urlscan.io logo urlscan.io
SecurityTrails logo

www.book-secure.com Open in urlscan Pro
76.223.28.122  Public Scan

Go To Rescan Add Verdict Report
URL: https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1...
Submission: On April 13 via manual from AU — Scanned from AU
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 49 IPs in 9 countries across 47 domains to perform 112 HTTP transactions. The main IP is 76.223.28.122, located in United States and belongs to AMAZON-02, US. The main domain is www.book-secure.com. The Cisco Umbrella rank of the primary domain is 233650.
TLS certificate: Issued by Amazon RSA 2048 M02 on February 9th 2023. Valid for: 6 months.
This is the only time www.book-secure.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
21 76.223.28.122 16509 (AMAZON-02)
23 65.9.170.136 16509 (AMAZON-02)
1 65.9.170.96 16509 (AMAZON-02)
6 35.190.88.7 15169 (GOOGLE)
1 117.18.232.200 15133 (EDGECAST)
3 142.250.4.97 15169 (GOOGLE)
5 52.74.143.140 16509 (AMAZON-02)
1 13.107.238.71 8075 (MICROSOFT...)
1 1 142.251.12.103 15169 (GOOGLE)
1 142.251.12.157 15169 (GOOGLE)
1 151.101.2.83 54113 (FASTLY)
1 6 35.190.20.9 15169 (GOOGLE)
2 172.217.194.138 15169 (GOOGLE)
1 182.161.73.129 55569 (CRITEO-AS...)
1 104.76.128.61 16625 (AKAMAI-AS)
2 74.125.24.121 15169 (GOOGLE)
3 4 74.125.130.156 15169 (GOOGLE)
2 2 35.71.131.137 16509 (AMAZON-02)
2 35.190.60.146 15169 (GOOGLE)
1 34.102.245.175 396982 (GOOGLE-CL...)
1 1 50.116.239.135 6336 (TURN-US-ASN)
1 2 34.216.93.162 16509 (AMAZON-02)
2 35.155.33.79 16509 (AMAZON-02)
1 1 54.80.169.87 14618 (AMAZON-AES)
1 1 106.10.236.147 56173 (YAHOO-SG3...)
1 2 18.143.106.89 16509 (AMAZON-02)
2 4 182.161.73.136 55569 (CRITEO-AS...)
1 178.250.1.9 44788 (ASN-CRITE...)
1 2 35.213.12.39 15169 (GOOGLE)
2 182.161.73.146 55569 (CRITEO-AS...)
2 2 104.254.151.60 29990 (ASN-APPNEX)
1 2 104.254.151.68 29990 (ASN-APPNEX)
1 184.51.96.11 16625 (AKAMAI-AS)
1 69.173.158.64 26667 (RUBICONPR...)
1 13.215.213.239 16509 (AMAZON-02)
1 23.106.127.164 59253 (LEASEWEB-...)
1 141.226.229.48 200478 (TABOOLA-AS)
1 184.51.137.72 16625 (AKAMAI-AS)
1 2 52.223.2.229 16509 (AMAZON-02)
1 124.146.215.3 2514 (INFOSPHER...)
1 202.241.208.57 4694 (IDCF IDC ...)
1 104.69.166.9 16625 (AKAMAI-AS)
1 2 139.5.84.243 27381 (CASALE-MEDIA)
1 43.200.197.177 16509 (AMAZON-02)
1 54.64.172.71 16509 (AMAZON-02)
1 2 52.77.91.205 16509 (AMAZON-02)
1 52.57.134.122 16509 (AMAZON-02)
1 204.79.197.200 8068 (MICROSOFT...)
1 66.225.223.95 3949 (NTTA-3946)
1 67.199.150.86 62713 (AS-PUBMATIC)
1 2 65.9.17.73 16509 (AMAZON-02)
1 184.50.85.132 20940 (AKAMAI-ASN1)
1 1 103.254.153.160 59253 (LEASEWEB-...)
1 172.67.71.254 13335 (CLOUDFLAR...)
1 13.250.217.72 16509 (AMAZON-02)
112 49
21    76.223.28.122 (United States)

ASN16509 (AMAZON-02, US)
PTR: a754e8de69ad7f62a.awsglobalaccelerator.com
www.book-secure.com
23    65.9.170.136 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-170-136.bkk50.r.cloudfront.net
dl1rqkcy7hk6s.cloudfront.net
1    65.9.170.96 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-170-96.bkk50.r.cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
6    35.190.88.7 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 7.88.190.35.bc.googleusercontent.com
sessions.bugsnag.com
1    117.18.232.200 (Australia)

ASN15133 (EDGECAST, US)
ajax.aspnetcdn.com
3    142.250.4.97 (United States)

ASN15169 (GOOGLE, US)
PTR: sm-in-f97.1e100.net
www.googletagmanager.com
5    52.74.143.140 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-74-143-140.ap-southeast-1.compute.amazonaws.com
tracker.book-secure.com
1    13.107.238.71 (United States)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
tracker.d-edgeconnect.media
1    142.251.12.103 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f103.1e100.net
www.google.com
1    142.251.12.157 (United States)

ASN15169 (GOOGLE, US)
PTR: se-in-f157.1e100.net
googleads.g.doubleclick.net
1    151.101.2.83 (United States)

ASN54113 (FASTLY, US)
static.tacdn.com
6    35.190.20.9 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 9.20.190.35.bc.googleusercontent.com
tag.yieldoptimizer.com
2    172.217.194.138 (United States)

ASN15169 (GOOGLE, US)
PTR: si-in-f138.1e100.net
www.google-analytics.com
1    182.161.73.129 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
static.criteo.net
1    104.76.128.61 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a104-76-128-61.deploy.static.akamaitechnologies.com
www.tamgrt.com
2    74.125.24.121 (United States)

ASN15169 (GOOGLE, US)
PTR: sf-in-f121.1e100.net
servertags.book-secure.com
4    74.125.130.156 (Nashville, United States)

ASN15169 (GOOGLE, US)
PTR: sb-in-f156.1e100.net
cm.g.doubleclick.net
2    35.71.131.137 (United States)

ASN16509 (AMAZON-02, US)
PTR: a6370ebea231e0c9a.awsglobalaccelerator.com
match.adsrvr.org
2    35.190.60.146 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 146.60.190.35.bc.googleusercontent.com
idsync.rlcdn.com
1    34.102.245.175 (Kansas City, United States)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 175.245.102.34.bc.googleusercontent.com
tag.adaraanalytics.com
1    50.116.239.135 (United States)

ASN6336 (TURN-US-ASN, US)
d.turn.com
2    34.216.93.162 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-216-93-162.us-west-2.compute.amazonaws.com
dpm.demdex.net
2    35.155.33.79 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-35-155-33-79.us-west-2.compute.amazonaws.com
beacon.krxd.net
1    54.80.169.87 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-80-169-87.compute-1.amazonaws.com
sync.srv.stackadapt.com
1    106.10.236.147 (Singapore)

ASN56173 (YAHOO-SG3 internet content provider, SG)
PTR: spcms.pbp.vip.sg3.yahoo.com
cms.analytics.yahoo.com
2    18.143.106.89 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com
ups.analytics.yahoo.com
4    182.161.73.136 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
gum.criteo.com
1    178.250.1.9 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
sslwidget.criteo.com
2    35.213.12.39 (Tokyo, Japan)

ASN15169 (GOOGLE, US)
PTR: 39.12.213.35.bc.googleusercontent.com
x.bidswitch.net
2    182.161.73.146 (Singapore)

ASN55569 (CRITEO-AS-AP Criteo APAC, JP)
dis.criteo.com
2    104.254.151.60 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
ib.adnxs.com
2    104.254.151.68 (Los Angeles, United States)

ASN29990 (ASN-APPNEX, US)
PTR: 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
secure.adnxs.com
1    184.51.96.11 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-96-11.deploy.static.akamaitechnologies.com
contextual.media.net
1    69.173.158.64 (Singapore)

ASN26667 (RUBICONPROJECT, US)
pixel.rubiconproject.com
1    13.215.213.239 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-215-213-239.ap-southeast-1.compute.amazonaws.com
match.sharethrough.com
1    23.106.127.164 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
rtb-csync.smartadserver.com
1    141.226.229.48 (Singapore)

ASN200478 (TABOOLA-AS, IL)
sync-t1.taboola.com
1    184.51.137.72 (Central, Hong Kong)

ASN16625 (AKAMAI-AS, US)
PTR: a184-51-137-72.deploy.static.akamaitechnologies.com
criteo-sync.teads.tv
2    52.223.2.229 (United States)

ASN16509 (AMAZON-02, US)
PTR: ade9ecc7904667038.awsglobalaccelerator.com
eb2.3lift.com
1    124.146.215.3 (Japan)

ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP)
adgen.socdm.com
1    202.241.208.57 (Japan)

ASN4694 (IDCF IDC Frontier Inc., JP)
tg.socdm.com
1    104.69.166.9 (Singapore)

ASN16625 (AKAMAI-AS, US)
PTR: a104-69-166-9.deploy.static.akamaitechnologies.com
tags.bluekai.com
2    139.5.84.243 (Canada)

ASN27381 (CASALE-MEDIA, CA)
r.casalemedia.com
1    43.200.197.177 (Incheon, Korea, Republic Of)

ASN16509 (AMAZON-02, US)
PTR: ec2-43-200-197-177.ap-northeast-2.compute.amazonaws.com
adx.dable.io
1    54.64.172.71 (Tokyo, Japan)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-64-172-71.ap-northeast-1.compute.amazonaws.com
cs.adingo.jp
2    52.77.91.205 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-77-91-205.ap-southeast-1.compute.amazonaws.com
ad.360yield.com
1    52.57.134.122 (Frankfurt am Main, Germany)

ASN16509 (AMAZON-02, US)
PTR: ec2-52-57-134-122.eu-central-1.compute.amazonaws.com
exchange.mediavine.com
1    204.79.197.200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)
PTR: a-0001.a-msedge.net
c.bing.com
1    66.225.223.95 (Sacramento, United States)

ASN3949 (NTTA-3946, US)
PTR: sa.outbrain.com
sync.outbrain.com
1    67.199.150.86 (Singapore)

ASN62713 (AS-PUBMATIC, US)
simage2.pubmatic.com
2    65.9.17.73 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-65-9-17-73.bkk50.r.cloudfront.net
s.ad.smaato.net
1    184.50.85.132 (Singapore)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a184-50-85-132.deploy.static.akamaitechnologies.com
ade.clmbtech.com
1    103.254.153.160 (Singapore)

ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG)
sync.aralego.com
1    172.67.71.254 (United States)

ASN13335 (CLOUDFLARENET, US)
cdn.aralego.net
1    13.250.217.72 (Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-13-250-217-72.ap-southeast-1.compute.amazonaws.com
sync-criteo.ads.yieldmo.com
Apex Domain
Subdomains		 Transfer
28 book-secure.com
www.book-secure.com — Cisco Umbrella Rank: 233650
tracker.book-secure.com — Cisco Umbrella Rank: 155346
servertags.book-secure.com — Cisco Umbrella Rank: 323317
467 KB
24 cloudfront.net
dl1rqkcy7hk6s.cloudfront.net
d2wy8f7a9ursnm.cloudfront.net
312 KB
7 criteo.com
gum.criteo.com — Cisco Umbrella Rank: 416
sslwidget.criteo.com — Cisco Umbrella Rank: 1825
dis.criteo.com — Cisco Umbrella Rank: 718
12 KB
6 yieldoptimizer.com
tag.yieldoptimizer.com — Cisco Umbrella Rank: 4614
4 KB
6 bugsnag.com
sessions.bugsnag.com — Cisco Umbrella Rank: 743
165 B
5 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 41
cm.g.doubleclick.net — Cisco Umbrella Rank: 228
1 KB
4 adnxs.com
ib.adnxs.com — Cisco Umbrella Rank: 230
secure.adnxs.com — Cisco Umbrella Rank: 429
4 KB
3 yahoo.com
cms.analytics.yahoo.com — Cisco Umbrella Rank: 1087
ups.analytics.yahoo.com — Cisco Umbrella Rank: 302
2 KB
3 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 62
253 KB
2 smaato.net
s.ad.smaato.net — Cisco Umbrella Rank: 759
1 KB
2 360yield.com
ad.360yield.com — Cisco Umbrella Rank: 676
877 B
2 casalemedia.com
r.casalemedia.com — Cisco Umbrella Rank: 1416
2 KB
2 socdm.com
adgen.socdm.com — Cisco Umbrella Rank: 18970
tg.socdm.com — Cisco Umbrella Rank: 1039
2 KB
2 3lift.com
eb2.3lift.com — Cisco Umbrella Rank: 387
737 B
2 bidswitch.net
x.bidswitch.net — Cisco Umbrella Rank: 323
1 KB
2 krxd.net
beacon.krxd.net — Cisco Umbrella Rank: 611
673 B
2 demdex.net
dpm.demdex.net — Cisco Umbrella Rank: 215
2 KB
2 rlcdn.com
idsync.rlcdn.com — Cisco Umbrella Rank: 403
740 B
2 adsrvr.org
match.adsrvr.org — Cisco Umbrella Rank: 368
908 B
2 google-analytics.com
www.google-analytics.com — Cisco Umbrella Rank: 35
302 B
1 yieldmo.com
sync-criteo.ads.yieldmo.com — Cisco Umbrella Rank: 2254
593 B
1 aralego.net
cdn.aralego.net — Cisco Umbrella Rank: 5592
648 B
1 aralego.com
sync.aralego.com — Cisco Umbrella Rank: 3444
502 B
1 clmbtech.com
ade.clmbtech.com — Cisco Umbrella Rank: 2917
302 B
1 pubmatic.com
simage2.pubmatic.com — Cisco Umbrella Rank: 733
577 B
1 outbrain.com
sync.outbrain.com — Cisco Umbrella Rank: 720
287 B
1 bing.com
c.bing.com — Cisco Umbrella Rank: 252
669 B
1 mediavine.com
exchange.mediavine.com — Cisco Umbrella Rank: 1310
882 B
1 adingo.jp
cs.adingo.jp — Cisco Umbrella Rank: 4091
411 B
1 dable.io
adx.dable.io — Cisco Umbrella Rank: 13995
141 B
1 bluekai.com
tags.bluekai.com — Cisco Umbrella Rank: 573
556 B
1 teads.tv
criteo-sync.teads.tv — Cisco Umbrella Rank: 1982
287 B
1 taboola.com
sync-t1.taboola.com — Cisco Umbrella Rank: 1246
232 B
1 smartadserver.com
rtb-csync.smartadserver.com — Cisco Umbrella Rank: 604
688 B
1 sharethrough.com
match.sharethrough.com — Cisco Umbrella Rank: 533
604 B
1 rubiconproject.com
pixel.rubiconproject.com — Cisco Umbrella Rank: 340
787 B
1 media.net
contextual.media.net — Cisco Umbrella Rank: 616
801 B
1 stackadapt.com
sync.srv.stackadapt.com — Cisco Umbrella Rank: 697
862 B
1 turn.com
d.turn.com — Cisco Umbrella Rank: 1294
415 B
1 adaraanalytics.com
tag.adaraanalytics.com — Cisco Umbrella Rank: 23173
387 B
1 tamgrt.com
www.tamgrt.com — Cisco Umbrella Rank: 9142
1 criteo.net
static.criteo.net — Cisco Umbrella Rank: 670
15 KB
1 tacdn.com
static.tacdn.com — Cisco Umbrella Rank: 10258
2 KB
1 google.com
www.google.com — Cisco Umbrella Rank: 2
542 B
1 d-edgeconnect.media
tracker.d-edgeconnect.media — Cisco Umbrella Rank: 220859
760 B
1 aspnetcdn.com
ajax.aspnetcdn.com — Cisco Umbrella Rank: 2002
6 KB
0 stickyadstv.com Failed
ads.stickyadstv.com Failed
112 47
Domain Requested by
23 dl1rqkcy7hk6s.cloudfront.net www.book-secure.com
dl1rqkcy7hk6s.cloudfront.net
21 www.book-secure.com www.book-secure.com
dl1rqkcy7hk6s.cloudfront.net
6 tag.yieldoptimizer.com 1 redirects
6 sessions.bugsnag.com d2wy8f7a9ursnm.cloudfront.net
5 tracker.book-secure.com dl1rqkcy7hk6s.cloudfront.net
tracker.book-secure.com
4 gum.criteo.com 2 redirects static.criteo.net
gum.criteo.com
4 cm.g.doubleclick.net 3 redirects
3 www.googletagmanager.com www.book-secure.com
www.googletagmanager.com
2 s.ad.smaato.net 1 redirects
2 ad.360yield.com 1 redirects
2 r.casalemedia.com 1 redirects
2 eb2.3lift.com 1 redirects
2 secure.adnxs.com 1 redirects
2 ib.adnxs.com 2 redirects
2 dis.criteo.com
2 x.bidswitch.net 1 redirects
2 ups.analytics.yahoo.com 1 redirects
2 beacon.krxd.net
2 dpm.demdex.net 1 redirects
2 idsync.rlcdn.com
2 match.adsrvr.org 2 redirects
2 servertags.book-secure.com www.googletagmanager.com
2 www.google-analytics.com www.googletagmanager.com
1 sync-criteo.ads.yieldmo.com
1 cdn.aralego.net
1 sync.aralego.com 1 redirects
1 ade.clmbtech.com
1 simage2.pubmatic.com
1 sync.outbrain.com
1 c.bing.com
1 exchange.mediavine.com
1 cs.adingo.jp
1 adx.dable.io
1 tags.bluekai.com
1 tg.socdm.com
1 adgen.socdm.com
1 criteo-sync.teads.tv
1 sync-t1.taboola.com
1 rtb-csync.smartadserver.com
1 match.sharethrough.com
1 pixel.rubiconproject.com
1 contextual.media.net
1 sslwidget.criteo.com static.criteo.net
1 cms.analytics.yahoo.com 1 redirects
1 sync.srv.stackadapt.com 1 redirects
1 d.turn.com 1 redirects
1 tag.adaraanalytics.com
1 www.tamgrt.com
1 static.criteo.net www.googletagmanager.com
1 static.tacdn.com www.book-secure.com
1 googleads.g.doubleclick.net
1 www.google.com 1 redirects
1 tracker.d-edgeconnect.media www.googletagmanager.com
1 ajax.aspnetcdn.com dl1rqkcy7hk6s.cloudfront.net
1 d2wy8f7a9ursnm.cloudfront.net www.book-secure.com
0 ads.stickyadstv.com Failed
112 56

This site contains no links.

Subject Issuer Validity Valid
*.book-secure.com
Amazon RSA 2048 M02		 2023-02-09 -
2023-08-14		 6 months crt.sh
*.cloudfront.net
Amazon RSA 2048 M01		 2022-12-08 -
2023-12-07		 a year crt.sh
*.bugsnag.com
Sectigo RSA Domain Validation Secure Server CA		 2022-04-26 -
2023-04-26		 a year crt.sh
*.vo.msecnd.net
DigiCert SHA2 Secure Server CA		 2022-07-11 -
2023-07-11		 a year crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-03-20 -
2023-06-12		 3 months crt.sh
tracker.d-edgeconnect.media
Gandi Standard SSL CA 2		 2023-01-10 -
2024-02-08		 a year crt.sh
static.tacdn.com
GlobalSign RSA OV SSL CA 2018		 2023-02-22 -
2024-03-19		 a year crt.sh
*.criteo.net
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-24 -
2023-06-18		 3 months crt.sh
www.tamgrt.com
GlobalSign RSA OV SSL CA 2018		 2022-07-19 -
2023-08-20		 a year crt.sh
servertags.book-secure.com
GTS CA 1D4		 2023-03-01 -
2023-05-30		 3 months crt.sh
*.rlcdn.com
Sectigo RSA Domain Validation Secure Server CA		 2023-02-02 -
2024-03-03		 a year crt.sh
*.adaraanalytics.com
Go Daddy Secure Certificate Authority - G2		 2022-06-25 -
2023-07-27		 a year crt.sh
beacon.krxd.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-27 -
2024-02-26		 a year crt.sh
*.criteo.com
DigiCert Global G2 TLS RSA SHA256 2020 CA1		 2023-03-09 -
2023-06-03		 3 months crt.sh
*.media.net
DigiCert TLS RSA SHA256 2020 CA1		 2023-02-10 -
2024-02-18		 a year crt.sh
*.rubiconproject.com
DigiCert TLS RSA SHA256 2020 CA1		 2023-03-05 -
2024-04-03		 a year crt.sh
*.sharethrough.com
Amazon RSA 2048 M01		 2023-02-03 -
2023-11-21		 10 months crt.sh
*.smartadserver.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2023-01-21 -
2024-01-23		 a year crt.sh
*.taboola.com
DigiCert TLS Hybrid ECC SHA384 2020 CA1		 2022-12-08 -
2023-12-31		 a year crt.sh
teads.tv
R3		 2023-02-21 -
2023-05-22		 3 months crt.sh
ups.analytics.yahoo.com
DigiCert SHA2 High Assurance Server CA		 2023-02-21 -
2023-08-16		 6 months crt.sh
*.socdm.com
GlobalSign RSA OV SSL CA 2018		 2022-05-24 -
2023-06-25		 a year crt.sh
adx.dable.io
Gandi Standard SSL CA 2		 2022-11-10 -
2023-11-10		 a year crt.sh
*.adingo.jp
Amazon RSA 2048 M01		 2023-02-13 -
2023-11-11		 9 months crt.sh
exchange.mediavine.com
Amazon RSA 2048 M01		 2023-02-11 -
2023-08-04		 6 months crt.sh
www.bing.com
Microsoft RSA TLS CA 02		 2023-02-16 -
2023-08-16		 6 months crt.sh
*.outbrain.com
Thawte RSA CA 2018		 2022-11-06 -
2023-11-28		 a year crt.sh
*.pubmatic.com
DigiCert Baltimore TLS RSA SHA256 2020 CA1		 2022-06-13 -
2023-07-14		 a year crt.sh
colombiaonline.com
R3		 2023-04-04 -
2023-07-03		 3 months crt.sh
*.ads.yieldmo.com
Amazon RSA 2048 M01		 2023-03-26 -
2024-04-23		 a year crt.sh

This page contains 4 frames:

Primary Page: https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
Frame ID: D569ED9B06F3340FF478AACADF958C44
Requests: 76 HTTP requests in this frame

Frame: https://www.tamgrt.com/RT
Frame ID: 55FB6A9E798EF5A77C7D701166839F8F
Requests: 1 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?topUrl=www.book-secure.com&origin=onetag
Frame ID: 7DFF331ABD6F026E4CA00A1AC37B0A66
Requests: 2 HTTP requests in this frame

Frame: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-MaukbyFaueeaIncn3g2lBFO_e3HQHLpvc1bteQ&expires=30
Frame ID: 3CDCFE1C3603FEE54335806FD53AB9D7
Requests: 30 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

LyLo Auckland

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • adnxs\.(?:net|com)
Overall confidence: 100%
Detected patterns
  • /bugsnag.*\.js
Overall confidence: 100%
Detected patterns
  • //static\.criteo\.net/js/ld/ld\.js
Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+(?:([\d.]+)/)?(?:css/)?font-awesome(?:\.min)?\.css
  • <link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtm\.js
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.pubmatic\.com
Overall confidence: 100%
Detected patterns
  • https?://[^/]*\.rubiconproject\.com
Overall confidence: 100%
Detected patterns
  • underscore.*\.js(?:\?ver=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

112
Requests

82 %
HTTPS

0 %
IPv6

47
Domains

56
Subdomains

49
IPs

9
Countries

1088 kB
Transfer

3010 kB
Size

79
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 59
  • https://www.google.com/pagead/landing?gcs=G111&gcd=G100&rnd=1248780868.1681349723&url=https%3A%2F%2Fwww.book-secure.com%2Findex.php&gtm=45He34a0n71TX76XB&auid=1277302390.1681349723 HTTP 302
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G100&rnd=1248780868.1681349723&url=https%3A%2F%2Fwww.book-secure.com%2Findex.php&gtm=45He34a0n71TX76XB&auid=1277302390.1681349723
Request Chain 61
  • https://tag.yieldoptimizer.com/ps/ps?t=s&p=3209&pg=step1&ue=&hcy=Auckland&hst=&hcr=NZ&hid=2023-04-13&hod=2023-04-14&hnn=1&hna=2&hnc=0&hni=&hnr=1&hcd=nzauc11094&hnm=LyLo%20Auckland&haf=&htf=0&cu=undefined&hcf=undefined&hcx=&hhd=&hrm=undefined&hsr=undefined& HTTP 302
  • https://tag.yieldoptimizer.com/ps/ps?tc=824312393&t=s&p=3209&pg=step1&ue=&hcy=Auckland&hst=&hcr=NZ&hid=2023-04-13&hod=2023-04-14&hnn=1&hna=2&hnc=0&hni=&hnr=1&hcd=nzauc11094&hnm=LyLo%20Auckland&haf=&htf=0&cu=undefined&hcf=undefined&hcx=&hhd=&hrm=undefined&hsr=undefined&
Request Chain 67
  • https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=NDAxMzE3NDAwMDIzMw&google_sc HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=NDAxMzE3NDAwMDIzMw&google_sc=&google_tc=
Request Chain 68
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=o456qfe&ttd_tpi=1 HTTP 302
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=o456qfe&ttd_tpi=1 HTTP 302
  • https://tag.yieldoptimizer.com/ps/ps?t=i&p=5530&ttd_id=d69aad9d-2b18-4670-923c-d9e9dc4211bb
Request Chain 71
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0Nzc3NDY2NS90LzI/url/https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=$!{TURN_UUID} HTTP 302
  • https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=3616751845844541815
Request Chain 72
  • https://dpm.demdex.net/ibs:dpid=22069&dpuuid=4013174000233 HTTP 302
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=4013174000233
Request Chain 74
  • https://sync.srv.stackadapt.com/sync?nid=adara HTTP 302
  • https://tag.yieldoptimizer.com/ps/ps?t=i&p=8064&uid=pXYUMTA3U2ldXQgmZ52wtq310YE
Request Chain 75
  • https://cms.analytics.yahoo.com/cms?partner_id=ADARA HTTP 302
  • https://ups.analytics.yahoo.com/ups/58700/cms?partner_id=ADARA HTTP 302
  • https://tag.yieldoptimizer.com/ps/ps?t=i&p=6729&uid=y-sN7953dE2pEnw3QAEcRdFF3HurJznLNpl_k-~A
Request Chain 80
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-MaukbyFaueeaIncn3g2lBFO_e3HQHLpvc1bteQ&expires=30 HTTP 302
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-MaukbyFaueeaIncn3g2lBFO_e3HQHLpvc1bteQ&expires=30
Request Chain 81
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-coAe8yFaueeaIncn3g2lBFO_e3G4NpQ7aAr8Kg&google_cm&google_hm=ay1jb0FlOHlGYXVlZWFJbmNuM2cybEJGT19lM0c0TnBRN2FBcjhLZw HTTP 302
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-coAe8yFaueeaIncn3g2lBFO_e3G4NpQ7aAr8Kg&google_gid=CAESEB5YJYR--QAPvNFQVTOmdv8&google_cver=1&google_ula=913071,0
Request Chain 82
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP 307
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP 302
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2996160313344722838
Request Chain 83
  • https://secure.adnxs.com/setuid?entity=52&code=k-em0GviFaueeaIncn3g2lBFO_e3FxWH8LjDEBTg HTTP 307
  • https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-em0GviFaueeaIncn3g2lBFO_e3FxWH8LjDEBTg
Request Chain 90
  • https://eb2.3lift.com/xuid?mid=2711&xuid=k-ZE6PXSFaueeaIncn3g2lBFO_e3FhhFvLq0SxeA&dongle=013b HTTP 302
  • https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-ZE6PXSFaueeaIncn3g2lBFO_e3FhhFvLq0SxeA&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
Request Chain 94
  • https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40 HTTP 302
  • https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=P90n7escd3IeJfYfBQYQxePyPjuL-n5s
Request Chain 95
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-nNOmSCFaueeaIncn3g2lBFO_e3ELtGHHG9Bu1Q HTTP 302
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-nNOmSCFaueeaIncn3g2lBFO_e3ELtGHHG9Bu1Q&C=1
Request Chain 99
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-GjKuhSFaueeaIncn3g2lBFO_e3GLzECGW8HJ6Q HTTP 302
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-GjKuhSFaueeaIncn3g2lBFO_e3GLzECGW8HJ6Q
Request Chain 105
  • https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-nvTtDiFaueeaIncn3g2lBFO_e3H43av7WFadZw HTTP 302
  • https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-nvTtDiFaueeaIncn3g2lBFO_e3H43av7WFadZw&cookieCheck=1
Request Chain 107
  • https://sync.aralego.com/idSync/?ucf_nid=dsp-833DD22BEB97673FB4E8B8DBB882B99&ucf_user_id=k-XUdRAiFaueeaIncn3g2lBFO_e3F3cNSTnB-Fgg HTTP 302
  • https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=M2UzOTNhMDgtMWIxNS0zOWEzLThjM2EtMjE3ZjkwYjJiYjkz&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png HTTP 302
  • https://cdn.aralego.net/img/1x1.png
Request Chain 109
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP 302
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=-hsS8HEUS-onjwpVFBwSccblFBxpqstz

112 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request index.php
www.book-secure.com/ 		141 KB
35 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.28.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a754e8de69ad7f62a.awsglobalaccelerator.com
Software
Apache /
Resource Hash
bcc0a6076bad1853f8333fa76f49925410261067869878276bebd563b4142889

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
max-age=3600, must-revalidate
content-encoding
gzip
content-length
35342
content-type
text/html; charset=UTF-8
date
Thu, 13 Apr 2023 01:35:16 GMT
expires
Thu, 13 Apr 2023 02:35:16 GMT
server
Apache
vary
Accept,Accept-Encoding
bootstrap.min.css
dl1rqkcy7hk6s.cloudfront.net/lib/bootstrap/3.1/css/ 		100 KB
17 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dl1rqkcy7hk6s.cloudfront.net/lib/bootstrap/3.1/css/bootstrap.min.css
Requested by
Host: www.book-secure.com
URL: https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.170.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-170-136.bkk50.r.cloudfront.net
Software
Apache /
Resource Hash
8c10c3b4bb217475a24d0976a898fccd3a4c2f00a4a5eb93c611195397cd77cb

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 12 Apr 2023 18:09:12 GMT
Content-Encoding
gzip
Via
1.1 8ffbba808b718b80d2a36ff22aabb696.cloudfront.net (CloudFront)
Last-Modified
Thu, 30 Mar 2023 13:06:57 GMT
Server
Apache
X-Amz-Cf-Pop
BKK50-C1
Age
26765
ETag
"18ed9-5f81dc4707e40-gzip"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
17312
X-Amz-Cf-Id
tH5x0qEDcJwZsYuJNlKrmgULo8mVRi8xKmJfngp6HqQfg5cd2Bz9dg==
stylesheet.min.css
dl1rqkcy7hk6s.cloudfront.net/css/ 		147 KB
26 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dl1rqkcy7hk6s.cloudfront.net/css/stylesheet.min.css?_=71042375e6cbc9ff10c8b53e02fc68fc
Requested by
Host: www.book-secure.com
URL: https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.170.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-170-136.bkk50.r.cloudfront.net
Software
Apache /
Resource Hash
69d2494dd0be194d024c475e657376cf176d0b4ad24e383a1363775ff8947e73

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 12 Apr 2023 18:32:44 GMT
Content-Encoding
gzip
Via
1.1 cbb9633368d7916a268610d876bba61c.cloudfront.net (CloudFront)
Last-Modified
Thu, 30 Mar 2023 13:24:23 GMT
Server
Apache
X-Amz-Cf-Pop
BKK50-C1
Age
25688
ETag
"24a60-5f81e02c92fc0-gzip"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
25979
X-Amz-Cf-Id
vNAhLAVvKQFTRNW0UOuzm9Q6-x0J-vBSftMfsxncsVGrMHdbvBDZXA==
bs-checkbox.css
dl1rqkcy7hk6s.cloudfront.net/lib/bs-checkbox/ 		233 B
668 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dl1rqkcy7hk6s.cloudfront.net/lib/bs-checkbox/bs-checkbox.css
Requested by
Host: www.book-secure.com
URL: https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.170.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-170-136.bkk50.r.cloudfront.net
Software
Apache /
Resource Hash
668ae615713ef1fc88fc0176435b3767622a9bd2b1563caebb9813cd7ba2cee1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 12 Apr 2023 18:10:29 GMT
Content-Encoding
gzip
Via
1.1 8b995a5910ed9188b04e42dd0dc1ceaa.cloudfront.net (CloudFront)
Last-Modified
Thu, 30 Mar 2023 13:06:57 GMT
Server
Apache
X-Amz-Cf-Pop
BKK50-C1
Age
26764
ETag
"e9-5f81dc4707e40-gzip"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
173
X-Amz-Cf-Id
915XtdcEQouc34Zbw2xe2lwhbiyVjKw5wqz3NyukR8IsJsGqfsaBiw==
jquery.nstSlider.min.css
dl1rqkcy7hk6s.cloudfront.net/lib/nstSlider/ 		944 B
779 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://dl1rqkcy7hk6s.cloudfront.net/lib/nstSlider/jquery.nstSlider.min.css
Requested by
Host: www.book-secure.com
URL: https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.170.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-170-136.bkk50.r.cloudfront.net
Software
Apache /
Resource Hash
bee03adda8934ac807fd55b056623374cae6d25cbd975de3191cdcff31b0dbec

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 12 Apr 2023 20:18:40 GMT
Content-Encoding
gzip
Via
1.1 920fe22ff36f037e8c6a26057f59c752.cloudfront.net (CloudFront)
Last-Modified
Thu, 30 Mar 2023 13:06:57 GMT
Server
Apache
X-Amz-Cf-Pop
BKK50-C1
Age
18997
ETag
"3b0-5f81dc4707e40-gzip"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
283
X-Amz-Cf-Id
Rapz_A-8T4TLxQMyqemLaF3Wh21RCBqhma9ihH495OGpbRdg9oZQXQ==
fb-fonts.min.css
www.book-secure.com/css/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.book-secure.com/css/fb-fonts.min.css?_=71042375e6cbc9ff10c8b53e02fc68fc
Requested by
Host: www.book-secure.com
URL: https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.28.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a754e8de69ad7f62a.awsglobalaccelerator.com
Software
Apache /
Resource Hash
6fba0c66d6215f3c2d5308b63dcb46041de4e1b7a7c55ac15260e7d6667e6bb9

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 01:35:17 GMT
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 13:24:23 GMT
server
Apache
etag
"123e-5f81e02c92fc0-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
854
font-awesome.min.css
www.book-secure.com/lib/font-awesome/4.7.0/css/ 		30 KB
7 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.book-secure.com/lib/font-awesome/4.7.0/css/font-awesome.min.css
Requested by
Host: www.book-secure.com
URL: https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.28.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a754e8de69ad7f62a.awsglobalaccelerator.com
Software
Apache /
Resource Hash
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 01:35:17 GMT
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 13:06:57 GMT
server
Apache
etag
"7918-5f81dc4707e40-gzip"
vary
Accept-Encoding
content-type
text/css
accept-ranges
bytes
content-length
7053
jquery.min.js
dl1rqkcy7hk6s.cloudfront.net/lib/jquery/2.0/ 		82 KB
29 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl1rqkcy7hk6s.cloudfront.net/lib/jquery/2.0/jquery.min.js
Requested by
Host: www.book-secure.com
URL: https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.170.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-170-136.bkk50.r.cloudfront.net
Software
Apache /
Resource Hash
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 12 Apr 2023 18:10:29 GMT
Content-Encoding
gzip
Via
1.1 0234e4cf2bd3caace40fbb76cf0d08da.cloudfront.net (CloudFront)
Last-Modified
Thu, 30 Mar 2023 13:06:57 GMT
Server
Apache
X-Amz-Cf-Pop
BKK50-C1
Age
26737
ETag
"14696-5f81dc4707e40-gzip"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
29329
X-Amz-Cf-Id
L5-Kxh0pEXDsisOpiGVwzm4YcCMwZxfhMXfOGCdKo7y76NY9KzYXNQ==
jquery.mobile.custom.1.4.5.events-touch.min.js
dl1rqkcy7hk6s.cloudfront.net/lib/jquery/mobile/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl1rqkcy7hk6s.cloudfront.net/lib/jquery/mobile/jquery.mobile.custom.1.4.5.events-touch.min.js
Requested by
Host: www.book-secure.com
URL: https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.170.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-170-136.bkk50.r.cloudfront.net
Software
Apache /
Resource Hash
5c2f6c5d5cd0fe0ecfa24b844f841c8a73d8baaafb827ec413afa41335aa1c47

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 12 Apr 2023 21:49:35 GMT
Content-Encoding
gzip
Via
1.1 6f1e4f46f7a60e02ba0635d03ed63d7e.cloudfront.net (CloudFront)
Last-Modified
Thu, 30 Mar 2023 13:06:57 GMT
Server
Apache
X-Amz-Cf-Pop
BKK50-C1
Age
13542
ETag
"1e68-5f81dc4707e40-gzip"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2872
X-Amz-Cf-Id
PWq7ekLKeH8IP-IkSqOiEDGLI8X2c5KgZvs5g8VBE9kK_XSlkc_PDw==
bootstrap.min.js
dl1rqkcy7hk6s.cloudfront.net/lib/bootstrap/3.1/js/ 		28 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl1rqkcy7hk6s.cloudfront.net/lib/bootstrap/3.1/js/bootstrap.min.js
Requested by
Host: www.book-secure.com
URL: https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.170.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-170-136.bkk50.r.cloudfront.net
Software
Apache /
Resource Hash
03bf371e3ca4739cfe6bea61f0126b7cbb94e4713e970651f9acd5acb3d9e399

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 12 Apr 2023 20:37:12 GMT
Content-Encoding
gzip
Via
1.1 8b995a5910ed9188b04e42dd0dc1ceaa.cloudfront.net (CloudFront)
Last-Modified
Thu, 30 Mar 2023 13:06:57 GMT
Server
Apache
X-Amz-Cf-Pop
BKK50-C1
Age
18223
ETag
"71a9-5f81dc4707e40-gzip"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
7665
X-Amz-Cf-Id
pxDVYww1iI0GU2xqdLkESo8jQAQizBwF3tTW2ficFaJYu1yg4p3gFA==
sha512.min.js
dl1rqkcy7hk6s.cloudfront.net/lib/jssha/1.5.0/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl1rqkcy7hk6s.cloudfront.net/lib/jssha/1.5.0/sha512.min.js
Requested by
Host: www.book-secure.com
URL: https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.170.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-170-136.bkk50.r.cloudfront.net
Software
Apache /
Resource Hash
3e6dac4313c59e4fc8e6871cb930fed6b354249cacfb3df422f43992b8bbe070

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 12 Apr 2023 18:27:10 GMT
Content-Encoding
gzip
Via
1.1 920fe22ff36f037e8c6a26057f59c752.cloudfront.net (CloudFront)
Last-Modified
Thu, 30 Mar 2023 13:06:57 GMT
Server
Apache
X-Amz-Cf-Pop
BKK50-C1
Age
25688
ETag
"2594-5f81dc4707e40-gzip"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4053
X-Amz-Cf-Id
t1WmWXQZjwWvz9FgrtgxJLGQW85qlc8jxOANbBw2JvGnQp973aAjXg==
seamless.parent.min.js
dl1rqkcy7hk6s.cloudfront.net/lib/seamless/ 		16 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl1rqkcy7hk6s.cloudfront.net/lib/seamless/seamless.parent.min.js
Requested by
Host: www.book-secure.com
URL: https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.170.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-170-136.bkk50.r.cloudfront.net
Software
Apache /
Resource Hash
26a1a5b524c374c4f0ce4ccdf223364da8e0436155855c3676e4fa59d881fbd8

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 12 Apr 2023 20:32:54 GMT
Content-Encoding
gzip
Via
1.1 6f1e4f46f7a60e02ba0635d03ed63d7e.cloudfront.net (CloudFront)
Last-Modified
Thu, 30 Mar 2023 13:06:57 GMT
Server
Apache
X-Amz-Cf-Pop
BKK50-C1
Age
18223
ETag
"3feb-5f81dc4707e40-gzip"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5928
X-Amz-Cf-Id
jGnorE6LxncAy3P1GRf7pQqEaby5rYcGupDc7L_HhsY-0FOakgNOqg==
moment-2.19.1.min.js
dl1rqkcy7hk6s.cloudfront.net/lib/momentjs/ 		50 KB
17 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl1rqkcy7hk6s.cloudfront.net/lib/momentjs/moment-2.19.1.min.js
Requested by
Host: www.book-secure.com
URL: https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.170.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-170-136.bkk50.r.cloudfront.net
Software
Apache /
Resource Hash
2c95f4f25e28459d41620f0cc995d299b9ed5c4cf6e5f6da8d5f3976afdb5bfc

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 12 Apr 2023 18:10:29 GMT
Content-Encoding
gzip
Via
1.1 8ffbba808b718b80d2a36ff22aabb696.cloudfront.net (CloudFront)
Last-Modified
Thu, 30 Mar 2023 13:06:57 GMT
Server
Apache
X-Amz-Cf-Pop
BKK50-C1
Age
26765
ETag
"c842-5f81dc4707e40-gzip"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
16677
X-Amz-Cf-Id
T1-ayfpBTYCjnM5tCDZyONh6J-uparu2GSMjtzGpWDS5ZeW6sPB1aA==
underscore.min.js
dl1rqkcy7hk6s.cloudfront.net/lib/underscore/ 		18 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl1rqkcy7hk6s.cloudfront.net/lib/underscore/underscore.min.js
Requested by
Host: www.book-secure.com
URL: https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.170.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-170-136.bkk50.r.cloudfront.net
Software
Apache /
Resource Hash
1bb03826b26326516a3f4c9a9b39f03e3000a4828f91a75e1dfc88c2269af5ed

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 12 Apr 2023 18:32:44 GMT
Content-Encoding
gzip
Via
1.1 cbb9633368d7916a268610d876bba61c.cloudfront.net (CloudFront)
Last-Modified
Thu, 30 Mar 2023 13:06:57 GMT
Server
Apache
X-Amz-Cf-Pop
BKK50-C1
Age
25688
ETag
"4695-5f81dc4707e40-gzip"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
6436
X-Amz-Cf-Id
RpLrz8zn3NV3wvjaBj-7jUWTddMbJjtvtHMQABfYYvl_vo1WL3L4BQ==
js-cookie.2.2.0.min.js
dl1rqkcy7hk6s.cloudfront.net/lib/js-cookie/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl1rqkcy7hk6s.cloudfront.net/lib/js-cookie/js-cookie.2.2.0.min.js
Requested by
Host: www.book-secure.com
URL: https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.170.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-170-136.bkk50.r.cloudfront.net
Software
Apache /
Resource Hash
3202ba1cb0ab2ebf8eeb0caebf6fa6ba681b5575c48b2f314f345d82eedaaac2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 12 Apr 2023 20:31:35 GMT
Content-Encoding
gzip
Via
1.1 0234e4cf2bd3caace40fbb76cf0d08da.cloudfront.net (CloudFront)
Last-Modified
Thu, 30 Mar 2023 13:06:57 GMT
Server
Apache
X-Amz-Cf-Pop
BKK50-C1
Age
18223
ETag
"6b0-5f81dc4707e40-gzip"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
897
X-Amz-Cf-Id
rKPtQd_5s1EW6oGptcm6IgJLO6ziPAzlD_9cFWpLiHtZ4nsv9C4-Pg==
script.js
dl1rqkcy7hk6s.cloudfront.net/lib/seamless/ 		3 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl1rqkcy7hk6s.cloudfront.net/lib/seamless/script.js
Requested by
Host: www.book-secure.com
URL: https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.170.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-170-136.bkk50.r.cloudfront.net
Software
Apache /
Resource Hash
c7dfde47413fead32b1f5919178e734773aebad164c0e28b49f61c55e6336a1b

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 12 Apr 2023 21:00:32 GMT
Content-Encoding
gzip
Via
1.1 920fe22ff36f037e8c6a26057f59c752.cloudfront.net (CloudFront)
Last-Modified
Thu, 30 Mar 2023 13:06:57 GMT
Server
Apache
X-Amz-Cf-Pop
BKK50-C1
Age
16486
ETag
"d4e-5f81dc4707e40-gzip"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
871
X-Amz-Cf-Id
r4IWDkRZhHfxVLWABzEMjaOlHPi4oC3uHT_yNRD2qqpON5wuN62HxA==
stefanpenner.es6-promise.auto.v4.1.1.min.js
dl1rqkcy7hk6s.cloudfront.net/lib/es6-promise/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl1rqkcy7hk6s.cloudfront.net/lib/es6-promise/stefanpenner.es6-promise.auto.v4.1.1.min.js
Requested by
Host: www.book-secure.com
URL: https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.170.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-170-136.bkk50.r.cloudfront.net
Software
Apache /
Resource Hash
388dcdf7308a69b0e8bf6ad917397c94951709c3fb126b06706a0fe83317402a

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 12 Apr 2023 20:31:35 GMT
Content-Encoding
gzip
Via
1.1 8b995a5910ed9188b04e42dd0dc1ceaa.cloudfront.net (CloudFront)
Last-Modified
Thu, 30 Mar 2023 13:06:57 GMT
Server
Apache
X-Amz-Cf-Pop
BKK50-C1
Age
18223
ETag
"18d1-5f81dc4707e40-gzip"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2460
X-Amz-Cf-Id
j-5UxU9MIhMGjdzaINQ3lymPnTESui1NhGjZfH1gzt9WguZQ1IHiVA==
stickyfill-2.0.3.min.js
dl1rqkcy7hk6s.cloudfront.net/lib/stickyfill/ 		6 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl1rqkcy7hk6s.cloudfront.net/lib/stickyfill/stickyfill-2.0.3.min.js
Requested by
Host: www.book-secure.com
URL: https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.170.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-170-136.bkk50.r.cloudfront.net
Software
Apache /
Resource Hash
77bf60e84e126d1609cc0a302c3953dc25ae054aaee3514d04a4726d4f2609fe

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 12 Apr 2023 18:27:09 GMT
Content-Encoding
gzip
Via
1.1 6f1e4f46f7a60e02ba0635d03ed63d7e.cloudfront.net (CloudFront)
Last-Modified
Thu, 30 Mar 2023 13:06:57 GMT
Server
Apache
X-Amz-Cf-Pop
BKK50-C1
Age
25688
ETag
"1893-5f81dc4707e40-gzip"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2250
X-Amz-Cf-Id
j2VCBjm2A3kXZgvmtgFXzqyJ7JGfd0_ca7P3Ub3xe3qKu7ioDNN4hQ==
github-url-polyfill.0.5.6.min.js
dl1rqkcy7hk6s.cloudfront.net/lib/url-polyfill/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl1rqkcy7hk6s.cloudfront.net/lib/url-polyfill/github-url-polyfill.0.5.6.min.js
Requested by
Host: www.book-secure.com
URL: https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.170.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-170-136.bkk50.r.cloudfront.net
Software
Apache /
Resource Hash
506a9b297902612afaccbf54b291b2f96b4ee889e652dcf1861deef530848be6

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 12 Apr 2023 13:55:08 GMT
Content-Encoding
gzip
Via
1.1 8ffbba808b718b80d2a36ff22aabb696.cloudfront.net (CloudFront)
Last-Modified
Thu, 30 Mar 2023 13:06:57 GMT
Server
Apache
X-Amz-Cf-Pop
BKK50-C1
Age
42220
ETag
"1e45-5f81dc4707e40-gzip"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2411
X-Amz-Cf-Id
L2Y8pe_EwgD1cWQBVmq1ifQbBW0NY7NROlvgM97DVv5vHlbLEdtTiw==
base-polyfills.min.js
dl1rqkcy7hk6s.cloudfront.net/lib/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl1rqkcy7hk6s.cloudfront.net/lib/base-polyfills.min.js
Requested by
Host: www.book-secure.com
URL: https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.170.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-170-136.bkk50.r.cloudfront.net
Software
Apache /
Resource Hash
954f8e8fe6d2d96972b35ab3b4fe82b4bc7945604c57299a023908692db367a1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 12 Apr 2023 22:09:18 GMT
Content-Encoding
gzip
Via
1.1 0234e4cf2bd3caace40fbb76cf0d08da.cloudfront.net (CloudFront)
Last-Modified
Thu, 30 Mar 2023 13:06:57 GMT
Server
Apache
X-Amz-Cf-Pop
BKK50-C1
Age
12360
ETag
"7fd-5f81dc4707e40-gzip"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
831
X-Amz-Cf-Id
hNTuh-EZrDKrCcue00zvUw_VkKGN2pei_XiFv5llnfWJ1wDQylw0qQ==
bs-checkbox.min.js
dl1rqkcy7hk6s.cloudfront.net/lib/bs-checkbox/ 		760 B
804 B 		Script
General
Check archive.org
Download Go to
Full URL
https://dl1rqkcy7hk6s.cloudfront.net/lib/bs-checkbox/bs-checkbox.min.js
Requested by
Host: www.book-secure.com
URL: https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.170.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-170-136.bkk50.r.cloudfront.net
Software
Apache /
Resource Hash
b606b08990cfed29e29ca4d86620ea64ccf28320276a124b3bf8443d57e324f2

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 12 Apr 2023 19:35:03 GMT
Content-Encoding
gzip
Via
1.1 cbb9633368d7916a268610d876bba61c.cloudfront.net (CloudFront)
Last-Modified
Thu, 30 Mar 2023 13:06:57 GMT
Server
Apache
X-Amz-Cf-Pop
BKK50-C1
Age
21615
ETag
"2f8-5f81dc4707e40-gzip"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
294
X-Amz-Cf-Id
lo-23O91IV9GJLQJKr7Gom1mOdB-IDXSPmu_qDI9xWG1IrKZPXdMcw==
jquery.nstSlider.min.js
dl1rqkcy7hk6s.cloudfront.net/lib/nstSlider/ 		19 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl1rqkcy7hk6s.cloudfront.net/lib/nstSlider/jquery.nstSlider.min.js
Requested by
Host: www.book-secure.com
URL: https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.170.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-170-136.bkk50.r.cloudfront.net
Software
Apache /
Resource Hash
dcfab92c44a1ba3a26c85bd7119ca7e53b4870491e73003859aea16fa48cad34

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 12 Apr 2023 18:27:10 GMT
Content-Encoding
gzip
Via
1.1 920fe22ff36f037e8c6a26057f59c752.cloudfront.net (CloudFront)
Last-Modified
Thu, 30 Mar 2023 13:06:57 GMT
Server
Apache
X-Amz-Cf-Pop
BKK50-C1
Age
25688
ETag
"4a27-5f81dc4707e40-gzip"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
5290
X-Amz-Cf-Id
csZZ8hO8j0zDzD6yGW96G5Uuvdhp1wJmRPq6TbRRKqwizK5YyWmQXQ==
utils.min.js
dl1rqkcy7hk6s.cloudfront.net/dist/ 		98 KB
23 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl1rqkcy7hk6s.cloudfront.net/dist/utils.min.js?_=71042375e6cbc9ff10c8b53e02fc68fc
Requested by
Host: www.book-secure.com
URL: https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.170.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-170-136.bkk50.r.cloudfront.net
Software
Apache /
Resource Hash
7ba2507f485bd0e1ed2d1b0d7683dbe470fd555c6953242428a72b7646168cd0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 12 Apr 2023 18:10:30 GMT
Content-Encoding
gzip
Via
1.1 8b995a5910ed9188b04e42dd0dc1ceaa.cloudfront.net (CloudFront)
Last-Modified
Thu, 30 Mar 2023 13:24:24 GMT
Server
Apache
X-Amz-Cf-Pop
BKK50-C1
Age
26765
ETag
"1867a-5f81e02d87200-gzip"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
22645
X-Amz-Cf-Id
y45WvRm7ZT9oVujVTqSFD_fprtVHFxJxOWXjqQpK6Lum4sjg_KAT8A==
app.min.js
dl1rqkcy7hk6s.cloudfront.net/dist/ 		603 KB
131 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl1rqkcy7hk6s.cloudfront.net/dist/app.min.js?_=71042375e6cbc9ff10c8b53e02fc68fc
Requested by
Host: www.book-secure.com
URL: https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.170.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-170-136.bkk50.r.cloudfront.net
Software
Apache /
Resource Hash
e082e916148e753edf9e29e9dd934646e1ae7f2a1d87457aa4ed4f095428bbe1

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 12 Apr 2023 18:27:10 GMT
Content-Encoding
gzip
Via
1.1 6f1e4f46f7a60e02ba0635d03ed63d7e.cloudfront.net (CloudFront)
Last-Modified
Thu, 30 Mar 2023 13:24:29 GMT
Server
Apache
X-Amz-Cf-Pop
BKK50-C1
Age
25688
ETag
"96d30-5f81e0324bd40-gzip"
Transfer-Encoding
chunked
Vary
Accept-Encoding
Content-Type
application/javascript
X-Cache
Hit from cloudfront
Connection
keep-alive
Accept-Ranges
bytes
X-Amz-Cf-Id
dDfUBWMyUwwfPEhXxD1rJkrLs8hOC0ek4HbH-O8qsHRmxrS-KGam6A==
bugsnag.min.js
d2wy8f7a9ursnm.cloudfront.net/v6/ 		40 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Requested by
Host: www.book-secure.com
URL: https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.170.96 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-170-96.bkk50.r.cloudfront.net
Software
AmazonS3 /
Resource Hash
4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Fri, 17 Mar 2023 16:08:12 GMT
x-amz-version-id
null
Content-Encoding
gzip
Via
1.1 9933b8bdc1656274b760df58e70eebf6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop
BKK50-C1
Age
2280426
Transfer-Encoding
chunked
X-Cache
Hit from cloudfront
Connection
keep-alive
Last-Modified
Wed, 05 Feb 2020 15:23:02 GMT
Server
AmazonS3
ETag
W/"e63788b8657ac52b3cdbb970e551c2a4"
Vary
Accept-Encoding
Content-Type
application/javascript; charset=UTF-8
Cache-Control
public, max-age=315360000
X-Amz-Cf-Id
NBZRbpT9HsWawqb31FrCeTjtBErmbLqcUx1mh3y5PnWmmi2Qwdq8Tg==
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.88.7 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
7.88.190.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://www.book-secure.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 13 Apr 2023 01:35:20 GMT
via
1.1 google
/
sessions.bugsnag.com/ 		21 B
97 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.88.7 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
7.88.190.35.bc.googleusercontent.com
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://www.book-secure.com/
Bugsnag-Sent-At
2023-04-13T01:35:19.745Z
accept-language
en-AU,en;q=0.9
Bugsnag-Api-Key
ef38ccc03c07a16c90bc15404dc076ec
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 13 Apr 2023 01:35:20 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
content-type
application/json
common.json
www.book-secure.com/dist/data/Globalize/ 		102 KB
21 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.book-secure.com/dist/data/Globalize/common.json
Requested by
Host: dl1rqkcy7hk6s.cloudfront.net
URL: https://dl1rqkcy7hk6s.cloudfront.net/lib/jquery/2.0/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.28.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a754e8de69ad7f62a.awsglobalaccelerator.com
Software
Apache /
Resource Hash
4ca74ff3599f36c3eec4753c85fbb38cd23b062293affbad58eb23efac82bc90

Request headers

Accept
*/*
Referer
https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
X-Requested-With
XMLHttpRequest
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 01:35:19 GMT
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 13:24:31 GMT
server
Apache
etag
"198cc-5f81e034341c0-gzip"
vary
Accept-Encoding
content-type
application/json
accept-ranges
bytes
content-length
21699
en-GB.json
www.book-secure.com/dist/data/Globalize/ 		67 KB
10 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.book-secure.com/dist/data/Globalize/en-GB.json
Requested by
Host: dl1rqkcy7hk6s.cloudfront.net
URL: https://dl1rqkcy7hk6s.cloudfront.net/lib/jquery/2.0/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.28.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a754e8de69ad7f62a.awsglobalaccelerator.com
Software
Apache /
Resource Hash
2f8caa2e30755760ff544be56f46aed00b81e4515501b548689eb6ae5fdc28e4

Request headers

Accept
*/*
Referer
https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
X-Requested-With
XMLHttpRequest
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 01:35:19 GMT
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 13:24:31 GMT
server
Apache
etag
"10c30-5f81e034341c0-gzip"
vary
Accept-Encoding
content-type
application/json
accept-ranges
bytes
content-length
9649
api.php
www.book-secure.com/ 		230 B
378 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.book-secure.com/api.php?_undefined
Requested by
Host: dl1rqkcy7hk6s.cloudfront.net
URL: https://dl1rqkcy7hk6s.cloudfront.net/lib/jquery/2.0/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.28.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a754e8de69ad7f62a.awsglobalaccelerator.com
Software
Apache /
Resource Hash
def95d717b5ced4735ab7c2bc05da80e45b400b8a92f935614afcddd8195a9c1

Request headers

X-Original-Referer
X-Front-App-Version
1.159.0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
X-Requested-With
XMLHttpRequest

Response headers

access-control-allow-origin
*
date
Thu, 13 Apr 2023 01:35:19 GMT
content-encoding
gzip
server
Apache
content-length
230
vary
Accept-Encoding
content-type
text/html; charset=UTF-8
api.php
www.book-secure.com/ 		1 KB
562 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.book-secure.com/api.php?_translate
Requested by
Host: dl1rqkcy7hk6s.cloudfront.net
URL: https://dl1rqkcy7hk6s.cloudfront.net/lib/jquery/2.0/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.28.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a754e8de69ad7f62a.awsglobalaccelerator.com
Software
Apache /
Resource Hash
68e1cf3cb18df17e9b12268fb9500f0fa691000553a6e39b30180a9eef4d6e92

Request headers

X-Original-Referer
X-Front-App-Version
1.159.0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
X-Requested-With
XMLHttpRequest

Response headers

access-control-allow-origin
*
date
Thu, 13 Apr 2023 01:35:20 GMT
content-encoding
gzip
server
Apache
content-length
421
vary
Accept-Encoding
content-type
application/json
jquery.htmlClean.min.js
www.book-secure.com/lib/jquery/ 		12 KB
4 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.book-secure.com/lib/jquery/jquery.htmlClean.min.js?_=71042375e6cbc9ff10c8b53e02fc68fc
Requested by
Host: dl1rqkcy7hk6s.cloudfront.net
URL: https://dl1rqkcy7hk6s.cloudfront.net/lib/jquery/2.0/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.28.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a754e8de69ad7f62a.awsglobalaccelerator.com
Software
Apache /
Resource Hash
701d63e90c9c980dcbffda20de9ab9e47c7bf5579a9d2c6debd71e09b878d2bc

Request headers

Accept
text/javascript, application/javascript, application/ecmascript, application/x-ecmascript, */*; q=0.01
Referer
https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
X-Requested-With
XMLHttpRequest
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 01:35:20 GMT
content-encoding
gzip
last-modified
Thu, 30 Mar 2023 13:06:57 GMT
server
Apache
etag
"31b6-5f81dc4707e40-gzip"
vary
Accept-Encoding
content-type
application/javascript
accept-ranges
bytes
content-length
3729
jquery.validate.min.js
ajax.aspnetcdn.com/ajax/jquery.validate/1.11.1/ 		21 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.aspnetcdn.com/ajax/jquery.validate/1.11.1/jquery.validate.min.js?_=71042375e6cbc9ff10c8b53e02fc68fc
Requested by
Host: dl1rqkcy7hk6s.cloudfront.net
URL: https://dl1rqkcy7hk6s.cloudfront.net/lib/jquery/2.0/jquery.min.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
117.18.232.200 , Australia, ASN15133 (EDGECAST, US),
Reverse DNS
Software
ECAcc (nwa/E7D0) /
Resource Hash
7705fee13417229d718f14947e9860d5bb2b25bd15c9f5cd834f2545c7bad0a6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 01:35:20 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
5778834
x-cache
HIT
content-length
6367
x-xss-protection
1; mode=block
last-modified
Mon, 31 Oct 2016 23:42:28 GMT
server
ECAcc (nwa/E7D0)
etag
"08a7370d033d21:0"
vary
Accept-Encoding
content-type
application/javascript
access-control-allow-origin
*
cache-control
public,max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
api.php
www.book-secure.com/ 		4 KB
2 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.book-secure.com/api.php?_property
Requested by
Host: dl1rqkcy7hk6s.cloudfront.net
URL: https://dl1rqkcy7hk6s.cloudfront.net/lib/jquery/2.0/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.28.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a754e8de69ad7f62a.awsglobalaccelerator.com
Software
Apache /
Resource Hash
1b9bf1dd060dfd2f5c6d9946d026e7c20fec970bfd633447ce584b83f89ea446

Request headers

X-Original-Referer
X-Front-App-Version
1.159.0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
X-Requested-With
XMLHttpRequest

Response headers

access-control-allow-origin
*
date
Thu, 13 Apr 2023 01:35:20 GMT
content-encoding
gzip
server
Apache
content-length
1855
vary
Accept-Encoding
content-type
application/json
api.php
www.book-secure.com/ 		8 KB
841 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.book-secure.com/api.php?_accommodations
Requested by
Host: dl1rqkcy7hk6s.cloudfront.net
URL: https://dl1rqkcy7hk6s.cloudfront.net/lib/jquery/2.0/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.28.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a754e8de69ad7f62a.awsglobalaccelerator.com
Software
Apache /
Resource Hash
dcb3cb25c7e4552511d9401edb62bb185547d041487c7200a5a2d483fd2ac9d5

Request headers

X-Original-Referer
X-Front-App-Version
1.159.0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
X-Requested-With
XMLHttpRequest

Response headers

access-control-allow-origin
*
date
Thu, 13 Apr 2023 01:35:21 GMT
content-encoding
gzip
server
Apache
content-length
700
vary
Accept-Encoding
content-type
application/json
api.php
www.book-secure.com/ 		14 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.book-secure.com/api.php?_rates
Requested by
Host: dl1rqkcy7hk6s.cloudfront.net
URL: https://dl1rqkcy7hk6s.cloudfront.net/lib/jquery/2.0/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.28.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a754e8de69ad7f62a.awsglobalaccelerator.com
Software
Apache /
Resource Hash
4ba04b8dc27dc999b90df7786a1e8657491fc90c3a29c98bc98c45cafba0a925

Request headers

X-Original-Referer
X-Front-App-Version
1.159.0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
X-Requested-With
XMLHttpRequest

Response headers

access-control-allow-origin
*
date
Thu, 13 Apr 2023 01:35:21 GMT
content-encoding
gzip
server
Apache
content-length
1220
vary
Accept-Encoding
content-type
application/json
api.php
www.book-secure.com/ 		49 B
154 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.book-secure.com/api.php?_services
Requested by
Host: dl1rqkcy7hk6s.cloudfront.net
URL: https://dl1rqkcy7hk6s.cloudfront.net/lib/jquery/2.0/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.28.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a754e8de69ad7f62a.awsglobalaccelerator.com
Software
Apache /
Resource Hash
9a7fee6f50e70ed71a3e31d51b3ee2142b24b8e1f79d95a8efc39e45f746acdc

Request headers

X-Original-Referer
X-Front-App-Version
1.159.0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
X-Requested-With
XMLHttpRequest

Response headers

access-control-allow-origin
*
date
Thu, 13 Apr 2023 01:35:21 GMT
server
Apache
content-length
49
content-type
application/json
api.php
www.book-secure.com/ 		17 KB
3 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.book-secure.com/api.php?_config
Requested by
Host: dl1rqkcy7hk6s.cloudfront.net
URL: https://dl1rqkcy7hk6s.cloudfront.net/lib/jquery/2.0/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.28.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a754e8de69ad7f62a.awsglobalaccelerator.com
Software
Apache /
Resource Hash
871a4e53f9ec007be588f0c7e4590ccca33dd89e479429d821f20d202718bd39

Request headers

X-Original-Referer
X-Front-App-Version
1.159.0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
X-Requested-With
XMLHttpRequest

Response headers

access-control-allow-origin
*
date
Thu, 13 Apr 2023 01:35:21 GMT
content-encoding
gzip
server
Apache
content-length
3218
vary
Accept-Encoding
content-type
application/json
gtm.js
www.googletagmanager.com/ 		471 KB
116 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtm.js?id=GTM-TX76XB&l=dataLayerFB
Requested by
Host: www.book-secure.com
URL: https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
461e481155648c6ac24cb3392d42c526fdb366aa486f92744923c082089904db
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 01:35:21 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
117886
x-xss-protection
0
last-modified
Thu, 13 Apr 2023 00:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Thu, 13 Apr 2023 01:35:21 GMT
fbtracking.js
tracker.book-secure.com/ 		4 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker.book-secure.com/fbtracking.js?_=71042375e6cbc9ff10c8b53e02fc68fc
Requested by
Host: dl1rqkcy7hk6s.cloudfront.net
URL: https://dl1rqkcy7hk6s.cloudfront.net/lib/jquery/2.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.143.140 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-143-140.ap-southeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
45fd402a92ae1ab8ee75a7b76d4e304719ca71b790be620857301ecc54f0f058

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Thu, 13 Apr 2023 01:35:21 GMT
Cache-Control
public,max-age=86400
Server
Apache
Connection
close
Content-Length
4099
Vary
User-Agent,Accept-Encoding
Content-Type
application/javascript
/
sessions.bugsnag.com/ 		21 B
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.88.7 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
7.88.190.35.bc.googleusercontent.com
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://www.book-secure.com/
Bugsnag-Sent-At
2023-04-13T01:35:21.309Z
accept-language
en-AU,en;q=0.9
Bugsnag-Api-Key
ef38ccc03c07a16c90bc15404dc076ec
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 13 Apr 2023 01:35:21 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
content-type
application/json
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.88.7 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
7.88.190.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://www.book-secure.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 13 Apr 2023 01:35:21 GMT
via
1.1 google
/
sessions.bugsnag.com/ 		21 B
34 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Requested by
Host: d2wy8f7a9ursnm.cloudfront.net
URL: https://d2wy8f7a9ursnm.cloudfront.net/v6/bugsnag.min.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.88.7 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
7.88.190.35.bc.googleusercontent.com
Software
/
Resource Hash
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a

Request headers

Bugsnag-Payload-Version
1
Referer
https://www.book-secure.com/
Bugsnag-Sent-At
2023-04-13T01:35:21.310Z
accept-language
en-AU,en;q=0.9
Bugsnag-Api-Key
ef38ccc03c07a16c90bc15404dc076ec
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/json

Response headers

access-control-allow-origin
*
date
Thu, 13 Apr 2023 01:35:21 GMT
via
1.1 google
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
21
content-type
application/json
/
sessions.bugsnag.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://sessions.bugsnag.com/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
35.190.88.7 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
7.88.190.35.bc.googleusercontent.com
Software
/
Resource Hash

Request headers

Accept
*/*
Access-Control-Request-Headers
bugsnag-api-key,bugsnag-payload-version,bugsnag-sent-at,content-type
Access-Control-Request-Method
POST
Origin
https://www.book-secure.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-headers
Origin, Content-Type, Accept, Authorization, User-Agent, Referer, X-Forwarded-For, Bugsnag-Api-Key, Bugsnag-Payload-Version, Bugsnag-Sent-At
access-control-allow-methods
POST
access-control-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
date
Thu, 13 Apr 2023 01:35:21 GMT
via
1.1 google
hoteldetails.min.js
dl1rqkcy7hk6s.cloudfront.net/dist/modules/ 		23 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl1rqkcy7hk6s.cloudfront.net/dist/modules/hoteldetails.min.js?_=71042375e6cbc9ff10c8b53e02fc68fc
Requested by
Host: dl1rqkcy7hk6s.cloudfront.net
URL: https://dl1rqkcy7hk6s.cloudfront.net/lib/jquery/2.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.170.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-170-136.bkk50.r.cloudfront.net
Software
Apache /
Resource Hash
d09fcb259e131cb25657dd6b0f722727dfdeb1e577b6e48d3c84ca8e2338fc9c

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 12 Apr 2023 23:55:49 GMT
Content-Encoding
gzip
Via
1.1 6f1e4f46f7a60e02ba0635d03ed63d7e.cloudfront.net (CloudFront)
Last-Modified
Thu, 30 Mar 2023 13:24:30 GMT
Server
Apache
X-Amz-Cf-Pop
BKK50-C1
Age
5972
ETag
"5dfb-5f81e0333ff80-gzip"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4566
X-Amz-Cf-Id
e3Tr7kfgwCDm6Ui9AlYPHaYt-PN1I3DwX63jVYQWdNjUpalEgO2CYA==
mplus-1p-regular_latin+latin-ext_gdi.woff
www.book-secure.com/fonts/latin/regular/ 		97 KB
97 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.book-secure.com/fonts/latin/regular/mplus-1p-regular_latin+latin-ext_gdi.woff
Requested by
Host: www.book-secure.com
URL: https://www.book-secure.com/css/fb-fonts.min.css?_=71042375e6cbc9ff10c8b53e02fc68fc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.28.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a754e8de69ad7f62a.awsglobalaccelerator.com
Software
Apache /
Resource Hash
07a3d82dcd9c1534f80a5651484ee2d9eb8fe9ccc108e10c7312f79152582f33

Request headers

Referer
https://www.book-secure.com/css/fb-fonts.min.css?_=71042375e6cbc9ff10c8b53e02fc68fc
Origin
https://www.book-secure.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 01:35:21 GMT
last-modified
Thu, 30 Mar 2023 13:06:57 GMT
server
Apache
accept-ranges
bytes
etag
"18360-5f81dc4707e40"
content-length
99168
content-type
application/font-woff
fontawesome-webfont.woff2
www.book-secure.com/lib/font-awesome/4.7.0/fonts/ 		75 KB
76 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.book-secure.com/lib/font-awesome/4.7.0/fonts/fontawesome-webfont.woff2?v=4.7.0
Requested by
Host: www.book-secure.com
URL: https://www.book-secure.com/lib/font-awesome/4.7.0/css/font-awesome.min.css
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.28.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a754e8de69ad7f62a.awsglobalaccelerator.com
Software
Apache /
Resource Hash
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe

Request headers

Referer
https://www.book-secure.com/lib/font-awesome/4.7.0/css/font-awesome.min.css
Origin
https://www.book-secure.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 01:35:21 GMT
last-modified
Thu, 30 Mar 2023 13:06:57 GMT
server
Apache
accept-ranges
bytes
etag
"12d68-5f81dc4707e40"
content-length
77160
mplus-1p-light_latin+latin-ext_gdi.woff
www.book-secure.com/fonts/latin/light/ 		93 KB
93 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.book-secure.com/fonts/latin/light/mplus-1p-light_latin+latin-ext_gdi.woff
Requested by
Host: www.book-secure.com
URL: https://www.book-secure.com/css/fb-fonts.min.css?_=71042375e6cbc9ff10c8b53e02fc68fc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.28.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a754e8de69ad7f62a.awsglobalaccelerator.com
Software
Apache /
Resource Hash
a3c57ffd8e5b6d386a2403fbf184a8e0e750e31f92bba5bef4da6a4d03fb0a7e

Request headers

Referer
https://www.book-secure.com/css/fb-fonts.min.css?_=71042375e6cbc9ff10c8b53e02fc68fc
Origin
https://www.book-secure.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 01:35:21 GMT
last-modified
Thu, 30 Mar 2023 13:06:57 GMT
server
Apache
accept-ranges
bytes
etag
"1739c-5f81dc4707e40"
content-length
95132
content-type
application/font-woff
mplus-1p-bold_latin+latin-ext_gdi.woff
www.book-secure.com/fonts/latin/bold/ 		97 KB
97 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.book-secure.com/fonts/latin/bold/mplus-1p-bold_latin+latin-ext_gdi.woff
Requested by
Host: www.book-secure.com
URL: https://www.book-secure.com/css/fb-fonts.min.css?_=71042375e6cbc9ff10c8b53e02fc68fc
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.28.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a754e8de69ad7f62a.awsglobalaccelerator.com
Software
Apache /
Resource Hash
09f71f365f7e34f5e4fd16876912b057ee189d0c8bf4e05edfb838277bd26a46

Request headers

Referer
https://www.book-secure.com/css/fb-fonts.min.css?_=71042375e6cbc9ff10c8b53e02fc68fc
Origin
https://www.book-secure.com
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 01:35:21 GMT
last-modified
Thu, 30 Mar 2023 13:06:57 GMT
server
Apache
accept-ranges
bytes
etag
"183f0-5f81dc4707e40"
content-length
99312
content-type
application/font-woff
roomdetails.min.js
dl1rqkcy7hk6s.cloudfront.net/dist/modules/ 		10 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://dl1rqkcy7hk6s.cloudfront.net/dist/modules/roomdetails.min.js?_=71042375e6cbc9ff10c8b53e02fc68fc
Requested by
Host: dl1rqkcy7hk6s.cloudfront.net
URL: https://dl1rqkcy7hk6s.cloudfront.net/lib/jquery/2.0/jquery.min.js
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_128_GCM
Server
65.9.170.136 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-170-136.bkk50.r.cloudfront.net
Software
Apache /
Resource Hash
389bd2b091e133afcb997084e52483550841c62c4afd3f3c46c2119005886edf

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Wed, 12 Apr 2023 08:34:34 GMT
Content-Encoding
gzip
Via
1.1 6f1e4f46f7a60e02ba0635d03ed63d7e.cloudfront.net (CloudFront)
Last-Modified
Thu, 30 Mar 2023 13:24:31 GMT
Server
Apache
X-Amz-Cf-Pop
BKK50-C1
Age
61262
ETag
"284e-5f81e034341c0-gzip"
Vary
Accept-Encoding
X-Cache
Hit from cloudfront
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
2219
X-Amz-Cf-Id
kHNrM7ga9V62srkPPY09thFzScnp2h9PSzVT4sYS5rSyYfrHkhBqUg==
api.php
www.book-secure.com/ 		13 KB
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.book-secure.com/api.php?_quotation
Requested by
Host: dl1rqkcy7hk6s.cloudfront.net
URL: https://dl1rqkcy7hk6s.cloudfront.net/lib/jquery/2.0/jquery.min.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.28.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a754e8de69ad7f62a.awsglobalaccelerator.com
Software
Apache /
Resource Hash
d4813b496d2085ebf1ce161171f6887b0fd305476b696aacb0e85f4252d5a316

Request headers

X-Original-Referer
X-Front-App-Version
1.159.0
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8
Accept
application/json, text/javascript, */*; q=0.01
Referer
https://www.book-secure.com/index.php?s=results&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
X-Requested-With
XMLHttpRequest

Response headers

access-control-allow-origin
*
date
Thu, 13 Apr 2023 01:35:22 GMT
content-encoding
gzip
server
Apache
content-length
1311
vary
Accept-Encoding
content-type
application/json
thirdparty.php
tracker.book-secure.com/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracker.book-secure.com/thirdparty.php?version=92676&origin=www.book-secure.com%2Findex.php
Requested by
Host: tracker.book-secure.com
URL: https://tracker.book-secure.com/fbtracking.js?_=71042375e6cbc9ff10c8b53e02fc68fc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.143.140 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-143-140.ap-southeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Apr 2023 01:35:22 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
20
Expires
0
hit.php
tracker.book-secure.com/ 		82 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracker.book-secure.com/hit.php?version=92676&ref=
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.143.140 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-143-140.ap-southeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
c3106f827a8886ebb557e77aecf868550765fa0977190def7d5a6ff9871c3a0f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Apr 2023 01:35:22 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding,User-Agent
P3P
CP="NOI DSP COR NID CUR OUR NOR STA"
Access-Control-Allow-Origin
*
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
93
Expires
0
thirdparty.php
tracker.book-secure.com/ 		0
343 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://tracker.book-secure.com/thirdparty.php?version=92676&origin=www.book-secure.com%2Findex.php&action=%2FFastbooking%2Findividual-hotel%2Fnzauc11094%2FUtils%2FInit
Requested by
Host: tracker.book-secure.com
URL: https://tracker.book-secure.com/fbtracking.js?_=71042375e6cbc9ff10c8b53e02fc68fc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.143.140 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-143-140.ap-southeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Apr 2023 01:35:22 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding,User-Agent
Content-Type
text/html; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
20
Expires
0
hit.php
tracker.book-secure.com/ 		82 B
581 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tracker.book-secure.com/hit.php?version=92676&ref=&action=%2FFastbooking%2Findividual-hotel%2Fnzauc11094%2FUtils%2FInit
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.74.143.140 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-74-143-140.ap-southeast-1.compute.amazonaws.com
Software
Apache /
Resource Hash
c3106f827a8886ebb557e77aecf868550765fa0977190def7d5a6ff9871c3a0f

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Apr 2023 01:35:22 GMT
Content-Encoding
gzip
Server
Apache
Vary
Accept-Encoding,User-Agent
P3P
CP="NOI DSP COR NID CUR OUR NOR STA"
Access-Control-Allow-Origin
*
Content-Type
image/png
Cache-Control
no-cache, no-store, must-revalidate
Connection
close
Content-Length
93
Expires
0
digitalmediatrackingconfig.js
tracker.d-edgeconnect.media/Fastbooking/nzauc11094/ 		704 B
760 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tracker.d-edgeconnect.media/Fastbooking/nzauc11094/digitalmediatrackingconfig.js?v=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TX76XB&l=dataLayerFB
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
13.107.238.71 , United States, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software
/ ASP.NET
Resource Hash
d16b79ab6505e8f1c057d01e76a6580196ebc0530550bd23d686c0d7beb8bb38
Security Headers
Name Value
Strict-Transport-Security max-age=2592000

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=2592000
content-encoding
gzip
date
Thu, 13 Apr 2023 01:35:22 GMT
x-powered-by
ASP.NET
vary
Accept-Encoding
x-cache
TCP_HIT
content-type
text/javascript
access-control-allow-origin
*
cache-control
public,max-age=14400
x-azure-ref
0Wlw3ZAAAAAA9hdwB+uoHTaoaMe3Z48yvU1lEMDNFREdFMTgxOAA5MTdhYmUyNi0yZTQ4LTRmMGUtYTEwMS0zZDcyOWUyMmEzMzI=
js
www.googletagmanager.com/gtag/ 		193 KB
70 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-L05E6552YD&l=dataLayerFB&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TX76XB&l=dataLayerFB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
c4efa8945984481ad8a6b92aebc2a33b6b3720e4c90cf37e3d41379fb1bd5541
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 01:35:22 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
71404
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 13 Apr 2023 01:35:22 GMT
icon-package-salesterms-cross.png
www.book-secure.com/images/pictos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.book-secure.com/images/pictos/icon-package-salesterms-cross.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.28.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a754e8de69ad7f62a.awsglobalaccelerator.com
Software
Apache /
Resource Hash
6e75cb16fc5bfff8a28e0aaee2a62fb33fb88018ca953a62d93bb0b0205d3800

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/index.php?s=results&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 01:35:23 GMT
last-modified
Thu, 30 Mar 2023 13:06:57 GMT
server
Apache
accept-ranges
bytes
etag
"bc8-5f81dc4707e40"
content-length
3016
content-type
image/png
icon-package-salesterms-payment-checkout.png
www.book-secure.com/images/pictos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.book-secure.com/images/pictos/icon-package-salesterms-payment-checkout.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.28.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a754e8de69ad7f62a.awsglobalaccelerator.com
Software
Apache /
Resource Hash
99f8e23d7d8856a2d92401c3435735b3ff45e8058b4af33068982cdcd99421c0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/index.php?s=results&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 01:35:23 GMT
last-modified
Thu, 30 Mar 2023 13:06:57 GMT
server
Apache
accept-ranges
bytes
etag
"c98-5f81dc4707e40"
content-length
3224
content-type
image/png
icon-room-occupancy-2.png
www.book-secure.com/images/pictos/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.book-secure.com/images/pictos/icon-room-occupancy-2.png
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
76.223.28.122 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
a754e8de69ad7f62a.awsglobalaccelerator.com
Software
Apache /
Resource Hash
0190e297eab669333f9623f55df05446df929410ac7826b5754981a2c386ab14

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/index.php?s=results&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 01:35:23 GMT
last-modified
Thu, 30 Mar 2023 13:06:57 GMT
server
Apache
accept-ranges
bytes
etag
"d2e-5f81dc4707e40"
content-length
3374
content-type
image/png
landing
googleads.g.doubleclick.net/pagead/
Redirect Chain
  • https://www.google.com/pagead/landing?gcs=G111&gcd=G100&rnd=1248780868.1681349723&url=https%3A%2F%2Fwww.book-secure.com%2Findex.php&gtm=45He34a0n71TX76XB&auid=1277302390.1681349723
  • https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G100&rnd=1248780868.1681349723&url=https%3A%2F%2Fwww.book-secure.com%2Findex.php&gtm=45He34a0n71TX76XB&auid=1277302390.1681349723
42 B
588 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G100&rnd=1248780868.1681349723&url=https%3A%2F%2Fwww.book-secure.com%2Findex.php&gtm=45He34a0n71TX76XB&auid=1277302390.1681349723
Protocol
H2
Server
142.251.12.157 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
se-in-f157.1e100.net
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Apr 2023 01:35:24 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Apr 2023 01:35:23 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://googleads.g.doubleclick.net/pagead/landing?gcs=G111&gcd=G100&rnd=1248780868.1681349723&url=https%3A%2F%2Fwww.book-secure.com%2Findex.php&gtm=45He34a0n71TX76XB&auid=1277302390.1681349723
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
taevents-c.js
static.tacdn.com/js3/ 		2 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.tacdn.com/js3/taevents-c.js
Requested by
Host: www.book-secure.com
URL: https://www.book-secure.com/index.php?s=validate-collect&property=nzauc11094&arrival=2023-04-13&departure=2023-04-14&adults1=2&children1=0&locale=en_GB&currency=NZD&stid=xd9mil2mz
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
151.101.2.83 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software
envoy /
Resource Hash
13c02c2cc512bde38c2801cb35899632d368edcf627e6e8c4b5f638bc49f5008

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-cache-hits
22652
date
Thu, 13 Apr 2023 01:35:23 GMT
content-encoding
br
via
1.1 varnish
age
2957504
x-cache
HIT
content-length
1321
x-request-id
8ef7a6cb-77ac-436d-a617-84432958a6b9
x-served-by
cache-syd10183-SYD
last-modified
Sun, 26 Feb 2023 12:32:58 GMT
server
envoy
x-timer
S1681349724.577940,VS0,VE0
vary
Accept-Encoding
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
max-age=31536000, immutable
accept-ranges
bytes
timing-allow-origin
*
expires
Fri, 08 Mar 2024 20:03:37 GMT
ps
tag.yieldoptimizer.com/ps/
Redirect Chain
  • https://tag.yieldoptimizer.com/ps/ps?t=s&p=3209&pg=step1&ue=&hcy=Auckland&hst=&hcr=NZ&hid=2023-04-13&hod=2023-04-14&hnn=1&hna=2&hnc=0&hni=&hnr=1&hcd=nzauc11094&hnm=LyLo%20Auckland&haf=&htf=0&cu=und...
  • https://tag.yieldoptimizer.com/ps/ps?tc=824312393&t=s&p=3209&pg=step1&ue=&hcy=Auckland&hst=&hcr=NZ&hid=2023-04-13&hod=2023-04-14&hnn=1&hna=2&hnc=0&hni=&hnr=1&hcd=nzauc11094&hnm=LyLo%20Auckland&haf=...
1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.yieldoptimizer.com/ps/ps?tc=824312393&t=s&p=3209&pg=step1&ue=&hcy=Auckland&hst=&hcr=NZ&hid=2023-04-13&hod=2023-04-14&hnn=1&hna=2&hnc=0&hni=&hnr=1&hcd=nzauc11094&hnm=LyLo%20Auckland&haf=&htf=0&cu=undefined&hcf=undefined&hcx=&hhd=&hrm=undefined&hsr=undefined&
Protocol
H2
Server
35.190.20.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
9.20.190.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
31bf6458f953b4abe9a10ee25b9c97d0bb28ac46bd04df19e93da1d7114413e7

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Apr 2023 01:35:23 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type
text/javascript;charset=ISO-8859-1
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1183
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Apr 2023 01:35:23 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location
https://tag.yieldoptimizer.com/ps/ps?tc=824312393&t=s&p=3209&pg=step1&ue=&hcy=Auckland&hst=&hcr=NZ&hid=2023-04-13&hod=2023-04-14&hnn=1&hna=2&hnc=0&hni=&hnr=1&hcd=nzauc11094&hnm=LyLo%20Auckland&haf=&htf=0&cu=undefined&hcf=undefined&hcx=&hhd=&hrm=undefined&hsr=undefined&
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
js
www.googletagmanager.com/gtag/ 		182 KB
67 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-75BS2DG1WC&l=dataLayerFB&cx=c
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TX76XB&l=dataLayerFB
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.4.97 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sm-in-f97.1e100.net
Software
Google Tag Manager /
Resource Hash
a8270a5634e53e65560dd3b1d763ceec542616242ac662f0a0e0aa162de8cc5e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 01:35:23 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
68686
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Thu, 13 Apr 2023 01:35:23 GMT
collect
www.google-analytics.com/g/ 		0
248 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-L05E6552YD&gtm=45je34a0&_p=1208645477&gcs=G111&cid=822057581.1681349723&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&dt=RoomSelection&dl=https%3A%2F%2Fwww.book-secure.com%2Findex.php%3Fs%3Dresults%26property%3Dnzauc11094%26arrival%3D2023-04-13%26departure%3D2023-04-14%26adults1%3D2%26children1%3D0%26locale%3Den_GB%26currency%3DNZD%26stid%3Dxd9mil2mz&sid=1681349723&sct=1&seg=0&en=page_view&_fv=1&_nsi=1&_ss=1&ep.screen=RoomSelection&ep.booking_engine_template=&ep.be_reference=&ep.be_application=Attraction&epn.timestamp=1681349723&ep.check_in_date=2023-04-13&ep.check_out_date=2023-04-14&ep.property_id=nzauc11094&epn.adult_count=2&epn.child_count=0&ep.infant_count=&epn.guest_count=2&epn.length_of_stay=1&epn.lead_time=0&ep.booking_step=step1&ep.availability=Yes&ep.property_country=NZ&ep.property_city=Auckland&ep.loyalty=false&ep.language_displayed=en_GB&ep.property_name=LyLo%20Auckland&up.language_displayed=en_GB
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L05E6552YD&l=dataLayerFB&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Apr 2023 01:35:23 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.book-secure.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ld.js
static.criteo.net/js/ld/ 		44 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://static.criteo.net/js/ld/ld.js
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-TX76XB&l=dataLayerFB
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.129 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
nginx /
Resource Hash
6d1eadaea40a2f254cd8467e61254c36f506788d237ab6cb64cb575a5b7aab0a
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 01:35:23 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
last-modified
Thu, 30 Mar 2023 09:08:39 GMT
server
nginx
etag
W/"64255197-aff6"
content-type
text/javascript
access-control-allow-origin
*
cache-control
max-age=86400, public
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
expires
Fri, 14 Apr 2023 01:35:23 GMT
RT
www.tamgrt.com/ Frame 55FB 		0
0 		Document
General
Check archive.org
Download Go to
Full URL
https://www.tamgrt.com/RT
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
104.76.128.61 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-76-128-61.deploy.static.akamaitechnologies.com
Software
envoy /
Resource Hash

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.book-secure.com
Referer
https://www.book-secure.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-headers
X-Requested-With, Content-Type
access-control-allow-origin
*
cache-control
max-age=0, no-cache, no-store
content-type
text/plain; charset=utf-8
date
Thu, 13 Apr 2023 01:35:24 GMT
expires
Thu, 13 Apr 2023 01:35:24 GMT
p3p
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
pragma
no-cache
server
envoy
timing-allow-origin
https://www.tripadvisor.com
vary
Accept-Encoding
x-request-id
9ea52d1b-40f5-41ce-a771-ef60f058e728
collect
servertags.book-secure.com/g/ 		65 B
551 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://servertags.book-secure.com/g/collect?v=2&tid=G-75BS2DG1WC&gtm=45je34a0&_p=1208645477&gcs=G111&cid=822057581.1681349723&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=AU&sst.rnd=1248780868.1681349723&sst.gcd=G100&sst.adr=1&_s=1&sid=1681349723&sct=1&seg=0&dl=https%3A%2F%2Fwww.book-secure.com%2Findex.php%3Fs%3Dresults%26property%3Dnzauc11094%26arrival%3D2023-04-13%26departure%3D2023-04-14%26adults1%3D2%26children1%3D0%26locale%3Den_GB%26currency%3DNZD%26stid%3Dxd9mil2mz&dt=LyLo%20Auckland&en=page_view&_fv=1&_ss=1&ep.platform=Attraction&ep.check_in_date=2023-04-13&ep.check_out_date=2023-04-14&ep.property_id=nzauc11094&epn.adult_count=2&epn.child_count=0&ep.infant_count=&epn.guest_count=2&epn.length_of_stay=1&epn.lead_time=0&ep.booking_step=step1&ep.screen=RoomSelection&ep.availability=Yes&ep.property_country=NZ&ep.property_city=Auckland&ep.loyalty=false&ep.language_displayed=en_GB&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-75BS2DG1WC&l=dataLayerFB&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.121 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f121.1e100.net
Software
/
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 01:35:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.book-secure.com
cache-control
no-cache
access-control-allow-credentials
true
pixel
cm.g.doubleclick.net/
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=NDAxMzE3NDAwMDIzMw&google_sc
  • https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=NDAxMzE3NDAwMDIzMw&google_sc=&google_tc=
170 B
243 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=NDAxMzE3NDAwMDIzMw&google_sc=&google_tc=
Protocol
H2
Server
74.125.130.156 Nashville, United States, ASN15169 (GOOGLE, US),
Reverse DNS
sb-in-f156.1e100.net
Software
HTTP server (unknown) /
Resource Hash
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Apr 2023 01:35:24 GMT
server
HTTP server (unknown)
content-type
image/png
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
170
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Apr 2023 01:35:24 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cm.g.doubleclick.net/pixel?google_nid=adara_dmp&google_hm=NDAxMzE3NDAwMDIzMw&google_sc=&google_tc=
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
315
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ps
tag.yieldoptimizer.com/ps/
Redirect Chain
  • https://match.adsrvr.org/track/cmf/generic?ttd_pid=o456qfe&ttd_tpi=1
  • https://match.adsrvr.org/track/cmb/generic?ttd_pid=o456qfe&ttd_tpi=1
  • https://tag.yieldoptimizer.com/ps/ps?t=i&p=5530&ttd_id=d69aad9d-2b18-4670-923c-d9e9dc4211bb
43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tag.yieldoptimizer.com/ps/ps?t=i&p=5530&ttd_id=d69aad9d-2b18-4670-923c-d9e9dc4211bb
Protocol
H3
Server
35.190.20.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
9.20.190.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Apr 2023 01:35:23 GMT
via
1.1 google
server
Apache-Coyote/1.1
content-type
image/gif
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Apr 2023 01:35:24 GMT
x-aspnet-version
4.0.30319
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://tag.yieldoptimizer.com/ps/ps?t=i&p=5530&ttd_id=d69aad9d-2b18-4670-923c-d9e9dc4211bb
content-type
text/html
cache-control
private,no-cache, must-revalidate
content-length
213
394499.gif
idsync.rlcdn.com/ 		42 B
451 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/394499.gif?partner_uid=4013174000233
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 01:35:24 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
aasync
tag.adaraanalytics.com/ps/ 		0
387 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tag.adaraanalytics.com/ps/aasync?ckid=NDAxMzE3NDAwMDIzM3wxNjgxMzQ5NzIzODE2
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
34.102.245.175 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS
175.245.102.34.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Apr 2023 01:35:23 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Thu, 01 Jan 1970 00:00:00 GMT
ps
tag.yieldoptimizer.com/ps/
Redirect Chain
  • https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMTc0Nzc3NDY2NS90LzI/url/https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=$!{TURN_UUID}
  • https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=3616751845844541815
43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=3616751845844541815
Protocol
H3
Server
35.190.20.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
9.20.190.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Apr 2023 01:35:25 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type
image/gif
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://tag.yieldoptimizer.com/ps/ps?t=i&p=4889&turn_id=3616751845844541815
pragma
no-cache
date
Thu, 13 Apr 2023 01:35:24 GMT
cache-control
max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length
0
p3p
policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"
demconf.jpg
dpm.demdex.net/
Redirect Chain
  • https://dpm.demdex.net/ibs:dpid=22069&dpuuid=4013174000233
  • https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=4013174000233
42 B
942 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=4013174000233
Protocol
HTTP/1.1
Server
34.216.93.162 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-34-216-93-162.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Content-Type-Options nosniff

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

DCS
dcs-prod-usw2-1-v043-066ab6209.edge-usw2.demdex.com 2 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
content-encoding
gzip
X-Content-Type-Options
nosniff
X-TID
7IGiqAGLQzw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type
image/gif
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
59
Expires
Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS
dcs-prod-usw2-1-v043-014f56c82.edge-usw2.demdex.com 0 ms
Pragma
no-cache
Strict-Transport-Security
max-age=31536000; includeSubDomains
X-TID
Ea3fmAiFSUw=
P3P
policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=22069&dpuuid=4013174000233
Cache-Control
no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection
keep-alive
Content-Length
0
Expires
Thu, 01 Jan 1970 00:00:00 UTC
usermatch.gif
beacon.krxd.net/ 		0
337 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=adara&partner_uid=4013174000233
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
35.155.33.79 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-33-79.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-served-by
beacon-n015-pdx-prod.krxd.net
date
Thu, 13 Apr 2023 01:35:24 GMT
cache-control
private, no-cache, no-store
x-request-time
D=37 t=1681349724
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
ps
tag.yieldoptimizer.com/ps/
Redirect Chain
  • https://sync.srv.stackadapt.com/sync?nid=adara
  • https://tag.yieldoptimizer.com/ps/ps?t=i&p=8064&uid=pXYUMTA3U2ldXQgmZ52wtq310YE
43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tag.yieldoptimizer.com/ps/ps?t=i&p=8064&uid=pXYUMTA3U2ldXQgmZ52wtq310YE
Protocol
H3
Server
35.190.20.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
9.20.190.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Apr 2023 01:35:24 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type
image/gif
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Location
https://tag.yieldoptimizer.com/ps/ps?t=i&p=8064&uid=pXYUMTA3U2ldXQgmZ52wtq310YE
Date
Thu, 13 Apr 2023 01:35:25 GMT
Connection
keep-alive
Content-Length
110
Content-Type
text/html; charset=utf-8
ps
tag.yieldoptimizer.com/ps/
Redirect Chain
  • https://cms.analytics.yahoo.com/cms?partner_id=ADARA
  • https://ups.analytics.yahoo.com/ups/58700/cms?partner_id=ADARA
  • https://tag.yieldoptimizer.com/ps/ps?t=i&p=6729&uid=y-sN7953dE2pEnw3QAEcRdFF3HurJznLNpl_k-~A
43 B
68 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tag.yieldoptimizer.com/ps/ps?t=i&p=6729&uid=y-sN7953dE2pEnw3QAEcRdFF3HurJznLNpl_k-~A
Protocol
H3
Server
35.190.20.9 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
9.20.190.35.bc.googleusercontent.com
Software
Apache-Coyote/1.1 /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Apr 2023 01:35:25 GMT
via
1.1 google
server
Apache-Coyote/1.1
p3p
CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
content-type
image/gif
cache-control
no-cache
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
43
expires
Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

location
https://tag.yieldoptimizer.com/ps/ps?t=i&p=6729&uid=y-sN7953dE2pEnw3QAEcRdFF3HurJznLNpl_k-~A
date
Thu, 13 Apr 2023 01:35:25 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
content-length
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
syncframe
gum.criteo.com/ Frame 7DFF 		15 KB
6 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/syncframe?topUrl=www.book-secure.com&origin=onetag
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

Referer
https://www.book-secure.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
accept-language
en-AU,en;q=0.9

Response headers

cache-control
private, max-age=3600
content-encoding
gzip
content-type
text/html; charset=utf-8
cross-origin-embedder-policy
require-corp
cross-origin-resource-policy
cross-origin
date
Thu, 13 Apr 2023 01:35:24 GMT
server
Kestrel
server-processing-duration-in-ticks
442249
strict-transport-security
max-age=31536000; preload;
vary
Accept-Encoding
collect
servertags.book-secure.com/g/ 		65 B
429 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://servertags.book-secure.com/g/collect?v=2&tid=G-75BS2DG1WC&gtm=45je34a0&_p=1208645477&gcs=G111&cid=822057581.1681349723&ul=en-us&sr=1600x1200&_fplc=0&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sst.uc=AU&sst.rnd=1248780868.1681349723&sst.gcd=G100&sst.adr=1&sid=1681349723&sct=1&seg=0&dl=https%3A%2F%2Fwww.book-secure.com%2Findex.php%3Fs%3Dresults%26property%3Dnzauc11094%26arrival%3D2023-04-13%26departure%3D2023-04-14%26adults1%3D2%26children1%3D0%26locale%3Den_GB%26currency%3DNZD%26stid%3Dxd9mil2mz&dt=LyLo%20Auckland&_s=2&richsstsse
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-75BS2DG1WC&l=dataLayerFB&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
74.125.24.121 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
sf-in-f121.1e100.net
Software
/
Resource Hash
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://www.book-secure.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

date
Thu, 13 Apr 2023 01:35:24 GMT
content-encoding
gzip
x-content-type-options
nosniff
via
1.1 google
vary
Accept-Encoding
content-type
text/plain
access-control-allow-origin
https://www.book-secure.com
cache-control
no-cache
access-control-allow-credentials
true
json
gum.criteo.com/sid/ Frame 7DFF 		441 B
561 B 		Fetch
General
Check archive.org
Download Go to
Full URL
https://gum.criteo.com/sid/json?origin=onetag&domain=book-secure.com&sn=ChromeSyncframe&so=0&topUrl=www.book-secure.com&cw=1&lsw=1&topicsavail=0&fledgeavail=0
Requested by
Host: gum.criteo.com
URL: https://gum.criteo.com/syncframe?topUrl=www.book-secure.com&origin=onetag
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
182.161.73.136 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
2516e006f9ab8582f0f936e0b2bb1922772208bc657cdb9bcf1c9e44b238c269
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://gum.criteo.com/syncframe?topUrl=www.book-secure.com&origin=onetag
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Apr 2023 01:35:24 GMT
strict-transport-security
max-age=31536000; preload;
content-encoding
gzip
server
Kestrel
vary
Accept-Encoding
content-type
application/json; charset=utf-8
cache-control
no-cache, no-store, must-revalidate
server-processing-duration-in-ticks
2068489
expires
0
event
sslwidget.criteo.com/ 		9 KB
4 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://sslwidget.criteo.com/event?a=an%3Dweb-dedge.com%26cn%3DAU%26ln%3Den&v=5.15.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvp%26p%3DNZASI31_2023-04-13_2023-04-14&p3=e%3Dvs%26din%3D2023-04-13%26dout%3D2023-04-14&p4=e%3Ddis&adce=1&bundle=22xa4F9sS29NZiUyQlRDem9JVU1hZXZCYUklMkI1YyUyRmhXU2RFSXptT01lcHBiaHExYUVUdEVhM20zbG43YUFEeDJKVFRZVWhvWCUyQjdnMXhpZW9IVVVINndMTENRajJmVyUyRnIxdm10dlJoUmx1VUgxbUU1U3JFRDBwNDJYM1BZRGElMkYlMkZ6a2NBcU5kZTROOWVKWWZIak4xY29UcDU4T1padyUzRCUzRA&tld=book-secure.com&fu=https%253A%252F%252Fwww.book-secure.com%252Findex.php%253Fs%253Dresults%2526property%253Dnzauc11094%2526arrival%253D2023-04-13%2526departure%253D2023-04-14%2526adults1%253D2%2526children1%253D0%2526locale%253Den_GB%2526currency%253DNZD%2526stid%253Dxd9mil2mz&ceid=7f6f9977-2acb-4f7f-933c-d13d1c0a224a&dtycbr=64027
Requested by
Host: static.criteo.net
URL: https://static.criteo.net/js/ld/ld.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
178.250.1.9 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software
Kestrel /
Resource Hash
9952a30b9a387936a4f1364b68948b581b2d109f29f8062b026d896e7a233dd1
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
https://www.book-secure.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Apr 2023 01:35:26 GMT
content-encoding
gzip
strict-transport-security
max-age=31536000; preload;
server
Kestrel
content-type
application/x-javascript
access-control-allow-origin
*
p3p
NON DSP COR CURa PSA PSD OUR BUS NAV STA
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
25948293
timing-allow-origin
*
expires
0
sync
x.bidswitch.net/ul_cb/ Frame 3CDC
Redirect Chain
  • https://x.bidswitch.net/sync?dsp_id=46&user_id=k-MaukbyFaueeaIncn3g2lBFO_e3HQHLpvc1bteQ&expires=30
  • https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-MaukbyFaueeaIncn3g2lBFO_e3HQHLpvc1bteQ&expires=30
43 B
510 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-MaukbyFaueeaIncn3g2lBFO_e3HQHLpvc1bteQ&expires=30
Protocol
HTTP/1.1
Server
35.213.12.39 Tokyo, Japan, ASN15169 (GOOGLE, US),
Reverse DNS
39.12.213.35.bc.googleusercontent.com
Software
nginx /
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Thu, 13 Apr 2023 01:35:27 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
43
Content-Type
image/gif

Redirect headers

Location
https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-MaukbyFaueeaIncn3g2lBFO_e3HQHLpvc1bteQ&expires=30
Date
Thu, 13 Apr 2023 01:35:26 GMT
Cache-Control
no-cache, no-store, must-revalidate
Server
nginx
Connection
keep-alive
Content-Length
0
cookiematch.aspx
dis.criteo.com/dis/rtb/google/ Frame 3CDC
Redirect Chain
  • https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-coAe8yFaueeaIncn3g2lBFO_e3G4NpQ7aAr8Kg&google_cm&google_hm=ay1jb0FlOHlGYXVlZWFJbmNuM2cybEJGT19lM0c0TnBRN...
  • https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-coAe8yFaueeaIncn3g2lBFO_e3G4NpQ7aAr8Kg&google_gid=CAESEB5YJYR--QAPvNFQVTOmdv8&google_cver=1&google_ula=913071,0
43 B
371 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-coAe8yFaueeaIncn3g2lBFO_e3G4NpQ7aAr8Kg&google_gid=CAESEB5YJYR--QAPvNFQVTOmdv8&google_cver=1&google_ula=913071,0
Protocol
H2
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Apr 2023 01:35:26 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1868101
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

pragma
no-cache
date
Thu, 13 Apr 2023 01:35:26 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-coAe8yFaueeaIncn3g2lBFO_e3G4NpQ7aAr8Kg&google_gid=CAESEB5YJYR--QAPvNFQVTOmdv8&google_cver=1&google_ula=913071,0
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
398
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookiematch.aspx
dis.criteo.com/dis/rtb/appnexus/ Frame 3CDC
Redirect Chain
  • https://ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
  • https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
  • https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2996160313344722838
43 B
370 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2996160313344722838
Protocol
H2
Server
182.161.73.146 , Singapore, ASN55569 (CRITEO-AS-AP Criteo APAC, JP),
Reverse DNS
Software
Kestrel /
Resource Hash
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload;

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Apr 2023 01:35:26 GMT
strict-transport-security
max-age=31536000; preload;
server
Kestrel
p3p
CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
content-type
image/gif
cache-control
no-cache
cross-origin-resource-policy
cross-origin
server-processing-duration-in-ticks
1861848
timing-allow-origin
*
expires
Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

Date
Thu, 13 Apr 2023 01:35:27 GMT
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection
keep-alive
X-Proxy-Origin
173.245.209.129; 173.245.209.129; 899.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Pragma
no-cache
AN-X-Request-Uuid
77195eec-420e-4e22-b694-0161e94f1d09
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
Access-Control-Allow-Origin
*
Location
https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=2996160313344722838
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Expires
Sat, 15 Nov 2008 16:00:00 GMT
bounce
secure.adnxs.com/ Frame 3CDC
Redirect Chain
  • https://secure.adnxs.com/setuid?entity=52&code=k-em0GviFaueeaIncn3g2lBFO_e3FxWH8LjDEBTg
  • https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-em0GviFaueeaIncn3g2lBFO_e3FxWH8LjDEBTg
43 B
1 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-em0GviFaueeaIncn3g2lBFO_e3FxWH8LjDEBTg
Protocol
HTTP/1.1
Server
104.254.151.68 Los Angeles, United States, ASN29990 (ASN-APPNEX, US),
Reverse DNS
904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net
Software
nginx/1.21.3 /
Resource Hash
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
Security Headers
Name Value
X-Xss-Protection 0

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Apr 2023 01:35:27 GMT
AN-X-Request-Uuid
3c791f24-32a3-415d-a3e2-8b7f5bd9a047
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
image/gif
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin
*
Cache-Control
no-store, no-cache, private
Access-Control-Allow-Credentials
true
Connection
keep-alive
X-Proxy-Origin
173.245.209.129; 173.245.209.129; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
43
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Thu, 13 Apr 2023 01:35:26 GMT
AN-X-Request-Uuid
caac5e21-a763-4110-811e-d7d81fb88820
Server
nginx/1.21.3
Accept-CH
Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type
text/html; charset=utf-8
P3P
policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location
https://secure.adnxs.com/bounce?%2Fsetuid%3Fentity%3D52%26code%3Dk-em0GviFaueeaIncn3g2lBFO_e3FxWH8LjDEBTg
Cache-Control
no-store, no-cache, private
Connection
keep-alive
X-Proxy-Origin
173.245.209.129; 173.245.209.129; 904.bm-nginx-loadbalancer.mgmt.lax1.adnexus.net; adnxs.com
Content-Length
0
X-XSS-Protection
0
Expires
Sat, 15 Nov 2008 16:00:00 GMT
cksync.php
contextual.media.net/ Frame 3CDC 		61 B
801 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-7Pj1-CFaueeaIncn3g2lBFO_e3H8RafxEB9IMQ
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.96.11 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-96-11.deploy.static.akamaitechnologies.com
Software
Apache /
Resource Hash
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
strict-transport-security
max-age=31536000
date
Thu, 13 Apr 2023 01:35:27 GMT
server
Apache
p3p
CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
content-type
image/gif
cache-control
max-age=0, no-cache, no-store
content-length
61
x-mnet-hl2
E
expires
Thu, 13 Apr 2023 01:35:27 GMT
tap.php
pixel.rubiconproject.com/ Frame 3CDC 		42 B
787 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-ifDtlyFaueeaIncn3g2lBFO_e3FT3Q2g2wfBTg&expires=30
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_CBC
Server
69.173.158.64 , Singapore, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Content-Type
image/gif
Pragma
no-cache
Expires
0
Cache-Control
no-cache,no-store,must-revalidate
content-length
42
X-RPHost
beb52df1a5a4b2f2cb3f37642c514298
P3P
CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
v1
match.sharethrough.com/sync/ Frame 3CDC 		68 B
604 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-HqFqMSFaueeaIncn3g2lBFO_e3FevEFKofoCZQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.215.213.239 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-215-213-239.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 01:35:26 GMT
cache-control
no-cache
content-length
68
content-type
image/png
/
rtb-csync.smartadserver.com/redir/ Frame 3CDC 		43 B
688 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-3_QJyiFaueeaIncn3g2lBFO_e3EatJtVQVTpSA
Protocol
HTTP/1.1
Security
TLS 1.3, , AES_256_GCM
Server
23.106.127.164 , Singapore, ASN59253 (LEASEWEB-APAC-SIN-11 Leaseweb Asia Pacific pte. ltd., SG),
Reverse DNS
Software
/
Resource Hash
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type
image/gif
pragma
no-cache
date
Thu, 13 Apr 2023 01:35:26 GMT
cache-control
no-cache,no-store
transfer-encoding
chunked
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
/
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/ Frame 3CDC 		0
232 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-fNGm4CFaueeaIncn3g2lBFO_e3GS_qzkG6L7_Q
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
141.226.229.48 , Singapore, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 01:35:27 GMT
access-control-allow-credentials
true
server
nginx
x-fastly-to-nlb-rtt
412737
um
criteo-sync.teads.tv/ Frame 3CDC 		23 B
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://criteo-sync.teads.tv/um?eid=80&uid=k-R9sgOiFaueeaIncn3g2lBFO_e3FxME9wCW_Gng
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.51.137.72 Central, Hong Kong, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a184-51-137-72.deploy.static.akamaitechnologies.com
Software
akka-http/10.2.10 /
Resource Hash
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

expires
Thu, 13 Apr 2023 01:35:27 GMT
pragma
no-cache
date
Thu, 13 Apr 2023 01:35:27 GMT
cache-control
max-age=0, no-cache, no-store
server
akka-http/10.2.10
content-length
23
content-type
image/gif
xuid
eb2.3lift.com/ Frame 3CDC
Redirect Chain
  • https://eb2.3lift.com/xuid?mid=2711&xuid=k-ZE6PXSFaueeaIncn3g2lBFO_e3FhhFvLq0SxeA&dongle=013b
  • https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-ZE6PXSFaueeaIncn3g2lBFO_e3FhhFvLq0SxeA&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
37 B
354 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://eb2.3lift.com/xuid?ld=1&mid=2711&xuid=k-ZE6PXSFaueeaIncn3g2lBFO_e3FhhFvLq0SxeA&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
Protocol
H2
Server
52.223.2.229 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ade9ecc7904667038.awsglobalaccelerator.com
Software
/
Resource Hash
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type
image/gif
date
Thu, 13 Apr 2023 01:35:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
37
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
/xuid?ld=1&mid=2711&xuid=k-ZE6PXSFaueeaIncn3g2lBFO_e3FhhFvLq0SxeA&dongle=013b&gdpr=0&cmp_cs=&us_privacy=
date
Thu, 13 Apr 2023 01:35:26 GMT
cache-control
no-cache, no-store, must-revalidate
content-length
0
p3p
policyref="http://cdn.3lift.com/w3c/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
sync
ups.analytics.yahoo.com/ups/58301/ Frame 3CDC 		0
322 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-FavjoyFaueeaIncn3g2lBFO_e3GSiYVMlJu3Bg
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
18.143.106.89 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-18-143-106-89.ap-southeast-1.compute.amazonaws.com
Software
ATS/9.1.10.25 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 01:35:26 GMT
strict-transport-security
max-age=31536000
server
ATS/9.1.10.25
age
0
p3p
CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
sync
adgen.socdm.com/rtb/ Frame 3CDC 		43 B
827 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adgen.socdm.com/rtb/sync?proto=adgen&dspid=23
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
124.146.215.3 , Japan, ASN2514 (INFOSPHERE NTT PC Communications, Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-SO-Cluster-ID
0
Date
Thu, 13 Apr 2023 01:35:27 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/rtb\/sync?proto=adgen&dspid=23","cluster_id":0,"gdpr":false,"ipv4":"173.245.209.129","key":"ZDdcX8Co8IwAAI4BYEcAAAAA","privacy_sensitive":false,"uid":"","upstream_id":"a-ad40322"}
X-SO-Key
ZDdcX8Co8IwAAI4BYEcAAAAA
Server
nginx
X-SO-Upstream-ID
a-ad40322
P3P
CP="See also http://www.scaleout.jp/privacy/"
Content-Type
image/gif
Cache-Control
private
X-SO-HostName
a-ad40322.dc2p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
2
Content-Length
43
X-SO-LB-Hostname
m-ng40.dc4p.scaleout.jp
X-SO-IP
173.245.209.129
idsync
tg.socdm.com/aux/ Frame 3CDC 		43 B
869 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tg.socdm.com/aux/idsync?proto=criteo&dsp_uid=k-YgROXSFaueeaIncn3g2lBFO_e3F7MDVNrta-IA
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
202.241.208.57 , Japan, ASN4694 (IDCF IDC Frontier Inc., JP),
Reverse DNS
Software
nginx /
Resource Hash
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

X-SO-Cluster-ID
0
Date
Thu, 13 Apr 2023 01:35:27 GMT
X-SO-LB-Data
{"ban":false,"clean_query":"\/aux\/idsync?proto=criteo&dsp_uid=k-YgROXSFaueeaIncn3g2lBFO_e3F7MDVNrta-IA","cluster_id":0,"gdpr":false,"ipv4":"173.245.209.129","key":"ZDdcX8Co5sAAAC-sVz8AAAAA","privacy_sensitive":false,"uid":"","upstream_id":"m-ad217"}
X-SO-Key
ZDdcX8Co5sAAAC-sVz8AAAAA
Server
nginx
X-SO-Upstream-ID
m-ad217
P3P
CP="See also http://www.scaleout.jp/privacy/"
Content-Type
image/gif
Cache-Control
private
X-SO-HostName
m-ad217.dc4p.scaleout.jp
Connection
keep-alive
X-SO-Ads-Time
3
Content-Length
43
X-SO-LB-Hostname
a-tgng40002.dc2p.scaleout.jp
X-SO-IP
173.245.209.129
sync
tags.bluekai.com/site/29001/ Frame 3CDC
Redirect Chain
  • https://gum.criteo.com/sync?c=4&r=1&a=1&u=https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=%40USERID%40
  • https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=P90n7escd3IeJfYfBQYQxePyPjuL-n5s
62 B
556 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=P90n7escd3IeJfYfBQYQxePyPjuL-n5s
Protocol
H2
Server
104.69.166.9 , Singapore, ASN16625 (AKAMAI-AS, US),
Reverse DNS
a104-69-166-9.deploy.static.akamaitechnologies.com
Software
/
Resource Hash
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
date
Thu, 13 Apr 2023 01:35:27 GMT
content-length
62
bk-server
70c0
content-type
image/gif

Redirect headers

location
https://tags.bluekai.com/site/29001/sync?3rdpartyuserid=P90n7escd3IeJfYfBQYQxePyPjuL-n5s
date
Thu, 13 Apr 2023 01:35:25 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
1095525
content-length
0
rum
r.casalemedia.com/ Frame 3CDC
Redirect Chain
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-nNOmSCFaueeaIncn3g2lBFO_e3ELtGHHG9Bu1Q
  • https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-nNOmSCFaueeaIncn3g2lBFO_e3ELtGHHG9Bu1Q&C=1
43 B
766 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-nNOmSCFaueeaIncn3g2lBFO_e3ELtGHHG9Bu1Q&C=1
Protocol
HTTP/1.1
Server
139.5.84.243 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software
Apache /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Pragma
no-cache
Date
Thu, 13 Apr 2023 01:35:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type
image/gif
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=499
Content-Length
43
Expires
0

Redirect headers

Pragma
no-cache
Date
Thu, 13 Apr 2023 01:35:28 GMT
Server
Apache
P3p
policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location
/rum?cm_dsp_id=20&external_user_id=k-nNOmSCFaueeaIncn3g2lBFO_e3ELtGHHG9Bu1Q&C=1
Cache-Control
no-cache
Connection
Keep-Alive
Keep-Alive
timeout=1, max=500
Content-Length
0
Expires
0
pixel
adx.dable.io/ Frame 3CDC 		0
141 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://adx.dable.io/pixel?dsp_id=6&uid=k-qm-X7yFaueeaIncn3g2lBFO_e3Hp9C71BDTDwA
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
43.200.197.177 Incheon, Korea, Republic Of, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-43-200-197-177.ap-northeast-2.compute.amazonaws.com
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 01:35:27 GMT
server
nginx
/
cs.adingo.jp/sync/ Frame 3CDC 		43 B
411 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cs.adingo.jp/sync/?from=criteo&id=k-si8Z0CFaueeaIncn3g2lBFO_e3HdO8M37-cpQg
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
54.64.172.71 Tokyo, Japan, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-54-64-172-71.ap-northeast-1.compute.amazonaws.com
Software
nginx /
Resource Hash
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

p3p
CP=NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa HISa OUR SAMa OTRa STP UNI STA
pragma
no-cache
date
Thu, 13 Apr 2023 01:35:27 GMT
cache-control
private, no-cache, no-cache=Set-Cookie, proxy-revalidate
content-type
image/gif
server
nginx
expires
Wed, 17 Sep 1975 21:32:10 GMT
user-registering
ads.stickyadstv.com/ Frame 3CDC 		0
0
match
ad.360yield.com/ul_cb/ Frame 3CDC
Redirect Chain
  • https://ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-GjKuhSFaueeaIncn3g2lBFO_e3GLzECGW8HJ6Q
  • https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-GjKuhSFaueeaIncn3g2lBFO_e3GLzECGW8HJ6Q
43 B
448 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-GjKuhSFaueeaIncn3g2lBFO_e3GLzECGW8HJ6Q
Protocol
H2
Server
52.77.91.205 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-77-91-205.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

access-control-allow-origin
*
date
Thu, 13 Apr 2023 01:35:28 GMT
content-type
image/gif
content-length
43
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-GjKuhSFaueeaIncn3g2lBFO_e3GLzECGW8HJ6Q
access-control-allow-origin
*
date
Thu, 13 Apr 2023 01:35:27 GMT
content-type
text/plain
content-length
0
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
362338.gif
idsync.rlcdn.com/ Frame 3CDC 		42 B
289 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://idsync.rlcdn.com/362338.gif?partner_uid=k-FHmyRyFaueeaIncn3g2lBFO_e3Erq90_VZut3g
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
35.190.60.146 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
146.60.190.35.bc.googleusercontent.com
Software
/
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 01:35:26 GMT
via
1.1 google
content-type
image/gif
p3p
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control
no-cache, no-store
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
push
exchange.mediavine.com/usersync/ Frame 3CDC 		0
882 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-BNaBCSFaueeaIncn3g2lBFO_e3F43aSAhcd_-w
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
52.57.134.122 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-52-57-134-122.eu-central-1.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 01:35:28 GMT
cache-control
private, no-cache
access-control-allow-credentials
true
content-encoding
gzip
vary
Origin, Accept-Encoding
content-type
text/html; charset=utf-8
c.gif
c.bing.com/ Frame 3CDC 		42 B
669 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://c.bing.com/c.gif?Red3=CTOMS_pd&cbid=k-TVRFUyFaueeaIncn3g2lBFO_e3E5z0jwOy3DhQ
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
204.79.197.200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
a-0001.a-msedge.net
Software
/ ASP.NET
Resource Hash
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Apr 2023 01:35:27 GMT
last-modified
Thu, 06 Apr 2023 00:02:10 GMT
accept-ch
Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref
Ref A: 621EAB8D6E344DA48F427045CE0CBDEB Ref B: SYD03EDGE1609 Ref C: 2023-04-13T01:35:27Z
etag
"b9f81491b68d91:0"
x-powered-by
ASP.NET
x-cache
CONFIG_NOCACHE
p3p
CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
content-type
image/gif
cache-control
private, no-cache, proxy-revalidate, no-store
accept-ranges
bytes
content-length
42
cookie-sync
sync.outbrain.com/ Frame 3CDC 		0
287 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync.outbrain.com/cookie-sync?p=criteo&uid=k-BpRbQCFaueeaIncn3g2lBFO_e3ETvWfW1nZxIQ&initiator=partner
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_256_GCM
Server
66.225.223.95 Sacramento, United States, ASN3949 (NTTA-3946, US),
Reverse DNS
sa.outbrain.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

Date
Thu, 13 Apr 2023 01:35:28 GMT
Cache-Control
no-cache
X-TraceId
c533ddf7a35638d8cbf0f499169e03d2
Content-Length
0
Pug
simage2.pubmatic.com/AdServer/ Frame 3CDC 		42 B
577 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-iKxXRSFaueeaIncn3g2lBFO_e3GlIJUdQ8z39g
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
67.199.150.86 , Singapore, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software
nginx /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

content-type
image/gif; charset=utf-8
date
Thu, 13 Apr 2023 01:35:26 GMT
cache-control
no-store, no-cache, private
server
nginx
content-length
42
p3p
CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
/
s.ad.smaato.net/c/ Frame 3CDC
Redirect Chain
  • https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-nvTtDiFaueeaIncn3g2lBFO_e3H43av7WFadZw
  • https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-nvTtDiFaueeaIncn3g2lBFO_e3H43av7WFadZw&cookieCheck=1
0
558 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-nvTtDiFaueeaIncn3g2lBFO_e3H43av7WFadZw&cookieCheck=1
Protocol
H2
Server
65.9.17.73 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-65-9-17-73.bkk50.r.cloudfront.net
Software
CloudFront /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 01:35:29 GMT
via
1.1 d3c11e1b74abb80b6dce6f145cab703c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
BKK50-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
cache-control
max-age=300
x-amz-cf-id
GLWEiNhGu550Ub-uiAPXrT-KzLSwzvUlvxiZrI1PhBEGw5yQugXwHg==

Redirect headers

date
Thu, 13 Apr 2023 01:35:28 GMT
via
1.1 d3c11e1b74abb80b6dce6f145cab703c.cloudfront.net (CloudFront)
server
CloudFront
x-amz-cf-pop
BKK50-C1
x-cache
FunctionGeneratedResponse from cloudfront
p3p
CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location
https://s.ad.smaato.net/c/?dspInit=1001851&dspCookie=k-nvTtDiFaueeaIncn3g2lBFO_e3H43av7WFadZw&cookieCheck=1
cache-control
no-cache, must-revalidate
content-length
0
x-amz-cf-id
ZOU2Ays9ozwPIb6Q317PdFLnpCKhMAgXtHSdrPfTUtgsHTGqb22Mcg==
sync.htm
ade.clmbtech.com/uid/ Frame 3CDC 		68 B
302 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ade.clmbtech.com/uid/sync.htm?pid=13079&cuid=k-FCYLMSFaueeaIncn3g2lBFO_e3Euf7NVrUZpyA
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
184.50.85.132 , Singapore, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
a184-50-85-132.deploy.static.akamaitechnologies.com
Software
Bhoot /
Resource Hash
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
Security Headers
Name Value
Strict-Transport-Security max-age=25920000; includeSubdomains
X-Content-Type-Options nosniff
X-Frame-Options sameorigin
X-Xss-Protection 1; mode=block

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

strict-transport-security
max-age=25920000; includeSubdomains
date
Thu, 13 Apr 2023 01:35:28 GMT
x-content-type-options
nosniff
server
Bhoot
x-frame-options
sameorigin
content-type
image/jpeg
x-upstream
172.29.83.55:80
x-request-time
0.001
content-disposition
inline;filename=f.txt
content-length
68
x-xss-protection
1; mode=block
1x1.png
cdn.aralego.net/img/ Frame 3CDC
Redirect Chain
  • https://sync.aralego.com/idSync/?ucf_nid=dsp-833DD22BEB97673FB4E8B8DBB882B99&ucf_user_id=k-XUdRAiFaueeaIncn3g2lBFO_e3F3cNSTnB-Fgg
  • https://cm.g.doubleclick.net/pixel?google_nid=ucfunnel&google_hm=M2UzOTNhMDgtMWIxNS0zOWEzLThjM2EtMjE3ZjkwYjJiYjkz&google_redir=https%3A%2F%2Fcdn.aralego.net%2Fimg%2F1x1.png
  • https://cdn.aralego.net/img/1x1.png
68 B
648 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://cdn.aralego.net/img/1x1.png
Protocol
H2
Server
172.67.71.254 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

date
Thu, 13 Apr 2023 01:35:29 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
854
cf-polished
status=not_needed
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
68
cf-bgj
imgq:85,h2pri
last-modified
Wed, 12 Jun 2019 06:09:43 GMT
server
cloudflare
etag
"5d009727-44"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9zPClV82V4YTyANT8wsoIsBG4dSK%2BJ4ORNQY99o1poG876mNyTXTw2uNYAAFX%2B%2FvS14920uF%2B%2Bx9cpQhg0YqBwZI12zD7mMacSjxttdSNE4e80TN3oAMoPkJXz5USMx3%2FA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
max-age=14400
access-control-allow-credentials
true
accept-ranges
bytes
cf-ray
7b6ff8ffaa0baabb-SYD

Redirect headers

pragma
no-cache
date
Thu, 13 Apr 2023 01:35:28 GMT
server
HTTP server (unknown)
content-type
text/html; charset=UTF-8
location
https://cdn.aralego.net/img/1x1.png
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
232
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
sync
sync-criteo.ads.yieldmo.com/ Frame 3CDC 		43 B
593 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://sync-criteo.ads.yieldmo.com/sync?id=k-UIgDJiFaueeaIncn3g2lBFO_e3GPxTQUSKCT8g&pn_id=criteo&ext=1
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
13.250.217.72 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-13-250-217-72.ap-southeast-1.compute.amazonaws.com
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

pragma
no-cache
date
Thu, 13 Apr 2023 01:35:28 GMT
accept-ch
Sec-CH-UA,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version,Sec-CH-UA-Model,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Mobile
access-control-allow-methods
POST, GET, OPTIONS
content-type
image/gif;charset=utf-8
access-control-allow-origin
*
access-control-allow-headers
Cache-Control, Pragma, *
content-length
43
usermatch.gif
beacon.krxd.net/ Frame 3CDC
Redirect Chain
  • https://gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
  • https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=-hsS8HEUS-onjwpVFBwSccblFBxpqstz
0
336 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=-hsS8HEUS-onjwpVFBwSccblFBxpqstz
Protocol
H2
Server
35.155.33.79 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS
ec2-35-155-33-79.us-west-2.compute.amazonaws.com
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
en-AU,en;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36

Response headers

x-served-by
beacon-n017-pdx-prod.krxd.net
date
Thu, 13 Apr 2023 01:35:27 GMT
cache-control
private, no-cache, no-store
x-request-time
D=46 t=1681349727
p3p
policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

Redirect headers

location
https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=-hsS8HEUS-onjwpVFBwSccblFBxpqstz
date
Thu, 13 Apr 2023 01:35:27 GMT
cache-control
private, max-age=0, no-cache, no-store, must-revalidate
strict-transport-security
max-age=31536000; preload;
server
Kestrel
server-processing-duration-in-ticks
1025517
content-length
0
collect
www.google-analytics.com/g/ 		0
54 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/g/collect?v=2&tid=G-L05E6552YD&gtm=45je34a0&_p=1208645477&gcs=G111&cid=822057581.1681349723&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&dt=RoomSelection&dl=https%3A%2F%2Fwww.book-secure.com%2Findex.php%3Fs%3Dresults%26property%3Dnzauc11094%26arrival%3D2023-04-13%26departure%3D2023-04-14%26adults1%3D2%26children1%3D0%26locale%3Den_GB%26currency%3DNZD%26stid%3Dxd9mil2mz&sid=1681349723&sct=1&seg=0&_s=2
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-L05E6552YD&l=dataLayerFB&cx=c
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.194.138 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
si-in-f138.1e100.net
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer
https://www.book-secure.com/
accept-language
en-AU,en;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.146 Safari/537.36
Content-Type
text/plain;charset=UTF-8

Response headers

pragma
no-cache
date
Thu, 13 Apr 2023 01:35:28 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.book-secure.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain
ads.stickyadstv.com
URL
https://ads.stickyadstv.com/user-registering?dataProviderId=434&userId=k-86Lq5CFaueeaIncn3g2lBFO_e3Fy8iEULW-PaA

Verdicts & Comments Add Verdict or Comment

54 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 boolean| credentialless function| $ function| jQuery function| jsSHA object| NO_JQUERY function| pm object| SeamlessBase function| SeamlessConnection function| seamlessOpenFallback function| seamless function| moment function| _ undefined| Cookies object| PaymentFrameManager function| ES6Promise object| Stickyfill object| $fb object| fastbooking object| base64 function| QuotationService function| QuotationFactory function| DaysPeriod function| MultiquotationRequester string| fbFrontVersion function| EventEmitter function| PromiseCache function| FlowController function| QuotationLoader function| Cldr function| Globalize2 function| Globalize object| appContext object| sessionContext object| _locales object| _languages_en_GB object| _i18n_locale_en_GB object| runtimeContext object| _currencies function| bugsnag object| dataLayerFB object| fbtracker object| google_tag_manager function| postscribe object| google_tag_manager_external object| google_tag_data object| dataLayer function| gtag object| gaGlobal function| taq object| om_app_pix object| criteo_q

79 Cookies

Domain/Path Name / Value
.book-secure.com/ Name: FbTrackID
Value: 093a669f9f85e3ebe106ed10eeb3e6ec82b71417
.book-secure.com/ Name: _gcl_au
Value: 1.1.1277302390.1681349723
www.book-secure.com/ Name: PageCount
Value: 1
.book-secure.com/ Name: _ga
Value: GA1.1.822057581.1681349723
.book-secure.com/ Name: _ga_L05E6552YD
Value: GS1.1.1681349723.1.0.1681349723.0.0.0
.yieldoptimizer.com/ Name: fbh0
Value: %7B%7D
.yieldoptimizer.com/ Name: gcma
Value: %7B%22t%22%3A0%2C%22o%22%3Afalse%7D
.yieldoptimizer.com/ Name: rmxc
Value: %7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D
.yieldoptimizer.com/ Name: cktst
Value: 824312393
.book-secure.com/ Name: _ga_75BS2DG1WC
Value: GS1.1.1681349723.1.0.1681349723.0.0.0
.yieldoptimizer.com/ Name: ckid
Value: 4013174000233
.yieldoptimizer.com/ Name: ph
Value: %7B%22p%22%3A%5B1025%2C1490%2C1203%2C1476%2C39%2C1305%2C1034%2C1084%2C1022%5D%2C%22t%22%3A%5B125161%2C125161%2C125161%2C125161%2C125161%2C125161%2C125161%2C125161%2C125161%5D%7D
.adsrvr.org/ Name: TDID
Value: d69aad9d-2b18-4670-923c-d9e9dc4211bb
.adaraanalytics.com/ Name: ckid
Value: 4013174000233
.adaraanalytics.com/ Name: aackid
Value: 4013174000233
.adsrvr.org/ Name: TDCPM
Value: CAEYBSABKAIyCwi61K3VwvLdOxAFOAE.
.rlcdn.com/ Name: pxrc
Value: CAA=
.book-secure.com/ Name: FPID
Value: FPID2.2.aFLDNAquS09Ni7a2oa1fp3HKdbluFvcWatRaB4ZisnU%3D.1681349723
.krxd.net/ Name: _kuid_
Value: Pffo1IbT
.book-secure.com/ Name: FPLC
Value: JszXdOMpH%2F8vneZydDy4S8y1qt7rQK191MmMjpXK9xWhmBL68RFx7t%2FmyXhzHJciawb8coQ4mZxeKaztrk%2BPguLZR8tLd7VFPEXTaOZYkiNC%2BuSUfYm9TZOpCQ1SbA%3D%3D
.yahoo.com/ Name: A3
Value: d=AQABBFxcN2QCEK3SwIGatkXnz0OFLkvI0hcFEgEBAQGtOGRBZA38xiMA_eMAAA&S=AQAAArNDUvuk2j5Uc2qjDVVmAko
.criteo.com/ Name: uid
Value: db974642-63d2-4361-a2b9-8c16d024e8c2
.demdex.net/ Name: demdex
Value: 21852562605878313690118515380638239631
.www.tamgrt.com/ Name: RT
Value: %1%enc%3AKvxbXN8MBpLpfFnIA39qX5qK60tSNzSaGO7n4obHp2s6L9jN7vFSYLMkqwuYiFw8Nox8JbUSTxk%3D
.book-secure.com/ Name: cto_bundle
Value: 22xa4F9sS29NZiUyQlRDem9JVU1hZXZCYUklMkI1YyUyRmhXU2RFSXptT01lcHBiaHExYUVUdEVhM20zbG43YUFEeDJKVFRZVWhvWCUyQjdnMXhpZW9IVVVINndMTENRajJmVyUyRnIxdm10dlJoUmx1VUgxbUU1U3JFRDBwNDJYM1BZRGElMkYlMkZ6a2NBcU5kZTROOWVKWWZIak4xY29UcDU4T1padyUzRCUzRA
sync.srv.stackadapt.com/ Name: sa-user-id
Value: s%3A0-a5761431-3037-5369-5d5d-0826679db0b6.SoPSHIgPpLKKtlIdIJievBTYjhHcCniQBTpfZq%2FnOBo
sync.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ApXYUMTA3U2ldXQgmZ52wtq310YE.CqHgciRKlnO%2Bz31r5rrEgUTv6LASl7IUsWUCUOinHiA
.srv.stackadapt.com/ Name: sa-user-id-v2
Value: s%3ApXYUMTA3U2ldXQgmZ52wtq310YE.CqHgciRKlnO%2Bz31r5rrEgUTv6LASl7IUsWUCUOinHiA
.dpm.demdex.net/ Name: dpm
Value: 21852562605878313690118515380638239631
.turn.com/ Name: uid
Value: 3616751845844541815
.yieldoptimizer.com/ Name: dph
Value: %7B%22t%22%3A%5B125161%2C125161%2C125161%2C125161%2C125161%5D%2C%22dp%22%3A%5B8064%2C3209%2C6729%2C4889%2C5530%5D%7D
.doubleclick.net/ Name: IDE
Value: AHWqTUlZTURbLQq7Y5tC1LNh65DectIyW-1-kGEReDd6HsAqP9UEQnA2Uo6YpcfxOAM
.analytics.yahoo.com/ Name: IDSYNC
Value: "19ak~2b21:18zh~2b21"
.rlcdn.com/ Name: rlas3
Value: ywf+gxS3I752Q+kLNdB+Ng1gLokemUfzxKbJ/ZMWyTw=
.3lift.com/ Name: tluid
Value: 3866568121033478879141
match.sharethrough.com/ Name: AWSALBCORS
Value: VCv1lUjxfVsRWqPaHjT/tgANHa4W4HiPC9jY8Ie62saNsp70apbEv73GkY8by6IPwa+xSdV895eqEUuD+dIPeiYOO5opUQ9O0bgGeW2+4tBsMqo7iE5fVFkstVMD
.sharethrough.com/ Name: stx_user_id
Value: a7d75085-b64c-43df-8a39-fc75ca315192
.bidswitch.net/ Name: tuuid
Value: 76969995-6fdc-49bd-a6c1-57e81f0172f0
.bidswitch.net/ Name: c
Value: 1681349726
.rubiconproject.com/ Name: khaos
Value: LGEG7SC5-1H-3XCX
.rubiconproject.com/ Name: audit
Value: 1|p05fsr5vXpMq6aNqhOtBwKc1zmld7wh1BnpQEucTiJq1Mnm1d2tbLVtWLEY94Jyw2PSGKu0utkQwHTRO1/p4iCck1N7K9KkV0dqlR5NoluSCD9zFQIvrTeSgmdmb6mhPX6hG00H5d6s50ztuDYod3bIxSrcJzQMZB1AYzEB+kmh16h2LKXkYaJDy+KCnXKr4N6JXMcYuiJM=
.media.net/ Name: visitor-id
Value: 3243513266832124000V10
.media.net/ Name: data-c-ts
Value: 1681349726
.media.net/ Name: data-c
Value: k-7Pj1-CFaueeaIncn3g2lBFO_e3H8RafxEB9IMQ~~3
.adnxs.com/ Name: anj
Value: dTM7k!M4/rCxrEQF']wIg2GVVo3%=c!]tbPl@/D!9hy6]/Cr+fkB/)Rip1lb5+[h?331C@m)lAhgx.HFk[CDUdsrjIeVUGdC2^cFb-r>?*bpRz*qF1`*bck<+ieVJ
.bidswitch.net/ Name: tuuid_lu
Value: 1681349727
.adnxs.com/ Name: uuid2
Value: 2996160313344722838
.teads.tv/ Name: tt_viewer
Value: 47da199f-e690-448e-b38a-fa44fab10287
.smartadserver.com/ Name: pid
Value: 1508239360558047040
.smartadserver.com/ Name: TestIfCookieP
Value: ok
.smartadserver.com/ Name: csync
Value: 79:k-3_QJyiFaueeaIncn3g2lBFO_e3EatJtVQVTpSA
.bluekai.com/ Name: bkdc
Value: phx
.bluekai.com/ Name: bkpa
Value: KJpEnXTLu5DlLMxy1BxFgLhn+Mzruik/nY3onYNmnzo1LxtyB1QpE0NmEMctEwPvi6hpYGy1gWQB39p/vFUHpE1+OQeWUORg
.bluekai.com/ Name: bku
Value: uUW99a2zBtEVNc/Q
.taboola.com/ Name: t_gid
Value: ce94f477-c693-4b53-8976-4dbf38e1770c-tuctb30e1df
.socdm.com/ Name: SOC
Value: ZDdcX8Co5sAAAC-sVz8AAAAA
.dable.io/ Name: uid
Value: 46890425.1681349727811
.bing.com/ Name: MUID
Value: 3076EF1997926E7B2837FDEB96A06F2A
.c.bing.com/ Name: MR
Value: 0
.360yield.com/ Name: tuuid
Value: e61e00c8-42c3-418e-82fb-f865cfce1f5e
.360yield.com/ Name: tuuid_lu
Value: 1681349727
.adingo.jp/ Name: criteo_dsp
Value: k-si8Z0CFaueeaIncn3g2lBFO_e3HdO8M37-cpQg
.360yield.com/ Name: um
Value: !38,e1ZTuKsjJ5NGNXJnMxgzPNwpGvJKQeZW9V2HiMSj5sAny9W7QC..ebpEx3jiys8B22CnhfIf,1689125728
.360yield.com/ Name: umeh
Value: !38,0,1743557728,-1
.casalemedia.com/ Name: CMID
Value: ZDdcYNGB6Mmbh42nQVKoSQAA
.casalemedia.com/ Name: CMPS
Value: 4721
.casalemedia.com/ Name: CMPRO
Value: 4721
.pubmatic.com/ Name: KRTBCOOKIE_97
Value: 3385-uid:k-iKxXRSFaueeaIncn3g2lBFO_e3GlIJUdQ8z39g&KRTB&23144-uid:k-iKxXRSFaueeaIncn3g2lBFO_e3GlIJUdQ8z39g&KRTB&23286-uid:k-iKxXRSFaueeaIncn3g2lBFO_e3GlIJUdQ8z39g&KRTB&23287-uid:k-iKxXRSFaueeaIncn3g2lBFO_e3GlIJUdQ8z39g
.pubmatic.com/ Name: PugT
Value: 1681349726
exchange.mediavine.com/ Name: mv_tokens
Value: %7B%22mv_uuid%22%3A%22788a6f10-d99b-11ed-bbfa-fd9faa1679ca%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: mv_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%22788a6f10-d99b-11ed-bbfa-fd9faa1679ca%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens
Value: %7B%22mv_uuid%22%3A%22788a6f10-d99b-11ed-bbfa-fd9faa1679ca%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: am_tokens_eu-v1
Value: %7B%22mv_uuid%22%3A%22788a6f10-d99b-11ed-bbfa-fd9faa1679ca%22%2C%22version%22%3A%22eu-v1%22%7D
exchange.mediavine.com/ Name: criteo
Value: %7B%22id%22%3A%22k-BNaBCSFaueeaIncn3g2lBFO_e3F43aSAhcd_-w%22%2C%22version%22%3A%22criteo%22%7D
.yieldmo.com/ Name: yieldmo_id
Value: 3cZak7a11SavI0x535uo%7C1681344000000%7C0
.ads.yieldmo.com/ Name: ptrcriteo
Value: k-UIgDJiFaueeaIncn3g2lBFO_e3GPxTQUSKCT8g
.aralego.com/ Name: sspid
Value: 3e393a08-1b15-39a3-8c3a-217f90b2bb93
.smaato.net/ Name: SCM
Value: 99e09943
.smaato.net/ Name: SCM1001851
Value: 99e09943

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ade.clmbtech.com
adgen.socdm.com
ads.stickyadstv.com
adx.dable.io
ajax.aspnetcdn.com
beacon.krxd.net
c.bing.com
cdn.aralego.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
contextual.media.net
criteo-sync.teads.tv
cs.adingo.jp
d.turn.com
d2wy8f7a9ursnm.cloudfront.net
dis.criteo.com
dl1rqkcy7hk6s.cloudfront.net
dpm.demdex.net
eb2.3lift.com
exchange.mediavine.com
googleads.g.doubleclick.net
gum.criteo.com
ib.adnxs.com
idsync.rlcdn.com
match.adsrvr.org
match.sharethrough.com
pixel.rubiconproject.com
r.casalemedia.com
rtb-csync.smartadserver.com
s.ad.smaato.net
secure.adnxs.com
servertags.book-secure.com
sessions.bugsnag.com
simage2.pubmatic.com
sslwidget.criteo.com
static.criteo.net
static.tacdn.com
sync-criteo.ads.yieldmo.com
sync-t1.taboola.com
sync.aralego.com
sync.outbrain.com
sync.srv.stackadapt.com
tag.adaraanalytics.com
tag.yieldoptimizer.com
tags.bluekai.com
tg.socdm.com
tracker.book-secure.com
tracker.d-edgeconnect.media
ups.analytics.yahoo.com
www.book-secure.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.tamgrt.com
x.bidswitch.net
ads.stickyadstv.com
103.254.153.160
104.254.151.60
104.254.151.68
104.69.166.9
104.76.128.61
106.10.236.147
117.18.232.200
124.146.215.3
13.107.238.71
13.215.213.239
13.250.217.72
139.5.84.243
141.226.229.48
142.250.4.97
142.251.12.103
142.251.12.157
151.101.2.83
172.217.194.138
172.67.71.254
178.250.1.9
18.143.106.89
182.161.73.129
182.161.73.136
182.161.73.146
184.50.85.132
184.51.137.72
184.51.96.11
202.241.208.57
204.79.197.200
23.106.127.164
34.102.245.175
34.216.93.162
35.155.33.79
35.190.20.9
35.190.60.146
35.190.88.7
35.213.12.39
35.71.131.137
43.200.197.177
50.116.239.135
52.223.2.229
52.57.134.122
52.74.143.140
52.77.91.205
54.64.172.71
54.80.169.87
65.9.17.73
65.9.170.136
65.9.170.96
66.225.223.95
67.199.150.86
69.173.158.64
74.125.130.156
74.125.24.121
76.223.28.122
0190e297eab669333f9623f55df05446df929410ac7826b5754981a2c386ab14
03bf371e3ca4739cfe6bea61f0126b7cbb94e4713e970651f9acd5acb3d9e399
07a3d82dcd9c1534f80a5651484ee2d9eb8fe9ccc108e10c7312f79152582f33
09f71f365f7e34f5e4fd16876912b057ee189d0c8bf4e05edfb838277bd26a46
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ba7c0356149946bf0642fab4ef85b95e7090f6f785d0fb84323d0c442e5190a
13c02c2cc512bde38c2801cb35899632d368edcf627e6e8c4b5f638bc49f5008
1b9bf1dd060dfd2f5c6d9946d026e7c20fec970bfd633447ce584b83f89ea446
1bb03826b26326516a3f4c9a9b39f03e3000a4828f91a75e1dfc88c2269af5ed
2516e006f9ab8582f0f936e0b2bb1922772208bc657cdb9bcf1c9e44b238c269
26a1a5b524c374c4f0ce4ccdf223364da8e0436155855c3676e4fa59d881fbd8
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2adefcbc041e7d18fcf2d417879dc5a09997aa64d675b7a3c4b6ce33da13f3fe
2c95f4f25e28459d41620f0cc995d299b9ed5c4cf6e5f6da8d5f3976afdb5bfc
2f8caa2e30755760ff544be56f46aed00b81e4515501b548689eb6ae5fdc28e4
31bf6458f953b4abe9a10ee25b9c97d0bb28ac46bd04df19e93da1d7114413e7
3202ba1cb0ab2ebf8eeb0caebf6fa6ba681b5575c48b2f314f345d82eedaaac2
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
388dcdf7308a69b0e8bf6ad917397c94951709c3fb126b06706a0fe83317402a
389bd2b091e133afcb997084e52483550841c62c4afd3f3c46c2119005886edf
3e6dac4313c59e4fc8e6871cb930fed6b354249cacfb3df422f43992b8bbe070
45fd402a92ae1ab8ee75a7b76d4e304719ca71b790be620857301ecc54f0f058
461e481155648c6ac24cb3392d42c526fdb366aa486f92744923c082089904db
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4ba04b8dc27dc999b90df7786a1e8657491fc90c3a29c98bc98c45cafba0a925
4ca74ff3599f36c3eec4753c85fbb38cd23b062293affbad58eb23efac82bc90
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4ee4197ae3e7bac4347e8443d7e264781c7d154e24d27da0eec14b9d4bfc1d61
506a9b297902612afaccbf54b291b2f96b4ee889e652dcf1861deef530848be6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5c2f6c5d5cd0fe0ecfa24b844f841c8a73d8baaafb827ec413afa41335aa1c47
6019c3c9e47dc991f8d9937deafbb0740c2e61e321324798cb508773b0814824
63ef318d96b5d0d0ceba6e04a4e622b1158335cdc67c49e27839132c6f655058
668ae615713ef1fc88fc0176435b3767622a9bd2b1563caebb9813cd7ba2cee1
68e1cf3cb18df17e9b12268fb9500f0fa691000553a6e39b30180a9eef4d6e92
69d2494dd0be194d024c475e657376cf176d0b4ad24e383a1363775ff8947e73
6d1eadaea40a2f254cd8467e61254c36f506788d237ab6cb64cb575a5b7aab0a
6e75cb16fc5bfff8a28e0aaee2a62fb33fb88018ca953a62d93bb0b0205d3800
6fba0c66d6215f3c2d5308b63dcb46041de4e1b7a7c55ac15260e7d6667e6bb9
701d63e90c9c980dcbffda20de9ab9e47c7bf5579a9d2c6debd71e09b878d2bc
7705fee13417229d718f14947e9860d5bb2b25bd15c9f5cd834f2545c7bad0a6
77bf60e84e126d1609cc0a302c3953dc25ae054aaee3514d04a4726d4f2609fe
799aeb25cc0373fdee0e1b1db7ad6c2f6a0e058dfadaa3379689f583213190bd
7ba2507f485bd0e1ed2d1b0d7683dbe470fd555c6953242428a72b7646168cd0
871a4e53f9ec007be588f0c7e4590ccca33dd89e479429d821f20d202718bd39
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
8c10c3b4bb217475a24d0976a898fccd3a4c2f00a4a5eb93c611195397cd77cb
954f8e8fe6d2d96972b35ab3b4fe82b4bc7945604c57299a023908692db367a1
9952a30b9a387936a4f1364b68948b581b2d109f29f8062b026d896e7a233dd1
99c2917ee5b2a01459a923bdd1c676f15ee73b62b87f696e6735312d26f51e12
99f8e23d7d8856a2d92401c3435735b3ff45e8058b4af33068982cdcd99421c0
9a7fee6f50e70ed71a3e31d51b3ee2142b24b8e1f79d95a8efc39e45f746acdc
a3c57ffd8e5b6d386a2403fbf184a8e0e750e31f92bba5bef4da6a4d03fb0a7e
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
a8270a5634e53e65560dd3b1d763ceec542616242ac662f0a0e0aa162de8cc5e
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b09a581bc29f4bdbe66bef5c69b90cc1a003e849e2f7706f47a9f0c5f5a6860e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b606b08990cfed29e29ca4d86620ea64ccf28320276a124b3bf8443d57e324f2
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
bcc0a6076bad1853f8333fa76f49925410261067869878276bebd563b4142889
bee03adda8934ac807fd55b056623374cae6d25cbd975de3191cdcff31b0dbec
c3106f827a8886ebb557e77aecf868550765fa0977190def7d5a6ff9871c3a0f
c4efa8945984481ad8a6b92aebc2a33b6b3720e4c90cf37e3d41379fb1bd5541
c7dfde47413fead32b1f5919178e734773aebad164c0e28b49f61c55e6336a1b
cc0e716595a20cd577f4cba25c11b4b54d92311f5f4bf22b992af281cabbc0c7
d09fcb259e131cb25657dd6b0f722727dfdeb1e577b6e48d3c84ca8e2338fc9c
d16b79ab6505e8f1c057d01e76a6580196ebc0530550bd23d686c0d7beb8bb38
d4813b496d2085ebf1ce161171f6887b0fd305476b696aacb0e85f4252d5a316
dcb3cb25c7e4552511d9401edb62bb185547d041487c7200a5a2d483fd2ac9d5
dcfab92c44a1ba3a26c85bd7119ca7e53b4870491e73003859aea16fa48cad34
def95d717b5ced4735ab7c2bc05da80e45b400b8a92f935614afcddd8195a9c1
e082e916148e753edf9e29e9dd934646e1ae7f2a1d87457aa4ed4f095428bbe1
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e64954dc34e12c7190cc2338a54b07644ff0f102aa71cc7209bcbb49c3009f7c
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629