book.rwgenting.com Open in urlscan Pro
170.33.9.200 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1...
Submission Tags: falconsandbox
Submission: On January 16 via api (January 16th 2022, 4:01:28 pm UTC) from US — Scanned from DE

Summary HTTP 103 Redirects Links 71 Behaviour Indicators

Summary

This website contacted 21 IPs in 7 countries across 15 domains to perform 103 HTTP transactions. The main IP is 170.33.9.200, located in Singapore and belongs to ASEPL-AS-AP Alibaba.com Singapore E-Commerce Private Limited, SG. The main domain is book.rwgenting.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 18th 2020. Valid for: 2 years.

This is the only time book.rwgenting.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	170.33.9.200 170.33.9.200	134963 (ASEPL-AS-...) (ASEPL-AS-AP Alibaba.com Singapore E-Commerce Private Limited)
28	79.133.177.215 79.133.177.215	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
1	79.133.177.231 79.133.177.231	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:802::200e	15169 (GOOGLE) (GOOGLE)
2 5	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	143.204.98.114 143.204.98.114	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:810::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
7	151.101.66.133 151.101.66.133	54113 (FASTLY) (FASTLY)
3	54.169.1.172 54.169.1.172	16509 (AMAZON-02) (AMAZON-02)
1 1	104.111.215.191 104.111.215.191	16625 (AKAMAI-AS) (AKAMAI-AS)
8	35.167.45.107 35.167.45.107	16509 (AMAZON-02) (AMAZON-02)
1	34.98.64.218 34.98.64.218	15169 (GOOGLE) (GOOGLE)
2 2	18.198.95.145 18.198.95.145	16509 (AMAZON-02) (AMAZON-02)
1 2	185.33.221.15 185.33.221.15	29990 (ASN-APPNEX) (ASN-APPNEX)
1	52.51.5.121 52.51.5.121	16509 (AMAZON-02) (AMAZON-02)
103	21

10 170.33.9.200 (Singapore)

ASN134963 (ASEPL-AS-AP Alibaba.com Singapore E-Commerce Private Limited, SG)

book.rwgenting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

28 79.133.177.215 (Russian Federation)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

cdn.book.rwgenting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 79.133.177.231 (Russian Federation)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

cdn.rwgenting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:802::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.38 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

6541830.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8661995.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 143.204.98.114 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-143-204-98-114.fra50.r.cloudfront.net

cdn.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.66.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.169.1.172 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-1-172.ap-southeast-1.compute.amazonaws.com

tr.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.111.215.191 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-215-191.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 35.167.45.107 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-167-45-107.us-west-2.compute.amazonaws.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.98.64.218 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 218.64.98.34.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.198.95.145 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-198-95-145.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.33.221.15 (Amsterdam, Netherlands) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.51.5.121 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-51-5-121.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
39	rwgenting.com book.rwgenting.com cdn.book.rwgenting.com cdn.rwgenting.com	875 KB
14	brand-display.com cdn.brand-display.com — Cisco Umbrella Rank: 56681 tr.brand-display.com — Cisco Umbrella Rank: 55480 dmp.brand-display.com — Cisco Umbrella Rank: 1461	61 KB
9	doubleclick.net 2 redirects 6541830.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 8661995.fls.doubleclick.net	5 KB
9	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	20 KB
8	krxd.net cdn.krxd.net — Cisco Umbrella Rank: 1035 consumer.krxd.net — Cisco Umbrella Rank: 1378 beacon.krxd.net — Cisco Umbrella Rank: 356	177 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 88	738 B
6	google.com www.google.com — Cisco Umbrella Rank: 8 adservice.google.com — Cisco Umbrella Rank: 69	1 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6151	782 B
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	287 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	134 KB
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 210	2 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 254	1 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 316	274 B
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 402	784 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 97	15 KB
103	15

	Domain	Requested by
28	cdn.book.rwgenting.com	book.rwgenting.com cdn.book.rwgenting.com
10	book.rwgenting.com	book.rwgenting.com cdn.book.rwgenting.com
9	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com book.rwgenting.com
8	dmp.brand-display.com	book.rwgenting.com
6	www.facebook.com	book.rwgenting.com
5	cdn.krxd.net	book.rwgenting.com cdn.krxd.net
4	www.google.de	book.rwgenting.com
4	www.google.com	book.rwgenting.com
4	connect.facebook.net	book.rwgenting.com connect.facebook.net
3	tr.brand-display.com	cdn.brand-display.com book.rwgenting.com
3	cdn.brand-display.com	book.rwgenting.com cdn.brand-display.com
3	6541830.fls.doubleclick.net	1 redirects www.googletagmanager.com book.rwgenting.com
3	www.googletagmanager.com	book.rwgenting.com www.googletagmanager.com
2	ib.adnxs.com	1 redirects book.rwgenting.com
2	x.bidswitch.net	2 redirects
2	8661995.fls.doubleclick.net	1 redirects book.rwgenting.com
2	consumer.krxd.net	cdn.krxd.net
2	adservice.google.com	6541830.fls.doubleclick.net 8661995.fls.doubleclick.net
2	stats.g.doubleclick.net	www.google-analytics.com
2	googleads.g.doubleclick.net	www.googleadservices.com
1	beacon.krxd.net	cdn.krxd.net
1	us-u.openx.net	book.rwgenting.com
1	tags.bluekai.com	1 redirects
1	www.googleadservices.com	www.googletagmanager.com
1	cdn.rwgenting.com	book.rwgenting.com
103	25

This site contains links to these domains. Also see Links.

Domain
www.rwgenting.com
www.rwlangkawi.com
www.rwkijal.com
www.gentingskyworlds.com
www.owg.com.my
gicc.streetview.my
www.met.gov.my
www.gentingmalaysia.com
www.rwawana.com
www.resortsworldtours.com

Subject Issuer	Validity	Valid
book.rwgenting.com DigiCert SHA2 Secure Server CA	`2020-02-18` - `2022-02-27`	2 years	crt.sh
cdn.book.rwgenting.com DigiCert SHA2 Secure Server CA	`2020-08-10` - `2022-08-16`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
cdn.rwgenting.com DigiCert SHA2 Secure Server CA	`2020-04-08` - `2022-04-08`	2 years	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-25` - `2022-01-23`	3 months	crt.sh
brand-display.com Amazon	`2021-06-13` - `2022-07-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
cdn.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-30` - `2022-12-29`	a year	crt.sh
consumer.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2022-07-12`	a year	crt.sh
*.knorex.com Amazon	`2021-12-10` - `2023-01-08`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
Frame ID: 281FAEBAE030D8E6D1A0FC8338C7693B
Requests: 94 HTTP requests in this frame

Frame: https://6541830.fls.doubleclick.net/activityi;dc_pre=CL_swq3StvUCFdBmGwodq24Irw;src=6541830;type=b_ctr;cat=fl_rw007;ord=6840460067230;gtm=2wg1c0;auiddc=461061705.1642348882;ps=1;~oref=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3
Frame ID: 78CDE719DCAA4D59C26CAAC0EA0BAB45
Requests: 2 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: 7E24B71A0B42B27D792C952B85BFA622
Requests: 4 HTTP requests in this frame

Frame: https://cdn.brand-display.com/tr/tag/cfix.html?key=b90894f9b1582df507297d968da7fecece37d93
Frame ID: D6D3D046421AC1B92BD22E3A73BD2B49
Requests: 1 HTTP requests in this frame

Frame: https://8661995.fls.doubleclick.net/activityi;dc_pre=CKqDkK7StvUCFRe2GwoddMgJ9A;src=8661995;type=remar0;cat=rwg_g0;u1=;u2=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=622496654428.3572
Frame ID: 23266E253D6BF706B0A1B0A776848D8B
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Resorts World Genting Resorts World - Gentings

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

FingerprintJS (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

fingerprint(\d)?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

103
Requests

98 %
HTTPS

39 %
IPv6

15
Domains

25
Subdomains

21
IPs

7
Countries

1578 kB
Transfer

4741 kB
Size

35
Cookies

71 Outgoing links

These are links going to different origins than the main page.

URL: https://www.rwgenting.com/home/

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Hotels/
Title: Hotels

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Hotels/Crockfords/
Title: Crockfords

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Hotels/Genting_Grand/
Title: Genting Grand

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Hotels/HighlandsHotel/
Title: Highlands Hotel

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Hotels/Resort_Hotel/
Title: Resort Hotel

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Hotels/Genting_SkyWorlds_Hotel/
Title: Genting SkyWorlds Hotel

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Hotels/First_World_Hotel/
Title: First World Hotel

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Hotels/Awana/
Title: Resorts World Awana

Search URL Search Domain Scan URL

URL: https://www.rwlangkawi.com/
Title: Resorts World Langkawi

Search URL Search Domain Scan URL

URL: https://www.rwkijal.com/
Title: Resorts World Kijal

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Casino/
Title: Casinos

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/casino/highlights/
Title: Highlights

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Casino/Sky_Casino/
Title: SkyCasino

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Casino/SkyCasino_Premium_Gaming/
Title: SkyCasino Premium Gaming

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Casino/Genting_Casino/
Title: Genting Casino

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Casino/Genting_Club/
Title: Genting Club

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Casino/Gaming_Guide/
Title: Gaming Guide

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Casino/Responsible_Gaming/
Title: Responsible Gaming

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Casino/FAQ/
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Things_To_Do/
Title: Things to do

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Things_To_Do/Attractions/
Title: Attractions

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Things_To_Do/Shopping/
Title: Shopping

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Things_To_Do/Dining/
Title: Dining

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Things_To_Do/Nightlife/
Title: Nightlife

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Things_To_Do/Leisure/
Title: Leisure

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/gettinghere/awanaskyway/
Title: Awana SkyWay

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Entertainment/
Title: Entertainment

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Entertainment/Show_And_Events/
Title: Shows & Events

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Entertainment/Bona_Cinemas/
Title: Bona Cinemas

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Theme_Parks/
Title: Theme Parks

Search URL Search Domain Scan URL

URL: https://www.gentingskyworlds.com/
Title: Genting SkyWorlds Theme Park

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Theme_Parks/Skytropolis/
Title: Skytropolis Indoor Theme Park

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Theme_Parks/BigTop_Video_Game_Park/
Title: BigTop Video Games Park

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Theme_Parks/SnowWorld/
Title: SnowWorld

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Theme_Parks/Genting_Bowl/
Title: Genting Bowl

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Theme_Parks/Vision_City_Video_Games_Park/
Title: Vision City Video Games Park

Search URL Search Domain Scan URL

URL: http://www.owg.com.my/ripleys-believe-not/
Title: Ripley’s Adventureland

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Theme_Parks/SkyVR/
Title: Sky VR

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Theme_Parks/Live-Entertainment/
Title: Live Entertainment

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/MICE/Introduction/
Title: MICE

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/MICE/Meetings/GICC/
Title: Meetings

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/MICE/Packages-Special-Events/
Title: Packages & Special Events

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/MICE/Sleep-in-the-Clouds/
Title: Sleep in the Clouds

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/MICE/Special_Attractions/
Title: Special Attractions

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/MICE/Unique-Customisations/
Title: Unique Customisations

Search URL Search Domain Scan URL

URL: https://gicc.streetview.my/
Title: 360° Virtual Tour

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Hot_deals/
Title: Hot Deals

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/GettingHere/
Title: Getting here

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/gentingrewards/overview/
Title: Genting Rewards

Search URL Search Domain Scan URL

URL: http://www.met.gov.my/forecast/weather/tourist/R010
Title: 17 °

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/?forgot_pin=1
Title: First Time Login

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/?support=1
Title: / Can’t log in

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/?membersupport=1
Title: Get Support Here

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/?signup=1
Title: Not a member? Sign up

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Contact/
Title: Messenger

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Sales_and_Reservation/
Title: Offices

Search URL Search Domain Scan URL

URL: http://www.gentingmalaysia.com/corporate_profile/
Title: About Us

Search URL Search Domain Scan URL

URL: http://www.gentingmalaysia.com/investor_relations/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/careers/GrowWithUs/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Disclaimer/
Title: Disclaimer

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/PrivacyPolicy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/FraudulentAlert/
Title: Fraudulent Alert

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Notice/
Title: Notice

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/uploadedFiles/Content/Home/GENM-ABAC-Policy.pdf
Title: Anti-Bribery and Anti-Corruption Policy

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/uploadedFiles/Content/Home/Whistleblower-Policy-2021.pdf
Title: Whistleblower Policy

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/uploadedFiles/Content/Home/Genting-Roads.pdf
Title: Rules & Regulations: Genting Roads

Search URL Search Domain Scan URL

URL: https://www.rwawana.com/
Title: Resorts World Awana

Search URL Search Domain Scan URL

URL: https://www.resortsworldtours.com/
Title: Resorts World Tours

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Things_To_Do/Attractions/chinswee/
Title: Chin Swee

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/?signin=1
Title: Confirm

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 30

https://6541830.fls.doubleclick.net/activityi;src=6541830;type=b_ctr;cat=fl_rw007;ord=6840460067230;gtm=2wg1c0;auiddc=461061705.1642348882;ps=1;~oref=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3 HTTP 302
https://6541830.fls.doubleclick.net/activityi;dc_pre=CL_swq3StvUCFdBmGwodq24Irw;src=6541830;type=b_ctr;cat=fl_rw007;ord=6840460067230;gtm=2wg1c0;auiddc=461061705.1642348882;ps=1;~oref=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3

Request Chain 73

https://8661995.fls.doubleclick.net/activityi;src=8661995;type=remar0;cat=rwg_g0;u1=;u2=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=622496654428.3572 HTTP 302
https://8661995.fls.doubleclick.net/activityi;dc_pre=CKqDkK7StvUCFRe2GwoddMgJ9A;src=8661995;type=remar0;cat=rwg_g0;u1=;u2=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=622496654428.3572

Request Chain 78

https://tags.bluekai.com/site/46117?id=069c425302d2ded623ada622025e7720&limit=1&redir=https%3A%2F%2Fdmp.brand-display.com%2Fcm2%2Fapi%2Fpixel%3Fpartner%3D0004%26pid%3D%24_BK_UUID%26bf%3D069c425302d2ded623ada622025e7720&_t1642348883424 HTTP 302
https://dmp.brand-display.com/cm2/api/pixel?partner=0004&pid=$_BK_UUID&bf=069c425302d2ded623ada622025e7720

Request Chain 80

https://x.bidswitch.net/sync?dsp_id=316&user_id=069c425302d2ded623ada622025e7720&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=316&user_id=069c425302d2ded623ada622025e7720&expires=30 HTTP 302
https://ib.adnxs.com/setuid?entity=388&code=04c92428-285e-4035-b554-f3ebc59680d1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D388%26code%3D04c92428-285e-4035-b554-f3ebc59680d1

103 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request HotelList.aspx Show response
book.rwgenting.com/member2/HotelApp/ 209 KB
49 KB 1536ms
682ms Document
text/html 170.33.9.200
ASEPL-AS-AP Aliba...

General

Check archive.org

Show headers Download Go to

Full URL

https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.33.9.200 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba.com Singapore E-Commerce Private Limited, SG),

Reverse DNS

Software

/ ASP.NET

Resource Hash

fc22e901eefbe8c5ac5c43669179fe4d1421bd93503b1d3b9b144048473a84d5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Sun, 16 Jan 2022 16:01:19 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: private
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
X-XSS-PROTECTION: 1;mode=block
Access-Control-Allow-Origin: *
X-UA-Compatible: IE=11
X-OneAgent-JS-Injection: true
X-ruxit-JS-Agent: true
Content-Encoding: gzip

GET
H/1.1 200
OK ruxitagentjs_ICA2Vfhjqr_10229211201102017.js Show response
book.rwgenting.com/member2/ 202 KB
79 KB 256ms
256ms Script
text/javascript 170.33.9.200
ASEPL-AS-AP Aliba...

General

Check archive.org

Show headers Download Go to

Full URL

https://book.rwgenting.com/member2/ruxitagentjs_ICA2Vfhjqr_10229211201102017.js

Requested by

Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.33.9.200 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba.com Singapore E-Commerce Private Limited, SG),

Reverse DNS

Software

/ ASP.NET

Resource Hash

c19343ba42a4e4d4cc8381824f50d3147d2b46ba79a6b14bbde40b4d95c8b484

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 16 Jan 2022 16:01:20 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2010 07:01:40 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *, *
Expires: Mon, 16 Jan 2023 16:01:20 GMT
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Content-Length: 80345
X-XSS-PROTECTION: 1;mode=block
X-UA-Compatible: IE=11

GET
H2 200 jquery-3.3.1.min.js Show response
cdn.book.rwgenting.com/assets/JavaScript/assets/js/ 85 KB
30 KB 1542ms
769ms Script
application/javascript 79.133.177.215
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/jquery-3.3.1.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.215 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 15:11:04 GMT
via: cache20.l2hk71[0,0,304-0,H], cache17.l2hk71[1,0], cache2.de3[724,724,200-0,H], cache4.de3[727,0]
age: 3017
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:13:516150628
x-swift-cachetime: 3600
x-swift-savetime: Sun, 16 Jan 2022 16:01:21 GMT
content-encoding: gzip
content-length: 30437
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:43 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "302594b565bd61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642345864
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19816423488806911694e

GET
H2 200 rangeslider.min.js Show response
cdn.book.rwgenting.com/assets/JavaScript/assets/js/vendor/ 8 KB
3 KB 1541ms
768ms Script
application/javascript 79.133.177.215
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/vendor/rangeslider.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.215 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

7b85a02b04b5b57387fca1e766d3478accf8b14142f11cd2665fdd80c890f773

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 15:11:04 GMT
via: cache13.l2hk71[0,0,304-0,H], cache28.l2hk71[1,0], cache12.de3[723,723,200-0,H], cache4.de3[726,0]
age: 3017
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:12:892889373
x-swift-cachetime: 3600
x-swift-savetime: Sun, 16 Jan 2022 16:01:21 GMT
content-encoding: gzip
content-length: 2713
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:44 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "d2637f4b565bd61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642345864
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19816423488806911696e

GET
H2 200 popper.min.js Show response
cdn.book.rwgenting.com/assets/JavaScript/assets/js/vendor/ 20 KB
7 KB 1542ms
769ms Script
application/javascript 79.133.177.215
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/vendor/popper.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.215 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

6acc5eebfc83c2aabc8251d201df3004c6aaf801565a9e7d75196f2ac2b380c7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 15:11:05 GMT
via: cache7.l2hk71[0,0,304-0,H], cache6.l2hk71[1,0], cache1.de3[723,723,200-0,H], cache4.de3[726,0]
age: 3016
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:12:524036874
x-swift-cachetime: 3600
x-swift-savetime: Sun, 16 Jan 2022 16:01:21 GMT
content-encoding: gzip
content-length: 7252
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:44 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "651b684b565bd61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642345865
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19816423488806911698e

GET
H2 200 bootstrap.min.js Show response
cdn.book.rwgenting.com/assets/JavaScript/assets/js/ 57 KB
15 KB 1555ms
782ms Script
application/javascript 79.133.177.215
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.215 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

cc47c9a01ef522ca502936e7d59d7c08ae33a04b0352e618e9235cdae911b5a4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 15:11:05 GMT
via: cache13.l2hk71[0,0,304-0,H], cache13.l2hk71[1,0], cache4.de3[726,726,200-0,H], cache4.de3[729,0]
age: 3016
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:12:90583969
x-swift-cachetime: 3600
x-swift-savetime: Sun, 16 Jan 2022 16:01:21 GMT
content-encoding: gzip
content-length: 14788
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:42 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "af5714a565bd61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642345865
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19816423488806931706e

GET
H2 200 holder.min.js Show response
cdn.book.rwgenting.com/assets/JavaScript/assets/js/vendor/ 32 KB
12 KB 1526ms
754ms Script
application/javascript 79.133.177.215
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/vendor/holder.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.215 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

89f8a11cde8bfe9354d5942292b01bec29f2301be2b0a1b749401a6f41779155

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 15:11:05 GMT
via: cache7.l2hk71[0,0,304-0,H], cache36.l2hk71[1,0], cache5.de3[715,714,200-0,H], cache4.de3[718,0]
age: 3016
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:13:431792275
x-swift-cachetime: 3600
x-swift-savetime: Sun, 16 Jan 2022 16:01:21 GMT
content-encoding: gzip
content-length: 11616
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:44 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "9b7aa14b565bd61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642345865
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19816423488806911700e

GET
H2 200 calendar.full.js Show response
cdn.book.rwgenting.com/assets/JavaScript/assets/js/ 179 KB
38 KB 1537ms
765ms Script
application/javascript 79.133.177.215
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/calendar.full.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.215 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

8e48ede4b6042c4aee0155ad5009896d35e0ede7614a23bc4757b0085b8226c0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 15:11:05 GMT
via: cache21.l2hk71[0,0,304-0,H], cache5.l2hk71[1,0], cache12.de3[714,714,200-0,H], cache4.de3[717,0]
age: 3016
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:13:890995753
x-swift-cachetime: 3600
x-swift-savetime: Sun, 16 Jan 2022 16:01:21 GMT
content-encoding: gzip
content-length: 39112
x-xss-protection: 1;mode=block
last-modified: Wed, 09 Dec 2020 10:07:19 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "8b6a761413ced61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642345865
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19816423488806931708e

GET
H2 200 calendar.custom.js Show response
cdn.book.rwgenting.com/assets/JavaScript/assets/js/ 10 KB
2 KB 1554ms
781ms Script
application/javascript 79.133.177.215
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/calendar.custom.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.215 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

6db045d05ad2f199b07a5ae91c6833ca6023e2455d1257c4525514652d184bee

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 15:11:05 GMT
via: cache34.l2hk71[0,0,304-0,H], cache17.l2hk71[1,0], cache13.de3[724,724,200-0,H], cache4.de3[728,0]
age: 3016
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:13:536935282
x-swift-cachetime: 3600
x-swift-savetime: Sun, 16 Jan 2022 16:01:21 GMT
content-encoding: gzip
content-length: 2185
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:42 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "ea3564a565bd61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642345865
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19816423488806931714e

GET
H2 200 e-smart-zoom-jquery.js Show response
cdn.book.rwgenting.com/assets/JavaScript/assets/js/ 46 KB
12 KB 1552ms
780ms Script
application/javascript 79.133.177.215
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/e-smart-zoom-jquery.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.215 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

19f6b7d7d53847ac8a12c35c4a1c4d00c0338b0de9c66c78256d18b433dce49d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 15:11:05 GMT
via: cache10.l2hk71[0,0,304-0,H], cache2.l2hk71[1,0], cache1.de3[724,724,200-0,H], cache4.de3[728,0]
age: 3016
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:13:520683547
x-swift-cachetime: 3600
x-swift-savetime: Sun, 16 Jan 2022 16:01:21 GMT
content-encoding: gzip
content-length: 12064
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:43 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "f367a44a565bd61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642345865
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19816423488806931712e

GET
H2 200 genting.js Show response
cdn.book.rwgenting.com/assets/JavaScript/assets/js/ 145 KB
22 KB 1556ms
784ms Script
application/javascript 79.133.177.215
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/genting.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.215 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

a8a6ad2ebe0ee1ac697c5d4faa59713d1a396e47573236ed51171c532ccae05e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 15:11:06 GMT
via: cache11.l2hk71[0,0,304-0,H], cache27.l2hk71[1,0], cache10.de3[725,726,200-0,H], cache4.de3[730,0]
age: 3015
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:12:292485718
x-swift-cachetime: 3600
x-swift-savetime: Sun, 16 Jan 2022 16:01:21 GMT
content-encoding: gzip
content-length: 21939
x-xss-protection: 1;mode=block
last-modified: Tue, 10 Nov 2020 02:12:27 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "b32faef6b7d61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642345866
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19816423488806931718e

GET
H2 200 parallax.js Show response
cdn.book.rwgenting.com/assets/JavaScript/assets/js/ 6 KB
2 KB 1539ms
767ms Script
application/javascript 79.133.177.215
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/parallax.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.215 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

b15097aa1de678f4c1730b29d5d9b3282fb9f350d65b0db089fc470b223355dd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 15:11:06 GMT
via: cache22.l2hk71[0,0,304-0,H], cache5.l2hk71[1,0], cache5.de3[717,717,200-0,H], cache4.de3[721,0]
age: 3016
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:12:432480615
x-swift-cachetime: 3600
x-swift-savetime: Sun, 16 Jan 2022 16:01:21 GMT
content-encoding: gzip
content-length: 1744
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:43 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "1a57fe4a565bd61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642345865
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19816423488806931716e

GET
H2 200 jquery-ui-jqLoding.js Show response
cdn.book.rwgenting.com/assets/JavaScript/ 6 KB
2 KB 1553ms
781ms Script
application/javascript 79.133.177.215
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/jquery-ui-jqLoding.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.215 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

b2d9f9172b520a90aa25fa1a3faa3614500563672f12e90a0eae864adeb40c1b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 15:11:06 GMT
via: cache15.l2hk71[0,0,304-0,H], cache7.l2hk71[1,0], cache11.de3[723,723,200-0,H], cache4.de3[728,0]
age: 3015
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:13:466688411
x-swift-cachetime: 3600
x-swift-savetime: Sun, 16 Jan 2022 16:01:21 GMT
content-encoding: gzip
content-length: 1722
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:39 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "a7303248565bd61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642345866
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19816423488806931721e

GET
H2 200 sha256.js Show response
cdn.book.rwgenting.com/assets/JavaScript/assets/js/ 18 KB
5 KB 1552ms
780ms Script
application/javascript 79.133.177.215
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/sha256.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.215 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

cd19986cea50d5c6c624ae11c59a2ec069df3de5fde964d09b4765487e6e7ac5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 15:11:06 GMT
via: cache11.l2hk71[0,0,304-0,H], cache31.l2hk71[1,0], cache10.de3[723,723,200-0,H], cache4.de3[728,0]
age: 3015
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:12:292485724
x-swift-cachetime: 3600
x-swift-savetime: Sun, 16 Jan 2022 16:01:21 GMT
content-encoding: gzip
content-length: 4447
x-xss-protection: 1;mode=block
last-modified: Mon, 28 Sep 2020 10:19:40 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "331a87e08095d61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642345866
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19816423488806931720e

GET
H2 200 jquery.modaldialog.js Show response
cdn.book.rwgenting.com/assets/JavaScript/ 11 KB
3 KB 1553ms
782ms Script
application/javascript 79.133.177.215
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/jquery.modaldialog.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.215 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

2c4499bc3200dc93e2d3aadb3e6307fccb1809e84f176cac60c0ffbe3446f87c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 15:11:06 GMT
via: cache15.l2hk71[0,0,304-0,H], cache9.l2hk71[1,0], cache2.de3[717,718,200-0,H], cache4.de3[729,0]
age: 3015
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:12:518700409
x-swift-cachetime: 3600
x-swift-savetime: Sun, 16 Jan 2022 16:01:21 GMT
content-encoding: gzip
content-length: 2354
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:38 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "40e7db47565bd61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642345866
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19816423488806931723e

GET
H2 200 genting.css
cdn.book.rwgenting.com/assets/JavaScript/assets/css/ 388 KB
57 KB 1512ms
741ms Stylesheet
text/css 79.133.177.215
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/css/genting.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.215 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

d84ca9189c0c93cefe8b06881f550047a3a0ea57684f87753335a609309400e8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 15:11:04 GMT
via: cache12.l2hk71[0,0,304-0,H], cache32.l2hk71[1,0], cache11.de3[723,723,200-0,H], cache4.de3[726,0]
age: 3017
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:12:471497657
x-swift-cachetime: 3600
x-swift-savetime: Sun, 16 Jan 2022 16:01:21 GMT
content-encoding: gzip
content-length: 58128
x-xss-protection: 1;mode=block
last-modified: Thu, 23 Sep 2021 08:43:46 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "04d81f57b0d71:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642345864
content-type: text/css
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19816423488806831664e

GET
H2 200 jquery.modaldialog.css
cdn.book.rwgenting.com/assets/Style/ 3 KB
1 KB 1524ms
753ms Stylesheet
text/css 79.133.177.215
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/Style/jquery.modaldialog.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.215 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

5890e0f5759cdace55c64dac8afe9034088b05b7e04248f71d4a304421e8a16b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 15:11:04 GMT
via: cache10.l2hk71[0,0,304-0,H], cache31.l2hk71[0,0], cache8.de3[716,716,200-0,H], cache4.de3[718,0]
age: 3017
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:12:295802013
x-swift-cachetime: 3600
x-swift-savetime: Sun, 16 Jan 2022 16:01:21 GMT
content-encoding: gzip
content-length: 926
x-xss-protection: 1;mode=block
last-modified: Tue, 22 Jan 2019 02:13:16 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "4753329f8b1d41:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642345864
content-type: text/css
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19816423488806911685e

GET
H2 200 jquery.maskedinput-1.4.0.js Show response
cdn.book.rwgenting.com/assets/JavaScript/ 5 KB
2 KB 1539ms
768ms Script
application/javascript 79.133.177.215
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/jquery.maskedinput-1.4.0.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.215 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

9409d775f1f80a4bde9b7e814ac3cf72ee325183778ad98a8a665ecb1be4de0b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 15:11:06 GMT
via: cache15.l2hk71[0,0,304-0,H], cache2.l2hk71[1,0], cache14.de3[716,716,200-0,H], cache4.de3[721,0]
age: 3015
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:12:364252532
x-swift-cachetime: 3600
x-swift-savetime: Sun, 16 Jan 2022 16:01:21 GMT
content-encoding: gzip
content-length: 2115
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:37 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "84ee6647565bd61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642345866
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19816423488806931725e

GET
H2 200 tooltip.css
cdn.book.rwgenting.com/assets/JavaScript/assets/css/ 1 KB
645 B 1511ms
741ms Stylesheet
text/css 79.133.177.215
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/css/tooltip.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.215 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

c635ad039a51f60103d07ee88fb6655f294efe3730724f0be8cdc0e4e86fa340

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 15:11:04 GMT
via: cache22.l2hk71[0,0,304-0,H], cache30.l2hk71[1,0], cache11.de3[716,716,200-0,H], cache4.de3[718,0]
age: 3017
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:13:466688413
x-swift-cachetime: 3600
x-swift-savetime: Sun, 16 Jan 2022 16:01:21 GMT
content-encoding: gzip
content-length: 389
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:39 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "9aa7848565bd61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642345864
content-type: text/css
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19816423488806911688e

GET
H2 200 tooltip.js Show response
cdn.book.rwgenting.com/assets/JavaScript/assets/js/ 14 KB
3 KB 1537ms
766ms Script
application/javascript 79.133.177.215
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/tooltip.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.215 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

981830d7bd9000e3f5adfcfca19307bb14c9ba612bb258aab51637d2d8b8ee39

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 15:11:06 GMT
via: cache30.l2hk71[0,0,304-0,H], cache1.l2hk71[0,0], cache3.de3[714,714,200-0,H], cache4.de3[720,0]
age: 3015
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:13:633655532
x-swift-cachetime: 3600
x-swift-savetime: Sun, 16 Jan 2022 16:01:21 GMT
content-encoding: gzip
content-length: 2601
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:43 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "2af34b565bd61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642345866
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19816423488806931726e

GET
H2 200 intlTelInput.css
cdn.book.rwgenting.com/assets/JavaScript/assets/css/ 25 KB
4 KB 1510ms
740ms Stylesheet
text/css 79.133.177.215
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/css/intlTelInput.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.215 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

494f93c5215e411d1e4b082d9375e93c1d978b805f50262ffcd31b853bf4b71c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 15:11:05 GMT
via: cache16.l2hk71[0,0,304-0,H], cache18.l2hk71[0,0], cache14.de3[715,715,200-0,H], cache4.de3[717,0]
age: 3017
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:13:362496062
x-swift-cachetime: 3600
x-swift-savetime: Sun, 16 Jan 2022 16:01:21 GMT
content-encoding: gzip
content-length: 3112
x-xss-protection: 1;mode=block
last-modified: Fri, 23 Oct 2020 01:48:17 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "502e1594dea8d61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642345864
content-type: text/css
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19816423488806911690e

GET
H2 200 intlTelInput.js Show response
cdn.book.rwgenting.com/assets/JavaScript/assets/js/ 87 KB
20 KB 1537ms
767ms Script
application/javascript 79.133.177.215
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/intlTelInput.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.215 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

083e309c8998a21f312ca427b00f484b95c7eefa961e7ccb564fa7a3380920f3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 15:11:06 GMT
via: cache35.l2hk71[0,0,304-0,H], cache28.l2hk71[0,0], cache11.de3[713,713,200-0,H], cache4.de3[720,0]
age: 3015
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:12:471497643
x-swift-cachetime: 3600
x-swift-savetime: Sun, 16 Jan 2022 16:01:21 GMT
content-encoding: gzip
content-length: 20676
x-xss-protection: 1;mode=block
last-modified: Fri, 23 Oct 2020 01:48:18 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "a516cf94dea8d61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642345866
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19816423488806931728e

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 59ms
35ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-382529330

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7ea7af38a35ea6e4da37af90ed3b916c6e3de98800fd45fb00615c2c2979d7d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 16:01:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39770
x-xss-protection: 0
last-modified: Sun, 16 Jan 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 16 Jan 2022 16:01:21 GMT

GET
H/1.1 200
OK WebResource.axd Show response
book.rwgenting.com/member2/ 23 KB
5 KB 489ms
255ms Script
application/x-javascript 170.33.9.200
ASEPL-AS-AP Aliba...

General

Check archive.org

Show headers Download Go to

Full URL

https://book.rwgenting.com/member2/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZBMhLUH1UmTvCpYa3fbVQ6CNHgrlfqUMvKC_1KVe2duhu9iJIm5uUZ_H_wUsF6d4Ug2&t=637461269481343508

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.33.9.200 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba.com Singapore E-Commerce Private Limited, SG),

Reverse DNS

Software

/ ASP.NET

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 16 Jan 2022 16:01:20 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 13 Jan 2021 01:29:07 GMT
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Expires: Sun, 15 Jan 2023 19:03:12 GMT
Cache-Control: public
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-PROTECTION: 1;mode=block
X-UA-Compatible: IE=11

GET
H/1.1 200
OK ScriptResource.axd Show response
book.rwgenting.com/member2/ 357 KB
61 KB 965ms
498ms Script
application/x-javascript 170.33.9.200
ASEPL-AS-AP Aliba...

General

Check archive.org

Show headers Download Go to

Full URL

https://book.rwgenting.com/member2/ScriptResource.axd?d=yeSNAJTOPtPimTGCAo3LlSi1VrOTWKwMpEVV96nNee7z_7TH--p2H2WGzgkk4RsNHAhXD5kpIBhXuCYLLVG53lGO6rx72rKkQ_JkifS-EKEnH-e1KkmUNOEpqufq4Xje0&t=7f16157c

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.33.9.200 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba.com Singapore E-Commerce Private Limited, SG),

Reverse DNS

Software

/ ASP.NET

Resource Hash

1a84f467ad2c041ede1d2514d5c5f6c9edfbe47d5a7b9342743965c789ca0248

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 16 Jan 2022 16:01:20 GMT
Content-Encoding: gzip
ETag: "1642273392:dtagent10229211201102017WHjA"
Last-Modified: Sat, 15 Jan 2022 19:03:11 GMT
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Expires: Sun, 15 Jan 2023 19:03:12 GMT
Cache-Control: public
Connection: keep-alive
Content-Length: 61902
X-XSS-PROTECTION: 1;mode=block
X-UA-Compatible: IE=11

GET
H/1.1 200
OK ScriptResource.axd Show response
book.rwgenting.com/member2/ 93 KB
15 KB 748ms
270ms Script
application/x-javascript 170.33.9.200
ASEPL-AS-AP Aliba...

General

Check archive.org

Show headers Download Go to

Full URL

https://book.rwgenting.com/member2/ScriptResource.axd?d=DT3YJR8QaqV61-teuz0hgst7Z7_pyP7h4LurjUcQE4fKqTEjiOvewO02MEvS6psbXSIfjfhYwVdAJdTT8ROS2IarEIUWmd3eI91tGhwhQ9meqB6iUQHYrxI0I6nf4bo--RCO9-yFr3ygFmpbEi0ZSQ2&t=7f16157c

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.33.9.200 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba.com Singapore E-Commerce Private Limited, SG),

Reverse DNS

Software

/ ASP.NET

Resource Hash

d0670324e6062e1b6c0fdd2ad008effa9ff4bbeb10b780cd0c1577e0c05a5285

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 16 Jan 2022 16:01:20 GMT
Content-Encoding: gzip
ETag: "1642273392:dtagent10229211201102017WHjA"
Last-Modified: Sat, 15 Jan 2022 19:03:11 GMT
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Expires: Sun, 15 Jan 2023 19:03:12 GMT
Cache-Control: public
Connection: keep-alive
Content-Length: 15236
X-XSS-PROTECTION: 1;mode=block
X-UA-Compatible: IE=11

GET
H2 200 Best-rates-top1-rev.jpg
cdn.rwgenting.com/uploadedImages/Content/Hot_deals/ 147 KB
148 KB 1108ms
554ms Image
image/jpeg 79.133.177.231
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.rwgenting.com/uploadedImages/Content/Hot_deals/Best-rates-top1-rev.jpg?n=129
Requested by: Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.133.177.231 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / ASP.NET
Resource Hash: 51b0fa6fa24f457766b1480b814cce77f28adf07ec6061db7a69cd3ea857009e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 16:01:22 GMT
via: cache10.l2hk71[158,159,304-0,H], cache22.l2hk71[161,0], cache22.l2hk71[161,0], cache10.de3[522,523,200-0,H], cache8.de3[528,0]
x-aspnet-version: 4.0.30319
age: 0
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:12:116661548
x-swift-cachetime: 3600
x-swift-savetime: Sun, 16 Jan 2022 16:01:22 GMT
content-length: 150873
last-modified: Wed, 06 Jan 2021 04:23:04 GMT
server: Tengine
ali-swift-global-savetime: 1642348882
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
eagleid: 4f85b19c16423488820807482e

GET
H2 200 cancel-red.svg
cdn.book.rwgenting.com/assets/gale/ 358 B
737 B 733ms
731ms Image
image/svg+xml 79.133.177.215
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.book.rwgenting.com/assets/gale/cancel-red.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.215 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

4efefe4a8090d4c75325d54f571f21440761e4b1b3fd1c5fc2aab797c0db38d4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 15:11:07 GMT
via: cache18.l2hk71[0,0,304-0,H], cache17.l2hk71[0,0], cache3.de3[715,715,200-0,H], cache4.de3[717,0]
age: 3015
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:12:655666056
x-swift-cachetime: -16323896
x-swift-savetime: Sun, 16 Jan 2022 16:01:22 GMT
content-length: 358
x-xss-protection: 1;mode=block
last-modified: Wed, 30 Jan 2019 10:09:46 GMT
server: Tengine
etag: "7621aeed83b8d41:0"
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1642345867
content-type: image/svg+xml
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19816423488815263653e

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 186 KB
56 KB 41ms
39ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KLX5MDQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

5bd6225208dd13397ce3ed85bdd09c503ee59ae7d14d93a21e560ee3a4e19a83

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 16:01:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57270
x-xss-protection: 0
last-modified: Sun, 16 Jan 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 16 Jan 2022 16:01:21 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 38 KB
15 KB 45ms
19ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-382529330

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

1fe7c9b04cd9ebd46cd5a636bd2c2b1d54054f3995db24951c0d0318ec71d70c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 16:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14835
x-xss-protection: 0
server: cafe
etag: 2630088915750441828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sun, 16 Jan 2022 16:01:21 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 43ms
18ms Script
text/javascript 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KLX5MDQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 3615
date: Sun, 16 Jan 2022 15:01:06 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Sun, 16 Jan 2022 17:01:06 GMT

GET
H3

200

activityi;dc_pre=CL_swq3StvUCFdBmGwodq24Irw;src=6541830;type=b_ctr;cat=fl_rw007;ord=6840460067230;gtm=2wg1c0;auiddc=461061705.1642348882;ps=1;~oref=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHote... Show response
6541830.fls.doubleclick.net/ Frame 78CD
Redirect Chain

https://6541830.fls.doubleclick.net/activityi;src=6541830;type=b_ctr;cat=fl_rw007;ord=6840460067230;gtm=2wg1c0;auiddc=461061705.1642348882;ps=1;~oref=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHo...
https://6541830.fls.doubleclick.net/activityi;dc_pre=CL_swq3StvUCFdBmGwodq24Irw;src=6541830;type=b_ctr;cat=fl_rw007;ord=6840460067230;gtm=2wg1c0;auiddc=461061705.1642348882;ps=1;~oref=https%3A%2F%2...

668 B
501 B

45ms
30ms

Document
text/html

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6541830.fls.doubleclick.net/activityi;dc_pre=CL_swq3StvUCFdBmGwodq24Irw;src=6541830;type=b_ctr;cat=fl_rw007;ord=6840460067230;gtm=2wg1c0;auiddc=461061705.1642348882;ps=1;~oref=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KLX5MDQ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

700d82a4be065a25f862269f246ced3058f89cd7f4636503e76b22a093de92d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jan 2022 16:01:21 GMT
expires: Sun, 16 Jan 2022 16:01:21 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 476
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jan 2022 16:01:21 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://6541830.fls.doubleclick.net/activityi;dc_pre=CL_swq3StvUCFdBmGwodq24Irw;src=6541830;type=b_ctr;cat=fl_rw007;ord=6840460067230;gtm=2wg1c0;auiddc=461061705.1642348882;ps=1;~oref=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 25ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: OYQ8pOswTZ611FCR5coHQOBp1rMG2zK4O5r+rGg5f77j+FKiAvKb/b1PVapAmpNaPRSPGJVoQJAqlWit62tolw==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Sun, 16 Jan 2022 16:01:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 31ms
31ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-941664267

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KLX5MDQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d26a327a80bd55d169b71b4bc0cf733662455b08a7129312411812104c761a25

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 16:01:21 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39773
x-xss-protection: 0
last-modified: Sun, 16 Jan 2022 15:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Sun, 16 Jan 2022 16:01:21 GMT

GET
H2 200 b90894f9b1582df507297d968da7fecece37d93.js Show response
cdn.brand-display.com/tr/knx15814/ 23 KB
23 KB 94ms
21ms Script
text/javascript 143.204.98.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brand-display.com/tr/knx15814/b90894f9b1582df507297d968da7fecece37d93.js?v1=%%PAGE_CATEGORY%%&v2=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&_t=1642348881621
Requested by: Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-114.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c08e671967a1e37c99c6644d9ce66597c324639607a4df7df671d4d6b4229268

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: tOXJK.mG6DRpfvXzPon70dkZrK06OlQH
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
last-modified: Mon, 30 Nov 2020 18:06:07 GMT
server: AmazonS3
age: 43358
etag: "8309c31a6749ee17ee6655d88ca91426"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: no-cache, must-revalidate, proxy-revalidate, public, max-age=0
date: Sun, 16 Jan 2022 03:58:44 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 23323
x-amz-cf-id: dQa5ZABGbnt7tUN_3aaAXRW3hq5MJeL5CkCgWR1Hx_3_M4L7gOTP3w==

GET
H2 200 activityi;register_conversion=1;src=6541830;type=b_ctr;cat=fl_rw007;ord=6840460067230;gtm=2wg1c0;auiddc=461061705.1642348882;ps=1;~oref=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotel...
6541830.fls.doubleclick.net/ 0
0 74ms
15ms Image
text/html 142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6541830.fls.doubleclick.net/activityi;register_conversion=1;src=6541830;type=b_ctr;cat=fl_rw007;ord=6840460067230;gtm=2wg1c0;auiddc=461061705.1642348882;ps=1;~oref=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3?
Requested by: Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.38 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s04-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/382529330/ 3 KB
2 KB 43ms
19ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/382529330/?random=1642348881628&cv=9&fst=1642348881628&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1c0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&tiba=Resorts%20World%20Genting&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

81129b9ee75d4798277f815da6f188e86885dbccdd1630ceb735d3d0a4525c20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jan 2022 16:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 31ms
16ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=373036175&t=pageview&_s=1&dl=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&ul=en-us&de=UTF-8&dt=Resorts%20World%20Genting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAAC~&jid=1715128747&gjid=994710934&cid=1948101519.1642348882&tid=UA-3398302-53&_gid=625096000.1642348882&_r=1&gtm=2wg1c0KLX5MDQ&z=1111468077

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://book.rwgenting.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jan 2022 16:01:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://book.rwgenting.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 537857393380708 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 123ms
113ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/537857393380708?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d629f50bab9a4ad963767dbb37d0511e0af980ebb00222c492ffdf2a8b690e1c

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: DC9BJAu1RuLGV194HZlkMTZQutB/nqNNU3J6xKKcRpqGk0o7+NIPbv4ft+pMZaoiW92gJPb3pbbl7O5R+AzOIA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 16 Jan 2022 16:01:21 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/941664267/ 3 KB
1 KB 36ms
21ms Script
text/javascript 2a00:1450:4001:810::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/941664267/?random=1642348881683&cv=9&fst=1642348881683&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1c0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&tiba=Resorts%20World%20Genting&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:810::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

f8fa7f8d34077969895b267e61a6178f107bb964bab84efbb87decaf276471c8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jan 2022 16:01:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1172
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/382529330/ 42 B
548 B 49ms
27ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/382529330/?random=1642348881628&cv=9&fst=1642348800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1c0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&tiba=Resorts%20World%20Genting&async=1&fmt=3&is_vtc=1&random=4111272071&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jan 2022 16:01:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/382529330/ 42 B
108 B 66ms
27ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/382529330/?random=1642348881628&cv=9&fst=1642348800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1c0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&tiba=Resorts%20World%20Genting&async=1&fmt=3&is_vtc=1&random=4111272071&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jan 2022 16:01:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 72ms
18ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3398302-53&cid=1948101519.1642348882&jid=1715128747&gjid=994710934&_gid=625096000.1642348882&_u=YEBAAEAAAAAAAC~&z=689317608

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://book.rwgenting.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 16 Jan 2022 16:01:21 GMT
content-type: text/plain
access-control-allow-origin: https://book.rwgenting.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fingerprint2.min.js Show response
cdn.brand-display.com/sv/js/ 29 KB
29 KB 8ms
7ms Script
application/javascript 143.204.98.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brand-display.com/sv/js/fingerprint2.min.js
Requested by: Host: cdn.brand-display.com
URL: https://cdn.brand-display.com/tr/knx15814/b90894f9b1582df507297d968da7fecece37d93.js?v1=%%PAGE_CATEGORY%%&v2=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&_t=1642348881621
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-114.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba50544bc52682e3884d79402fa65bbc8149866ff097223c48d9da54bb02e280

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: FMv4TnIx_EkiUylzRiS37tBQkjLZO1jg
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
last-modified: Fri, 10 Apr 2020 12:22:17 GMT
server: AmazonS3
age: 40701
etag: "3b1a8d0a55f588f5675fa2ecd2abc5c2"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Sun, 16 Jan 2022 04:43:01 GMT
x-amz-cf-pop: FRA50-C1
accept-ranges: bytes
content-length: 29420
x-amz-cf-id: w9Uw1CBZdOet3dEdj6npL1MD3Tk9R73Qk5oUtqqJfsCLBQ0jfpQ2vQ==

GET
H2 200 /
www.google.com/pagead/1p-user-list/941664267/ 42 B
108 B 20ms
19ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/941664267/?random=1642348881683&cv=9&fst=1642348800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1c0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&tiba=Resorts%20World%20Genting&async=1&fmt=3&is_vtc=1&random=748704038&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jan 2022 16:01:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/941664267/ 42 B
548 B 26ms
24ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/941664267/?random=1642348881683&cv=9&fst=1642348800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1c0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&tiba=Resorts%20World%20Genting&async=1&fmt=3&is_vtc=1&random=748704038&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jan 2022 16:01:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 dc_pre=CL_swq3StvUCFdBmGwodq24Irw;src=6541830;type=b_ctr;cat=fl_rw007;ord=6840460067230;gtm=2wg1c0;auiddc=*;ps=1;~oref=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymo...
adservice.google.com/ddm/fls/z/ Frame 78CD 42 B
494 B 67ms
44ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CL_swq3StvUCFdBmGwodq24Irw;src=6541830;type=b_ctr;cat=fl_rw007;ord=6840460067230;gtm=2wg1c0;auiddc=*;ps=1;~oref=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3

Requested by

Host: 6541830.fls.doubleclick.net
URL: https://6541830.fls.doubleclick.net/activityi;dc_pre=CL_swq3StvUCFdBmGwodq24Irw;src=6541830;type=b_ctr;cat=fl_rw007;ord=6840460067230;gtm=2wg1c0;auiddc=461061705.1642348882;ps=1;~oref=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6541830.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jan 2022 16:01:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 47ms
31ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3398302-53&cid=1948101519.1642348882&jid=1715128747&_u=YEBAAEAAAAAAAC~&z=1969597646

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jan 2022 16:01:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 48ms
31ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3398302-53&cid=1948101519.1642348882&jid=1715128747&_u=YEBAAEAAAAAAAC~&z=1969597646

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jan 2022 16:01:21 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 brown-regular.woff2
cdn.book.rwgenting.com/assets/JavaScript/assets/fonts/ 19 KB
20 KB 229ms
197ms Font
application/x-font-woff2 79.133.177.215
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/fonts/brown-regular.woff2

Requested by

Host: cdn.book.rwgenting.com
URL: https://cdn.book.rwgenting.com/assets/JavaScript/assets/css/genting.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.215 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

3bad7d670a6660817708b9fb30b07ab22cd3db5d87f2bc2f141a67f4da9ebeb7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.book.rwgenting.com/assets/JavaScript/assets/css/genting.css
Origin: https://book.rwgenting.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 15:11:07 GMT
via: cache16.l2hk71[0,0,304-0,H], cache9.l2hk71[1,0], cache2.de3[178,179,200-0,H], cache11.de3[181,0]
age: 3015
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:12:518710757
x-swift-cachetime: 3600
x-swift-savetime: Sun, 16 Jan 2022 16:01:22 GMT
content-length: 19912
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:40 GMT
server: Tengine
etag: "ae4a6549565bd61:0:dtagent10229211201102017WHjA"
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1642345867
content-type: application/x-font-woff2
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19f16423488818673323e

GET
H2 200 genting-icons.woff
cdn.book.rwgenting.com/assets/JavaScript/assets/fonts/ 17 KB
17 KB 241ms
209ms Font
application/x-font-woff 79.133.177.215
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/fonts/genting-icons.woff?9klrmc

Requested by

Host: cdn.book.rwgenting.com
URL: https://cdn.book.rwgenting.com/assets/JavaScript/assets/css/genting.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.215 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

8e0450cc4717f2613dc6ff9af944c62e92dff62dc9d50a10851553ac9c58544f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.book.rwgenting.com/assets/JavaScript/assets/css/genting.css
Origin: https://book.rwgenting.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 15:11:07 GMT
via: cache2.l2hk71[0,0,304-0,H], cache1.l2hk71[1,0], cache3.de3[178,177,200-0,H], cache11.de3[179,0]
age: 3015
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:13:633662642
x-swift-cachetime: 3600
x-swift-savetime: Sun, 16 Jan 2022 16:01:22 GMT
content-length: 17080
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:40 GMT
server: Tengine
etag: "7dd69c49565bd61:0:dtagent10229211201102017WHjA"
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1642345867
content-type: application/x-font-woff
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19f16423488818763349e

GET
H2 200 brown-light.woff2
cdn.book.rwgenting.com/assets/JavaScript/assets/fonts/ 19 KB
20 KB 242ms
210ms Font
application/x-font-woff2 79.133.177.215
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/fonts/brown-light.woff2

Requested by

Host: cdn.book.rwgenting.com
URL: https://cdn.book.rwgenting.com/assets/JavaScript/assets/css/genting.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.215 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

27de96de6b1e61132441689a2670147e9eb0ec235cb6c417815a9fefe53ef428

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.book.rwgenting.com/assets/JavaScript/assets/css/genting.css
Origin: https://book.rwgenting.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 15:11:07 GMT
via: cache30.l2hk71[0,0,304-0,H], cache17.l2hk71[0,0], cache13.de3[180,180,200-0,H], cache11.de3[181,0]
age: 3015
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:13:536939658
x-swift-cachetime: 3600
x-swift-savetime: Sun, 16 Jan 2022 16:01:22 GMT
content-length: 19864
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:39 GMT
server: Tengine
etag: "334ff49565bd61:0:dtagent10229211201102017WHjA"
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1642345867
content-type: application/x-font-woff2
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19f16423488818763346e

GET
H2 200 brown-bold.woff2
cdn.book.rwgenting.com/assets/JavaScript/assets/fonts/ 20 KB
20 KB 732ms
732ms Font
application/x-font-woff2 79.133.177.215
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/fonts/brown-bold.woff2

Requested by

Host: cdn.book.rwgenting.com
URL: https://cdn.book.rwgenting.com/assets/JavaScript/assets/css/genting.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.215 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

f5c2adae89718a53679c5a07e14dbeb4cde33d917a1419006aa26b81968eece1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.book.rwgenting.com/assets/JavaScript/assets/css/genting.css
Origin: https://book.rwgenting.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 15:11:07 GMT
via: cache34.l2hk71[0,0,304-0,H], cache9.l2hk71[1,0], cache4.de3[717,718,200-0,H], cache11.de3[719,0]
age: 3015
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:12:90597766
x-swift-cachetime: 3600
x-swift-savetime: Sun, 16 Jan 2022 16:01:22 GMT
content-length: 20072
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:39 GMT
server: Tengine
etag: "a03dc848565bd61:0:dtagent10229211201102017WHjA"
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1642345867
content-type: application/x-font-woff2
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19f16423488818863372e

GET
H3 200 408482393299012 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 108ms
107ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/408482393299012?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7fdda27c5a552b3585259c828b032dfc29b52d68f9cd8d21a7481d901dd8e47

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: pkHiZvGehQww2zDPnJ66hgAGDvR0/Ap6Lg9R37n6P0sDTu/SBt/UkkknINBrUTfckexGl1Zs/at9JjKGDeGqkQ==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 16 Jan 2022 16:01:22 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
295 B 24ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=537857393380708&ev=PageView&dl=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&rl=&if=false&ts=1642348881903&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1642348881902.58104027&it=1642348881669&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 16:01:21 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Sun, 16 Jan 2022 16:01:21 GMT

GET
H2 200 flags.png
cdn.book.rwgenting.com/assets/JavaScript/assets/img/ 69 KB
70 KB 882ms
880ms Image
image/png 79.133.177.215
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/img/flags.png

Requested by

Host: cdn.book.rwgenting.com
URL: https://cdn.book.rwgenting.com/assets/JavaScript/assets/css/intlTelInput.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.215 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.book.rwgenting.com/assets/JavaScript/assets/css/intlTelInput.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 16:01:22 GMT
via: cache1.l2hk71[150,150,304-0,M], cache25.l2hk71[152,0], cache1.de3[865,865,200-0,H], cache4.de3[868,0]
age: 0
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:13:520697587
x-swift-cachetime: -16323895
x-swift-savetime: Sun, 16 Jan 2022 16:01:22 GMT
content-length: 70857
x-xss-protection: 1;mode=block
last-modified: Fri, 23 Oct 2020 01:48:19 GMT
server: Tengine
etag: "4daaa95dea8d61:0"
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1642348882
content-type: image/png
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19816423488819224436e

GET
H/1.1 200
OK loading.gif
book.rwgenting.com/member2/images/ 3 KB
3 KB 242ms
242ms Image
image/gif 170.33.9.200
ASEPL-AS-AP Aliba...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://book.rwgenting.com/member2/images/loading.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.33.9.200 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba.com Singapore E-Commerce Private Limited, SG),

Reverse DNS

Software

/ ASP.NET

Resource Hash

a01ebe9b22e5cb9dd317e47b353988588b0245980ab8f56de2791fbb29908db7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Sun, 16 Jan 2022 16:01:22 GMT
Last-Modified: Tue, 04 Jan 2022 07:13:41 GMT
X-Powered-By: ASP.NET
ETag: "beb1189a3a1d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2711
X-XSS-PROTECTION: 1;mode=block
X-UA-Compatible: IE=11

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 14ms
14ms XHR
text/plain 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=373036175&t=pageview&_s=1&dl=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&ul=en-us&de=UTF-8&dt=Resorts%20World%20Genting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aEDAAEABAAAAAC~&jid=1788859346&gjid=669453212&cid=1948101519.1642348882&tid=UA-3398302-45&_gid=625096000.1642348882&_r=1&_slc=1&z=1014405799

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://book.rwgenting.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sun, 16 Jan 2022 16:01:21 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://book.rwgenting.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tpjex3u73.js Show response
cdn.krxd.net/controltag/ 19 KB
5 KB 127ms
97ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/tpjex3u73.js
Requested by: Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 39552c65dca63a153fa82b1463652393f010ea6602e0e963195dc6a46407fb7d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Sun, 16 Jan 2022 16:01:22 GMT
via: 1.1 varnish, 1.1 varnish
age: 1108
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 4759
x-served-by: config-service-a004-ash-prod.krxd.net, cache-iad-kcgs7200102-IAD, cache-hhn4069-HHN
x-response-time: 1
x-do-esi: esi
x-timer: S1642348882.974644,VS0,VE89
etag: "5fd884d4c6b801fd533305342a74ca84456d71c6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 1

POST
H/1.1 200
OK BindPaymentMode2 Show response
book.rwgenting.com/member2/Conmon/Conmon.aspx/ 700 B
1 KB 290ms
289ms XHR
application/json 170.33.9.200
ASEPL-AS-AP Aliba...

General

Check archive.org

Show headers Download Go to

Full URL

https://book.rwgenting.com/member2/Conmon/Conmon.aspx/BindPaymentMode2

Requested by

Host: cdn.book.rwgenting.com
URL: https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/jquery-3.3.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.33.9.200 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba.com Singapore E-Commerce Private Limited, SG),

Reverse DNS

Software

/ ASP.NET

Resource Hash

e9280b5bfa336c5e503b5b9bba8061418ee489b4fbf9f62885a02e60a18c6dd4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
Content-Type: application/json
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
x-dtpc: 1$148881438_515h2vFAFUKMSPMTAUHBVCKVKUBJMRMMDRJMMD-0e0

Response headers

Date: Sun, 16 Jan 2022 16:01:22 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=0
Connection: keep-alive
Content-Length: 700
X-XSS-PROTECTION: 1;mode=block
X-UA-Compatible: IE=11

POST
H/1.1 200
OK BindPaymentMode2 Show response
book.rwgenting.com/member2/Conmon/Conmon.aspx/ 700 B
1 KB 263ms
263ms XHR
application/json 170.33.9.200
ASEPL-AS-AP Aliba...

General

Check archive.org

Show headers Download Go to

Full URL

https://book.rwgenting.com/member2/Conmon/Conmon.aspx/BindPaymentMode2

Requested by

Host: cdn.book.rwgenting.com
URL: https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/jquery-3.3.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.33.9.200 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba.com Singapore E-Commerce Private Limited, SG),

Reverse DNS

Software

/ ASP.NET

Resource Hash

e9280b5bfa336c5e503b5b9bba8061418ee489b4fbf9f62885a02e60a18c6dd4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
Content-Type: application/json
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
x-dtpc: 1$148881438_515h3vFAFUKMSPMTAUHBVCKVKUBJMRMMDRJMMD-0e0

Response headers

Date: Sun, 16 Jan 2022 16:01:22 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=0
Connection: keep-alive
Content-Length: 700
X-XSS-PROTECTION: 1;mode=block
X-UA-Compatible: IE=11

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=373036175&t=event&ni=0&_s=1&dl=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&ul=en-us&de=UTF-8&dt=Resorts%20World%20Genting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Hotel&ea=search&el=14%2F01%2F2022%20%7C%2015%2F01%2F2022%20%7C%201%20%7C%201%20%7C%20&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1948101519.1642348882&tid=UA-3398302-53&_gid=625096000.1642348882&gtm=2wg1c0KLX5MDQ&cd1=no&cd2=&cd3=&cd4=&z=754691816

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Jan 2022 20:45:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69362
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 37ms
17ms XHR
text/plain 2a00:1450:400c:c07::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3398302-45&cid=1948101519.1642348882&jid=1788859346&gjid=669453212&_gid=625096000.1642348882&_u=aEDAAEABAAAAAC~&z=24652440

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://book.rwgenting.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Sun, 16 Jan 2022 16:01:22 GMT
content-type: text/plain
access-control-allow-origin: https://book.rwgenting.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 controltag.js.0631b7d64dbbd3656a8b7368ad227a04 Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 7ms
6ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/tpjex3u73.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Sun, 16 Jan 2022 16:01:22 GMT
content-encoding: gzip
age: 5756965
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 217692
content-length: 84451
x-served-by: cache-hhn4069-HHN
last-modified: Thu, 15 Oct 2020 07:09:29 GMT
x-timer: S1642348883.628402,VS0,VE0
etag: "0631b7d64dbbd3656a8b7368ad227a04"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sun, 13 Oct 2030 07:09:28 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=408482393299012&ev=PageView&dl=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&rl=&if=false&ts=1642348882627&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1642348881902.58104027&it=1642348881669&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 16:01:22 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Sun, 16 Jan 2022 16:01:22 GMT

GET
H3 200 ga-audiences
www.google.com/ads/ 42 B
63 B 31ms
30ms Image
image/gif 2a00:1450:4001:82f::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3398302-45&cid=1948101519.1642348882&jid=1788859346&_u=aEDAAEABAAAAAC~&z=1573307894

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jan 2022 16:01:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 31ms
31ms Image
image/gif 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3398302-45&cid=1948101519.1642348882&jid=1788859346&_u=aEDAAEABAAAAAC~&z=1573307894

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jan 2022 16:01:22 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response
cdn.krxd.net/partnerjs/xdi/ Frame 7E24 805 B
826 B 18ms
18ms Document
text/html 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/

Response headers

last-modified: Tue, 21 Feb 2017 17:50:54 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
cache-control: public, max-age=315360000
expires: Fri, 19 Feb 2027 17:50:50 GMT
content-type: text/html
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 16 Jan 2022 16:01:22 GMT
via: 1.1 varnish
age: 5154031
x-served-by: cache-hhn4069-HHN
x-cache: HIT
x-cache-hits: 2071747
x-timer: S1642348883.676506,VS0,VE0
vary: Accept-Encoding
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 525

GET
H2 200 tpjex3u73.js Show response
cdn.krxd.net/controltag/ Frame 7E24 19 KB
5 KB 7ms
7ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/tpjex3u73.js
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 39552c65dca63a153fa82b1463652393f010ea6602e0e963195dc6a46407fb7d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Sun, 16 Jan 2022 16:01:22 GMT
via: 1.1 varnish, 1.1 varnish
age: 1109
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 4759
x-served-by: config-service-a004-ash-prod.krxd.net, cache-iad-kcgs7200102-IAD, cache-hhn4069-HHN
x-response-time: 1
x-do-esi: esi
x-timer: S1642348883.707284,VS0,VE0
etag: "5fd884d4c6b801fd533305342a74ca84456d71c6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 2

GET
H2 200 controltag.js.0631b7d64dbbd3656a8b7368ad227a04 Show response
cdn.krxd.net/ctjs/ Frame 7E24 259 KB
83 KB 7ms
7ms Script
application/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/tpjex3u73.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Sun, 16 Jan 2022 16:01:22 GMT
content-encoding: gzip
age: 5756965
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 217693
content-length: 84451
x-served-by: cache-hhn4069-HHN
last-modified: Thu, 15 Oct 2020 07:09:29 GMT
x-timer: S1642348883.716468,VS0,VE0
etag: "0631b7d64dbbd3656a8b7368ad227a04"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sun, 13 Oct 2030 07:09:28 GMT

GET
H2 200 02a4d1b4-9afb-42e8-bb16-e9bfe48451b4 Show response
consumer.krxd.net/consent/get/ 235 B
425 B 59ms
36ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/02a4d1b4-9afb-42e8-bb16-e9bfe48451b4?idt=device&dt=kxcookie&callback=Krux.ns.genting.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e08a8b816844b1b36de422161848b43b2f43b83a9c3363523b239ad7dedf8477

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 16:01:22 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a009-dub-prod.krxd.net, cache-hhn4069-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1642348883.745529,VS0,VE29
content-length: 186
x-cache-hits: 0, 0

GET
H2 200 02a4d1b4-9afb-42e8-bb16-e9bfe48451b4 Show response
consumer.krxd.net/consent/get/ Frame 7E24 220 B
279 B 62ms
62ms Script
text/javascript 151.101.66.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/02a4d1b4-9afb-42e8-bb16-e9bfe48451b4?idt=device&dt=kxcookie&callback=Krux.ns.genting.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.66.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b11452ed29ed6f1c4cb99ba97cfdeb7a02b34e07becb62e5a7255533962d9aac

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 16:01:22 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a004-dub-prod.krxd.net, cache-hhn4069-HHN
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1642348883.753689,VS0,VE38
content-length: 179
x-cache-hits: 0, 0

GET
H2 200 cfix.html Show response
cdn.brand-display.com/tr/tag/ Frame D6D3 2 KB
2 KB 9ms
9ms Document
text/html 143.204.98.114
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brand-display.com/tr/tag/cfix.html?key=b90894f9b1582df507297d968da7fecece37d93
Requested by: Host: cdn.brand-display.com
URL: https://cdn.brand-display.com/tr/knx15814/b90894f9b1582df507297d968da7fecece37d93.js?v1=%%PAGE_CATEGORY%%&v2=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&_t=1642348881621
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 143.204.98.114 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-143-204-98-114.fra50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 27988668fad87e9782d62f51b22f6feda6fdb2ef16a315b968728f164be1c6f7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/

Response headers

content-type: text/html
content-length: 2031
last-modified: Mon, 18 Mar 2019 15:45:52 GMT
x-amz-version-id: wdA6oWpnBvGweZ2olIlUbqk0DcpmZdej
accept-ranges: bytes
server: AmazonS3
date: Sun, 16 Jan 2022 10:41:18 GMT
cache-control: no-cache, must-revalidate, proxy-revalidate, public, max-age=0
etag: "073b35c69744014f5d2406710e188e97"
x-cache: Hit from cloudfront
via: 1.1 d55780b776b171387055eca956ae29a8.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA50-C1
x-amz-cf-id: rreaoBBy2KF-LiFNPLQTS_qv0w8H-qfcWK4gO7mR-GMkPJmqh0HUFQ==
age: 97922

GET
H2 200 remarketing Show response
tr.brand-display.com/tracking/api/ 3 KB
3 KB 891ms
214ms Script
application/javascript 54.169.1.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.brand-display.com/tracking/api/remarketing?_t=1642348882900&advertiserId=knx15814&id=b90894f9b1582df507297d968da7fecece37d93&v1=&v2=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&_t=1642348881621&url=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&referer=&aurl=&areferer=&required=0&extra=%7B%22id%22%3A%22all%22%7D&d=1&r=0
Requested by: Host: cdn.brand-display.com
URL: https://cdn.brand-display.com/tr/knx15814/b90894f9b1582df507297d968da7fecece37d93.js?v1=%%PAGE_CATEGORY%%&v2=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&_t=1642348881621
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.169.1.172 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-169-1-172.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.21.5 /
Resource Hash: 05c4cc82e30439bb88e3189e19b3ae0ea83c22fff0eb8c94aea737fd377be643

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 16:01:23 GMT
cache-control: max-age=3600
user-region: EU
server: nginx/1.21.5
content-length: 3094
content-type: application/javascript

GET
H3

200

activityi;dc_pre=CKqDkK7StvUCFRe2GwoddMgJ9A;src=8661995;type=remar0;cat=rwg_g0;u1=;u2=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F... Show response
8661995.fls.doubleclick.net/ Frame 2326
Redirect Chain

https://8661995.fls.doubleclick.net/activityi;src=8661995;type=remar0;cat=rwg_g0;u1=;u2=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%25...
https://8661995.fls.doubleclick.net/activityi;dc_pre=CKqDkK7StvUCFRe2GwoddMgJ9A;src=8661995;type=remar0;cat=rwg_g0;u1=;u2=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpa...

709 B
522 B

24ms
24ms

Document
text/html

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8661995.fls.doubleclick.net/activityi;dc_pre=CKqDkK7StvUCFRe2GwoddMgJ9A;src=8661995;type=remar0;cat=rwg_g0;u1=;u2=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=622496654428.3572?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

bc42277e9459812b36a062b4a91c5a76fce8cb79cd9ebd721558d97f48ee65f0

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jan 2022 16:01:22 GMT
expires: Sun, 16 Jan 2022 16:01:22 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 499
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 16 Jan 2022 16:01:22 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8661995.fls.doubleclick.net/activityi;dc_pre=CKqDkK7StvUCFRe2GwoddMgJ9A;src=8661995;type=remar0;cat=rwg_g0;u1=;u2=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=622496654428.3572?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 1994258390890728 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 112ms
112ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1994258390890728?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6bed0015effa80a4cc88a233c4c2f16a4b827516626dc957126f61a76cfaff65

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: k609u9KTn8SpCD+5UhxfjgrpQAFAjpYS9yIuNfGTdHqxkbFlghVzzw1TY4xU5A31X28n5ZI8kgyFdWRmPJqfeA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Sun, 16 Jan 2022 16:01:23 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 dc_pre=CKqDkK7StvUCFRe2GwoddMgJ9A;src=8661995;type=remar0;cat=rwg_g0;u1=;u2=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26che...
adservice.google.com/ddm/fls/z/ Frame 2326 42 B
63 B 60ms
44ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKqDkK7StvUCFRe2GwoddMgJ9A;src=8661995;type=remar0;cat=rwg_g0;u1=;u2=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=622496654428.3572

Requested by

Host: 8661995.fls.doubleclick.net
URL: https://8661995.fls.doubleclick.net/activityi;dc_pre=CKqDkK7StvUCFRe2GwoddMgJ9A;src=8661995;type=remar0;cat=rwg_g0;u1=;u2=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=622496654428.3572?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8661995.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jan 2022 16:01:23 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1994258390890728&ev=PageView&dl=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&rl=&if=false&ts=1642348883049&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1642348881902.58104027&it=1642348881669&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 16:01:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Sun, 16 Jan 2022 16:01:23 GMT

GET
H2 200 r
tr.brand-display.com/tracking/api/ 0
918 B 363ms
214ms Image
image/gif 54.169.1.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.brand-display.com/tracking/api/r?r0=1&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dknorex%26google_hm%3D%25%25KNXQ_B64_ENC%25%25%26google_cm&bf=069c425302d2ded623ada622025e7720
Requested by: Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.169.1.172 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-169-1-172.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.21.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 16:01:23 GMT
cache-control: max-age=3600
user-region: EU
server: nginx/1.21.5
content-type: image/gif
content-length: 0
p3p: CP='This is not a P3P policy!'

GET
H2

200

pixel
dmp.brand-display.com/cm2/api/
Redirect Chain

https://tags.bluekai.com/site/46117?id=069c425302d2ded623ada622025e7720&limit=1&redir=https%3A%2F%2Fdmp.brand-display.com%2Fcm2%2Fapi%2Fpixel%3Fpartner%3D0004%26pid%3D%24_BK_UUID%26bf%3D069c425302d...
https://dmp.brand-display.com/cm2/api/pixel?partner=0004&pid=$_BK_UUID&bf=069c425302d2ded623ada622025e7720

43 B
260 B

511ms
346ms

Image
image/gif

35.167.45.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm2/api/pixel?partner=0004&pid=$_BK_UUID&bf=069c425302d2ded623ada622025e7720
Requested by: Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
Protocol: H2
Server: 35.167.45.107 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-167-45-107.us-west-2.compute.amazonaws.com
Software: nginx/1.20.2 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jan 2022 16:01:23 GMT
last-modified: Sun, 16 Jan 2022 16:01:23 GMT
server: nginx/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Sun, 16 Jan 2022 16:01:24 GMT

Redirect headers

Location: https://dmp.brand-display.com/cm2/api/pixel?partner=0004&pid=$_BK_UUID&bf=069c425302d2ded623ada622025e7720
Date: Sun, 16 Jan 2022 16:01:23 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2 200 sd
us-u.openx.net/w/1.0/ 43 B
274 B 41ms
18ms Image
image/gif 34.98.64.218
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=539237773&val=069c425302d2ded623ada622025e7720
Requested by: Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.98.64.218 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 218.64.98.34.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jan 2022 16:01:23 GMT
via: 1.1 google
server: OXGW/17.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=316&user_id=069c425302d2ded623ada622025e7720&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=316&user_id=069c425302d2ded623ada622025e7720&expires=30
https://ib.adnxs.com/setuid?entity=388&code=04c92428-285e-4035-b554-f3ebc59680d1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D388%26code%3D04c92428-285e-4035-b554-f3ebc59680d1

43 B
1 KB

26ms
25ms

Image
image/gif

185.33.221.15
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D388%26code%3D04c92428-285e-4035-b554-f3ebc59680d1

Requested by

Protocol

HTTP/1.1

Server

185.33.221.15 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

720.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Pragma: no-cache
Date: Sun, 16 Jan 2022 16:01:23 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: a40cfc59-880c-4c72-b8a6-82a07bc07ddd
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sun, 16 Jan 2022 16:01:23 GMT
X-Proxy-Origin: 138.199.38.132; 138.199.38.132; 720.bm-nginx-loadbalancer.mgmt.ams1; adnxs.com
AN-X-Request-Uuid: 8d5e3386-2ed0-4453-9048-247edf03394f
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D388%26code%3D04c92428-285e-4035-b554-f3ebc59680d1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 taboola
dmp.brand-display.com/cm/api/ 43 B
260 B 703ms
345ms Image
image/gif 35.167.45.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/taboola?_t=1642348883425&bf=069c425302d2ded623ada622025e7720
Requested by: Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.167.45.107 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-167-45-107.us-west-2.compute.amazonaws.com
Software: nginx/1.20.2 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jan 2022 16:01:23 GMT
last-modified: Sun, 16 Jan 2022 16:01:23 GMT
server: nginx/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Sun, 16 Jan 2022 16:01:24 GMT

GET
H2 200 appnexus
dmp.brand-display.com/cm/api/ 43 B
260 B 703ms
346ms Image
image/gif 35.167.45.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/appnexus?_t=1642348883425&bf=069c425302d2ded623ada622025e7720
Requested by: Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.167.45.107 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-167-45-107.us-west-2.compute.amazonaws.com
Software: nginx/1.20.2 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jan 2022 16:01:23 GMT
last-modified: Sun, 16 Jan 2022 16:01:23 GMT
server: nginx/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Sun, 16 Jan 2022 16:01:24 GMT

GET
H2 200 liveramp
dmp.brand-display.com/cm/api/ 43 B
261 B 531ms
174ms Image
image/gif 35.167.45.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/liveramp?_t={CACHEBUSTER}&bf=069c425302d2ded623ada622025e7720
Requested by: Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.167.45.107 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-167-45-107.us-west-2.compute.amazonaws.com
Software: nginx/1.20.2 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jan 2022 16:01:23 GMT
last-modified: Sun, 16 Jan 2022 16:01:23 GMT
server: nginx/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Sun, 16 Jan 2022 16:01:24 GMT

GET
H2 200 tapad
dmp.brand-display.com/cm/api/ 43 B
260 B 532ms
176ms Image
image/gif 35.167.45.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/tapad?_t=1642348883426&bf=069c425302d2ded623ada622025e7720
Requested by: Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.167.45.107 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-167-45-107.us-west-2.compute.amazonaws.com
Software: nginx/1.20.2 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jan 2022 16:01:23 GMT
last-modified: Sun, 16 Jan 2022 16:01:23 GMT
server: nginx/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Sun, 16 Jan 2022 16:01:24 GMT

GET
H2 200 roqad
dmp.brand-display.com/cm/api/ 43 B
260 B 532ms
175ms Image
image/gif 35.167.45.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/roqad?_t=1642348883426&bf=069c425302d2ded623ada622025e7720
Requested by: Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.167.45.107 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-167-45-107.us-west-2.compute.amazonaws.com
Software: nginx/1.20.2 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jan 2022 16:01:23 GMT
last-modified: Sun, 16 Jan 2022 16:01:23 GMT
server: nginx/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Sun, 16 Jan 2022 16:01:24 GMT

GET
H2 200 smaato
dmp.brand-display.com/cm/api/ 43 B
260 B 493ms
176ms Image
image/gif 35.167.45.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/smaato?bf=069c425302d2ded623ada622025e7720
Requested by: Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.167.45.107 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-167-45-107.us-west-2.compute.amazonaws.com
Software: nginx/1.20.2 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jan 2022 16:01:23 GMT
last-modified: Sun, 16 Jan 2022 16:01:23 GMT
server: nginx/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Sun, 16 Jan 2022 16:01:24 GMT

GET
H2 200 index
dmp.brand-display.com/cm/api/ 43 B
260 B 341ms
340ms Image
image/gif 35.167.45.107
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/index?cm_callback_url=%2F%2Fdsum-sec.casalemedia.com%2Frum&cm_dsp_id=191&bf=069c425302d2ded623ada622025e7720
Requested by: Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 35.167.45.107 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-35-167-45-107.us-west-2.compute.amazonaws.com
Software: nginx/1.20.2 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sun, 16 Jan 2022 16:01:23 GMT
last-modified: Sun, 16 Jan 2022 16:01:23 GMT
server: nginx/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Sun, 16 Jan 2022 16:01:24 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 9ms
9ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=537857393380708&ev=Microdata&dl=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&rl=&if=false&ts=1642348883621&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtResorts%20World%20Genting%5Cn%22%2C%22meta%3Adescription%22%3A%22Genting%20Resorts%20World%20description.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1642348881902.58104027&it=1642348881669&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 16:01:23 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Sun, 16 Jan 2022 16:01:23 GMT

GET
H2 200 remarketing
tr.brand-display.com/tracking/api/ 0
127 B 214ms
214ms Image
image/gif 54.169.1.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.brand-display.com/tracking/api/remarketing?_t=1642348882900&advertiserId=knx15814&id=b90894f9b1582df507297d968da7fecece37d93&v1=&v2=https%253A%252F%252Fbook.rwgenting.com%252Fmember2%252FHotelApp%252FHotelList.aspx%253Fpaymode%253D1%2526checkin%253D14%25252F01%25252F2022%2526checkout%253D15%25252F01%25252F2022%2526night%253D1%2526DestinationID%253D1%2526ccDate%253D0%2526RoomOrPackage%253DRoomPackage%2526room%253D1%2526pageid%253D1%2526ig%253D0%2526disp%253Dhotel%2526currency%253DMYR%2526indexType%253D3&_t=1642348881621&url=https%253A%252F%252Fbook.rwgenting.com%252Fmember2%252FHotelApp%252FHotelList.aspx%253Fpaymode%253D1%2526checkin%253D14%25252F01%25252F2022%2526checkout%253D15%25252F01%25252F2022%2526night%253D1%2526DestinationID%253D1%2526ccDate%253D0%2526RoomOrPackage%253DRoomPackage%2526room%253D1%2526pageid%253D1%2526ig%253D0%2526disp%253Dhotel%2526currency%253DMYR%2526indexType%253D3&referer=&aurl=&areferer=&required=0&extra=%257B%2522id%2522%253A%2522all%2522%257D&d=1&r=0&bf=069c425302d2ded623ada622025e7720&itp=true
Requested by: Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.169.1.172 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-169-1-172.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.21.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 16:01:23 GMT
cache-control: max-age=3600
user-region: EU
server: nginx/1.21.5
content-type: image/gif
content-length: 0
p3p: CP='This is not a P3P policy!'

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 11ms
8ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=408482393299012&ev=Microdata&dl=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&rl=&if=false&ts=1642348884130&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtResorts%20World%20Genting%5Cn%22%2C%22meta%3Adescription%22%3A%22Genting%20Resorts%20World%20description.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1642348881902.58104027&it=1642348881669&coo=false&es=automatic&tm=3&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 16:01:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Sun, 16 Jan 2022 16:01:24 GMT

GET
H2 200 utils.js Show response
cdn.book.rwgenting.com/assets/JavaScript/assets/js/ 241 KB
55 KB 737ms
737ms Script
application/javascript 79.133.177.215
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/utils.js

Requested by

Host: cdn.book.rwgenting.com
URL: https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/intlTelInput.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.215 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

bdcdee66eb73eaff67c185ce622c4f82d65cdc893b785259b0207e3e60c8ca9d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 15:11:09 GMT
via: cache35.l2hk71[0,0,304-0,H], cache21.l2hk71[1,0], cache9.de3[722,722,200-0,H], cache4.de3[724,0]
age: 3015
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:13:702532164
x-swift-cachetime: 3600
x-swift-savetime: Sun, 16 Jan 2022 16:01:24 GMT
content-encoding: gzip
content-length: 55500
x-xss-protection: 1;mode=block
last-modified: Fri, 23 Oct 2020 01:48:19 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "dbe54395dea8d61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642345869
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19816423488841401104e

GET
H2 200 optout_check Show response
beacon.krxd.net/ 80 B
240 B 101ms
29ms Script
text/javascript 52.51.5.121
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.genting.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.5.121 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-51-5-121.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: 82ae28e415cb1b7aec3cf011b190939b2181b3f558d0c87a8403959a67274a70

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 16:01:24 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=24 t=1642348884
x-served-by: beacon-n022-dub-prod.krxd.net
content-type: text/javascript

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=373036175&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&ul=en-us&de=UTF-8&dt=Resorts%20World%20Genting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scrolling&ea=10&el=percent&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1948101519.1642348882&tid=UA-3398302-53&_gid=625096000.1642348882&gtm=2wg1c0KLX5MDQ&cd1=no&cd2=&cd3=&cd4=&z=2124434234

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Jan 2022 20:45:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69364
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=373036175&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&ul=en-us&de=UTF-8&dt=Resorts%20World%20Genting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scrolling&ea=25&el=percent&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1948101519.1642348882&tid=UA-3398302-53&_gid=625096000.1642348882&gtm=2wg1c0KLX5MDQ&cd1=no&cd2=&cd3=&cd4=&z=953952212

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Jan 2022 20:45:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69364
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
7ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=373036175&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&ul=en-us&de=UTF-8&dt=Resorts%20World%20Genting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scrolling&ea=50&el=percent&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1948101519.1642348882&tid=UA-3398302-53&_gid=625096000.1642348882&gtm=2wg1c0KLX5MDQ&cd1=no&cd2=&cd3=&cd4=&z=189278390

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Jan 2022 20:45:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69364
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=373036175&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&ul=en-us&de=UTF-8&dt=Resorts%20World%20Genting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scrolling&ea=75&el=percent&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1948101519.1642348882&tid=UA-3398302-53&_gid=625096000.1642348882&gtm=2wg1c0KLX5MDQ&cd1=no&cd2=&cd3=&cd4=&z=703420886

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Jan 2022 20:45:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69364
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:802::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=373036175&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&ul=en-us&de=UTF-8&dt=Resorts%20World%20Genting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scrolling&ea=90&el=percent&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1948101519.1642348882&tid=UA-3398302-53&_gid=625096000.1642348882&gtm=2wg1c0KLX5MDQ&cd1=no&cd2=&cd3=&cd4=&z=1478319503

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 15 Jan 2022 20:45:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 69364
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1994258390890728&ev=Microdata&dl=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&rl=&if=false&ts=1642348884551&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtResorts%20World%20Genting%5Cn%22%2C%22meta%3Adescription%22%3A%22Genting%20Resorts%20World%20description.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1642348881902.58104027&it=1642348881669&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 16:01:24 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Sun, 16 Jan 2022 16:01:24 GMT

GET
H2 200 flags.png
cdn.book.rwgenting.com/assets/JavaScript/assets/img/ 69 KB
69 KB 195ms
194ms Image
image/png 79.133.177.215
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/img/flags.png

Requested by

Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/ruxitagentjs_ICA2Vfhjqr_10229211201102017.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

79.133.177.215 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Sun, 16 Jan 2022 16:01:22 GMT
via: cache1.l2hk71[0,0,304-0,H], cache2.l2hk71[0,0], cache1.de3[180,180,200-0,H], cache4.de3[182,0]
age: 3
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:13:520697587
x-swift-cachetime: -16323898
x-swift-savetime: Sun, 16 Jan 2022 16:01:25 GMT
content-length: 70857
x-xss-protection: 1;mode=block
last-modified: Fri, 23 Oct 2020 01:48:19 GMT
server: Tengine
etag: "4daaa95dea8d61:0"
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1642348882
content-type: image/png
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 4f85b19816423488852443647e

POST
H/1.1 200
OK rb_1bc59e15-cee8-4c80-ba89-4884d9a1b081 Show response
book.rwgenting.com/member2/ 118 B
484 B 258ms
257ms XHR
text/plain 170.33.9.200
ASEPL-AS-AP Aliba...

General

Check archive.org

Show headers Download Go to

Full URL

https://book.rwgenting.com/member2/rb_1bc59e15-cee8-4c80-ba89-4884d9a1b081?type=js&session=1%24CD72C9CACE1D2052E8C3FD9FAFB0D675%7C7e623eebafedbfe3%7C1&svrid=1&flavor=post&visitID=FAFUKMSPMTAUHBVCKVKUBJMRMMDRJMMD-0&modifiedSince=1639648617298&referer=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&app=7e623eebafedbfe3&crc=2514457941&end=1

Requested by

Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/ruxitagentjs_ICA2Vfhjqr_10229211201102017.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.33.9.200 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba.com Singapore E-Commerce Private Limited, SG),

Reverse DNS

Software

/ ASP.NET

Resource Hash

d5b6cae2a7697672a19e88b803f3ccf5e9324cadabc5aaa29705e56dc9ef8e8e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 16 Jan 2022 16:01:25 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 118
X-XSS-PROTECTION: 1;mode=block
X-UA-Compatible: IE=11

POST
H/1.1 200
OK rb_1bc59e15-cee8-4c80-ba89-4884d9a1b081 Show response
book.rwgenting.com/member2/ 118 B
484 B 499ms
499ms XHR
text/plain 170.33.9.200
ASEPL-AS-AP Aliba...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/ruxitagentjs_ICA2Vfhjqr_10229211201102017.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.33.9.200 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba.com Singapore E-Commerce Private Limited, SG),

Reverse DNS

Software

/ ASP.NET

Resource Hash

d5b6cae2a7697672a19e88b803f3ccf5e9324cadabc5aaa29705e56dc9ef8e8e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Sun, 16 Jan 2022 16:01:27 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 118
X-XSS-PROTECTION: 1;mode=block
X-UA-Compatible: IE=11

Verdicts & Comments Add Verdict or Comment

189 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

35 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
book.rwgenting.com/	1969-12-31 23:59:59	Name: aliyungf_tc Value: 49abc211a18770f9a7a25cf9630283831f7c5173b9dd9152d0ac42f4c80849b9
book.rwgenting.com/	1970-01-20 00:12:30	Name: acw_tc Value: aa21180116423488793777192e601500de6b046830ba355578082d15a12c04
book.rwgenting.com/	1970-01-20 01:52:28	Name: .ASPXANONYMOUS Value: ohBfenqJB3kUBshHowJj0v0qS_WLEvodOg21m7p2PJf_EAgec0FfwkkFThVbeWK7kTtHjO-_Ck1tKiq074Ym0-Hg4t4fezcwfh7LdKPOeGwf_-Bb1ZJjKZA3qGFcHipX1O0_c36hs0Hayl7Q_-kXqg2
book.rwgenting.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: slrupnkoj2xa415ihazo0joo
book.rwgenting.com/	1969-12-31 23:59:59	Name: Redis_SessionId Value: 45a9fe07-22f2-4a4a-99e4-70b530aed061
.rwgenting.com/	1969-12-31 23:59:59	Name: dtCookie Value: 1$CD72C9CACE1D2052E8C3FD9FAFB0D675\|7e623eebafedbfe3\|1
.rwgenting.com/	1969-12-31 23:59:59	Name: rxVisitor Value: 1642348881441HP253L6T5QGCHBHFFEKNJ9N8BFAM7DET
.rwgenting.com/	1969-12-31 23:59:59	Name: dtLatC Value: 428
.rwgenting.com/	1969-12-31 23:59:59	Name: dtSa Value: -
.rwgenting.com/	1970-01-20 02:22:04	Name: _gcl_au Value: 1.1.461061705.1642348882
.rwgenting.com/	1970-01-20 17:43:40	Name: _ga Value: GA1.2.1948101519.1642348882
.rwgenting.com/	1970-01-20 00:13:55	Name: _gid Value: GA1.2.625096000.1642348882
.rwgenting.com/	1970-01-20 00:12:28	Name: _gat_UA-3398302-53 Value: 1
.doubleclick.net/	1970-01-20 09:34:04	Name: IDE Value: AHWqTUm6rirRM8gIClHWshRYldAtulTxBpzwsDS24jVUtBsEKTKY666MjkGl_aYC-AM
.rwgenting.com/	1970-01-20 02:22:04	Name: _fbp Value: fb.1.1642348881902.58104027
.rwgenting.com/	1970-01-20 00:12:28	Name: _gat Value: 1
.krxd.net/	1970-01-20 04:31:40	Name: _kuid_ Value: OmvZsqKH
book.rwgenting.com/	1970-01-20 00:55:40	Name: _knxcm_ Value: googleT1642348883.0004T1642348883.0005T1642348883.0006T1642348883.0008T1642348883.0010T1642348883.0011T1642348883.0013T1642348883.0015T1642348883.0016T1642348883.0011T1642348883
.bidswitch.net/	1970-01-20 08:58:04	Name: tuuid Value: 04c92428-285e-4035-b554-f3ebc59680d1
.bidswitch.net/	1970-01-20 08:58:04	Name: c Value: 1642348883
.bidswitch.net/	1970-01-20 08:58:04	Name: tuuid_lu Value: 1642348883
.adnxs.com/	1970-01-20 02:22:04	Name: uuid2 Value: 1358248126647995768
.brand-display.com/	1970-01-20 17:43:40	Name: _knxp_ Value:
.brand-display.com/	1970-01-20 17:43:40	Name: _knxcv_ Value:
.brand-display.com/	1970-01-20 17:43:40	Name: _knxu_ Value:
.brand-display.com/	1970-01-20 17:43:40	Name: _knxcm_ Value:
.brand-display.com/	1970-01-20 17:43:40	Name: _ga Value:
.brand-display.com/	1970-01-20 17:43:40	Name: __gads Value:
.brand-display.com/	1970-01-20 17:43:40	Name: __utma Value:
.brand-display.com/	1970-01-20 17:43:40	Name: allowCookies Value: false
.brand-display.com/	1970-01-20 17:43:40	Name: _knxq_ Value: 38b7b23c-1409-331c-2e3293ac.1642348883.1.1642348883.1642348883
.adnxs.com/	1970-01-20 02:22:04	Name: anj Value: dTM7k!M4.FEVNsVF']wIg2GUiJo[?r!@wnfH1YwAd)_$!Z1-mvGm`ImEB-iPDDJ66DYS$TVv0<OY:8ggV_v[)FpGj<DSU6.Fox?w#DI2Z#DIgl#Xsf7WjW*(
.rwgenting.com/	1969-12-31 23:59:59	Name: rxvt Value: 1642350684145\|1642348881444
.rwgenting.com/	1969-12-31 23:59:59	Name: dtPC Value: 1$148881438_515h-vFAFUKMSPMTAUHBVCKVKUBJMRMMDRJMMD-0e0
book.rwgenting.com/	1969-12-31 23:59:59	Name: SERVERID Value: e10310933937d857b8dfc7d3f5d73753\|1642348885\|1642348879

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6541830.fls.doubleclick.net
8661995.fls.doubleclick.net
adservice.google.com
beacon.krxd.net
book.rwgenting.com
cdn.book.rwgenting.com
cdn.brand-display.com
cdn.krxd.net
cdn.rwgenting.com
connect.facebook.net
consumer.krxd.net
dmp.brand-display.com
googleads.g.doubleclick.net
ib.adnxs.com
stats.g.doubleclick.net
tags.bluekai.com
tr.brand-display.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
104.111.215.191
142.250.186.34
142.250.186.38
143.204.98.114
151.101.66.133
170.33.9.200
18.198.95.145
185.33.221.15
2a00:1450:4001:802::200e
2a00:1450:4001:810::2002
2a00:1450:4001:829::2002
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2003
2a00:1450:4001:82f::2004
2a00:1450:400c:c07::9d
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
34.98.64.218
35.167.45.107
52.51.5.121
54.169.1.172
79.133.177.215
79.133.177.231
05c4cc82e30439bb88e3189e19b3ae0ea83c22fff0eb8c94aea737fd377be643
083e309c8998a21f312ca427b00f484b95c7eefa961e7ccb564fa7a3380920f3
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
19f6b7d7d53847ac8a12c35c4a1c4d00c0338b0de9c66c78256d18b433dce49d
1a84f467ad2c041ede1d2514d5c5f6c9edfbe47d5a7b9342743965c789ca0248
1fe7c9b04cd9ebd46cd5a636bd2c2b1d54054f3995db24951c0d0318ec71d70c
27988668fad87e9782d62f51b22f6feda6fdb2ef16a315b968728f164be1c6f7
27de96de6b1e61132441689a2670147e9eb0ec235cb6c417815a9fefe53ef428
2c4499bc3200dc93e2d3aadb3e6307fccb1809e84f176cac60c0ffbe3446f87c
39552c65dca63a153fa82b1463652393f010ea6602e0e963195dc6a46407fb7d
3bad7d670a6660817708b9fb30b07ab22cd3db5d87f2bc2f141a67f4da9ebeb7
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
494f93c5215e411d1e4b082d9375e93c1d978b805f50262ffcd31b853bf4b71c
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4efefe4a8090d4c75325d54f571f21440761e4b1b3fd1c5fc2aab797c0db38d4
51b0fa6fa24f457766b1480b814cce77f28adf07ec6061db7a69cd3ea857009e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5890e0f5759cdace55c64dac8afe9034088b05b7e04248f71d4a304421e8a16b
5bd6225208dd13397ce3ed85bdd09c503ee59ae7d14d93a21e560ee3a4e19a83
6acc5eebfc83c2aabc8251d201df3004c6aaf801565a9e7d75196f2ac2b380c7
6bed0015effa80a4cc88a233c4c2f16a4b827516626dc957126f61a76cfaff65
6db045d05ad2f199b07a5ae91c6833ca6023e2455d1257c4525514652d184bee
700d82a4be065a25f862269f246ced3058f89cd7f4636503e76b22a093de92d0
7b85a02b04b5b57387fca1e766d3478accf8b14142f11cd2665fdd80c890f773
7ea7af38a35ea6e4da37af90ed3b916c6e3de98800fd45fb00615c2c2979d7d0
81129b9ee75d4798277f815da6f188e86885dbccdd1630ceb735d3d0a4525c20
82ae28e415cb1b7aec3cf011b190939b2181b3f558d0c87a8403959a67274a70
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
89f8a11cde8bfe9354d5942292b01bec29f2301be2b0a1b749401a6f41779155
8e0450cc4717f2613dc6ff9af944c62e92dff62dc9d50a10851553ac9c58544f
8e48ede4b6042c4aee0155ad5009896d35e0ede7614a23bc4757b0085b8226c0
9409d775f1f80a4bde9b7e814ac3cf72ee325183778ad98a8a665ecb1be4de0b
981830d7bd9000e3f5adfcfca19307bb14c9ba612bb258aab51637d2d8b8ee39
a01ebe9b22e5cb9dd317e47b353988588b0245980ab8f56de2791fbb29908db7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a8a6ad2ebe0ee1ac697c5d4faa59713d1a396e47573236ed51171c532ccae05e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b11452ed29ed6f1c4cb99ba97cfdeb7a02b34e07becb62e5a7255533962d9aac
b15097aa1de678f4c1730b29d5d9b3282fb9f350d65b0db089fc470b223355dd
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2d9f9172b520a90aa25fa1a3faa3614500563672f12e90a0eae864adeb40c1b
b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94
ba50544bc52682e3884d79402fa65bbc8149866ff097223c48d9da54bb02e280
bc42277e9459812b36a062b4a91c5a76fce8cb79cd9ebd721558d97f48ee65f0
bdcdee66eb73eaff67c185ce622c4f82d65cdc893b785259b0207e3e60c8ca9d
c08e671967a1e37c99c6644d9ce66597c324639607a4df7df671d4d6b4229268
c19343ba42a4e4d4cc8381824f50d3147d2b46ba79a6b14bbde40b4d95c8b484
c635ad039a51f60103d07ee88fb6655f294efe3730724f0be8cdc0e4e86fa340
cc47c9a01ef522ca502936e7d59d7c08ae33a04b0352e618e9235cdae911b5a4
cd19986cea50d5c6c624ae11c59a2ec069df3de5fde964d09b4765487e6e7ac5
d0670324e6062e1b6c0fdd2ad008effa9ff4bbeb10b780cd0c1577e0c05a5285
d26a327a80bd55d169b71b4bc0cf733662455b08a7129312411812104c761a25
d5b6cae2a7697672a19e88b803f3ccf5e9324cadabc5aaa29705e56dc9ef8e8e
d629f50bab9a4ad963767dbb37d0511e0af980ebb00222c492ffdf2a8b690e1c
d7fdda27c5a552b3585259c828b032dfc29b52d68f9cd8d21a7481d901dd8e47
d84ca9189c0c93cefe8b06881f550047a3a0ea57684f87753335a609309400e8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e08a8b816844b1b36de422161848b43b2f43b83a9c3363523b239ad7dedf8477
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9280b5bfa336c5e503b5b9bba8061418ee489b4fbf9f62885a02e60a18c6dd4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f5c2adae89718a53679c5a07e14dbeb4cde33d917a1419006aa26b81968eece1
f8fa7f8d34077969895b267e61a6178f107bb964bab84efbb87decaf276471c8
fc22e901eefbe8c5ac5c43669179fe4d1421bd93503b1d3b9b144048473a84d5

book.rwgenting.com Open in urlscan Pro 170.33.9.200 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

103 Requests

98 %HTTPS

39 %IPv6

15 Domains

25 Subdomains

21 IPs

7 Countries

1578 kBTransfer

4741 kBSize

35 Cookies

71 Outgoing links

Redirected requests

103 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

book.rwgenting.com Open in urlscan Pro
170.33.9.200 Public Scan

Screenshot
Live screenshot

Full Image

103
Requests

98 %
HTTPS

39 %
IPv6

15
Domains

25
Subdomains

21
IPs

7
Countries

1578 kB
Transfer

4741 kB
Size

35
Cookies

103 HTTP transactions
0 data transactions