www.kempinski.com
107.154.192.108

Go To Report Rescan

Submitted URL:
http://www.kempinski.com/
Effective URL:
https://www.kempinski.com/
Submission: On September 11 via api (September 11th 2019, 10:57:37 am) from CH

Summary HTTP 63 Links 9 Behaviour IoCs

Summary

This website contacted 24 IPs in 7 countries across 19 domains to perform 63 HTTP transactions.
The main IP is 107.154.192.108, located in United States and belongs to INCAPSULA - Incapsula Inc, US. The main domain is www.kempinski.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 27th 2019. Valid for: a year.

This is the first time this domain was scanned on urlscan.io!

Verdict: Unknown

Domain & IP information

	IP Address	AS Autonomous System
5 21	107.154.192.108 107.154.192.108	19551 (INCAPSULA) (INCAPSULA - Incapsula Inc)
2	2606:4700::68... 2606:4700::6813:c697	13335 (CLOUDFLAR...) (CLOUDFLARENET - Cloudflare)
1	2.16.186.56 2.16.186.56	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a00:1450:400... 2a00:1450:4001:819::2008	15169 (GOOGLE) (GOOGLE - Google LLC)
1	172.217.22.98 172.217.22.98	15169 (GOOGLE) (GOOGLE - Google LLC)
3	2a00:1450:400... 2a00:1450:4001:819::200e	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a02:26f0:10c... 2a02:26f0:10c:399::3adf	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
3	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	172.217.16.198 172.217.16.198	15169 (GOOGLE) (GOOGLE - Google LLC)
2	46.228.164.13 46.228.164.13	56396 (TURN) (TURN)
2	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation)
4	63.32.77.13 63.32.77.13	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1 4	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	52.49.49.248 52.49.49.248	16509 (AMAZON-02) (AMAZON-02 - Amazon.com)
1	2a05:f500:11:... 2a05:f500:11:101::b93f:9005	14413 (LINKEDIN) (LINKEDIN - LinkedIn Corporation)
1 1	2a00:1450:400... 2a00:1450:400c:c0c::9c	15169 (GOOGLE) (GOOGLE - Google LLC)
1 2	2a00:1450:400... 2a00:1450:4001:81f::2004	15169 (GOOGLE) (GOOGLE - Google LLC)
2	2a00:1450:400... 2a00:1450:4001:81c::2003	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	2a00:1450:400... 2a00:1450:4001:81d::2002	15169 (GOOGLE) (GOOGLE - Google LLC)
1	216.58.206.2 216.58.206.2	15169 (GOOGLE) (GOOGLE - Google LLC)
1 3	2a03:2880:f11... 2a03:2880:f11c:8083:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK - Facebook)
1	46.228.164.11 46.228.164.11	56396 (TURN) (TURN)
1	2a03:2880:f0f... 2a03:2880:f0ff:2:face:b00c:0:8c	32934 (FACEBOOK) (FACEBOOK - Facebook)
63	24

21 107.154.192.108 (United States) 5 redirects

ASN19551 (INCAPSULA - Incapsula Inc, US)
PTR: 107.154.192.108.ip.incapdns.net

2 2606:4700::6813:c697 (United States)

ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US)

cdnjs.cloudflare.com
Domain lookup

1 2.16.186.56 (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)
PTR: a2-16-186-56.deploy.static.akamaitechnologies.com

photorankstatics-a.akamaihd.net
Domain lookup

1 2a00:1450:4001:819::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagmanager.com
Domain lookup

1 172.217.22.98 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra15s18-in-f98.1e100.net

www.googleadservices.com
Domain lookup

3 2a00:1450:4001:819::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google-analytics.com
Domain lookup

1 2a02:26f0:10c:399::3adf (Ascension Island)

ASN20940 (AKAMAI-ASN1, US)

sjs.bizographics.com
Domain lookup

3 2a03:2880:f01c:8012:face:b00c:0:3 (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

connect.facebook.net
Domain lookup

1 172.217.16.198 (United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s08-in-f6.1e100.net

ad.doubleclick.net
Domain lookup

2 46.228.164.13 (United Kingdom)

ASN56396 (TURN, GB)

d.turn.com
Domain lookup

2 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US)

bat.bing.com
Domain lookup

4 63.32.77.13 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-63-32-77-13.eu-west-1.compute.amazonaws.com

almanac.kempinski.com
Domain lookup

4 2a02:6b8::1:119 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru
Domain lookup

1 52.49.49.248 (Dublin, Ireland)

ASN16509 (AMAZON-02 - Amazon.com, Inc., US)
PTR: ec2-52-49-49-248.eu-west-1.compute.amazonaws.com

w.usabilla.com
Domain lookup

1 2a05:f500:11:101::b93f:9005 (Ireland)

ASN14413 (LINKEDIN - LinkedIn Corporation, US)

px.ads.linkedin.com
Domain lookup

1 2a00:1450:400c:c0c::9c (Brussels, Belgium) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

stats.g.doubleclick.net
Domain lookup

2 2a00:1450:4001:81f::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE - Google LLC, US)

www.google.com
Domain lookup

2 2a00:1450:4001:81c::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.google.de
Domain lookup

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

googleads.g.doubleclick.net
Domain lookup

1 2a00:1450:4001:81d::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE - Google LLC, US)

www.googletagservices.com
Domain lookup

1 216.58.206.2 (Mountain View, United States)

ASN15169 (GOOGLE - Google LLC, US)
PTR: fra16s20-in-f2.1e100.net

googleads4.g.doubleclick.net
Domain lookup

3 2a03:2880:f11c:8083:face:b00c:0:25de (Ireland) 1 redirects

ASN32934 (FACEBOOK - Facebook, Inc., US)

www.facebook.com
Domain lookup

1 46.228.164.11 (United Kingdom)

ASN56396 (TURN, GB)

r.turn.com
Domain lookup

1 2a03:2880:f0ff:2:face:b00c:0:8c (Ireland)

ASN32934 (FACEBOOK - Facebook, Inc., US)

cx.atdmt.com
Domain lookup

	Domain Subdomains	Transfer
25	kempinski.com 5 redirects www.kempinski.com Failed media.kempinski.com Failed	235 KB
4	yandex.ru 1 redirects	93 KB
4	doubleclick.net 1 redirects	5 KB
3	facebook.com 1 redirects	740 B
3	turn.com	18 KB
3	facebook.net	120 KB
3	google-analytics.com	18 KB
2	google.de	219 B
2	google.com 1 redirects	293 B
2	bing.com	8 KB
2	cloudflare.com	48 KB
1	atdmt.com	403 B
1	googletagservices.com	29 KB
1	linkedin.com	103 B
1	usabilla.com	90 B
1	bizographics.com	5 KB
1	googleadservices.com	9 KB
1	googletagmanager.com	53 KB
1	akamaihd.net	117 KB
63	19

	Domain	Requested by
18	www.kempinski.com	5 redirects www.kempinski.com
4	mc.yandex.ru	1 redirects www.kempinski.com
4	almanac.kempinski.com	www.kempinski.com
3	www.facebook.com	1 redirects
3	connect.facebook.net	www.kempinski.com connect.facebook.net
3	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
3	media.kempinski.com	www.kempinski.com
2	www.google.de
2	www.google.com	1 redirects
2	bat.bing.com	www.kempinski.com
2	d.turn.com	www.kempinski.com d.turn.com
2	cdnjs.cloudflare.com	www.kempinski.com
1	cx.atdmt.com
1	r.turn.com
1	googleads4.g.doubleclick.net
1	www.googletagservices.com	ad.doubleclick.net
1	googleads.g.doubleclick.net	www.googleadservices.com
1	stats.g.doubleclick.net	1 redirects
1	px.ads.linkedin.com	sjs.bizographics.com
1	w.usabilla.com	www.kempinski.com
1	ad.doubleclick.net	www.kempinski.com
1	sjs.bizographics.com	www.googletagmanager.com
1	www.googleadservices.com	www.googletagmanager.com
1	www.googletagmanager.com	www.kempinski.com
1	photorankstatics-a.akamaihd.net	www.kempinski.com
63	25

This site contains links to these domains. Also see Links.

Domain
kempinski-dev.s3.amazonaws.com
www.facebook.com
www.instagram.com
twitter.com
www.youtube.com
www.linkedin.com
weibo.com
kempinski.jobs
www.discoveryloyalty.com

Subject / Issuer	Validity	Valid
*.kempinski.com DigiCert SHA2 Secure Server CA	`2019-02-27` - `2020-03-12`	a year
ssl412106.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2019-08-10` - `2020-02-16`	6 months
a248.e.akamai.net DigiCert ECC Secure Server CA	`2018-10-18` - `2019-10-18`	a year
*.google-analytics.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months
www.googleadservices.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months
js.bizographics.com DigiCert SHA2 Secure Server CA	`2018-04-13` - `2020-04-17`	2 years
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2019-08-24` - `2019-10-19`	2 months
*.doubleclick.net GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months
*.turn.com DigiCert SHA2 Secure Server CA	`2019-01-25` - `2020-03-31`	a year
www.bing.com Microsoft IT TLS CA 2	`2019-04-30` - `2021-04-30`	2 years
almanac.kempinski.com Let's Encrypt Authority X3	`2019-08-03` - `2019-11-01`	3 months
bs.yandex.ru Yandex CA	`2018-10-03` - `2019-10-03`	a year
w.usabilla.com Amazon	`2019-05-08` - `2020-06-08`	a year
px.ads.linkedin.com DigiCert SHA2 Secure Server CA	`2019-05-29` - `2021-06-29`	2 years
www.google.de GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months
*.g.doubleclick.net GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months
www.google.com GTS CA 1O1	`2019-08-23` - `2019-11-21`	3 months
*.atlassolutions.com DigiCert SHA2 High Assurance Server CA	`2019-07-11` - `2019-10-09`	3 months

Screenshot
Live screenshot

Full Image

Detected technologies

Facebook (Widgets) Website

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^\/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Website

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Stats

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

9 Outgoing links

These are links going to different origins than the main page. For each link, only the first name is shown.

https://kempinski-dev.s3.amazonaws.com/34374794/booklet_the-apurva-kempinski-bali_story-and-inspirations.pdf
Title: here
https://www.facebook.com/kempinskihotels
https://www.instagram.com/kempinski/
https://twitter.com/Kempinski
https://www.youtube.com/c/Kempinski
https://www.linkedin.com/company/kempinski-hotels/
http://weibo.com/kempinskihotel
http://kempinski.jobs/
Title: Career Site
https://www.discoveryloyalty.com/

63 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

/ Show response

Redirect Chain

http://www.kempinski.com/
https://www.kempinski.com/

210 B
524 B

422ms
140ms

Document
text/html

107.154.192.108
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kempinski.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.192.108 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.192.108.ip.incapdns.net
Software: /
Resource Hash: d2f3e642df0b6c754c71f80502056d952f874ef92da84205a158c21c012f616d

Request headers

:method: GET
:authority: www.kempinski.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: none
accept-encoding: gzip, deflate, br
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
content-type: text/html
cache-control: no-cache
content-length: 210
x-iinfo: 7-311226-0 0CNN RT(1568199458155 0) q(0 -1 -1 0) r(0 -1) B10(4,314,0)
set-cookie: visid_incap_2028118=TwPUfj9xTOeOPglTfpCOUCLTeF0AAAAAQUIPAAAAAAC+/VU1VYVP2n7Jkvg8qxeM; expires=Thu, 10 Sep 2020 09:18:45 GMT; path=/; Domain=.kempinski.com incap_ses_775_2028118=7Kf9ENx/0272KHRxflrBCiLTeF0AAAAAf+P8F6VGO6cwho4w0dr+ZA==; path=/; Domain=.kempinski.com

Redirect headers

Location: https://www.kempinski.com/
Content-Length: 0
Connection: close

GET
H2 200 _Incapsula_Resource?SWJIYLWA=5074a744e2e3d891814e9a2dace20bd4,719d34d31c8e3a6e6fffd425f7e032f3 Show response 148 KB
22 KB 147ms
146ms Script
application/javascript 107.154.192.108
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kempinski.com/_Incapsula_Resource?SWJIYLWA=5074a744e2e3d891814e9a2dace20bd4,719d34d31c8e3a6e6fffd425f7e032f3
Requested by: Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.192.108 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.192.108.ip.incapdns.net
Software: /
Resource Hash: 931d74da5a115f0a87519132f1b175200f36fea93b4858bf82267ffb81f6070c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
content-encoding: gzip
cache-control: no-cache
content-length: 22235
content-type: application/javascript

GET
H2 200 _Incapsula_Resource?SWHANEDL=1168539970493161299,14562820668344233502,2645239227215678453,6100 Show response 29 B
55 B 140ms
140ms XHR
application/javascript 107.154.192.108
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kempinski.com/_Incapsula_Resource?SWHANEDL=1168539970493161299,14562820668344233502,2645239227215678453,6100
Requested by: Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.192.108 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.192.108.ip.incapdns.net
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
cache-control: no-cache
content-length: 29
content-type: application/javascript

GET
H2 200 / Show response 219 KB
58 KB 153ms
153ms Document
text/html 107.154.192.108
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kempinski.com/
Requested by: Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.192.108 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.192.108.ip.incapdns.net
Software: /
Resource Hash: d6bf2b88ada07c05e7d7123479195887c82cc443896a8522f500e659a1935cd6

Request headers

:method: GET
:authority: www.kempinski.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
sec-fetch-mode: navigate
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site: same-origin
referer: https://www.kempinski.com/
accept-encoding: gzip, deflate, br
cookie: visid_incap_2028118=TwPUfj9xTOeOPglTfpCOUCLTeF0AAAAAQUIPAAAAAAC+/VU1VYVP2n7Jkvg8qxeM; incap_ses_775_2028118=7Kf9ENx/0272KHRxflrBCiLTeF0AAAAAf+P8F6VGO6cwho4w0dr+ZA==
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: navigate
Referer: https://www.kempinski.com/

Response headers

status: 200
etag: "3b3876bd"
content-type: text/html; charset=utf-8
content-length: 59399
content-encoding: gzip
access-control-allow-origin: https://www.kempinski.com
cache-control: max-age=900, public
age: 592
date: Wed, 11 Sep 2019 10:57:38 GMT
x-iinfo: 7-311257-0 0CNN RT(1568199458805 0) q(0 -1 -1 -1) r(0 -1)
x-cdn: Incapsula

GET _Incapsula_Resource?SWKMTFSR=1&e=0.09494631483078675 0
0

GET _Incapsula_Resource?ES2LURCT=67&t=78&d=complete%20(s%3A2%2Cc%3A145%2Cr%3A300) 0
0

GET
H2 403 new.main_v225.css Show response
media.kempinski.com/css 0
0 143ms
141ms Stylesheet
text/html 107.154.192.108
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://media.kempinski.com/css/new.main_v225.css
Requested by: Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.192.108 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.192.108.ip.incapdns.net
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET
H2 403 moment_v225.js Show response
media.kempinski.com/scripts 0
0 446ms
139ms Script
text/html 107.154.192.108
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://media.kempinski.com/scripts/moment_v225.js
Requested by: Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.192.108 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.192.108.ip.incapdns.net
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

GET bs_v225.js
media.kempinski.com/scripts 0
0

GET date-range-picker_v225.js
media.kempinski.com/scripts 0
0

GET lazysizes_v225.js
media.kempinski.com/scripts 0
0

GET ScrollMagic.min_v225.js
media.kempinski.com/scripts 0
0

GET
H2 200 select2.min.js Show response
cdnjs.cloudflare.com/ajax/libs/select2/4.0.7/js 67 KB
18 KB 31ms
29ms Script
application/javascript 2606:4700::6813:c697
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/select2/4.0.7/js/select2.min.js

Requested by

Host: www.kempinski.com
URL: https://www.kempinski.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

1870b7c456eb7af4346917168392449543a7717617c53b4c3ae03be1c5803d3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Sep 2019 10:57:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 10936857
status: 200
served-in-seconds: 0.002
timing-allow-origin: *
last-modified: Tue, 07 May 2019 20:30:59 GMT
server: cloudflare
etag: W/"5cd1eb03-10b24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 51491f3befae5952-VIE
expires: Mon, 31 Aug 2020 10:57:39 GMT

GET
H2 200 swiper.min.js Show response
cdnjs.cloudflare.com/ajax/libs/Swiper/4.4.2/js 122 KB
30 KB 25ms
23ms Script
application/javascript 2606:4700::6813:c697
Cloudflare

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/Swiper/4.4.2/js/swiper.min.js

Requested by

Host: www.kempinski.com
URL: https://www.kempinski.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6813:c697 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),

Reverse DNS

Software

cloudflare /

Resource Hash

df178d935914fb63c2880bd93c76c7cae03e199962799b58cfff6916f60b9e3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Sep 2019 10:57:39 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
age: 3514377
status: 200
served-in-seconds: 0.004
timing-allow-origin: *
last-modified: Thu, 01 Nov 2018 15:55:26 GMT
server: cloudflare
etag: W/"5bdb21ee-1e744"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000; includeSubDomains
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
cf-ray: 51491f3befaf5952-VIE
expires: Mon, 31 Aug 2020 10:57:39 GMT

GET new.main_v225.js
media.kempinski.com/scripts 0
0

GET
H2 403 Helvetica.woff Show response
/fonts/Helvetica 0
0 446ms
141ms Font
text/html 107.154.192.108
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kempinski.com/fonts/Helvetica/Helvetica.woff
Requested by: Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.192.108 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.192.108.ip.incapdns.net
Software: /
Resource Hash

Request headers

Sec-Fetch-Mode: cors
Referer: https://www.kempinski.com/
Origin: https://www.kempinski.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 403
x-iinfo: 5-379628-0 0CNN RT(1568199459391 0) q(0 -1 -1 -1) r(0 -1) B15(11,179450,0)
cache-control: no-cache
content-length: 726
content-type: text/html

GET Helvetica-Bold.woff
/fonts/Helvetica 0
0

GET Helvetica-Light.woff
/fonts/Helvetica 0
0

GET KingsCaslonItalic.woff
/fonts/KingsCaslon 0
0

GET icomoon.woff2?vfviym
/fonts 0
0

GET
H/1.1 200
OK build.min.js Show response
photorankstatics-a.akamaihd.net/81b03e40475846d5883661ff57b34ece/static/frontend/latest 392 KB
117 KB 90ms
35ms Script
application/javascript 2.16.186.56
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://photorankstatics-a.akamaihd.net/81b03e40475846d5883661ff57b34ece/static/frontend/latest/build.min.js
Requested by: Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2.16.186.56 , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS: a2-16-186-56.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: ab4e97c4c56de795a1f8a9a67783608d08ff9aef8d2a4b262ae71841a0e0e3e4

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Sep 2019 10:57:39 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
x-amz-request-id: 9E8B53215C33826A
Connection: keep-alive
Content-Length: 118932
x-amz-id-2: PaOgyc5vGZ2yFHATjRaZXb04LHUUt3KFlFU1msTMiE6yY1j4pvORRBLEbN/SYxPDUsHgBjnvGKc=
Last-Modified: Mon, 09 Sep 2019 15:03:05 GMT
Server: AmazonS3
ETag: "ad5c413e02e15e6a90ef727832c07e26"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: public, max-age=1110
Accept-Ranges: bytes

GET
H2 200 corp_logo_website_576x364px.svg
media.kempinski.com/34370159 8 KB
4 KB 423ms
142ms Image
image/svg+xml 107.154.192.108
Incapsula Inc

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://media.kempinski.com/34370159/corp_logo_website_576x364px.svg
Requested by: Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.192.108 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.192.108.ip.incapdns.net
Software: /
Resource Hash: 275d80be4508379dd44186f1ad929368d9c0924f18dce5cd833b03a4c1618f6f

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Sep 2019 10:57:39 GMT
content-encoding: gzip
x-cdn: Incapsula
etag: "ec70c175"
content-type: image/svg+xml
status: 200
x-iinfo: 2-185331-0 0CNN RT(1568199459816 0) q(0 -1 -1 0) r(0 -1)
cache-control: max-age=14515200
content-length: 3290

GET
H2

200

KingsCaslonItalic.ttf
/fonts/KingsCaslon
Redirect Chain

https://www.kempinski.com/fonts/KingsCaslon/KingsCaslonItalic.ttf
https://www.kempinski.com/fonts/KingsCaslon/KingsCaslonItalic.ttf

86 KB
87 KB

145ms
144ms

Font
application/octet-stream

107.154.192.108
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kempinski.com/fonts/KingsCaslon/KingsCaslonItalic.ttf
Requested by: Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.192.108 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.192.108.ip.incapdns.net
Software: /
Resource Hash: 9532737d4cc0760314d9a1f33f0a9692d0debe1a68e79b2bdfc3619a0724a523

Request headers

Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Sep 2019 10:57:39 GMT
last-modified: Fri, 10 May 2019 05:57:32 GMT
x-cdn: Incapsula
age: 10201
etag: "4b13742f56d51:0"
content-type: application/octet-stream
status: 200
x-iinfo: 2-185338-184963 2CNN RT(1568199459977 0) q(0 0 0 -1) r(0 0) U18
cache-control: max-age=14515200
content-length: 88048

Redirect headers

status: 302
x-iinfo: 2-185332-0 2NNN RT(1568199459834 0) q(0 -1 -1 0) r(0 -1) B11(8,881023,0) U18
cache-control: no-cache
content-length: 122
location: https://www.kempinski.com/fonts/KingsCaslon/KingsCaslonItalic.ttf
content-type: text/html

GET
H2

200

icomoon.ttf?vfviym
/fonts
Redirect Chain

https://www.kempinski.com/fonts/icomoon.ttf?vfviym
https://www.kempinski.com/fonts/icomoon.ttf?vfviym

10 KB
10 KB

142ms
142ms

Font
application/octet-stream

107.154.192.108
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kempinski.com/fonts/icomoon.ttf?vfviym
Requested by: Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.192.108 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.192.108.ip.incapdns.net
Software: /
Resource Hash: 50af97b182fc35c1ecac8d0a753dbbfe5ae0a12bb1c49db16fc580a8aae0f804

Request headers

Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Sep 2019 10:57:39 GMT
last-modified: Thu, 08 Aug 2019 06:35:02 GMT
x-cdn: Incapsula
etag: "dc16b468b34dd51:0"
content-type: application/octet-stream
status: 200
x-iinfo: 2-185339-0 0CNN RT(1568199459979 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=14515200
content-length: 10208

Redirect headers

status: 302
x-iinfo: 2-185333-0 2CNN RT(1568199459834 0) q(0 -1 -1 2) r(0 -1) B11(8,881023,0)
cache-control: no-cache
content-length: 122
location: https://www.kempinski.com/fonts/icomoon.ttf?vfviym
content-type: text/html

GET
H2

200

GetEmergencyMessage Show response
/umbraco/Surface/Core
Redirect Chain

https://www.kempinski.com/umbraco/Surface/Core/GetEmergencyMessage
https://www.kempinski.com/umbraco/Surface/Core/GetEmergencyMessage

210 B
298 B

143ms
142ms

XHR
text/html

107.154.192.108
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kempinski.com/umbraco/Surface/Core/GetEmergencyMessage
Requested by: Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.192.108 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.192.108.ip.incapdns.net
Software: /
Resource Hash: d2f3e642df0b6c754c71f80502056d952f874ef92da84205a158c21c012f616d

Request headers

Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
x-iinfo: 2-185341-0 2NNN RT(1568199459980 0) q(0 -1 -1 -1) r(0 -1) B10(4,314,0) U18
cache-control: no-cache
content-length: 210
content-type: text/html

Redirect headers

status: 302
x-iinfo: 2-185334-0 0NNN RT(1568199459836 0) q(0 -1 -1 1) r(0 -1) B11(8,881023,0) U6
cache-control: no-cache
content-length: 122
location: https://www.kempinski.com/umbraco/Surface/Core/GetEmergencyMessage
content-type: text/html

GET
H2

200

GetNewsletterMessage Show response
/umbraco/Surface/Core
Redirect Chain

https://www.kempinski.com/umbraco/Surface/Core/GetNewsletterMessage
https://www.kempinski.com/umbraco/Surface/Core/GetNewsletterMessage

210 B
297 B

143ms
142ms

XHR
text/html

107.154.192.108
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kempinski.com/umbraco/Surface/Core/GetNewsletterMessage
Requested by: Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.192.108 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.192.108.ip.incapdns.net
Software: /
Resource Hash: d2f3e642df0b6c754c71f80502056d952f874ef92da84205a158c21c012f616d

Request headers

Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
x-iinfo: 2-185342-0 2NNN RT(1568199459981 0) q(0 -1 -1 -1) r(0 -1) B10(4,314,0) U18
cache-control: no-cache
content-length: 210
content-type: text/html

Redirect headers

status: 302
x-iinfo: 2-185335-0 0NNN RT(1568199459838 0) q(0 -1 -1 0) r(0 -1) B11(8,881023,0) U6
cache-control: no-cache
content-length: 122
location: https://www.kempinski.com/umbraco/Surface/Core/GetNewsletterMessage
content-type: text/html

GET
H2 200 / Show response
/combres.axd/newSiteJs/-2047052710 81 KB
24 KB 142ms
141ms Script
application/x-javascript 107.154.192.108
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kempinski.com/combres.axd/newSiteJs/-2047052710/
Requested by: Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.192.108 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.192.108.ip.incapdns.net
Software: /
Resource Hash: 1912fe9b4e138526375fda418185fb5e2ba4ac6fb0935109ac6265e08104915c

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Sep 2019 10:57:40 GMT
content-encoding: gzip
x-cdn: Incapsula
etag: "bc33d6a5"
content-type: application/x-javascript; charset=utf-8
status: 200
x-iinfo: 2-185345-0 0CNN RT(1568199460380 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=14515200
content-length: 24269

GET
H2 200 / Show response
/combres.axd/newSiteWidgetCorpJs/-1406425899 11 KB
3 KB 140ms
140ms Script
application/x-javascript 107.154.192.108
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kempinski.com/combres.axd/newSiteWidgetCorpJs/-1406425899/
Requested by: Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.192.108 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.192.108.ip.incapdns.net
Software: /
Resource Hash: 3a645e14da9c3c3d67d2cca59cc8d7b1648724e0d156c16f359be621629b4dbb

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Sep 2019 10:57:40 GMT
content-encoding: gzip
x-cdn: Incapsula
etag: "45e0f294"
content-type: application/x-javascript; charset=utf-8
status: 200
x-iinfo: 2-185349-0 0CNN RT(1568199460530 0) q(0 -1 -1 -1) r(0 -1)
cache-control: max-age=14515200
content-length: 3053

POST
H2 200 RenderHeaderAccountInformation
/umbraco/Surface/Account 2 KB
893 B 1091ms
1091ms XHR
application/json 107.154.192.108
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kempinski.com/umbraco/Surface/Account/RenderHeaderAccountInformation
Requested by: Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.192.108 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.192.108.ip.incapdns.net
Software: /
Resource Hash: d02a2ecc6abe9ace13324e5e6d91b51b3d4d74d814d0c5c75eb34d74e05ff15c

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://www.kempinski.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Wed, 11 Sep 2019 10:58:03 GMT
content-encoding: gzip
x-cdn: Incapsula
vary: Origin
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: application/json; charset=utf-8
status: 200
x-iinfo: 2-185350-185351 NNNN CT(0 0 0) RT(1568199460536 0) q(0 0 0 -1) r(9 9) U6
cache-control: no-cache, no-store
access-control-allow-headers: origin, x-requested-with, content-type
content-length: 647
expires: -1

POST
H2 200 GetDataLayer Show response
/umbraco/Surface/Core 1018 B
1 KB 290ms
289ms XHR
text/html 107.154.192.108
Incapsula Inc

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kempinski.com/umbraco/Surface/Core/GetDataLayer
Requested by: Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.154.192.108 , United States, ASN19551 (INCAPSULA - Incapsula Inc, US),
Reverse DNS: 107.154.192.108.ip.incapdns.net
Software: /
Resource Hash: 7e78dae8d3f638d01a955e3d32d02ac2d2d29ba2419696f46f4df312255a024a

Request headers

Accept: text/html, */*; q=0.01
Referer: https://www.kempinski.com/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Sec-Fetch-Mode: cors
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

date: Wed, 11 Sep 2019 10:56:40 GMT
content-encoding: gzip
x-cdn: Incapsula
vary: Origin
access-control-allow-methods: GET, OPTIONS, HEAD
content-type: text/html; charset=utf-8
status: 200
x-iinfo: 2-185355-185356 NNNN CT(0 0 0) RT(1568199460674 0) q(0 0 0 0) r(2 2) U6
cache-control: private
access-control-allow-headers: origin, x-requested-with, content-type

GET
H2 200 Adblocked gtm.js?id=GTM-WTL3DB Show response
www.googletagmanager.com 225 KB
53 KB 15ms
14ms Script
application/javascript 2a00:1450:4001:819::2008
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-WTL3DB

Requested by

Host: www.kempinski.com
URL: https://www.kempinski.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6b3a0793b5c30c8433ed1347207d403745b61adc88b4b40a2c17286016561850

Blocked

Source: easylist, Type: privacy (This would have been blocked)

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Sep 2019 10:57:41 GMT
content-encoding: br
last-modified: Wed, 11 Sep 2019 09:00:00 GMT
server: Google Tag Manager
access-control-allow-headers: Cache-Control
status: 200
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: http://www.googletagmanager.com
cache-control: private, max-age=900
access-control-allow-credentials: true
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 53853
x-xss-protection: 0
expires: Wed, 11 Sep 2019 10:57:41 GMT

GET
H2 200 Adblocked conversion_async.js Show response
www.googleadservices.com/pagead 24 KB
9 KB 83ms
38ms Script
text/javascript 172.217.22.98
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTL3DB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.22.98 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra15s18-in-f98.1e100.net

Software

cafe /

Resource Hash

8c88d6a0ae774f43c52a16b37d0134231b235ddf98ce9eb7f28c587c31b59d5a

Blocked

Source: easylist, Type: privacy (This would have been blocked)

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Sep 2019 10:57:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
content-disposition: attachment; filename="f.txt"
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 9186
x-xss-protection: 0
server: cafe
etag: 1827501119694548318
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 11 Sep 2019 10:57:41 GMT

GET
H2 200 Adblocked analytics.js Show response
www.google-analytics.com 43 KB
17 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTL3DB

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a

Blocked

Source: easylist, Type: privacy (This would have been blocked)

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Aug 2019 17:22:41 GMT
server: Golfe2
age: 848
date: Wed, 11 Sep 2019 10:43:33 GMT
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=7200
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 17803
expires: Wed, 11 Sep 2019 12:43:33 GMT

GET
H/1.1 200
OK Adblocked insight.min.js Show response
sjs.bizographics.com 15 KB
5 KB 10ms
9ms Script
application/x-javascript 2a02:26f0:10c:399::3adf
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://sjs.bizographics.com/insight.min.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-WTL3DB
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:10c:399::3adf , Ascension Island, ASN20940 (AKAMAI-ASN1, US),
Reverse DNS
Software: /
Resource Hash: bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b
Blocked: Source: easylist, Type: ads (This would have been blocked)

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Sep 2019 10:57:41 GMT
Content-Encoding: gzip
Last-Modified: Mon, 03 Dec 2018 23:03:30 GMT
X-CDN: AKAM
Vary: Accept-Encoding
Content-Type: application/x-javascript;charset=utf-8
Cache-Control: max-age=17614
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 4571

GET
H2 200 Adblocked fbevents.js Show response
connect.facebook.net/en_US 121 KB
32 KB 23ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.kempinski.com
URL: https://www.kempinski.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177

Blocked

Source: easylist, Type: privacy (This would have been blocked)

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 31604
x-xss-protection: 0
pragma: public
x-fb-debug: pLJ32cnDNCu29I0D4rCEmWpKHgqp88tUK7Ue3tEZ9HXBTeDFE7hTS3pnCWOr3xzHUHhAYhBfz0kJNU0uiukeKQ==
x-fb-trip-id: 194532234
x-frame-options: DENY
date: Wed, 11 Sep 2019 10:57:41 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 Adblocked B20278285.204596525;sz=1x2;ord=8599020502? Show response
ad.doubleclick.net/ddm/adj/N326205.197812NSO.CODESRV 8 KB
4 KB 97ms
43ms Script
text/javascript 172.217.16.198
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://ad.doubleclick.net/ddm/adj/N326205.197812NSO.CODESRV/B20278285.204596525;sz=1x2;ord=8599020502?

Requested by

Host: www.kempinski.com
URL: https://www.kempinski.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

172.217.16.198 , United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s08-in-f6.1e100.net

Software

cafe /

Resource Hash

77bac9273c552d24ad13f63fa39a2edd06ba0f9d1b5090bb7f7c01d594f2d5bc

Blocked

Source: easylist, Type: ads (This would have been blocked)

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Sep 2019 10:57:41 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 3112
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK Adblocked L21rdC8xMTIxL3BpZC85MTAzMTA2OS90LzA Show response
d.turn.com/r/dft/id 17 KB
17 KB 94ms
38ms Script
application/javascript 46.228.164.13
TURN

General

Check archive.org

Show headers Download Go to

Full URL: https://d.turn.com/r/dft/id/L21rdC8xMTIxL3BpZC85MTAzMTA2OS90LzA
Requested by: Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.228.164.13 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 3c2bdc173bf507f678858e0097dd73e3b916a02e57aeb5af7d06e92ab06d60dc
Blocked: Source: easylist, Type: ads (This would have been blocked)

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: cache
Date: Wed, 11 Sep 2019 10:57:40 GMT
Cache-Control: private, max-age=7200
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Transfer-Encoding: chunked
Content-Type: application/javascript

GET
H2 200 Adblocked bat.js Show response
bat.bing.com 23 KB
7 KB 152ms
152ms Script
application/javascript 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
Blocked: Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Sep 2019 10:57:40 GMT
content-encoding: gzip
last-modified: Tue, 10 Sep 2019 18:57:28 GMT
x-msedge-ref: Ref A: A176F9BF05E14B6BA060ACCFD96CC983 Ref B: VIEEDGE0610 Ref C: 2019-09-11T10:57:41Z
status: 200
etag: "09c5197968d51:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 7148

GET
H/1.1 200
OK almanac.js Show response
almanac.kempinski.com 66 KB
23 KB 127ms
35ms Script
application/javascript 63.32.77.13
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://almanac.kempinski.com/almanac.js
Requested by: Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 63.32.77.13 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-63-32-77-13.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: e3c39364dd866add4ea7fdf25aecc692c8d738387f3bab1720012919aab3c835

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Sep 2019 10:57:41 GMT
Content-Encoding: gzip
Last-Modified: Tue, 26 Mar 2019 14:04:40 GMT
Server: Apache/2.4.29 (Ubuntu)
ETag: "106ad-584ffcd5bea56-gzip"
Vary: Accept-Encoding
Content-Type: application/javascript
Connection: Keep-Alive
Accept-Ranges: bytes
Keep-Alive: timeout=5, max=100
Content-Length: 22700

GET
H/1.1 200
OK Adblocked tag.js Show response
mc.yandex.ru/metrika 353 KB
91 KB 174ms
84ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.kempinski.com
URL: https://www.kempinski.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

e43f50a325a5a83f020dd452365a66f18ccbbb271151a63748df361fbd96938f

Blocked

Source: easylist, Type: privacy (This would have been blocked)

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Sep 2019 10:57:41 GMT
Content-Encoding: br
Last-Modified: Tue, 10 Sep 2019 11:49:48 GMT
Server: nginx/1.14.2
ETag: "5d778ddc-16999"
Strict-Transport-Security: max-age=31536000
Content-Type: application/javascript
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 92569
Expires: Wed, 11 Sep 2019 11:57:41 GMT

GET
H2 204 Adblocked 13bc0997f025.js?lv=1 Show response
w.usabilla.com 0
90 B 120ms
52ms Script
text/plain 52.49.49.248
Amazon.com

General

Check archive.org

Show headers Download Go to

Full URL: https://w.usabilla.com/13bc0997f025.js?lv=1
Requested by: Host: www.kempinski.com
URL: https://www.kempinski.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.49.49.248 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-52-49-49-248.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Blocked: Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Wed, 11 Sep 2019 10:57:41 GMT
cache-control: public, max-age=60
x-widget-server: 2.1

GET
H2 200 Adblocked linkid.js Show response
www.google-analytics.com/plugins/ua 2 KB
952 B 18ms
18ms Script
text/javascript 2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Blocked

Source: easylist, Type: privacy (This would have been blocked)

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Sep 2019 10:32:37 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 21 Apr 2016 03:17:22 GMT
server: sffe
age: 1504
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: public, max-age=3600
accept-ranges: bytes
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 856
x-xss-protection: 0
expires: Wed, 11 Sep 2019 11:32:37 GMT

GET
H2 200 Adblocked ?time=1568199461180&pid=1349852&url=https%3A%2F%2Fwww.kempinski.com%2F&fmt=js&s=1 Show response
px.ads.linkedin.com/collect 0
103 B 174ms
172ms Script
application/javascript 2a05:f500:11:101::b93f:9005
LinkedIn Corporation

General

Check archive.org

Show headers Download Go to

Full URL: https://px.ads.linkedin.com/collect/?time=1568199461180&pid=1349852&url=https%3A%2F%2Fwww.kempinski.com%2F&fmt=js&s=1
Requested by: Host: sjs.bizographics.com
URL: https://sjs.bizographics.com/insight.min.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a05:f500:11:101::b93f:9005 , Ireland, ASN14413 (LINKEDIN - LinkedIn Corporation, US),
Reverse DNS
Software: Play /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Blocked: Source: easylist, Type: ads (This would have been blocked)

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Sep 2019 10:57:41 GMT
content-encoding: gzip
server: Play
vary: Accept-Encoding
x-li-fabric: prod-lor1
status: 200
x-li-proto: http/2
x-li-pop: prod-tln1
content-type: application/javascript
content-length: 20
x-li-uuid: MF+FiCJdwxUgwoUWbysAAA==

GET
H2 200 Adblocked collect?v=1&_v=j79&aip=1&a=1977941504&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kempinski.com%2F&ul=en-us&de=UTF-8&dt=Luxury%20Five%20Star%20Hotels%20%26%20Resorts%20%7C%20Kempinski%20Hotels&sd=24-bit&s...
www.google-analytics.com 35 B
111 B 10ms
7ms Image
image/gif 2a00:1450:4001:819::200e
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j79&aip=1&a=1977941504&t=pageview&_s=1&dl=https%3A%2F%2Fwww.kempinski.com%2F&ul=en-us&de=UTF-8&dt=Luxury%20Five%20Star%20Hotels%20%26%20Resorts%20%7C%20Kempinski%20Hotels&sd=24-bit&sr=1600x1200&vp=1585x1185&je=0&_u=aGBAgEAj~&jid=36004714&gjid=416802014&cid=961976210.1568199461&tid=UA-46236206-1&_gid=1277625555.1568199461&gtm=2wg8l2WTL3DB&cg1=welcome&cd1=KISA&cd2=en&cd16=%7Cclient&cd17=logged-out&z=2136213924

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:819::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Blocked

Source: easylist, Type: privacy (This would have been blocked)

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 03 Sep 2019 18:49:27 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 662894
status: 200
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2

200

ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46236206-1&cid=961976210.1568199461&jid=36004714&_v=j79&z=1974599134&slf_rd=1&random=3891361433
www.google.de/ads
Redirect Chain

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-46236206-1&cid=961976210.1568199461&jid=36004714&gjid=416802014&_gid=1277625555.1568199461&_u=aGBAgEAj~&z=1974599134
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46236206-1&cid=961976210.1568199461&jid=36004714&_v=j79&z=1974599134
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46236206-1&cid=961976210.1568199461&jid=36004714&_v=j79&z=1974599134&slf_rd=1&random=3891361433

42 B
109 B

31ms
28ms

Image
image/gif

2a00:1450:4001:81c::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46236206-1&cid=961976210.1568199461&jid=36004714&_v=j79&z=1974599134&slf_rd=1&random=3891361433

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Sep 2019 10:57:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 11 Sep 2019 10:57:41 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 302
content-type: text/html; charset=UTF-8
location: https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46236206-1&cid=961976210.1568199461&jid=36004714&_v=j79&z=1974599134&slf_rd=1&random=3891361433
cache-control: no-cache, no-store, must-revalidate
timing-allow-origin: *
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Adblocked 1363478017106996?v=2.9.4&r=stable Show response
connect.facebook.net/signals/config 307 KB
78 KB 14ms
12ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1363478017106996?v=2.9.4&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

af76e682477a19e6ae3ccbb57c0c122f9bb3da8977c5c59254022c41e59590e0

Blocked

Source: easylist, Type: privacy (This would have been blocked)

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 79753
x-xss-protection: 0
pragma: public
x-fb-debug: 8je3ha1CGa9UakjZfrlZFlkW9GcxkzakYpZ2sqO3BDCpllJjWmIbvaq6RxXaBifSwaHcv/rs9a7i0yyo4HLJsw==
x-fb-trip-id: 194532234
x-frame-options: DENY
date: Wed, 11 Sep 2019 10:57:41 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 Adblocked ?random=1568199461206&cv=9&fst=1568199461206&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8l2&sendb=1&i... Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/1008065145 2 KB
1 KB 34ms
28ms Script
text/javascript 2a00:1450:4001:808::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1008065145/?random=1568199461206&cv=9&fst=1568199461206&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8l2&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.kempinski.com%2F&ref=https%3A%2F%2Fwww.kempinski.com%2F&tiba=Luxury%20Five%20Star%20Hotels%20%26%20Resorts%20%7C%20Kempinski%20Hotels&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

48c0637895684419c377fa9a4c6382630486350ffd82422ec066a2dc4abf341e

Blocked

Source: easylist, Type: ads (This would have been blocked)

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Sep 2019 10:57:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
status: 200
cache-control: no-cache, must-revalidate
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 969
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 lidar.js?cache=r20110914 Show response
www.googletagservices.com/activeview/js/current 80 KB
29 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:81d::2002
Google LLC

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/lidar.js?cache=r20110914

Requested by

Host: ad.doubleclick.net
URL: https://ad.doubleclick.net/ddm/adj/N326205.197812NSO.CODESRV/B20278285.204596525;sz=1x2;ord=8599020502?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81d::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

sffe /

Resource Hash

d561b087eb84f9a1a6bef617010f9d2536280828ec34514a7b67e8dfc5dc04aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Sep 2019 10:57:41 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1568027754411643"
vary: Accept-Encoding
content-type: text/javascript
status: 200
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 29415
x-xss-protection: 0
expires: Wed, 11 Sep 2019 10:57:41 GMT

GET
H2 200 Adblocked view?xai=AKAOjstakmUgKOjcq8z2s5OXloe89TD87szgb1lrbaY45wQqXjweDNELgtCJRROHsguKP04scDJl_SrldKZ4jTAKXcvm3bl3f_UwFecevSQaLlLHBpH4ZlU7l75Ubay_Otj6QZBrkkGkQqGeQhKFyas&sig=Cg0ArKJSzA_lNsju3ZUaEAE&urlfix=1...
googleads4.g.doubleclick.net/pcs 0
356 B 90ms
31ms Image
image/gif 216.58.206.2
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjstakmUgKOjcq8z2s5OXloe89TD87szgb1lrbaY45wQqXjweDNELgtCJRROHsguKP04scDJl_SrldKZ4jTAKXcvm3bl3f_UwFecevSQaLlLHBpH4ZlU7l75Ubay_Otj6QZBrkkGkQqGeQhKFyas&sig=Cg0ArKJSzA_lNsju3ZUaEAE&urlfix=1&adurl=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.206.2 Mountain View, United States, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

fra16s20-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Blocked

Source: easylist, Type: ads (This would have been blocked)

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 11 Sep 2019 10:57:41 GMT
x-content-type-options: nosniff
server: cafe
status: 200
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
content-type: image/gif
alt-svc: quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43,39",quic=":443"; ma=2592000; v="46,43,39"
content-length: 0
x-xss-protection: 0

GET
H/1.1 200
OK Adblocked 91509781=https%3A%2F%2Fwww.kempinski.com%2F,91919117=KISA,91919115=en,91509784=https%3A%2F%2Fwww.kempinski.com%2F,91921486=www%3Aen%3Ahotels%3Awelcome,92668785=False,91919118=client,91919119=logged... Show response
d.turn.com/r/dd/id/L21rdC8xMTIxL3BpZC85MTAzMTA2OS90LzA/pdata 0
443 B 39ms
39ms Script
text/javascript 46.228.164.13
TURN

General

Check archive.org

Show headers Download Go to

Full URL: https://d.turn.com/r/dd/id/L21rdC8xMTIxL3BpZC85MTAzMTA2OS90LzA/pdata/91509781=https%3A%2F%2Fwww.kempinski.com%2F,91919117=KISA,91919115=en,91509784=https%3A%2F%2Fwww.kempinski.com%2F,91921486=www%3Aen%3Ahotels%3Awelcome,92668785=False,91919118=client,91919119=logged-out,91509785=%2F
Requested by: Host: d.turn.com
URL: https://d.turn.com/r/dft/id/L21rdC8xMTIxL3BpZC85MTAzMTA2OS90LzA
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.228.164.13 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Blocked: Source: easylist, Type: ads (This would have been blocked)

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Sep 2019 10:57:40 GMT
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Content-Length: 0
Content-Type: text/javascript;charset=UTF-8

GET
H2 200 Adblocked inferredEvents.js?v=2.9.4 Show response
connect.facebook.net/signals/plugins 35 KB
10 KB 7ms
6ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
Facebook

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredEvents.js?v=2.9.4

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

Resource Hash

b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b

Blocked

Source: easylist, Type: privacy (This would have been blocked)

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob:;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
status: 200
content-length: 10218
x-xss-protection: 0
pragma: public
x-fb-debug: HiajSMJYUK3bEkmyqTgY5AaMeQNGCwZPmF5i1jndGAlCi5eiRtjzR4K69aU5OQ6SjLMOanyammN8UNnTA4zI6A==
x-fb-trip-id: 194532234
x-frame-options: DENY
date: Wed, 11 Sep 2019 10:57:41 GMT
vary: Origin, Accept-Encoding
access-control-allow-methods: OPTIONS
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: https://connect.facebook.net
access-control-expose-headers: X-FB-Debug, X-Loader-Length
cache-control: public, max-age=1200
access-control-allow-credentials: true
content-security-policy: default-src * data: blob:;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 Adblocked ?random=1568199461206&cv=9&fst=1568196000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8l2&sendb=1&frm=0&url=https%3A%2F%2...
www.google.com/pagead/1p-user-list/1008065145 42 B
111 B 22ms
20ms Image
image/gif 2a00:1450:4001:81f::2004
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/1008065145/?random=1568199461206&cv=9&fst=1568196000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8l2&sendb=1&frm=0&url=https%3A%2F%2Fwww.kempinski.com%2F&ref=https%3A%2F%2Fwww.kempinski.com%2F&tiba=Luxury%20Five%20Star%20Hotels%20%26%20Resorts%20%7C%20Kempinski%20Hotels&async=1&fmt=3&is_vtc=1&random=4095543717&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Blocked

Source: easylist, Type: ads (This would have been blocked)

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Sep 2019 10:57:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ?random=1568199461206&cv=9&fst=1568196000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8l2&sendb=1&frm=0&url=https%3A%2F%2...
www.google.de/pagead/1p-user-list/1008065145 42 B
110 B 24ms
23ms Image
image/gif 2a00:1450:4001:81c::2003
Google LLC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1008065145/?random=1568199461206&cv=9&fst=1568196000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg8l2&sendb=1&frm=0&url=https%3A%2F%2Fwww.kempinski.com%2F&ref=https%3A%2F%2Fwww.kempinski.com%2F&tiba=Luxury%20Five%20Star%20Hotels%20%26%20Resorts%20%7C%20Kempinski%20Hotels&async=1&fmt=3&is_vtc=1&random=4095543717&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:81c::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 11 Sep 2019 10:57:41 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status: 200
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: quic=":443"; ma=2592000; v="46,43,39"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 Adblocked 0?ti=5438241&Ver=2&mid=b1253609-7d06-5001-2cb2-92f72c7cf50d&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Luxury%20Five%20Star%20Hotels%20%26%20Resorts%20%7C%20Kempinski%20Hotels&p=https%3A%2F%2Fwww.kempi... Show response
bat.bing.com/action 0
148 B 70ms
69ms Image
text/plain 2620:1ec:c11::200
Microsoft Corpora...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=5438241&Ver=2&mid=b1253609-7d06-5001-2cb2-92f72c7cf50d&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Luxury%20Five%20Star%20Hotels%20%26%20Resorts%20%7C%20Kempinski%20Hotels&p=https%3A%2F%2Fwww.kempinski.com%2F&r=https%3A%2F%2Fwww.kempinski.com%2F&lt=1593&evt=pageLoad&msclkid=N&rn=859336
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Blocked: Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 204
pragma: no-cache
date: Wed, 11 Sep 2019 10:57:40 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: B5A37C0BCED4465480505D21737D16C7 Ref B: VIEEDGE0610 Ref C: 2019-09-11T10:57:41Z
access-control-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 Adblocked ?id=1363478017106996&ev=PageView&dl=https%3A%2F%2Fwww.kempinski.com%2F&rl=https%3A%2F%2Fwww.kempinski.com%2F&if=false&ts=1568199461292&cd[hotelCode]=KISA&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=30&...
www.facebook.com/tr 44 B
250 B 7ms
6ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1363478017106996&ev=PageView&dl=https%3A%2F%2Fwww.kempinski.com%2F&rl=https%3A%2F%2Fwww.kempinski.com%2F&if=false&ts=1568199461292&cd[hotelCode]=KISA&sw=1600&sh=1200&v=2.9.4&r=stable&ec=0&o=30&fbp=fb.1.1568199461291.174659309&it=1568199461200&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Blocked

Source: easylist, Type: privacy (This would have been blocked)

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Sep 2019 10:57:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 11 Sep 2019 10:57:41 GMT

GET
H2 200 Adblocked ?id=1363478017106996&ev=ViewContent&dl=https%3A%2F%2Fwww.kempinski.com%2F&rl=https%3A%2F%2Fwww.kempinski.com%2F&if=false&ts=1568199461294&cd[hotelCode]=KISA&cd[content_ids]=%5B%22KISA%22%5D&cd[cont...
www.facebook.com/tr 44 B
204 B 7ms
7ms Image
image/gif 2a03:2880:f11c:8083:face:b00c:0:25de
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1363478017106996&ev=ViewContent&dl=https%3A%2F%2Fwww.kempinski.com%2F&rl=https%3A%2F%2Fwww.kempinski.com%2F&if=false&ts=1568199461294&cd[hotelCode]=KISA&cd[content_ids]=%5B%22KISA%22%5D&cd[content_type]=product&sw=1600&sh=1200&v=2.9.4&r=stable&ec=1&o=30&fbp=fb.1.1568199461291.174659309&it=1568199461200&coo=false&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8083:face:b00c:0:25de , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Blocked

Source: easylist, Type: privacy (This would have been blocked)

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date: Wed, 11 Sep 2019 10:57:41 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
status: 200
cache-control: no-cache, must-revalidate, max-age=0
content-length: 44
expires: Wed, 11 Sep 2019 10:57:41 GMT

GET
H/1.1 200
OK Verified Adblocked almanac.php?action_name=Luxury%20Five%20Star%20Hotels%20%26%20Resorts%20%7C%20Kempinski%20Hotels&idsite=1&rec=1&r=314300&h=12&m=57&s=41&url=https%3A%2F%2Fwww.kempinski.com%2F&urlref=https%3A%2F%2Fw...
almanac.kempinski.com 43 B
244 B 42ms
40ms Image
image/gif 63.32.77.13
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://almanac.kempinski.com/almanac.php?action_name=Luxury%20Five%20Star%20Hotels%20%26%20Resorts%20%7C%20Kempinski%20Hotels&idsite=1&rec=1&r=314300&h=12&m=57&s=41&url=https%3A%2F%2Fwww.kempinski.com%2F&urlref=https%3A%2F%2Fwww.kempinski.com%2F&_id=b6b2e5e446916bfd&_idts=1568199461&_idvc=1&_idn=0&_refts=0&_viewts=1568199461&send_image=1&cookie=1&res=1600x1200&cvar=%7B%221%22%3A%5B%22Hotel%20Code%22%2C%22KISA%22%5D%2C%222%22%3A%5B%22Login%20Status%22%2C%22logged-out%22%5D%7D&_cvar=%7B%221%22%3A%5B%22User%20Type%22%2C%22client%22%5D%2C%222%22%3A%5B%22Opera%20Source%22%2C%22%22%5D%7D&gt_ms=283&pv_id=l8uAG9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 63.32.77.13 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-63-32-77-13.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Verified resource: ckeditor/4.2/plugins/fakeobjects/images/spacer.gif at cdnjs.com, project ckeditor
Blocked: Source: easylist, Type: privacy (This would have been blocked)

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Sep 2019 10:57:41 GMT
Cache-Control: no-store
Server: Apache/2.4.29 (Ubuntu)
Connection: close
Content-Encoding: none
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK Adblocked beacon?b2=nnCZkIDUfELJ8qesdnCmTPVTthqcHOwW3zvqNEuX8d08vMQie2EQ167eO-qRD1htzIiqHATFmLb5WKgWR31QOQ&cid=b6b2e5e446916bfd&gtmcb=227889626
r.turn.com/r 43 B
467 B 104ms
33ms Image
image/gif 46.228.164.11
TURN

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://r.turn.com/r/beacon?b2=nnCZkIDUfELJ8qesdnCmTPVTthqcHOwW3zvqNEuX8d08vMQie2EQ167eO-qRD1htzIiqHATFmLb5WKgWR31QOQ&cid=b6b2e5e446916bfd&gtmcb=227889626
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 46.228.164.11 , United Kingdom, ASN56396 (TURN, GB),
Reverse DNS
Software: Apache-Coyote/1.1 /
Resource Hash: 48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
Blocked: Source: easylist, Type: ads (This would have been blocked)

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Sep 2019 10:57:41 GMT
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Server: Apache-Coyote/1.1
P3P: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

Adblocked 1?wmode=7&page-ref=https%3A%2F%2Fwww.kempinski.com%2F&page-url=https%3A%2F%2Fwww.kempinski.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1568199458889%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr...
mc.yandex.ru/watch/53765194
Redirect Chain

https://mc.yandex.ru/watch/53765194?wmode=7&page-ref=https%3A%2F%2Fwww.kempinski.com%2F&page-url=https%3A%2F%2Fwww.kempinski.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1568199458889%3As%3A160...
https://mc.yandex.ru/watch/53765194/1?wmode=7&page-ref=https%3A%2F%2Fwww.kempinski.com%2F&page-url=https%3A%2F%2Fwww.kempinski.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1568199458889%3As%3A1...

152 B
705 B

99ms
50ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/53765194/1?wmode=7&page-ref=https%3A%2F%2Fwww.kempinski.com%2F&page-url=https%3A%2F%2Fwww.kempinski.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1568199458889%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1185%3Az%3A120%3Ai%3A20190911125741%3Aet%3A1568199462%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A642394538%3Ahid%3A650826044%3Ads%3A0%2C0%2C153%2C130%2C0%2C0%2C0%2C606%2C1%2C1574%2C1574%2C19%2C763%3Afp%3A777%3Agdpr%3A14%3Av%3A1708%3Awv%3A2%3Ast%3A1568199462%3Au%3A1568199461721787336%3At%3ALuxury%20Five%20Star%20Hotels%20%26%20Resorts%20%7C%20Kempinski%20Hotels

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

a423cd63fb8cc5415cea8f242c9351624d8b1702904fba662854a892fa063668

Blocked

Source: easylist, Type: privacy (This would have been blocked)

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 11 Sep 2019 10:57:41 GMT
X-Content-Type-Options: nosniff
Last-Modified: Wed, 11-Sep-2019 10:57:41 GMT
Server: nginx/1.14.2
Strict-Transport-Security: max-age=31536000
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.kempinski.com
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 152
X-XSS-Protection: 1; mode=block
Expires: Wed, 11-Sep-2019 10:57:41 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 11 Sep 2019 10:57:41 GMT
Last-Modified: Wed, 11-Sep-2019 10:57:41 GMT
Server: nginx/1.14.2
Access-Control-Allow-Origin: https://www.kempinski.com
Strict-Transport-Security: max-age=31536000
Location: /watch/53765194/1?wmode=7&page-ref=https%3A%2F%2Fwww.kempinski.com%2F&page-url=https%3A%2F%2Fwww.kempinski.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1568199458889%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Afpr%3A216613626101%3Acn%3A1%3Aw%3A1585x1185%3Az%3A120%3Ai%3A20190911125741%3Aet%3A1568199462%3Aen%3Autf-8%3Ac%3A1%3Ala%3Aen-us%3Apv%3A1%3Arn%3A642394538%3Ahid%3A650826044%3Ads%3A0%2C0%2C153%2C130%2C0%2C0%2C0%2C606%2C1%2C1574%2C1574%2C19%2C763%3Afp%3A777%3Agdpr%3A14%3Av%3A1708%3Awv%3A2%3Ast%3A1568199462%3Au%3A1568199461721787336%3At%3ALuxury%20Five%20Star%20Hotels%20%26%20Resorts%20%7C%20Kempinski%20Hotels
Cache-Control: private, no-cache, no-store, must-revalidate, max-age=0
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
X-XSS-Protection: 1; mode=block
Expires: Wed, 11-Sep-2019 10:57:41 GMT

GET
H/1.1 200
OK Verified Adblocked advert.gif
mc.yandex.ru/metrika 43 B
445 B 72ms
42ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.14.2 /

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Verified resource

ckeditor/4.2/plugins/fakeobjects/images/spacer.gif at cdnjs.com, project ckeditor

Blocked

Source: easylist, Type: ads (This would have been blocked)

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Sep 2019 10:57:41 GMT
Content-Encoding: gzip
Last-Modified: Mon, 12 Oct 2015 13:09:09 GMT
Server: nginx/1.14.2
ETag: "561bb0f5-3d"
Strict-Transport-Security: max-age=31536000
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: max-age=3600
Connection: keep-alive
Content-Length: 61
Expires: Wed, 11 Sep 2019 11:57:41 GMT

GET
H2

200

Adblocked ?c=15076222838454038759&f=AYwolSrt1WvsqZXd-Syvd8Jv26p26xEN3_jWhVT7NDaP_vKgsMZpX4eBWsJpj2Zfhr2awsPaukme8OhG3uHLVPfP&id=1363478017106996&l=3&v=0
cx.atdmt.com
Redirect Chain

https://www.facebook.com/tr/?id=1363478017106996&ev=Microdata&dl=https%3A%2F%2Fwww.kempinski.com%2F&rl=https%3A%2F%2Fwww.kempinski.com%2F&if=false&ts=1568199461795&cd[DataLayer]=%5B%5D&cd[Meta]=%7B...
https://cx.atdmt.com/?c=15076222838454038759&f=AYwolSrt1WvsqZXd-Syvd8Jv26p26xEN3_jWhVT7NDaP_vKgsMZpX4eBWsJpj2Zfhr2awsPaukme8OhG3uHLVPfP&id=1363478017106996&l=3&v=0

42 B
403 B

81ms
48ms

Image
image/gif

2a03:2880:f0ff:2:face:b00c:0:8c
Facebook

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cx.atdmt.com/?c=15076222838454038759&f=AYwolSrt1WvsqZXd-Syvd8Jv26p26xEN3_jWhVT7NDaP_vKgsMZpX4eBWsJpj2Zfhr2awsPaukme8OhG3uHLVPfP&id=1363478017106996&l=3&v=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f0ff:2:face:b00c:0:8c , Ireland, ASN32934 (FACEBOOK - Facebook, Inc., US),
Reverse DNS
Software: /
Resource Hash: 6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
Blocked: Source: easylist, Type: privacy (This would have been blocked)

Request headers

Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status: 200
date: Wed, 11 Sep 2019 10:57:41 GMT
content-type: image/gif
content-length: 42
p3p: CP="NOI DSP COR CUR ADM DEV TAIo PSAo PSDo OUR BUS UNI PUR COM NAV INT DEM STA PRE OTC"

Redirect headers

pragma: no-cache
date: Wed, 11 Sep 2019 10:57:41 GMT
server: proxygen-bolt
status: 302
content-type: text/plain
location: https://cx.atdmt.com/?c=15076222838454038759&f=AYwolSrt1WvsqZXd-Syvd8Jv26p26xEN3_jWhVT7NDaP_vKgsMZpX4eBWsJpj2Zfhr2awsPaukme8OhG3uHLVPfP&id=1363478017106996&l=3&v=0
cache-control: no-cache, no-store, must-revalidate
content-length: 0
expires: 0

GET
H/1.1 200
OK Verified almanac.php?e_c=User%20Detail&e_a=User%20Type&e_n=client&idsite=1&rec=1&r=260709&h=12&m=57&s=41&url=https%3A%2F%2Fwww.kempinski.com%2F&urlref=https%3A%2F%2Fwww.kempinski.com%2F&_id=b6b2e5e446916bfd...
almanac.kempinski.com 43 B
244 B 108ms
41ms Image
image/gif 63.32.77.13
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://almanac.kempinski.com/almanac.php?e_c=User%20Detail&e_a=User%20Type&e_n=client&idsite=1&rec=1&r=260709&h=12&m=57&s=41&url=https%3A%2F%2Fwww.kempinski.com%2F&urlref=https%3A%2F%2Fwww.kempinski.com%2F&_id=b6b2e5e446916bfd&_idts=1568199461&_idvc=1&_idn=0&_refts=0&_viewts=1568199461&send_image=1&cookie=1&res=1600x1200&cvar=%7B%221%22%3A%5B%22Hotel%20Code%22%2C%22KISA%22%5D%2C%222%22%3A%5B%22Login%20Status%22%2C%22logged-out%22%5D%7D&_cvar=%7B%221%22%3A%5B%22User%20Type%22%2C%22client%22%5D%7D&gt_ms=283&pv_id=l8uAG9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 63.32.77.13 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-63-32-77-13.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Verified resource: ckeditor/4.2/plugins/fakeobjects/images/spacer.gif at cdnjs.com, project ckeditor

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Sep 2019 10:57:42 GMT
Cache-Control: no-store
Server: Apache/2.4.29 (Ubuntu)
Connection: close
Content-Encoding: none
Content-Length: 43
Content-Type: image/gif

GET
H/1.1 200
OK Verified almanac.php?e_c=User%20Detail&e_a=Amobee%20Linker&e_n=Pixel%20Fired&idsite=1&rec=1&r=165838&h=12&m=57&s=41&url=https%3A%2F%2Fwww.kempinski.com%2F&urlref=https%3A%2F%2Fwww.kempinski.com%2F&_id=b6b2e...
almanac.kempinski.com 43 B
244 B 106ms
40ms Image
image/gif 63.32.77.13
Amazon.com

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://almanac.kempinski.com/almanac.php?e_c=User%20Detail&e_a=Amobee%20Linker&e_n=Pixel%20Fired&idsite=1&rec=1&r=165838&h=12&m=57&s=41&url=https%3A%2F%2Fwww.kempinski.com%2F&urlref=https%3A%2F%2Fwww.kempinski.com%2F&_id=b6b2e5e446916bfd&_idts=1568199461&_idvc=1&_idn=0&_refts=0&_viewts=1568199461&send_image=1&cookie=1&res=1600x1200&cvar=%7B%221%22%3A%5B%22Hotel%20Code%22%2C%22KISA%22%5D%2C%222%22%3A%5B%22Login%20Status%22%2C%22logged-out%22%5D%7D&_cvar=%7B%221%22%3A%5B%22User%20Type%22%2C%22client%22%5D%7D&gt_ms=283&pv_id=l8uAG9
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 63.32.77.13 Dublin, Ireland, ASN16509 (AMAZON-02 - Amazon.com, Inc., US),
Reverse DNS: ec2-63-32-77-13.eu-west-1.compute.amazonaws.com
Software: Apache/2.4.29 (Ubuntu) /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Verified resource: ckeditor/4.2/plugins/fakeobjects/images/spacer.gif at cdnjs.com, project ckeditor

Request headers

Sec-Fetch-Mode: no-cors
Referer: https://www.kempinski.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

Date: Wed, 11 Sep 2019 10:57:42 GMT
Cache-Control: no-store
Server: Apache/2.4.29 (Ubuntu)
Connection: close
Content-Encoding: none
Content-Length: 43
Content-Type: image/gif

Redirect requests

There were HTTP redirects (301, 302) for the following requests:

Request 0

http://www.kempinski.com/
https://www.kempinski.com/

Request 22

https://www.kempinski.com/fonts/KingsCaslon/KingsCaslonItalic.ttf
https://www.kempinski.com/fonts/KingsCaslon/KingsCaslonItalic.ttf

Request 23

https://www.kempinski.com/fonts/icomoon.ttf?vfviym
https://www.kempinski.com/fonts/icomoon.ttf?vfviym

Request 24

https://www.kempinski.com/umbraco/Surface/Core/GetEmergencyMessage
https://www.kempinski.com/umbraco/Surface/Core/GetEmergencyMessage

Request 25

https://www.kempinski.com/umbraco/Surface/Core/GetNewsletterMessage
https://www.kempinski.com/umbraco/Surface/Core/GetNewsletterMessage

Request 44

https://stats.g.doubleclick.net/r/collect?t=dc&aip=1&_r=3&v=1&_v=j79&tid=UA-46236206-1&cid=961976210.1568199461&jid=36004714&gjid=416802014&_gid=1277625555.1568199461&_u=aGBAgEAj~&z=1974599134
https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46236206-1&cid=961976210.1568199461&jid=36004714&_v=j79&z=1974599134
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-46236206-1&cid=961976210.1568199461&jid=36004714&_v=j79&z=1974599134&slf_rd=1&random=3891361433

Request 58

https://mc.yandex.ru/watch/53765194?wmode=7&page-ref=https%3A%2F%2Fwww.kempinski.com%2F&page-url=https%3A%2F%2Fwww.kempinski.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1568199458889%3As%3A160...
https://mc.yandex.ru/watch/53765194/1?wmode=7&page-ref=https%3A%2F%2Fwww.kempinski.com%2F&page-url=https%3A%2F%2Fwww.kempinski.com%2F&charset=utf-8&browser-info=ti%3A10%3Ans%3A1568199458889%3As%3A1...

Request 60

https://www.facebook.com/tr/?id=1363478017106996&ev=Microdata&dl=https%3A%2F%2Fwww.kempinski.com%2F&rl=https%3A%2F%2Fwww.kempinski.com%2F&if=false&ts=1568199461795&cd[DataLayer]=%5B%5D&cd[Meta]=%7B...
https://cx.atdmt.com/?c=15076222838454038759&f=AYwolSrt1WvsqZXd-Syvd8Jv26p26xEN3_jWhVT7NDaP_vKgsMZpX4eBWsJpj2Zfhr2awsPaukme8OhG3uHLVPfP&id=1363478017106996&l=3&v=0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.kempinski.com
URL: https://www.kempinski.com/_Incapsula_Resource?SWKMTFSR=1&e=0.09494631483078675

Domain: www.kempinski.com
URL: https://www.kempinski.com/_Incapsula_Resource?ES2LURCT=67&t=78&d=complete%20(s%3A2%2Cc%3A145%2Cr%3A300)

Domain: media.kempinski.com
URL: https://media.kempinski.com/scripts/bs_v225.js

Domain: media.kempinski.com
URL: https://media.kempinski.com/scripts/date-range-picker_v225.js

Domain: media.kempinski.com
URL: https://media.kempinski.com/scripts/lazysizes_v225.js

Domain: media.kempinski.com
URL: https://media.kempinski.com/scripts/ScrollMagic.min_v225.js

Domain: media.kempinski.com
URL: https://media.kempinski.com/scripts/new.main_v225.js

Domain: www.kempinski.com
URL: https://www.kempinski.com/fonts/Helvetica/Helvetica-Bold.woff

Domain: www.kempinski.com
URL: https://www.kempinski.com/fonts/Helvetica/Helvetica-Light.woff

Domain: www.kempinski.com
URL: https://www.kempinski.com/fonts/KingsCaslon/KingsCaslonItalic.woff

Domain: www.kempinski.com
URL: https://www.kempinski.com/fonts/icomoon.woff2?vfviym

97 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

2 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			.kempinski.com/	1969-12-31 23:59:59	Name: incap_ses_775_2028118 Value: WRLZXaera3U+KXRxflrBCiPTeF0AAAAAn4QxIU8I676u4F/eKAzwXA==
			.kempinski.com/	1970-01-19 12:22:09	Name: visid_incap_2028118 Value: HvRq2XRdQt+gaqmprhNqwCPTeF0AAAAAQUIPAAAAAABkoPHL4BCVkXEYUdrxdg/i

Indicators of compromise (IoCs)

This is a term in the security industry to describe indicators around an attack. This includes IPs, hashes, domains, etc.

ad.doubleclick.net
almanac.kempinski.com
bat.bing.com
cdnjs.cloudflare.com
connect.facebook.net
cx.atdmt.com
d.turn.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
mc.yandex.ru
media.kempinski.com
photorankstatics-a.akamaihd.net
px.ads.linkedin.com
r.turn.com
sjs.bizographics.com
stats.g.doubleclick.net
w.usabilla.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.googletagservices.com
www.kempinski.com

media.kempinski.com
www.kempinski.com

107.154.192.108
172.217.16.198
172.217.22.98
2.16.186.56
216.58.206.2
2606:4700::6813:c697
2620:1ec:c11::200
2a00:1450:4001:808::2002
2a00:1450:4001:819::2008
2a00:1450:4001:819::200e
2a00:1450:4001:81c::2003
2a00:1450:4001:81d::2002
2a00:1450:4001:81f::2004
2a00:1450:400c:c0c::9c
2a02:26f0:10c:399::3adf
2a02:6b8::1:119
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f0ff:2:face:b00c:0:8c
2a03:2880:f11c:8083:face:b00c:0:25de
2a05:f500:11:101::b93f:9005
46.228.164.11
46.228.164.13
52.49.49.248
63.32.77.13

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
14d88b3a27f0e6de034f86ad42d6411081e9467daf754147f2f16bcb20782177
1870b7c456eb7af4346917168392449543a7717617c53b4c3ae03be1c5803d3c
1912fe9b4e138526375fda418185fb5e2ba4ac6fb0935109ac6265e08104915c
275d80be4508379dd44186f1ad929368d9c0924f18dce5cd833b03a4c1618f6f
3a645e14da9c3c3d67d2cca59cc8d7b1648724e0d156c16f359be621629b4dbb
3c2bdc173bf507f678858e0097dd73e3b916a02e57aeb5af7d06e92ab06d60dc
48a33ca9f42b91902d57ad8ac52e1ce32b92c8c10c732f2dbb6fe960ebfd9438
48c0637895684419c377fa9a4c6382630486350ffd82422ec066a2dc4abf341e
50af97b182fc35c1ecac8d0a753dbbfe5ae0a12bb1c49db16fc580a8aae0f804
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
6b3a0793b5c30c8433ed1347207d403745b61adc88b4b40a2c17286016561850
6d8ba81d1b60a18707722a1f2b62dad48a6acced95a1933f49a68b5016620b93
77bac9273c552d24ad13f63fa39a2edd06ba0f9d1b5090bb7f7c01d594f2d5bc
7e78dae8d3f638d01a955e3d32d02ac2d2d29ba2419696f46f4df312255a024a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8c88d6a0ae774f43c52a16b37d0134231b235ddf98ce9eb7f28c587c31b59d5a
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
931d74da5a115f0a87519132f1b175200f36fea93b4858bf82267ffb81f6070c
9532737d4cc0760314d9a1f33f0a9692d0debe1a68e79b2bdfc3619a0724a523
a423cd63fb8cc5415cea8f242c9351624d8b1702904fba662854a892fa063668
ab4e97c4c56de795a1f8a9a67783608d08ff9aef8d2a4b262ae71841a0e0e3e4
af76e682477a19e6ae3ccbb57c0c122f9bb3da8977c5c59254022c41e59590e0
b139982ce002c53ddfb65aec1e90704c0a3704fc5aa35247f9323b74a1d3f721
b4e9e9bef19c34422f55a7fdb9d10c4db5e39cff24b8c98a0be0e09b2ee6ac2b
bc9cef10d07e8da3ce80181de07a056414731f86e0dc12e2c81d652b28ac770b
d02a2ecc6abe9ace13324e5e6d91b51b3d4d74d814d0c5c75eb34d74e05ff15c
d2f3e642df0b6c754c71f80502056d952f874ef92da84205a158c21c012f616d
d561b087eb84f9a1a6bef617010f9d2536280828ec34514a7b67e8dfc5dc04aa
d6bf2b88ada07c05e7d7123479195887c82cc443896a8522f500e659a1935cd6
dbb67c620eaabf6679a314db18d3ae43037aef71ab27422e6feec08ee987cc0a
df178d935914fb63c2880bd93c76c7cae03e199962799b58cfff6916f60b9e3c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e3c39364dd866add4ea7fdf25aecc692c8d738387f3bab1720012919aab3c835
e43f50a325a5a83f020dd452365a66f18ccbbb271151a63748df361fbd96938f
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

www.kempinski.com 107.154.192.108

Summary

Verdict: Unknown

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Stats

0 Requests

0 Ad-blocked

0 Malicious

0 %HTTPS

0 %IPv6

0 Domains

0 Subdomains

0 IPs

0 Countries

0 kBTransfer

0 kBSize

0 Cookies

9 Outgoing links

63 HTTP transactions Everything HTML Script AJAX CSS Expand all 0 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.kempinski.com
107.154.192.108

Screenshot
Live screenshot

Full Image

0
Requests

0
Ad-blocked

0
Malicious

0 %
HTTPS

0 %
IPv6

0
Domains

0
Subdomains

0
IPs

0
Countries

0 kB
Transfer

0 kB
Size

0
Cookies

63 HTTP transactions
0 data transactions