:1450:4001:819::200e
2a00:1450:4001:81c::2003
2a00:1450:4001:81d::2002
2a00:1450:4001:81f::2004
2a00:1450:400c:c0c::9c
2a02:26f0:10c:399::3adf
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f0ff:2:face:b00c:0:8c
2a03:2880:f11c:8083:face:b00c:0:25de
2a05:f500:11:101::b93f:9005
46.228.164.11
46.228.164.13
52.49.49.248
63.32.77.13

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
1870b7c456eb7af4346917168392449543a7717617c53b4c3ae03be1c5803d3c
1912fe9b4e138526375fda418185fb5e2ba4ac6fb0935109ac6265e08104915c
275d80be4508379dd44186f1ad929368d9c0924f18dce5cd833b03a4c1618f6f
3a645e14da9c3c3d67d2cca59cc8d7b1648724e0d156c16f359be621629b4dbb
3c2bdc173bf507f678858e0097dd73e3b916a02e57aeb5af7d06e92ab06d60dc
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c0637895684419c377fa9a4c6382630486350ffd82422ec066a2dc4abf341e
50af97b182fc35c1ecac8d0a753dbbfe5ae0a12bb1c49db16fc580a8aae0f804
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6b3a0793b5c30c8433ed1347207d403745b61adc88b4b40a2c17286016561850
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
77bac9273c552d24ad13f63fa39a2edd06ba0f9d1b5090bb7f7c01d594f2d5bc
7e78dae8d3f638d01a955e3d32d02ac2d2d29ba2419696f46f4df312255a024a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c88d6a0ae774f43c52a16b37d0134231b235ddf98ce9eb7f28c587c31b59d5a
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
931d74da5a115f0a87519132f1b175200f36fea93b4858bf82267ffb81f6070c
9532737d4cc0760314d9a1f33f0a9692d0debe1a68e79b2bdfc3619a0724a523
a423cd63fb8cc5415cea8f242c9351624d8b1702904fba662854a892fa063668
ab4e97c4c56de795a1f8a9a67783608d08ff9aef8d2a4b262ae71841a0e0e3e4
af76e682477a19e6ae3ccbb57c0c122f9bb3da8977c5c59254022c41e59590e0
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b
d02a2ecc6abe9ace13324e5e6d91b51b3d4d74d814d0c5c75eb34d74e05ff15c
d2f3e642df0b6c754c71f80502056d952f874ef92da84205a158c21c012f616d
d561b087eb84f9a1a6bef617010f9d2536280828ec34514a7b67e8dfc5dc04aa
d6bf2b88ada07c05e7d7123479195887c82cc443896a8522f500e659a1935cd6
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
df178d935914fb63c2880bd93c76c7cae03e199962799b58cfff6916f60b9e3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c39364dd866add4ea7fdf25aecc692c8d738387f3bab1720012919aab3c835
e43f50a325a5a83f020dd452365a66f18ccbbb271151a63748df361fbd96938f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629