book.rwgenting.com Open in urlscan Pro
170.33.9.200 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1...
Submission Tags: falconsandbox
Submission: On January 14 via api (January 14th 2022, 9:47:18 am UTC) from US — Scanned from DE

Summary HTTP 108 Redirects Links 71 Behaviour Indicators

Summary

This website contacted 21 IPs in 6 countries across 16 domains to perform 108 HTTP transactions. The main IP is 170.33.9.200, located in Singapore and belongs to ASEPL-AS-AP Alibaba.com Singapore E-Commerce Private Limited, SG. The main domain is book.rwgenting.com.
TLS certificate: Issued by DigiCert SHA2 Secure Server CA on February 18th 2020. Valid for: 2 years.

This is the only time book.rwgenting.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
10	170.33.9.200 170.33.9.200	134963 (ASEPL-AS-...) (ASEPL-AS-AP Alibaba.com Singapore E-Commerce Private Limited)
29	163.181.56.170 163.181.56.170	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
3	2a00:1450:400... 2a00:1450:4001:82b::2008	15169 (GOOGLE) (GOOGLE)
8	79.133.177.227 79.133.177.227	24429 (TAOBAO Zh...) (TAOBAO Zhejiang Taobao Network Co.)
6	2a00:1450:400... 2a00:1450:4001:809::200e	15169 (GOOGLE) (GOOGLE)
7	151.101.2.133 151.101.2.133	54113 (FASTLY) (FASTLY)
1	142.250.181.226 142.250.181.226	15169 (GOOGLE) (GOOGLE)
2 5	142.250.186.102 142.250.186.102	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f02... 2a03:2880:f02d:100:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
3	18.66.248.117 18.66.248.117	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82f::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:401... 2a00:1450:4019:809::2002	15169 (GOOGLE) (GOOGLE)
6	2a03:2880:f12... 2a03:2880:f12d:181:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	99.80.155.235 99.80.155.235	16509 (AMAZON-02) (AMAZON-02)
3	54.169.1.172 54.169.1.172	16509 (AMAZON-02) (AMAZON-02)
1 1	104.90.192.27 104.90.192.27	16625 (AKAMAI-AS) (AKAMAI-AS)
8	54.71.47.92 54.71.47.92	16509 (AMAZON-02) (AMAZON-02)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2 2	18.185.252.3 18.185.252.3	16509 (AMAZON-02) (AMAZON-02)
2 2	3.67.18.150 3.67.18.150	16509 (AMAZON-02) (AMAZON-02)
1 2	3.126.56.137 3.126.56.137	16509 (AMAZON-02) (AMAZON-02)
108	21

10 170.33.9.200 (Singapore)

ASN134963 (ASEPL-AS-AP Alibaba.com Singapore E-Commerce Private Limited, SG)

book.rwgenting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 163.181.56.170 (Frankfurt am Main, Germany)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

cdn.book.rwgenting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 79.133.177.227 (Russian Federation)

ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN)

cdn.rwgenting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:809::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 151.101.2.133 (United States)

ASN54113 (FASTLY, US)

cdn.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consumer.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 142.250.186.102 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s06-in-f6.1e100.net

6541830.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
8661995.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f02d:100:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 18.66.248.117 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-248-117.dus51.r.cloudfront.net

cdn.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82f::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4019:809::2002 (Ireland)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a03:2880:f12d:181:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.80.155.235 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-155-235.eu-west-1.compute.amazonaws.com

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.169.1.172 (Singapore, Singapore)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-169-1-172.ap-southeast-1.compute.amazonaws.com

tr.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.90.192.27 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-90-192-27.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 54.71.47.92 (Boardman, United States)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-71-47-92.us-west-2.compute.amazonaws.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 18.185.252.3 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-185-252-3.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.67.18.150 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-67-18-150.eu-central-1.compute.amazonaws.com

pixel.advertising.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.126.56.137 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

ups.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
47	rwgenting.com book.rwgenting.com cdn.book.rwgenting.com cdn.rwgenting.com	2 MB
14	brand-display.com cdn.brand-display.com — Cisco Umbrella Rank: 56681 tr.brand-display.com — Cisco Umbrella Rank: 55480 dmp.brand-display.com — Cisco Umbrella Rank: 1461	62 KB
9	doubleclick.net 2 redirects 6541830.fls.doubleclick.net googleads.g.doubleclick.net — Cisco Umbrella Rank: 44 stats.g.doubleclick.net — Cisco Umbrella Rank: 78 8661995.fls.doubleclick.net	5 KB
8	krxd.net cdn.krxd.net — Cisco Umbrella Rank: 1035 consumer.krxd.net — Cisco Umbrella Rank: 1378 beacon.krxd.net — Cisco Umbrella Rank: 356	177 KB
6	facebook.com www.facebook.com — Cisco Umbrella Rank: 88	850 B
6	google.com www.google.com — Cisco Umbrella Rank: 8 adservice.google.com — Cisco Umbrella Rank: 69	1 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 33	20 KB
4	google.de www.google.de — Cisco Umbrella Rank: 6151	870 B
4	facebook.net connect.facebook.net — Cisco Umbrella Rank: 126	287 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 62	134 KB
2	yahoo.com 1 redirects ups.analytics.yahoo.com — Cisco Umbrella Rank: 249	841 B
2	advertising.com 2 redirects pixel.advertising.com — Cisco Umbrella Rank: 293	731 B
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 254	1 KB
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 316	274 B
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 402	784 B
1	googleadservices.com www.googleadservices.com — Cisco Umbrella Rank: 97	15 KB
108	16

	Domain	Requested by
29	cdn.book.rwgenting.com	book.rwgenting.com cdn.book.rwgenting.com
10	book.rwgenting.com	book.rwgenting.com cdn.book.rwgenting.com
8	dmp.brand-display.com
8	cdn.rwgenting.com	book.rwgenting.com
6	www.facebook.com	book.rwgenting.com
6	www.google-analytics.com	book.rwgenting.com www.google-analytics.com
5	cdn.krxd.net	book.rwgenting.com cdn.krxd.net
4	www.google.de	book.rwgenting.com
4	www.google.com	book.rwgenting.com
4	connect.facebook.net	book.rwgenting.com connect.facebook.net
3	tr.brand-display.com	cdn.brand-display.com
3	cdn.brand-display.com	book.rwgenting.com cdn.brand-display.com
3	6541830.fls.doubleclick.net	1 redirects www.googletagmanager.com book.rwgenting.com
3	www.googletagmanager.com	book.rwgenting.com www.googletagmanager.com
2	ups.analytics.yahoo.com	1 redirects
2	pixel.advertising.com	2 redirects
2	x.bidswitch.net	2 redirects
2	8661995.fls.doubleclick.net	1 redirects book.rwgenting.com
2	adservice.google.com	6541830.fls.doubleclick.net 8661995.fls.doubleclick.net
2	consumer.krxd.net	cdn.krxd.net
2	stats.g.doubleclick.net	www.google-analytics.com
2	googleads.g.doubleclick.net	www.googleadservices.com
1	us-u.openx.net
1	tags.bluekai.com	1 redirects
1	beacon.krxd.net	cdn.krxd.net
1	www.googleadservices.com	www.googletagmanager.com
108	26

This site contains links to these domains. Also see Links.

Domain
www.rwgenting.com
www.rwlangkawi.com
www.rwkijal.com
www.gentingskyworlds.com
www.owg.com.my
gicc.streetview.my
www.met.gov.my
www.gentingmalaysia.com
www.rwawana.com
www.resortsworldtours.com

Subject Issuer	Validity	Valid
book.rwgenting.com DigiCert SHA2 Secure Server CA	`2020-02-18` - `2022-02-27`	2 years	crt.sh
cdn.book.rwgenting.com DigiCert SHA2 Secure Server CA	`2020-08-10` - `2022-08-16`	2 years	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
cdn.rwgenting.com DigiCert SHA2 Secure Server CA	`2020-04-08` - `2022-04-08`	2 years	crt.sh
cdn.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-12-30` - `2022-12-29`	a year	crt.sh
www.googleadservices.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-10-23` - `2022-01-21`	3 months	crt.sh
brand-display.com Amazon	`2021-06-13` - `2022-07-12`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-11-29` - `2022-02-21`	3 months	crt.sh
www.google.de GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
consumer.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-07-13` - `2022-07-12`	a year	crt.sh
*.google.com GTS CA 1C3	`2021-12-08` - `2022-03-02`	3 months	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-11-03` - `2022-11-02`	a year	crt.sh
*.knorex.com Amazon	`2021-12-10` - `2023-01-08`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2021-07-08` - `2022-08-08`	a year	crt.sh

This page contains 5 frames:

Primary Page: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
Frame ID: 6A7DA5964EBEFD522B0C55F72BB2C074
Requests: 99 HTTP requests in this frame

Frame: https://6541830.fls.doubleclick.net/activityi;dc_pre=CKft9v76sPUCFTxFHQkdYQAOBw;src=6541830;type=b_ctr;cat=fl_rw007;ord=9240957102110;gtm=2wg1c0;auiddc=1062555807.1642153631;ps=1;~oref=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3
Frame ID: 9527E9180B6CB03308D7D58F16CB91CF
Requests: 2 HTTP requests in this frame

Frame: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Frame ID: B173FB59E330AA0A8E4DA02EC0A0134D
Requests: 4 HTTP requests in this frame

Frame: https://cdn.brand-display.com/tr/tag/cfix.html?key=b90894f9b1582df507297d968da7fecece37d93
Frame ID: 121D3C931AF80400C078D4F265455679
Requests: 1 HTTP requests in this frame

Frame: https://8661995.fls.doubleclick.net/activityi;dc_pre=CNWmxv_6sPUCFY5EHQkd6SAMqg;src=8661995;type=remar0;cat=rwg_g0;u1=;u2=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8077691907101.816
Frame ID: 3E3EAE8F13879653E93B0E69C8521126
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Resorts World Genting Resorts World - Gentings

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Microsoft ASP.NET (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

\.aspx?(?:$|\?)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

FingerprintJS (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

fingerprint(\d)?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery-ui.*\.js

Page Statistics

108
Requests

98 %
HTTPS

38 %
IPv6

16
Domains

26
Subdomains

21
IPs

6
Countries

2395 kB
Transfer

5566 kB
Size

39
Cookies

71 Outgoing links

These are links going to different origins than the main page.

URL: https://www.rwgenting.com/home/

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Hotels/
Title: Hotels

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Hotels/Crockfords/
Title: Crockfords

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Hotels/Genting_Grand/
Title: Genting Grand

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Hotels/HighlandsHotel/
Title: Highlands Hotel

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Hotels/Resort_Hotel/
Title: Resort Hotel

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Hotels/Genting_SkyWorlds_Hotel/
Title: Genting SkyWorlds Hotel

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Hotels/First_World_Hotel/
Title: First World Hotel

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Hotels/Awana/
Title: Resorts World Awana

Search URL Search Domain Scan URL

URL: https://www.rwlangkawi.com/
Title: Resorts World Langkawi

Search URL Search Domain Scan URL

URL: https://www.rwkijal.com/
Title: Resorts World Kijal

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Casino/
Title: Casinos

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/casino/highlights/
Title: Highlights

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Casino/Sky_Casino/
Title: SkyCasino

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Casino/SkyCasino_Premium_Gaming/
Title: SkyCasino Premium Gaming

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Casino/Genting_Casino/
Title: Genting Casino

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Casino/Genting_Club/
Title: Genting Club

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Casino/Gaming_Guide/
Title: Gaming Guide

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Casino/Responsible_Gaming/
Title: Responsible Gaming

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Casino/FAQ/
Title: FAQ

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Things_To_Do/
Title: Things to do

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Things_To_Do/Attractions/
Title: Attractions

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Things_To_Do/Shopping/
Title: Shopping

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Things_To_Do/Dining/
Title: Dining

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Things_To_Do/Nightlife/
Title: Nightlife

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Things_To_Do/Leisure/
Title: Leisure

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/gettinghere/awanaskyway/
Title: Awana SkyWay

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Entertainment/
Title: Entertainment

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Entertainment/Show_And_Events/
Title: Shows & Events

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Entertainment/Bona_Cinemas/
Title: Bona Cinemas

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Theme_Parks/
Title: Theme Parks

Search URL Search Domain Scan URL

URL: https://www.gentingskyworlds.com/
Title: Genting SkyWorlds Theme Park

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Theme_Parks/Skytropolis/
Title: Skytropolis Indoor Theme Park

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Theme_Parks/BigTop_Video_Game_Park/
Title: BigTop Video Games Park

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Theme_Parks/SnowWorld/
Title: SnowWorld

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Theme_Parks/Genting_Bowl/
Title: Genting Bowl

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Theme_Parks/Vision_City_Video_Games_Park/
Title: Vision City Video Games Park

Search URL Search Domain Scan URL

URL: http://www.owg.com.my/ripleys-believe-not/
Title: Ripley’s Adventureland

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Theme_Parks/SkyVR/
Title: Sky VR

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Theme_Parks/Live-Entertainment/
Title: Live Entertainment

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/MICE/Introduction/
Title: MICE

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/MICE/Meetings/GICC/
Title: Meetings

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/MICE/Packages-Special-Events/
Title: Packages & Special Events

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/MICE/Sleep-in-the-Clouds/
Title: Sleep in the Clouds

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/MICE/Special_Attractions/
Title: Special Attractions

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/MICE/Unique-Customisations/
Title: Unique Customisations

Search URL Search Domain Scan URL

URL: https://gicc.streetview.my/
Title: 360° Virtual Tour

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Hot_deals/
Title: Hot Deals

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/GettingHere/
Title: Getting here

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/gentingrewards/overview/
Title: Genting Rewards

Search URL Search Domain Scan URL

URL: http://www.met.gov.my/forecast/weather/tourist/R010
Title: 17 °

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/?forgot_pin=1
Title: First Time Login

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/?support=1
Title: / Can’t log in

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/?membersupport=1
Title: Get Support Here

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/?signup=1
Title: Not a member? Sign up

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Contact/
Title: Messenger

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Sales_and_Reservation/
Title: Offices

Search URL Search Domain Scan URL

URL: http://www.gentingmalaysia.com/corporate_profile/
Title: About Us

Search URL Search Domain Scan URL

URL: http://www.gentingmalaysia.com/investor_relations/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/careers/GrowWithUs/
Title: Careers

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Disclaimer/
Title: Disclaimer

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/PrivacyPolicy/
Title: Privacy Policy

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/FraudulentAlert/
Title: Fraudulent Alert

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Notice/
Title: Notice

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/uploadedFiles/Content/Home/GENM-ABAC-Policy.pdf
Title: Anti-Bribery and Anti-Corruption Policy

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/uploadedFiles/Content/Home/Whistleblower-Policy-2021.pdf
Title: Whistleblower Policy

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/uploadedFiles/Content/Home/Genting-Roads.pdf
Title: Rules & Regulations: Genting Roads

Search URL Search Domain Scan URL

URL: https://www.rwawana.com/
Title: Resorts World Awana

Search URL Search Domain Scan URL

URL: https://www.resortsworldtours.com/
Title: Resorts World Tours

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/Things_To_Do/Attractions/chinswee/
Title: Chin Swee

Search URL Search Domain Scan URL

URL: https://www.rwgenting.com/?signin=1
Title: Confirm

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 47

https://6541830.fls.doubleclick.net/activityi;src=6541830;type=b_ctr;cat=fl_rw007;ord=9240957102110;gtm=2wg1c0;auiddc=1062555807.1642153631;ps=1;~oref=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3 HTTP 302
https://6541830.fls.doubleclick.net/activityi;dc_pre=CKft9v76sPUCFTxFHQkdYQAOBw;src=6541830;type=b_ctr;cat=fl_rw007;ord=9240957102110;gtm=2wg1c0;auiddc=1062555807.1642153631;ps=1;~oref=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3

Request Chain 85

https://8661995.fls.doubleclick.net/activityi;src=8661995;type=remar0;cat=rwg_g0;u1=;u2=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8077691907101.816 HTTP 302
https://8661995.fls.doubleclick.net/activityi;dc_pre=CNWmxv_6sPUCFY5EHQkd6SAMqg;src=8661995;type=remar0;cat=rwg_g0;u1=;u2=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8077691907101.816

Request Chain 92

https://tags.bluekai.com/site/46117?id=069c425302d2ded623ada622025e7720&limit=1&redir=https%3A%2F%2Fdmp.brand-display.com%2Fcm2%2Fapi%2Fpixel%3Fpartner%3D0004%26pid%3D%24_BK_UUID%26bf%3D069c425302d2ded623ada622025e7720&_t1642153633154 HTTP 302
https://dmp.brand-display.com/cm2/api/pixel?partner=0004&pid=$_BK_UUID&bf=069c425302d2ded623ada622025e7720

Request Chain 94

https://x.bidswitch.net/sync?dsp_id=316&user_id=069c425302d2ded623ada622025e7720&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=316&user_id=069c425302d2ded623ada622025e7720&expires=30 HTTP 302
https://pixel.advertising.com/ups/55859/sync?uid=9f2241f4-1faf-40d5-a42a-a6720e7afa49&_origin=1&gdpr=&gdpr_consent= HTTP 302
https://pixel.advertising.com/ups/55859/sync?uid=9f2241f4-1faf-40d5-a42a-a6720e7afa49&_origin=1&gdpr=&gdpr_consent=&verify=true HTTP 302
https://ups.analytics.yahoo.com/ups/55859/sync?uid=9f2241f4-1faf-40d5-a42a-a6720e7afa49&_origin=1&gdpr=&gdpr_consent=&apid=UPf341d890-751e-11ec-a5e9-06185f11e5ce HTTP 302
https://ups.analytics.yahoo.com/ups/55859/sync?uid=9f2241f4-1faf-40d5-a42a-a6720e7afa49&_origin=1&gdpr=&gdpr_consent=&apid=UPf341d890-751e-11ec-a5e9-06185f11e5ce&verify=true

108 HTTP transactions
0 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request HotelList.aspx Show response
book.rwgenting.com/member2/HotelApp/ 227 KB
56 KB 1922ms
1447ms Document
text/html 170.33.9.200
ASEPL-AS-AP Aliba...

General

Check archive.org

Show headers Download Go to

Full URL

https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.33.9.200 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba.com Singapore E-Commerce Private Limited, SG),

Reverse DNS

Software

/ ASP.NET

Resource Hash

f7c17c5d408b16a711610246f3d2a2659d7570e63827f1833d10d5c45f691792

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

Date: Fri, 14 Jan 2022 09:47:07 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Vary: Accept-Encoding
Cache-Control: private
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
X-XSS-PROTECTION: 1;mode=block
Access-Control-Allow-Origin: *
X-UA-Compatible: IE=11
X-OneAgent-JS-Injection: true
X-ruxit-JS-Agent: true
Content-Encoding: gzip

GET
H/1.1 200
OK ruxitagentjs_ICA2Vfhjqr_10229211201102017.js Show response
book.rwgenting.com/member2/ 202 KB
79 KB 490ms
179ms Script
text/javascript 170.33.9.200
ASEPL-AS-AP Aliba...

General

Check archive.org

Show headers Download Go to

Full URL

https://book.rwgenting.com/member2/ruxitagentjs_ICA2Vfhjqr_10229211201102017.js

Requested by

Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.33.9.200 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba.com Singapore E-Commerce Private Limited, SG),

Reverse DNS

Software

/ ASP.NET

Resource Hash

c19343ba42a4e4d4cc8381824f50d3147d2b46ba79a6b14bbde40b4d95c8b484

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 09:47:08 GMT
Content-Encoding: gzip
Last-Modified: Wed, 03 Mar 2010 07:01:40 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/javascript; charset=utf-8
Access-Control-Allow-Origin: *, *
Expires: Sat, 14 Jan 2023 09:47:08 GMT
Cache-Control: public, max-age=31536000, immutable
Connection: keep-alive
Content-Length: 80345
X-XSS-PROTECTION: 1;mode=block
X-UA-Compatible: IE=11

GET
H2 200 jquery-3.3.1.min.js Show response
cdn.book.rwgenting.com/assets/JavaScript/assets/js/ 85 KB
30 KB 2806ms
1538ms Script
application/javascript 163.181.56.170
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/jquery-3.3.1.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.56.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:29:17 GMT
via: cache20.l2hk71[0,0,304-0,H], cache36.l2hk71[0,0], ens-cache7.de4[1513,1514,200-0,H], ens-cache7.de4[1519,0]
age: 1073
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:9:381352545
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:10 GMT
content-encoding: gzip
content-length: 30442
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:43 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "302594b565bd61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642152557
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 2ff62b1f16421536289765983e

GET
H2 200 rangeslider.min.js Show response
cdn.book.rwgenting.com/assets/JavaScript/assets/js/vendor/ 8 KB
3 KB 2923ms
1655ms Script
application/javascript 163.181.56.170
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/vendor/rangeslider.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.56.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

7b85a02b04b5b57387fca1e766d3478accf8b14142f11cd2665fdd80c890f773

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:11:52 GMT
via: cache13.l2hk71[0,0,304-0,H], cache36.l2hk71[1,0], ens-cache3.de4[1549,1634,200-0,H], ens-cache7.de4[1638,0]
age: 2118
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:8:270494443
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:10 GMT
content-encoding: gzip
content-length: 2703
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:44 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "d2637f4b565bd61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642151512
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 2ff62b1f16421536289765992e

GET
H2 200 popper.min.js Show response
cdn.book.rwgenting.com/assets/JavaScript/assets/js/vendor/ 20 KB
8 KB 2739ms
1471ms Script
application/javascript 163.181.56.170
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/vendor/popper.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.56.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

6acc5eebfc83c2aabc8251d201df3004c6aaf801565a9e7d75196f2ac2b380c7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:29:17 GMT
via: cache7.l2hk71[0,0,304-0,H], cache20.l2hk71[1,0], ens-cache1.de4[1446,1446,200-0,H], ens-cache7.de4[1452,0]
age: 1073
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:9:285627874
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:10 GMT
content-encoding: gzip
content-length: 7266
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:44 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "651b684b565bd61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642152557
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 2ff62b1f16421536289796025e

GET
H2 200 bootstrap.min.js Show response
cdn.book.rwgenting.com/assets/JavaScript/assets/js/ 57 KB
15 KB 2887ms
1619ms Script
application/javascript 163.181.56.170
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/bootstrap.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.56.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

cc47c9a01ef522ca502936e7d59d7c08ae33a04b0352e618e9235cdae911b5a4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:13:38 GMT
via: cache13.l2hk71[0,0,304-0,H], cache18.l2hk71[0,0], ens-cache4.de4[1514,1593,200-0,H], ens-cache7.de4[1599,0]
age: 2012
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:9:211863099
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:10 GMT
content-encoding: gzip
content-length: 14749
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:42 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "af5714a565bd61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642151618
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 2ff62b1f16421536289796029e

GET
H2 200 holder.min.js Show response
cdn.book.rwgenting.com/assets/JavaScript/assets/js/vendor/ 32 KB
12 KB 2816ms
1549ms Script
application/javascript 163.181.56.170
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/vendor/holder.min.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.56.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

89f8a11cde8bfe9354d5942292b01bec29f2301be2b0a1b749401a6f41779155

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:29:17 GMT
via: cache7.l2hk71[0,0,304-0,H], cache31.l2hk71[2,0], ens-cache7.de4[1522,1522,200-0,H], ens-cache7.de4[1529,0]
age: 1073
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:10:380278447
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:10 GMT
content-encoding: gzip
content-length: 11575
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:44 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "9b7aa14b565bd61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642152557
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 2ff62b1f16421536289796030e

GET
H2 200 calendar.full.js Show response
cdn.book.rwgenting.com/assets/JavaScript/assets/js/ 179 KB
38 KB 2865ms
1598ms Script
application/javascript 163.181.56.170
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/calendar.full.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.56.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

8e48ede4b6042c4aee0155ad5009896d35e0ede7614a23bc4757b0085b8226c0

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:29:17 GMT
via: cache21.l2hk71[0,0,304-0,H], cache18.l2hk71[1,0], ens-cache6.de4[1571,1574,200-0,H], ens-cache7.de4[1577,0]
age: 1073
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:9:203174130
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:10 GMT
content-encoding: gzip
content-length: 39101
x-xss-protection: 1;mode=block
last-modified: Wed, 09 Dec 2020 10:07:19 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "8b6a761413ced61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642152557
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 2ff62b1f16421536289795999e

GET
H2 200 calendar.custom.js Show response
cdn.book.rwgenting.com/assets/JavaScript/assets/js/ 10 KB
3 KB 2838ms
1571ms Script
application/javascript 163.181.56.170
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/calendar.custom.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.56.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

6db045d05ad2f199b07a5ae91c6833ca6023e2455d1257c4525514652d184bee

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:13:38 GMT
via: cache34.l2hk71[0,0,304-0,H], cache16.l2hk71[0,0], ens-cache5.de4[1548,1550,200-0,H], ens-cache7.de4[1554,0]
age: 2012
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:8:234393617
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:10 GMT
content-encoding: gzip
content-length: 2186
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:42 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "ea3564a565bd61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642151618
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 2ff62b1f16421536289765986e

GET
H2 200 e-smart-zoom-jquery.js Show response
cdn.book.rwgenting.com/assets/JavaScript/assets/js/ 46 KB
12 KB 2811ms
1544ms Script
application/javascript 163.181.56.170
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/e-smart-zoom-jquery.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.56.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

19f6b7d7d53847ac8a12c35c4a1c4d00c0338b0de9c66c78256d18b433dce49d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:29:17 GMT
via: cache10.l2hk71[0,0,304-0,H], cache2.l2hk71[1,0], ens-cache5.de4[1521,1523,200-0,H], ens-cache7.de4[1527,0]
age: 1073
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:9:233281694
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:10 GMT
content-encoding: gzip
content-length: 12058
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:43 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "f367a44a565bd61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642152557
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 2ff62b1f16421536289765990e

GET
H2 200 genting.js Show response
cdn.book.rwgenting.com/assets/JavaScript/assets/js/ 145 KB
22 KB 2820ms
1553ms Script
application/javascript 163.181.56.170
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/genting.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.56.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

a8a6ad2ebe0ee1ac697c5d4faa59713d1a396e47573236ed51171c532ccae05e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:29:17 GMT
via: cache11.l2hk71[0,0,304-0,H], cache19.l2hk71[1,0], ens-cache8.de4[1524,1526,200-0,H], ens-cache7.de4[1532,0]
age: 1073
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:10:329690532
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:10 GMT
content-encoding: gzip
content-length: 21890
x-xss-protection: 1;mode=block
last-modified: Tue, 10 Nov 2020 02:12:27 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "b32faef6b7d61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642152557
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 2ff62b1f16421536289796007e

GET
H2 200 parallax.js Show response
cdn.book.rwgenting.com/assets/JavaScript/assets/js/ 6 KB
2 KB 2867ms
1600ms Script
application/javascript 163.181.56.170
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/parallax.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.56.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

b15097aa1de678f4c1730b29d5d9b3282fb9f350d65b0db089fc470b223355dd

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:24:52 GMT
via: cache22.l2hk71[0,0,304-0,H], cache32.l2hk71[1,0], ens-cache2.de4[1491,1571,200-0,H], ens-cache7.de4[1577,0]
age: 1338
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:10:292948995
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:10 GMT
content-encoding: gzip
content-length: 1726
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:43 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "1a57fe4a565bd61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642152292
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 2ff62b1f16421536289796008e

GET
H2 200 jquery-ui-jqLoding.js Show response
cdn.book.rwgenting.com/assets/JavaScript/ 6 KB
2 KB 2888ms
1621ms Script
application/javascript 163.181.56.170
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/jquery-ui-jqLoding.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.56.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

b2d9f9172b520a90aa25fa1a3faa3614500563672f12e90a0eae864adeb40c1b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:09:56 GMT
via: cache15.l2hk71[0,0,304-0,H], cache34.l2hk71[1,0], ens-cache10.de4[1516,1599,200-0,H], ens-cache7.de4[1602,0]
age: 2234
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:9:306444979
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:10 GMT
content-encoding: gzip
content-length: 1718
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:39 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "a7303248565bd61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642151396
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 2ff62b1f16421536289796001e

GET
H2 200 sha256.js Show response
cdn.book.rwgenting.com/assets/JavaScript/assets/js/ 18 KB
5 KB 2835ms
1569ms Script
application/javascript 163.181.56.170
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/sha256.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.56.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

cd19986cea50d5c6c624ae11c59a2ec069df3de5fde964d09b4765487e6e7ac5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:29:17 GMT
via: cache11.l2hk71[0,0,304-0,H], cache33.l2hk71[0,0], ens-cache1.de4[1541,1541,200-0,H], ens-cache7.de4[1546,0]
age: 1073
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:10:286504651
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:10 GMT
content-encoding: gzip
content-length: 4432
x-xss-protection: 1;mode=block
last-modified: Mon, 28 Sep 2020 10:19:40 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "331a87e08095d61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642152557
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 2ff62b1f16421536289796016e

GET
H2 200 jquery.modaldialog.js Show response
cdn.book.rwgenting.com/assets/JavaScript/ 11 KB
3 KB 2958ms
1692ms Script
application/javascript 163.181.56.170
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/jquery.modaldialog.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.56.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

2c4499bc3200dc93e2d3aadb3e6307fccb1809e84f176cac60c0ffbe3446f87c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:24:53 GMT
via: cache15.l2hk71[0,0,304-0,H], cache6.l2hk71[0,0], ens-cache4.de4[1587,1669,200-0,H], ens-cache7.de4[1673,0]
age: 1338
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:9:211862160
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:10 GMT
content-encoding: gzip
content-length: 2339
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:38 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "40e7db47565bd61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642152292
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 2ff62b1f16421536289796012e

GET
H2 200 genting.css
cdn.book.rwgenting.com/assets/JavaScript/assets/css/ 388 KB
57 KB 2829ms
1564ms Stylesheet
text/css 163.181.56.170
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/css/genting.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.56.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

d84ca9189c0c93cefe8b06881f550047a3a0ea57684f87753335a609309400e8

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:13:38 GMT
via: cache12.l2hk71[0,0,304-0,H], cache14.l2hk71[0,0], ens-cache4.de4[1457,1551,200-0,H], ens-cache7.de4[1554,0]
age: 2012
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:10:213053980
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:10 GMT
content-encoding: gzip
content-length: 58119
x-xss-protection: 1;mode=block
last-modified: Thu, 23 Sep 2021 08:43:46 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "04d81f57b0d71:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642151618
content-type: text/css
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 2ff62b1f16421536289685937e

GET
H2 200 jquery.modaldialog.css
cdn.book.rwgenting.com/assets/Style/ 3 KB
1 KB 2833ms
1568ms Stylesheet
text/css 163.181.56.170
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/Style/jquery.modaldialog.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.56.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

5890e0f5759cdace55c64dac8afe9034088b05b7e04248f71d4a304421e8a16b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:09:56 GMT
via: cache10.l2hk71[0,0,304-0,H], cache15.l2hk71[1,0], ens-cache10.de4[1457,1544,200-0,H], ens-cache7.de4[1546,0]
age: 2234
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:9:306444695
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:10 GMT
content-encoding: gzip
content-length: 945
x-xss-protection: 1;mode=block
last-modified: Tue, 22 Jan 2019 02:13:16 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "4753329f8b1d41:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642151396
content-type: text/css
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 2ff62b1f16421536289765975e

GET
H2 200 jquery.maskedinput-1.4.0.js Show response
cdn.book.rwgenting.com/assets/JavaScript/ 5 KB
2 KB 2922ms
1656ms Script
application/javascript 163.181.56.170
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/jquery.maskedinput-1.4.0.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.56.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

9409d775f1f80a4bde9b7e814ac3cf72ee325183778ad98a8a665ecb1be4de0b

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:29:17 GMT
via: cache15.l2hk71[0,0,304-0,H], cache27.l2hk71[1,0], ens-cache6.de4[1632,1633,200-0,H], ens-cache7.de4[1637,0]
age: 1073
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:8:201812071
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:10 GMT
content-encoding: gzip
content-length: 2115
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:37 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "84ee6647565bd61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642152557
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 2ff62b1f16421536289796005e

GET
H2 200 tooltip.css
cdn.book.rwgenting.com/assets/JavaScript/assets/css/ 1 KB
640 B 2848ms
1583ms Stylesheet
text/css 163.181.56.170
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/css/tooltip.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.56.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

c635ad039a51f60103d07ee88fb6655f294efe3730724f0be8cdc0e4e86fa340

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:13:38 GMT
via: cache22.l2hk71[0,0,304-0,H], cache17.l2hk71[1,0], ens-cache10.de4[1478,1564,200-0,H], ens-cache7.de4[1567,0]
age: 2012
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:8:305014370
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:10 GMT
content-encoding: gzip
content-length: 401
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:39 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "9aa7848565bd61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642151618
content-type: text/css
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 2ff62b1f16421536289765978e

GET
H2 200 tooltip.js Show response
cdn.book.rwgenting.com/assets/JavaScript/assets/js/ 14 KB
3 KB 2963ms
1698ms Script
application/javascript 163.181.56.170
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/tooltip.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.56.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

981830d7bd9000e3f5adfcfca19307bb14c9ba612bb258aab51637d2d8b8ee39

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:13:38 GMT
via: cache30.l2hk71[0,0,304-0,H], cache18.l2hk71[0,0], ens-cache2.de4[1592,1675,200-0,H], ens-cache7.de4[1679,0]
age: 2012
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:10:292949032
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:10 GMT
content-encoding: gzip
content-length: 2603
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:43 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "2af34b565bd61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642151618
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 2ff62b1f16421536289796002e

GET
H2 200 intlTelInput.css
cdn.book.rwgenting.com/assets/JavaScript/assets/css/ 25 KB
3 KB 2872ms
1608ms Stylesheet
text/css 163.181.56.170
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/css/intlTelInput.css

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.56.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

494f93c5215e411d1e4b082d9375e93c1d978b805f50262ffcd31b853bf4b71c

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:13:38 GMT
via: cache16.l2hk71[0,0,304-0,H], cache34.l2hk71[0,0], ens-cache7.de4[1585,1588,200-0,H], ens-cache7.de4[1591,0]
age: 2012
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:10:380278389
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:10 GMT
content-encoding: gzip
content-length: 3158
x-xss-protection: 1;mode=block
last-modified: Fri, 23 Oct 2020 01:48:17 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "502e1594dea8d61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642151618
content-type: text/css
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 2ff62b1f16421536289765980e

GET
H2 200 intlTelInput.js Show response
cdn.book.rwgenting.com/assets/JavaScript/assets/js/ 87 KB
20 KB 2820ms
1555ms Script
application/javascript 163.181.56.170
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/intlTelInput.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.56.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

083e309c8998a21f312ca427b00f484b95c7eefa961e7ccb564fa7a3380920f3

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:30:47 GMT
via: cache35.l2hk71[0,0,304-0,H], cache17.l2hk71[1,0], ens-cache3.de4[1448,1528,200-0,H], ens-cache7.de4[1534,0]
age: 983
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:10:269272265
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:10 GMT
content-encoding: gzip
content-length: 20695
x-xss-protection: 1;mode=block
last-modified: Fri, 23 Oct 2020 01:48:18 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "a516cf94dea8d61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642152647
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 2ff62b1f16421536289796033e

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 53ms
30ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-382529330

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

611880322593d348bffb60a868b6b68e04b77fbd9a8cd913af906695b8018a7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:47:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39762
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Jan 2022 09:47:10 GMT

GET
H/1.1 200
OK WebResource.axd Show response
book.rwgenting.com/member2/ 23 KB
5 KB 706ms
693ms Script
application/x-javascript 170.33.9.200
ASEPL-AS-AP Aliba...

General

Check archive.org

Show headers Download Go to

Full URL

https://book.rwgenting.com/member2/WebResource.axd?d=pynGkmcFUV13He1Qd6_TZBMhLUH1UmTvCpYa3fbVQ6CNHgrlfqUMvKC_1KVe2duhu9iJIm5uUZ_H_wUsF6d4Ug2&t=637461269481343508

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.33.9.200 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba.com Singapore E-Commerce Private Limited, SG),

Reverse DNS

Software

/ ASP.NET

Resource Hash

40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 09:47:08 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Last-Modified: Wed, 13 Jan 2021 01:29:07 GMT
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Expires: Fri, 13 Jan 2023 19:01:56 GMT
Cache-Control: public
Transfer-Encoding: chunked
Connection: keep-alive
X-XSS-PROTECTION: 1;mode=block
X-UA-Compatible: IE=11

GET
H/1.1 200
OK ScriptResource.axd Show response
book.rwgenting.com/member2/ 357 KB
61 KB 705ms
690ms Script
application/x-javascript 170.33.9.200
ASEPL-AS-AP Aliba...

General

Check archive.org

Show headers Download Go to

Full URL

https://book.rwgenting.com/member2/ScriptResource.axd?d=yeSNAJTOPtPimTGCAo3LlSi1VrOTWKwMpEVV96nNee7z_7TH--p2H2WGzgkk4RsNHAhXD5kpIBhXuCYLLVG53lGO6rx72rKkQ_JkifS-EKEnH-e1KkmUNOEpqufq4Xje0&t=7f16157c

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.33.9.200 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba.com Singapore E-Commerce Private Limited, SG),

Reverse DNS

Software

/ ASP.NET

Resource Hash

1a84f467ad2c041ede1d2514d5c5f6c9edfbe47d5a7b9342743965c789ca0248

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 09:47:08 GMT
Content-Encoding: gzip
ETag: "1642100516:dtagent10229211201102017WHjA"
Last-Modified: Thu, 13 Jan 2022 19:01:55 GMT
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Expires: Fri, 13 Jan 2023 19:01:56 GMT
Cache-Control: public
Connection: keep-alive
Content-Length: 61902
X-XSS-PROTECTION: 1;mode=block
X-UA-Compatible: IE=11

GET
H/1.1 200
OK ScriptResource.axd Show response
book.rwgenting.com/member2/ 93 KB
15 KB 448ms
255ms Script
application/x-javascript 170.33.9.200
ASEPL-AS-AP Aliba...

General

Check archive.org

Show headers Download Go to

Full URL

https://book.rwgenting.com/member2/ScriptResource.axd?d=DT3YJR8QaqV61-teuz0hgst7Z7_pyP7h4LurjUcQE4fKqTEjiOvewO02MEvS6psbXSIfjfhYwVdAJdTT8ROS2IarEIUWmd3eI91tGhwhQ9meqB6iUQHYrxI0I6nf4bo--RCO9-yFr3ygFmpbEi0ZSQ2&t=7f16157c

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.33.9.200 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba.com Singapore E-Commerce Private Limited, SG),

Reverse DNS

Software

/ ASP.NET

Resource Hash

d0670324e6062e1b6c0fdd2ad008effa9ff4bbeb10b780cd0c1577e0c05a5285

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 09:47:08 GMT
Content-Encoding: gzip
ETag: "1642100516:dtagent10229211201102017WHjA"
Last-Modified: Thu, 13 Jan 2022 19:01:55 GMT
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/x-javascript
Access-Control-Allow-Origin: *
Expires: Fri, 13 Jan 2023 19:01:56 GMT
Cache-Control: public
Connection: keep-alive
Content-Length: 15236
X-XSS-PROTECTION: 1;mode=block
X-UA-Compatible: IE=11

GET
H2 200 Best-rates-top1-rev.jpg
cdn.rwgenting.com/uploadedImages/Content/Hot_deals/ 147 KB
148 KB 1651ms
271ms Image
image/jpeg 79.133.177.227
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.rwgenting.com/uploadedImages/Content/Hot_deals/Best-rates-top1-rev.jpg?n=129
Requested by: Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.133.177.227 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / ASP.NET
Resource Hash: 51b0fa6fa24f457766b1480b814cce77f28adf07ec6061db7a69cd3ea857009e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:37:44 GMT
via: cache30.l2sg52[0,0,304-0,H], cache6.l2sg52[0,0], cache6.l2sg52[1,0], cache10.de3[256,256,200-0,H], cache5.de3[257,0]
x-aspnet-version: 4.0.30319
age: 568
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:13:420948080
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:12 GMT
content-length: 150873
last-modified: Wed, 06 Jan 2021 04:23:04 GMT
server: Tengine
ali-swift-global-savetime: 1642153064
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
eagleid: 4f85b19916421536320763824e

GET
H2 200 cancel-red.svg
cdn.book.rwgenting.com/assets/gale/ 358 B
624 B 336ms
334ms Image
image/svg+xml 163.181.56.170
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.book.rwgenting.com/assets/gale/cancel-red.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.56.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

4efefe4a8090d4c75325d54f571f21440761e4b1b3fd1c5fc2aab797c0db38d4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:35:21 GMT
via: cache18.l2hk71[0,0,304-0,H], cache27.l2hk71[1,0], ens-cache6.de4[326,326,200-0,H], ens-cache7.de4[328,0]
age: 710
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:9:170461678
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:11 GMT
content-length: 358
x-xss-protection: 1;mode=block
last-modified: Wed, 30 Jan 2019 10:09:46 GMT
server: Tengine
etag: "7621aeed83b8d41:0"
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1642152921
content-type: image/svg+xml
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 2ff62b1f16421536306796655e

GET
H2 200 14_FWH_Lobby_720x720.jpg
cdn.rwgenting.com/uploadedImages/Images/Mobile/Hotels/First_World/ 101 KB
101 KB 1564ms
188ms Image
image/jpeg 79.133.177.227
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.rwgenting.com/uploadedImages/Images/Mobile/Hotels/First_World/14_FWH_Lobby_720x720.jpg?n=6632
Requested by: Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.133.177.227 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / ASP.NET
Resource Hash: 8e2ee291b854590ed2a22402a42adfb5c6cd63bf070f8d6f47c379b1c8f4f97f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 08:55:51 GMT
via: cache36.l2sg52[0,0,304-0,H], cache8.l2sg52[0,0], cache8.l2sg52[1,0], cache2.de3[171,171,200-0,H], cache5.de3[175,0]
x-aspnet-version: 4.0.30319
age: 3081
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:12:203401246
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:12 GMT
content-length: 103165
last-modified: Wed, 19 Sep 2018 06:45:23 GMT
server: Tengine
ali-swift-global-savetime: 1642150551
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
eagleid: 4f85b19916421536320763826e

GET
H2 200 calendar-icon.svg
cdn.book.rwgenting.com/assets/gale/ 689 B
966 B 319ms
318ms Image
image/svg+xml 163.181.56.170
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.book.rwgenting.com/assets/gale/calendar-icon.svg

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.56.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

0fb0e95b94cf7237570b8b5195d5bfb98e714ca5231b18ba092cf387ff97f14e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:43:25 GMT
via: cache36.l2hk71[0,0,304-0,H], cache16.l2hk71[0,0], ens-cache5.de4[309,309,200-0,H], ens-cache7.de4[311,0]
age: 225
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:9:322521646
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:10 GMT
content-length: 689
x-xss-protection: 1;mode=block
last-modified: Wed, 30 Jan 2019 10:09:46 GMT
server: Tengine
etag: "4c1291ed83b8d41:0"
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1642153405
content-type: image/svg+xml
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 2ff62b1f16421536306796657e

GET
H2 200 Awana-Hotel-new11.jpg
cdn.rwgenting.com/uploadedImages/Images/iHoliday_Images/Hotels/Awana_@_Resorts_World_Genting/ 136 KB
137 KB 1601ms
225ms Image
image/jpeg 79.133.177.227
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.rwgenting.com/uploadedImages/Images/iHoliday_Images/Hotels/Awana_@_Resorts_World_Genting/Awana-Hotel-new11.jpg?n=481
Requested by: Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.133.177.227 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / ASP.NET
Resource Hash: 07473486b9e5f4c8a56307b2a4b5beddb0599045807b764347702c0b6fe9042f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:47:12 GMT
via: cache24.l2sg52[27,26,304-0,H], cache38.l2sg52[28,0], cache38.l2sg52[28,0], cache9.de3[214,214,200-0,H], cache5.de3[217,0]
x-aspnet-version: 4.0.30319
age: 0
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:13:504565832
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:12 GMT
content-length: 139734
last-modified: Thu, 25 Apr 2019 03:08:58 GMT
server: Tengine
ali-swift-global-savetime: 1642153632
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
eagleid: 4f85b19916421536320763830e

GET
H2 200 12_Crockfords_Lobby.jpg
cdn.rwgenting.com/uploadedImages/Images/Mobile/Hotels/Crockfords/ 113 KB
114 KB 1689ms
314ms Image
image/jpeg 79.133.177.227
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.rwgenting.com/uploadedImages/Images/Mobile/Hotels/Crockfords/12_Crockfords_Lobby.jpg?n=7467
Requested by: Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.133.177.227 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / ASP.NET
Resource Hash: b61a1721320ab1fceaad57a4a7f4d0fe5497be843b774a3b755c44567059ca59

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:27:28 GMT
via: cache25.l2sg52[0,0,304-0,H], cache38.l2sg52[1,0], cache38.l2sg52[1,0], cache13.de3[269,268,200-0,H], cache5.de3[272,0]
x-aspnet-version: 4.0.30319
age: 1184
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:12:224725090
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:12 GMT
content-length: 115904
last-modified: Wed, 19 Sep 2018 06:41:16 GMT
server: Tengine
ali-swift-global-savetime: 1642152448
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
eagleid: 4f85b19916421536320763829e

GET
H2 200 04_GG_Lobby_720x720.jpg
cdn.rwgenting.com/uploadedImages/Images/Mobile/Hotels/Genting_Grand/ 113 KB
113 KB 1636ms
261ms Image
image/jpeg 79.133.177.227
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.rwgenting.com/uploadedImages/Images/Mobile/Hotels/Genting_Grand/04_GG_Lobby_720x720.jpg?n=2570
Requested by: Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.133.177.227 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / ASP.NET
Resource Hash: f45a8c136d571fa6860bf7bdefcce5d27fa6a18c4441f3a4dbda41e6e349b60f

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:36:43 GMT
via: cache24.l2sg52[0,0,304-0,H], cache35.l2sg52[1,0], cache35.l2sg52[1,0], cache4.de3[250,251,200-0,H], cache5.de3[253,0]
x-aspnet-version: 4.0.30319
age: 629
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:13:779061556
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:12 GMT
content-length: 115335
last-modified: Wed, 19 Sep 2018 06:45:44 GMT
server: Tengine
ali-swift-global-savetime: 1642153003
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
eagleid: 4f85b19916421536320763827e

GET
H2 200 GSW-hotel-Facade_tile.jpg
cdn.rwgenting.com/uploadedImages/Website_Content/Hotels/Theme_Park_Hotel/GSW_hotel_image/ 44 KB
45 KB 1669ms
294ms Image
image/jpeg 79.133.177.227
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.rwgenting.com/uploadedImages/Website_Content/Hotels/Theme_Park_Hotel/GSW_hotel_image/GSW-hotel-Facade_tile.jpg?n=8487
Requested by: Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.133.177.227 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / ASP.NET
Resource Hash: 7a36ffc84d41538d505db8ff4a5a2a7f6db1a736c7ece2c2e4b6285bc633cf5e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 08:47:17 GMT
via: cache5.l2sg52[0,0,304-0,H], cache19.l2sg52[1,0], cache19.l2sg52[1,0], cache3.de3[258,258,200-0,H], cache5.de3[262,0]
x-aspnet-version: 4.0.30319
age: 3595
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:13:410917151
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:12 GMT
content-length: 45504
last-modified: Mon, 19 Jul 2021 02:40:11 GMT
server: Tengine
ali-swift-global-savetime: 1642150037
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
eagleid: 4f85b19916421536320763831e

GET
H2 200 12_Maxims_Lobby_720x720.jpg
cdn.rwgenting.com/uploadedImages/Images/Mobile/Hotels/Maxims/ 99 KB
100 KB 1600ms
285ms Image
image/jpeg 79.133.177.227
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.rwgenting.com/uploadedImages/Images/Mobile/Hotels/Maxims/12_Maxims_Lobby_720x720.jpg?n=2995
Requested by: Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.133.177.227 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / ASP.NET
Resource Hash: 7fe4f253cda78ed0fcc7864e70be03562fbb48756b15af4b0976f1993ab7af37

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:16:03 GMT
via: cache18.l2sg52[0,0,304-0,H], cache25.l2sg52[0,0], cache25.l2sg52[1,0], cache5.de3[258,258,200-0,H], cache5.de3[261,0]
x-aspnet-version: 4.0.30319
age: 1869
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:12:106298208
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:12 GMT
content-length: 101536
last-modified: Wed, 19 Sep 2018 06:46:07 GMT
server: Tengine
ali-swift-global-savetime: 1642151763
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
eagleid: 4f85b19916421536320753819e

GET
H2 200 resorts-hotel-main.jpg
cdn.rwgenting.com/uploadedImages/Images/Mobile/Hotels/Resort/ 200 KB
200 KB 1613ms
298ms Image
image/jpeg 79.133.177.227
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://cdn.rwgenting.com/uploadedImages/Images/Mobile/Hotels/Resort/resorts-hotel-main.jpg?n=998
Requested by: Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 79.133.177.227 , Russian Federation, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),
Reverse DNS
Software: Tengine / ASP.NET
Resource Hash: c9a44e891c1ef7eb3586042297b67b1b914c9a0343a461845030d207c0f048e3

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:00:49 GMT
via: cache20.l2sg52[0,0,304-0,H], cache24.l2sg52[1,0], cache24.l2sg52[1,0], cache9.de3[262,262,200-0,H], cache5.de3[263,0]
x-aspnet-version: 4.0.30319
age: 2783
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:12:505570455
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:12 GMT
content-length: 204776
last-modified: Fri, 04 Jan 2019 03:32:18 GMT
server: Tengine
ali-swift-global-savetime: 1642150849
content-type: image/jpeg
access-control-allow-origin: *
timing-allow-origin: *
eagleid: 4f85b19916421536320763822e

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 186 KB
56 KB 44ms
39ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-KLX5MDQ

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

7479bb8deda6353b23cbeb56069b89d132c3dd0384c81c192ed75086ef459cd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:47:10 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 57237
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Jan 2022 09:47:10 GMT

GET
H2 200 brown-regular.woff2
cdn.book.rwgenting.com/assets/JavaScript/assets/fonts/ 19 KB
20 KB 1553ms
1538ms Font
application/x-font-woff2 163.181.56.170
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/fonts/brown-regular.woff2

Requested by

Host: cdn.book.rwgenting.com
URL: https://cdn.book.rwgenting.com/assets/JavaScript/assets/css/genting.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.56.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

3bad7d670a6660817708b9fb30b07ab22cd3db5d87f2bc2f141a67f4da9ebeb7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.book.rwgenting.com/assets/JavaScript/assets/css/genting.css
Origin: https://book.rwgenting.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:21:48 GMT
via: cache16.l2hk71[0,0,304-0,H], cache36.l2hk71[1,0], ens-cache9.de4[1526,1528,200-0,H], ens-cache7.de4[1530,0]
age: 1524
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:10:200792650
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:12 GMT
content-length: 19912
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:40 GMT
server: Tengine
etag: "ae4a6549565bd61:0:dtagent10229211201102017WHjA"
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1642152108
content-type: application/x-font-woff2
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 2ff62b1f16421536307056802e

GET
H2 200 genting-icons.woff
cdn.book.rwgenting.com/assets/JavaScript/assets/fonts/ 17 KB
17 KB 347ms
331ms Font
application/x-font-woff 163.181.56.170
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/fonts/genting-icons.woff?9klrmc

Requested by

Host: cdn.book.rwgenting.com
URL: https://cdn.book.rwgenting.com/assets/JavaScript/assets/css/genting.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.56.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

8e0450cc4717f2613dc6ff9af944c62e92dff62dc9d50a10851553ac9c58544f

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.book.rwgenting.com/assets/JavaScript/assets/css/genting.css
Origin: https://book.rwgenting.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:09:56 GMT
via: cache2.l2hk71[0,0,304-0,H], cache18.l2hk71[1,0], ens-cache2.de4[318,319,200-0,H], ens-cache7.de4[322,0]
age: 2235
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:8:292920055
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:11 GMT
content-length: 17080
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:40 GMT
server: Tengine
etag: "7dd69c49565bd61:0:dtagent10229211201102017WHjA"
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1642151396
content-type: application/x-font-woff
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 2ff62b1f16421536307066813e

GET
H2 200 brown-light.woff2
cdn.book.rwgenting.com/assets/JavaScript/assets/fonts/ 19 KB
20 KB 1614ms
1599ms Font
application/x-font-woff2 163.181.56.170
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/fonts/brown-light.woff2

Requested by

Host: cdn.book.rwgenting.com
URL: https://cdn.book.rwgenting.com/assets/JavaScript/assets/css/genting.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.56.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

27de96de6b1e61132441689a2670147e9eb0ec235cb6c417815a9fefe53ef428

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.book.rwgenting.com/assets/JavaScript/assets/css/genting.css
Origin: https://book.rwgenting.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:21:48 GMT
via: cache30.l2hk71[0,0,304-0,H], cache17.l2hk71[0,0], ens-cache9.de4[1587,1589,200-0,H], ens-cache7.de4[1592,0]
age: 1524
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:8:199512134
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:12 GMT
content-length: 19864
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:39 GMT
server: Tengine
etag: "334ff49565bd61:0:dtagent10229211201102017WHjA"
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1642152108
content-type: application/x-font-woff2
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 2ff62b1f16421536307056806e

GET
H2 200 brown-bold.woff2
cdn.book.rwgenting.com/assets/JavaScript/assets/fonts/ 20 KB
20 KB 321ms
319ms Font
application/x-font-woff2 163.181.56.170
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/fonts/brown-bold.woff2

Requested by

Host: cdn.book.rwgenting.com
URL: https://cdn.book.rwgenting.com/assets/JavaScript/assets/css/genting.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.56.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

f5c2adae89718a53679c5a07e14dbeb4cde33d917a1419006aa26b81968eece1

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://cdn.book.rwgenting.com/assets/JavaScript/assets/css/genting.css
Origin: https://book.rwgenting.com
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:21:48 GMT
via: cache34.l2hk71[0,0,304-0,H], cache33.l2hk71[1,0], ens-cache1.de4[308,308,200-0,H], ens-cache7.de4[310,0]
age: 1523
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:10:286502965
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:11 GMT
content-length: 20072
x-xss-protection: 1;mode=block
last-modified: Thu, 16 Jul 2020 09:48:39 GMT
server: Tengine
etag: "a03dc848565bd61:0:dtagent10229211201102017WHjA"
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1642152108
content-type: application/x-font-woff2
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 2ff62b1f16421536307066811e

GET
H2 200 flags.png
cdn.book.rwgenting.com/assets/JavaScript/assets/img/ 69 KB
70 KB 314ms
314ms Image
image/png 163.181.56.170
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/img/flags.png

Requested by

Host: cdn.book.rwgenting.com
URL: https://cdn.book.rwgenting.com/assets/JavaScript/assets/css/intlTelInput.css

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.56.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.book.rwgenting.com/assets/JavaScript/assets/css/intlTelInput.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:45:23 GMT
via: cache1.l2hk71[0,0,304-0,H], cache2.l2hk71[0,0], ens-cache5.de4[304,305,200-0,H], ens-cache7.de4[307,0]
age: 108
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:8:209407079
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:11 GMT
content-length: 70857
x-xss-protection: 1;mode=block
last-modified: Fri, 23 Oct 2020 01:48:19 GMT
server: Tengine
etag: "4daaa95dea8d61:0"
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1642153523
content-type: image/png
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 2ff62b1f16421536307497017e

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 31ms
9ms Script
text/javascript 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Tue, 02 Nov 2021 17:39:06 GMT
server: Golfe2
age: 736
date: Fri, 14 Jan 2022 09:34:54 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Fri, 14 Jan 2022 11:34:54 GMT

GET
H2 200 tpjex3u73.js Show response
cdn.krxd.net/controltag/ 19 KB
5 KB 213ms
119ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/tpjex3u73.js
Requested by: Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 39552c65dca63a153fa82b1463652393f010ea6602e0e963195dc6a46407fb7d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Fri, 14 Jan 2022 09:47:10 GMT
via: 1.1 varnish, 1.1 varnish
age: 978
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 4759
x-served-by: config-service-a004-ash-prod.krxd.net, cache-iad-kcgs7200054-IAD, cache-mxp6922-MXP
x-response-time: 1
x-do-esi: esi
x-timer: S1642153631.876013,VS0,VE100
etag: "5fd884d4c6b801fd533305342a74ca84456d71c6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 1

POST
H/1.1 200
OK BindPaymentMode2 Show response
book.rwgenting.com/member2/Conmon/Conmon.aspx/ 700 B
1 KB 206ms
206ms XHR
application/json 170.33.9.200
ASEPL-AS-AP Aliba...

General

Check archive.org

Show headers Download Go to

Full URL

https://book.rwgenting.com/member2/Conmon/Conmon.aspx/BindPaymentMode2

Requested by

Host: cdn.book.rwgenting.com
URL: https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/jquery-3.3.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.33.9.200 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba.com Singapore E-Commerce Private Limited, SG),

Reverse DNS

Software

/ ASP.NET

Resource Hash

e9280b5bfa336c5e503b5b9bba8061418ee489b4fbf9f62885a02e60a18c6dd4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
Content-Type: application/json
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
x-dtpc: 1$553628556_424h2vHOESPNPFURQURMNLKVPHHFKWAOCVLEJA-0e0

Response headers

Date: Fri, 14 Jan 2022 09:47:11 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=0
Connection: keep-alive
Content-Length: 700
X-XSS-PROTECTION: 1;mode=block
X-UA-Compatible: IE=11

POST
H/1.1 200
OK BindPaymentMode2 Show response
book.rwgenting.com/member2/Conmon/Conmon.aspx/ 700 B
1 KB 186ms
186ms XHR
application/json 170.33.9.200
ASEPL-AS-AP Aliba...

General

Check archive.org

Show headers Download Go to

Full URL

https://book.rwgenting.com/member2/Conmon/Conmon.aspx/BindPaymentMode2

Requested by

Host: cdn.book.rwgenting.com
URL: https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/jquery-3.3.1.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.33.9.200 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba.com Singapore E-Commerce Private Limited, SG),

Reverse DNS

Software

/ ASP.NET

Resource Hash

e9280b5bfa336c5e503b5b9bba8061418ee489b4fbf9f62885a02e60a18c6dd4

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept: application/json, text/javascript, */*; q=0.01
Referer: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
X-Requested-With: XMLHttpRequest
Accept-Language: de-DE,de;q=0.9
Content-Type: application/json
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
x-dtpc: 1$553628556_424h3vHOESPNPFURQURMNLKVPHHFKWAOCVLEJA-0e0

Response headers

Date: Fri, 14 Jan 2022 09:47:11 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=0
Connection: keep-alive
Content-Length: 700
X-XSS-PROTECTION: 1;mode=block
X-UA-Compatible: IE=11

GET
H/1.1 200
OK loading.gif
book.rwgenting.com/member2/images/ 3 KB
3 KB 181ms
180ms Image
image/gif 170.33.9.200
ASEPL-AS-AP Aliba...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://book.rwgenting.com/member2/images/loading.gif

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.33.9.200 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba.com Singapore E-Commerce Private Limited, SG),

Reverse DNS

Software

/ ASP.NET

Resource Hash

a01ebe9b22e5cb9dd317e47b353988588b0245980ab8f56de2791fbb29908db7

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

Date: Fri, 14 Jan 2022 09:47:11 GMT
Last-Modified: Tue, 04 Jan 2022 07:13:41 GMT
X-Powered-By: ASP.NET
ETag: "beb1189a3a1d81:0"
X-Frame-Options: SAMEORIGIN
Content-Type: image/gif
Access-Control-Allow-Origin: *
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2711
X-XSS-PROTECTION: 1;mode=block
X-UA-Compatible: IE=11

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 38 KB
15 KB 43ms
21ms Script
text/javascript 142.250.181.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-382529330

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.181.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s56-in-f2.1e100.net

Software

cafe /

Resource Hash

1fe7c9b04cd9ebd46cd5a636bd2c2b1d54054f3995db24951c0d0318ec71d70c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:47:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14835
x-xss-protection: 0
server: cafe
etag: 2630088915750441828
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 14 Jan 2022 09:47:11 GMT

GET
H3

200

activityi;dc_pre=CKft9v76sPUCFTxFHQkdYQAOBw;src=6541830;type=b_ctr;cat=fl_rw007;ord=9240957102110;gtm=2wg1c0;auiddc=1062555807.1642153631;ps=1;~oref=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHot... Show response
6541830.fls.doubleclick.net/ Frame 9527
Redirect Chain

https://6541830.fls.doubleclick.net/activityi;src=6541830;type=b_ctr;cat=fl_rw007;ord=9240957102110;gtm=2wg1c0;auiddc=1062555807.1642153631;ps=1;~oref=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FH...
https://6541830.fls.doubleclick.net/activityi;dc_pre=CKft9v76sPUCFTxFHQkdYQAOBw;src=6541830;type=b_ctr;cat=fl_rw007;ord=9240957102110;gtm=2wg1c0;auiddc=1062555807.1642153631;ps=1;~oref=https%3A%2F%...

668 B
503 B

42ms
26ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://6541830.fls.doubleclick.net/activityi;dc_pre=CKft9v76sPUCFTxFHQkdYQAOBw;src=6541830;type=b_ctr;cat=fl_rw007;ord=9240957102110;gtm=2wg1c0;auiddc=1062555807.1642153631;ps=1;~oref=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3?

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KLX5MDQ

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

3285328f5b846d5005916db2ba67b472f6ba13d4bc36f9156247399b97029c27

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: about:blank

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jan 2022 09:47:11 GMT
expires: Fri, 14 Jan 2022 09:47:11 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 478
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jan 2022 09:47:11 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://6541830.fls.doubleclick.net/activityi;dc_pre=CKft9v76sPUCFTxFHQkdYQAOBw;src=6541830;type=b_ctr;cat=fl_rw007;ord=9240957102110;gtm=2wg1c0;auiddc=1062555807.1642153631;ps=1;~oref=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 98 KB
26 KB 24ms
7ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
content-length: 25965
x-xss-protection: 0
pragma: public
x-fb-debug: sK6xI/45fBJBNMRgKql9OX4gtKEz4SvUfqmxWCN2O7hnLwSnQIvJMMufsBH8e3TZBrN1uD7FazN3RR82wuu+yw==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Fri, 14 Jan 2022 09:47:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 98 KB
39 KB 35ms
34ms Script
application/javascript 2a00:1450:4001:82b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-941664267

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-KLX5MDQ

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1cbad725743197d672e59e394c5b5c12e143515aa48c96bee97f56077cefe4ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:47:11 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39755
x-xss-protection: 0
last-modified: Fri, 14 Jan 2022 09:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 14 Jan 2022 09:47:11 GMT

GET
H2 200 b90894f9b1582df507297d968da7fecece37d93.js Show response
cdn.brand-display.com/tr/knx15814/ 23 KB
23 KB 103ms
13ms Script
text/javascript 18.66.248.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brand-display.com/tr/knx15814/b90894f9b1582df507297d968da7fecece37d93.js?v1=%%PAGE_CATEGORY%%&v2=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&_t=1642153631331
Requested by: Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-117.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c08e671967a1e37c99c6644d9ce66597c324639607a4df7df671d4d6b4229268

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: tOXJK.mG6DRpfvXzPon70dkZrK06OlQH
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
last-modified: Mon, 30 Nov 2020 18:06:07 GMT
server: AmazonS3
age: 22080
etag: "8309c31a6749ee17ee6655d88ca91426"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: no-cache, must-revalidate, proxy-revalidate, public, max-age=0
date: Fri, 14 Jan 2022 03:39:12 GMT
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 23323
x-amz-cf-id: 7YHv9q-X5p5G7FHYQOG3GE5qcsxtOGXqxPJ4Qz0WRiujDMDGbhY0tg==

GET
H2 200 activityi;register_conversion=1;src=6541830;type=b_ctr;cat=fl_rw007;ord=9240957102110;gtm=2wg1c0;auiddc=1062555807.1642153631;ps=1;~oref=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHote...
6541830.fls.doubleclick.net/ 0
0 73ms
16ms Image
text/html 142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://6541830.fls.doubleclick.net/activityi;register_conversion=1;src=6541830;type=b_ctr;cat=fl_rw007;ord=9240957102110;gtm=2wg1c0;auiddc=1062555807.1642153631;ps=1;~oref=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3?
Requested by: Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 142.250.186.102 , United States, ASN15169 (GOOGLE, US),
Reverse DNS: fra24s06-in-f6.1e100.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

GET
H2 200 controltag.js.0631b7d64dbbd3656a8b7368ad227a04 Show response
cdn.krxd.net/ctjs/ 259 KB
83 KB 21ms
21ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/tpjex3u73.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Fri, 14 Jan 2022 09:47:11 GMT
content-encoding: gzip
age: 10400370
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 117990
content-length: 84451
x-served-by: cache-mxp6922-MXP
last-modified: Thu, 15 Oct 2020 07:09:29 GMT
x-timer: S1642153631.351452,VS0,VE0
etag: "0631b7d64dbbd3656a8b7368ad227a04"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sun, 13 Oct 2030 07:09:28 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 4 B
24 B 30ms
15ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1398043572&t=pageview&_s=1&dl=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&ul=en-us&de=UTF-8&dt=Resorts%20World%20Genting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=2008799940&gjid=1825918096&cid=1326671075.1642153631&tid=UA-3398302-45&_gid=1180251381.1642153631&_r=1&_slc=1&z=938473367

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://book.rwgenting.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 09:47:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://book.rwgenting.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 28ms
15ms XHR
text/plain 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1398043572&t=pageview&_s=1&dl=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&ul=en-us&de=UTF-8&dt=Resorts%20World%20Genting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEDAAEABAAAAAC~&jid=1504176656&gjid=1534449972&cid=1326671075.1642153631&tid=UA-3398302-53&_gid=1180251381.1642153631&_r=1&gtm=2wg1c0KLX5MDQ&z=1757090450

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://book.rwgenting.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 09:47:11 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://book.rwgenting.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 19ms
10ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1398043572&t=event&ni=0&_s=1&dl=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&ul=en-us&de=UTF-8&dt=Resorts%20World%20Genting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Hotel&ea=search&el=14%2F01%2F2022%20%7C%2015%2F01%2F2022%20%7C%201%20%7C%201%20%7C%20First%20World%20Hotel%3A%20123.00MYR%3B%20Resorts%20World%20Awana%3A%20407.00MYR%3B%20Crockfords%3A%20Fully%20Booked%3B%20Genting%20Grand%3A%20Fully%20Booked%3B%20Genting%20SkyWorlds%20Hotel%3A%20Fully%20Booked%3B%20Highlands%20Hotel%3A%20Fully%20Booked%3B%20Resort%20Hotel%3A%20Fully%20Booked&_u=YEDAAEABAAAAAC~&jid=&gjid=&cid=1326671075.1642153631&tid=UA-3398302-53&_gid=1180251381.1642153631&gtm=2wg1c0KLX5MDQ&cd1=no&cd2=&cd3=&cd4=First%20World%20Hotel%3A%20123.00MYR%3B%20Resorts%20World%20Awana%3A%20407.00MYR%3B%20Crockfords%3A%20Fully%20Booked%3B%20Genting%20Grand%3A%20Fully%20Booked%3B%20Genting%20SkyWorlds%20Hotel%3A%20Fully%20Booked%3B%20Highlands%20Hotel%3A%20Fully%20Booked%3B%20Resort%20Hotel%3A%20Fully%20Booked&z=2053844204

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 05:13:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16443
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/382529330/ 3 KB
2 KB 45ms
20ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/382529330/?random=1642153631361&cv=9&fst=1642153631361&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1c0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&tiba=Resorts%20World%20Genting&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2b2d91260c94d59c9a6bb47c0c1848d5af6af772f9e9ed01a7c7d23b06f1f4fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 09:47:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1172
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 537857393380708 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 114ms
104ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/537857393380708?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d629f50bab9a4ad963767dbb37d0511e0af980ebb00222c492ffdf2a8b690e1c

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: H1mnvx70L4d2iN3J4mR0zs1E/KuF+HSw3ud7apcV5gtRL0a+PaNd3oOWuc2I4OlbTtX0KyCu138h/YDwkU4UdA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 14 Jan 2022 09:47:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
444 B 60ms
19ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3398302-45&cid=1326671075.1642153631&jid=2008799940&gjid=1825918096&_gid=1180251381.1642153631&_u=IEBAAEAAAAAAAC~&z=1232410276

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://book.rwgenting.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 14 Jan 2022 09:47:11 GMT
content-type: text/plain
access-control-allow-origin: https://book.rwgenting.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
70 B 59ms
20ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j96&tid=UA-3398302-53&cid=1326671075.1642153631&jid=1504176656&gjid=1534449972&_gid=1180251381.1642153631&_u=YEDAAEABAAAAAC~&z=808958053

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://book.rwgenting.com/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 14 Jan 2022 09:47:11 GMT
content-type: text/plain
access-control-allow-origin: https://book.rwgenting.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/941664267/ 3 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82f::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/941664267/?random=1642153631390&cv=9&fst=1642153631390&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1c0&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&tiba=Resorts%20World%20Genting&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c3ae7372a47cd7d715d810afcc30e506bb81888fe24e5db453b6857814ae89b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 09:47:11 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1174
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 proxy.3d2100fd7107262ecb55ce6847f01fa5.html Show response
cdn.krxd.net/partnerjs/xdi/ Frame B173 805 B
826 B 20ms
19ms Document
text/html 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/

Response headers

last-modified: Tue, 21 Feb 2017 17:50:54 GMT
etag: "3d2100fd7107262ecb55ce6847f01fa5"
cache-control: public, max-age=315360000
expires: Fri, 19 Feb 2027 17:50:50 GMT
content-type: text/html
x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Partner_JS_S3
content-encoding: gzip
accept-ranges: bytes
date: Fri, 14 Jan 2022 09:47:11 GMT
via: 1.1 varnish
age: 5560055
x-served-by: cache-mxp6922-MXP
x-cache: HIT
x-cache-hits: 407504
x-timer: S1642153631.420940,VS0,VE0
vary: Accept-Encoding
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
content-length: 525

GET
H2 200 /
www.google.com/pagead/1p-user-list/382529330/ 42 B
108 B 49ms
23ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/382529330/?random=1642153631361&cv=9&fst=1642150800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1c0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&tiba=Resorts%20World%20Genting&async=1&fmt=3&is_vtc=1&random=2512611648&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 09:47:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/382529330/ 42 B
548 B 46ms
21ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/382529330/?random=1642153631361&cv=9&fst=1642150800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1c0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&tiba=Resorts%20World%20Genting&async=1&fmt=3&is_vtc=1&random=2512611648&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 09:47:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/941664267/ 42 B
548 B 48ms
23ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/941664267/?random=1642153631390&cv=9&fst=1642150800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1c0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&tiba=Resorts%20World%20Genting&async=1&fmt=3&is_vtc=1&random=1035118275&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 09:47:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.de/pagead/1p-user-list/941664267/ 42 B
108 B 46ms
22ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/941664267/?random=1642153631390&cv=9&fst=1642150800000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&gtm=2oa1c0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&tiba=Resorts%20World%20Genting&async=1&fmt=3&is_vtc=1&random=1035118275&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 09:47:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 tpjex3u73.js Show response
cdn.krxd.net/controltag/ Frame B173 19 KB
5 KB 19ms
18ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/controltag/tpjex3u73.js
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 39552c65dca63a153fa82b1463652393f010ea6602e0e963195dc6a46407fb7d

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_config_service_ash_prod
date: Fri, 14 Jan 2022 09:47:11 GMT
via: 1.1 varnish, 1.1 varnish
age: 978
x-cache: MISS, HIT, HIT
x-app-cache: HIT
x-age: 0
content-encoding: gzip
content-length: 4759
x-served-by: config-service-a004-ash-prod.krxd.net, cache-iad-kcgs7200054-IAD, cache-mxp6922-MXP
x-response-time: 1
x-do-esi: esi
x-timer: S1642153631.452062,VS0,VE0
etag: "5fd884d4c6b801fd533305342a74ca84456d71c6"
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=1200
accept-ranges: bytes
x-cache-hits: 0, 1, 2

GET
H2 200 fingerprint2.min.js Show response
cdn.brand-display.com/sv/js/ 29 KB
29 KB 12ms
12ms Script
application/javascript 18.66.248.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brand-display.com/sv/js/fingerprint2.min.js
Requested by: Host: cdn.brand-display.com
URL: https://cdn.brand-display.com/tr/knx15814/b90894f9b1582df507297d968da7fecece37d93.js?v1=%%PAGE_CATEGORY%%&v2=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&_t=1642153631331
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-117.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba50544bc52682e3884d79402fa65bbc8149866ff097223c48d9da54bb02e280

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-amz-version-id: FMv4TnIx_EkiUylzRiS37tBQkjLZO1jg
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
last-modified: Fri, 10 Apr 2020 12:22:17 GMT
server: AmazonS3
age: 18251
etag: "3b1a8d0a55f588f5675fa2ecd2abc5c2"
x-cache: Hit from cloudfront
content-type: application/javascript
date: Fri, 14 Jan 2022 04:43:01 GMT
x-amz-cf-pop: DUS51-P1
accept-ranges: bytes
content-length: 29420
x-amz-cf-id: ra0R_vxcfETvtondqJPhoDP08kH3ojcttNNBdFCmctCa6mwSCjdjuQ==

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 37ms
36ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3398302-53&cid=1326671075.1642153631&jid=1504176656&_u=YEDAAEABAAAAAC~&z=1758423046

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 09:47:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3398302-53&cid=1326671075.1642153631&jid=1504176656&_u=YEDAAEABAAAAAC~&z=1758423046

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 09:47:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
107 B 36ms
35ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3398302-45&cid=1326671075.1642153631&jid=2008799940&_u=IEBAAEAAAAAAAC~&z=413658490

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 09:47:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 32ms
32ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j96&tid=UA-3398302-45&cid=1326671075.1642153631&jid=2008799940&_u=IEBAAEAAAAAAAC~&z=413658490

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 09:47:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 02a4d1b4-9afb-42e8-bb16-e9bfe48451b4 Show response
consumer.krxd.net/consent/get/ 235 B
425 B 103ms
58ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/02a4d1b4-9afb-42e8-bb16-e9bfe48451b4?idt=device&dt=kxcookie&callback=Krux.ns.genting.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e08a8b816844b1b36de422161848b43b2f43b83a9c3363523b239ad7dedf8477

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:47:11 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a007-dub-prod.krxd.net, cache-mxp6959-MXP
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1642153632.514153,VS0,VE39
content-length: 186
x-cache-hits: 0, 0

GET
H2 200 dc_pre=CKft9v76sPUCFTxFHQkdYQAOBw;src=6541830;type=b_ctr;cat=fl_rw007;ord=9240957102110;gtm=2wg1c0;auiddc=*;ps=1;~oref=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymo...
adservice.google.com/ddm/fls/z/ Frame 9527 42 B
494 B 600ms
250ms Image
image/gif 2a00:1450:4019:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CKft9v76sPUCFTxFHQkdYQAOBw;src=6541830;type=b_ctr;cat=fl_rw007;ord=9240957102110;gtm=2wg1c0;auiddc=*;ps=1;~oref=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3

Requested by

Host: 6541830.fls.doubleclick.net
URL: https://6541830.fls.doubleclick.net/activityi;dc_pre=CKft9v76sPUCFTxFHQkdYQAOBw;src=6541830;type=b_ctr;cat=fl_rw007;ord=9240957102110;gtm=2wg1c0;auiddc=1062555807.1642153631;ps=1;~oref=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4019:809::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://6541830.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 09:47:11 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 controltag.js.0631b7d64dbbd3656a8b7368ad227a04 Show response
cdn.krxd.net/ctjs/ Frame B173 259 KB
83 KB 20ms
20ms Script
application/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/controltag/tpjex3u73.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/partnerjs/xdi/proxy.3d2100fd7107262ecb55ce6847f01fa5.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

x-cdn-backend: 4FrRTvEr9h480D4BywjehZ--F_Controltag_S3
date: Fri, 14 Jan 2022 09:47:11 GMT
content-encoding: gzip
age: 10400370
x-amz-server-side-encryption: AES256
x-cache: HIT
x-cache-hits: 117991
content-length: 84451
x-served-by: cache-mxp6922-MXP
last-modified: Thu, 15 Oct 2020 07:09:29 GMT
x-timer: S1642153631.475278,VS0,VE0
etag: "0631b7d64dbbd3656a8b7368ad227a04"
content-type: application/javascript
via: 1.1 varnish
cache-control: public, max-age=315360000
accept-ranges: bytes
expires: Sun, 13 Oct 2030 07:09:28 GMT

GET
H2 200 02a4d1b4-9afb-42e8-bb16-e9bfe48451b4 Show response
consumer.krxd.net/consent/get/ Frame B173 220 B
278 B 59ms
59ms Script
text/javascript 151.101.2.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://consumer.krxd.net/consent/get/02a4d1b4-9afb-42e8-bb16-e9bfe48451b4?idt=device&dt=kxcookie&callback=Krux.ns.genting.kxjsonp_consent_get_0
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.2.133 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 35c2abbb007e8759aa20134675135e391661086589ab5935f800bdec911d907e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://cdn.krxd.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:47:11 GMT
via: 1.1 varnish
age: 0
x-served-by: consumer-a012-dub-prod.krxd.net, cache-mxp6959-MXP
vary: Accept-Encoding
x-cache: MISS, MISS
content-type: text/javascript; charset=UTF-8
content-encoding: gzip
cache-control: max-age=1800
x-age: 0
accept-ranges: bytes
x-timer: S1642153632.523604,VS0,VE39
content-length: 178
x-cache-hits: 0, 0

GET
H3 200 408482393299012 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 115ms
114ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/408482393299012?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d7fdda27c5a552b3585259c828b032dfc29b52d68f9cd8d21a7481d901dd8e47

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: jopMp+sg1vwHR0jZyNrcG6Ej4t0eJcPQtlAU6HNNZUKBeK3b+Qu8Ema2C18ZNjkoDLpFpNyVD9PBhHKhaw8BxA==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 14 Jan 2022 09:47:11 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
407 B 124ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=537857393380708&ev=PageView&dl=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&rl=&if=false&ts=1642153631599&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1642153631597.1595486609&it=1642153631369&coo=false&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:47:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
content-length: 44
expires: Fri, 14 Jan 2022 09:47:11 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
91 B 17ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=408482393299012&ev=PageView&dl=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&rl=&if=false&ts=1642153631734&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1642153631597.1595486609&it=1642153631369&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:47:11 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Fri, 14 Jan 2022 09:47:11 GMT

GET
H2 200 utils.js Show response
cdn.book.rwgenting.com/assets/JavaScript/assets/js/ 241 KB
55 KB 1558ms
1558ms Script
application/javascript 163.181.56.170
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/utils.js

Requested by

Host: cdn.book.rwgenting.com
URL: https://cdn.book.rwgenting.com/assets/JavaScript/assets/js/intlTelInput.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.56.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

bdcdee66eb73eaff67c185ce622c4f82d65cdc893b785259b0207e3e60c8ca9d

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:28:04 GMT
via: cache35.l2hk71[0,0,304-0,H], cache2.l2hk71[1,0], ens-cache6.de4[1547,1548,200-0,H], ens-cache7.de4[1550,0]
age: 1149
x-powered-by: ASP.NET
x-cache: HIT TCP_REFRESH_HIT dirn:10:201136585
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:13 GMT
content-encoding: gzip
content-length: 55516
x-xss-protection: 1;mode=block
last-modified: Fri, 23 Oct 2020 01:48:19 GMT
server: Tengine
x-frame-options: SAMEORIGIN
etag: "dbe54395dea8d61:0"
vary: Accept-Encoding
ali-swift-global-savetime: 1642152484
content-type: application/javascript
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 2ff62b1f16421536323837572e

GET
H2 200 optout_check Show response
beacon.krxd.net/ 80 B
240 B 95ms
29ms Script
text/javascript 99.80.155.235
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.krxd.net/optout_check?callback=Krux.ns.genting.kxjsonp_optOutCheck
Requested by: Host: cdn.krxd.net
URL: https://cdn.krxd.net/ctjs/controltag.js.0631b7d64dbbd3656a8b7368ad227a04
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 99.80.155.235 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-99-80-155-235.eu-west-1.compute.amazonaws.com
Software: /
Resource Hash: be51042d7ff22f961ff064c4b38943ece5ff3ff49573c2e0c59c2691cdb3ceb5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:47:12 GMT
cache-control: private, max-age=0, s-max-age=0
x-request-time: D=25 t=1642153632
x-served-by: beacon-n001-dub-prod.krxd.net
content-type: text/javascript

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 7ms
7ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1398043572&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&ul=en-us&de=UTF-8&dt=Resorts%20World%20Genting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scrolling&ea=10&el=percent&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1326671075.1642153631&tid=UA-3398302-53&_gid=1180251381.1642153631&gtm=2wg1c0KLX5MDQ&cd1=no&cd2=&cd3=&cd4=First%20World%20Hotel%3A%20123.00MYR%3B%20Resorts%20World%20Awana%3A%20407.00MYR%3B%20Crockfords%3A%20Fully%20Booked%3B%20Genting%20Grand%3A%20Fully%20Booked%3B%20Genting%20SkyWorlds%20Hotel%3A%20Fully%20Booked%3B%20Highlands%20Hotel%3A%20Fully%20Booked%3B%20Resort%20Hotel%3A%20Fully%20Booked&z=1913328023

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 05:13:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16444
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
8ms Image
image/gif 2a00:1450:4001:809::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j96&a=1398043572&t=event&ni=1&_s=1&dl=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&ul=en-us&de=UTF-8&dt=Resorts%20World%20Genting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scrolling&ea=25&el=percent&_u=aEDAAEABAAAAAC~&jid=&gjid=&cid=1326671075.1642153631&tid=UA-3398302-53&_gid=1180251381.1642153631&gtm=2wg1c0KLX5MDQ&cd1=no&cd2=&cd3=&cd4=First%20World%20Hotel%3A%20123.00MYR%3B%20Resorts%20World%20Awana%3A%20407.00MYR%3B%20Crockfords%3A%20Fully%20Booked%3B%20Genting%20Grand%3A%20Fully%20Booked%3B%20Genting%20SkyWorlds%20Hotel%3A%20Fully%20Booked%3B%20Highlands%20Hotel%3A%20Fully%20Booked%3B%20Resort%20Hotel%3A%20Fully%20Booked&z=2109386104

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 05:13:08 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 16444
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 cfix.html Show response
cdn.brand-display.com/tr/tag/ Frame 121D 2 KB
2 KB 11ms
11ms Document
text/html 18.66.248.117
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brand-display.com/tr/tag/cfix.html?key=b90894f9b1582df507297d968da7fecece37d93
Requested by: Host: cdn.brand-display.com
URL: https://cdn.brand-display.com/tr/knx15814/b90894f9b1582df507297d968da7fecece37d93.js?v1=%%PAGE_CATEGORY%%&v2=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&_t=1642153631331
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.248.117 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-248-117.dus51.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 27988668fad87e9782d62f51b22f6feda6fdb2ef16a315b968728f164be1c6f7

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/

Response headers

content-type: text/html
content-length: 2031
last-modified: Mon, 18 Mar 2019 15:45:52 GMT
x-amz-version-id: wdA6oWpnBvGweZ2olIlUbqk0DcpmZdej
accept-ranges: bytes
server: AmazonS3
date: Thu, 13 Jan 2022 12:54:07 GMT
cache-control: no-cache, must-revalidate, proxy-revalidate, public, max-age=0
etag: "073b35c69744014f5d2406710e188e97"
x-cache: Hit from cloudfront
via: 1.1 2c4f54cad5da50a372b086710d5ffc62.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-P1
x-amz-cf-id: GYtTv77Sk-VF3nHkXCiDRoMDw6kIGwkmrYka1mJZJH9ZArLB3a_q7w==
age: 75474

GET
H2 200 remarketing Show response
tr.brand-display.com/tracking/api/ 3 KB
3 KB 507ms
162ms Script
application/javascript 54.169.1.172
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.brand-display.com/tracking/api/remarketing?_t=1642153632626&advertiserId=knx15814&id=b90894f9b1582df507297d968da7fecece37d93&v1=&v2=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&_t=1642153631331&url=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&referer=&aurl=&areferer=&required=0&extra=%7B%22id%22%3A%22all%22%7D&d=1&r=0
Requested by: Host: cdn.brand-display.com
URL: https://cdn.brand-display.com/tr/knx15814/b90894f9b1582df507297d968da7fecece37d93.js?v1=%%PAGE_CATEGORY%%&v2=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&_t=1642153631331
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.169.1.172 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-169-1-172.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.21.5 /
Resource Hash: 05c4cc82e30439bb88e3189e19b3ae0ea83c22fff0eb8c94aea737fd377be643

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:47:13 GMT
cache-control: max-age=3600
user-region: EU
server: nginx/1.21.5
content-length: 3094
content-type: application/javascript

GET
H3

200

activityi;dc_pre=CNWmxv_6sPUCFY5EHQkd6SAMqg;src=8661995;type=remar0;cat=rwg_g0;u1=;u2=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F... Show response
8661995.fls.doubleclick.net/ Frame 3E3E
Redirect Chain

https://8661995.fls.doubleclick.net/activityi;src=8661995;type=remar0;cat=rwg_g0;u1=;u2=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%25...
https://8661995.fls.doubleclick.net/activityi;dc_pre=CNWmxv_6sPUCFY5EHQkd6SAMqg;src=8661995;type=remar0;cat=rwg_g0;u1=;u2=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpa...

709 B
523 B

31ms
30ms

Document
text/html

142.250.186.102
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8661995.fls.doubleclick.net/activityi;dc_pre=CNWmxv_6sPUCFY5EHQkd6SAMqg;src=8661995;type=remar0;cat=rwg_g0;u1=;u2=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8077691907101.816?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.102 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s06-in-f6.1e100.net

Software

cafe /

Resource Hash

84ff28fcfc239a426ba27cd4238f5a19e9db9e3a89e6609eb5459143aea0b6e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jan 2022 09:47:12 GMT
expires: Fri, 14 Jan 2022 09:47:12 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 500
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 14 Jan 2022 09:47:12 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8661995.fls.doubleclick.net/activityi;dc_pre=CNWmxv_6sPUCFY5EHQkd6SAMqg;src=8661995;type=remar0;cat=rwg_g0;u1=;u2=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8077691907101.816?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 1994258390890728 Show response
connect.facebook.net/signals/config/ 305 KB
87 KB 115ms
115ms Script
application/x-javascript 2a03:2880:f02d:100:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1994258390890728?v=2.9.48&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f02d:100:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6bed0015effa80a4cc88a233c4c2f16a4b827516626dc957126f61a76cfaff65

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=3600,h3-29=":443"; ma=3600
x-xss-protection: 0
pragma: public
x-fb-debug: tZxQYycha1AnmCP1ddH0xm/61JdYaWm2YI8eC2l1BELuyCyWLBzHUTsDmT1gkcviCvC2iZBizZ+IN/rXgFkH9A==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
date: Fri, 14 Jan 2022 09:47:12 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-fb-rlafr: 0
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 dc_pre=CNWmxv_6sPUCFY5EHQkd6SAMqg;src=8661995;type=remar0;cat=rwg_g0;u1=;u2=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26che...
adservice.google.com/ddm/fls/z/ Frame 3E3E 42 B
63 B 476ms
245ms Image
image/gif 2a00:1450:4019:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CNWmxv_6sPUCFY5EHQkd6SAMqg;src=8661995;type=remar0;cat=rwg_g0;u1=;u2=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8077691907101.816

Requested by

Host: 8661995.fls.doubleclick.net
URL: https://8661995.fls.doubleclick.net/activityi;dc_pre=CNWmxv_6sPUCFY5EHQkd6SAMqg;src=8661995;type=remar0;cat=rwg_g0;u1=;u2=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=8077691907101.816?

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4019:809::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://8661995.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 09:47:13 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 9ms
9ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1994258390890728&ev=PageView&dl=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&rl=&if=false&ts=1642153632784&sw=1600&sh=1200&v=2.9.48&r=stable&ec=0&o=30&fbp=fb.1.1642153631597.1595486609&it=1642153631369&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:47:12 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Fri, 14 Jan 2022 09:47:12 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 8ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=537857393380708&ev=Microdata&dl=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&rl=&if=false&ts=1642153633103&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtResorts%20World%20Genting%5Cn%22%2C%22meta%3Adescription%22%3A%22Genting%20Resorts%20World%20description.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1642153631597.1595486609&it=1642153631369&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:47:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Fri, 14 Jan 2022 09:47:13 GMT

GET
H2 200 remarketing
tr.brand-display.com/tracking/api/ 0
921 B 162ms
162ms Image
image/gif 54.169.1.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.brand-display.com/tracking/api/remarketing?_t=1642153632626&advertiserId=knx15814&id=b90894f9b1582df507297d968da7fecece37d93&v1=&v2=https%253A%252F%252Fbook.rwgenting.com%252Fmember2%252FHotelApp%252FHotelList.aspx%253Fpaymode%253D1%2526checkin%253D14%25252F01%25252F2022%2526checkout%253D15%25252F01%25252F2022%2526night%253D1%2526DestinationID%253D1%2526ccDate%253D0%2526RoomOrPackage%253DRoomPackage%2526room%253D1%2526pageid%253D1%2526ig%253D0%2526disp%253Dhotel%2526currency%253DMYR%2526indexType%253D3&_t=1642153631331&url=https%253A%252F%252Fbook.rwgenting.com%252Fmember2%252FHotelApp%252FHotelList.aspx%253Fpaymode%253D1%2526checkin%253D14%25252F01%25252F2022%2526checkout%253D15%25252F01%25252F2022%2526night%253D1%2526DestinationID%253D1%2526ccDate%253D0%2526RoomOrPackage%253DRoomPackage%2526room%253D1%2526pageid%253D1%2526ig%253D0%2526disp%253Dhotel%2526currency%253DMYR%2526indexType%253D3&referer=&aurl=&areferer=&required=0&extra=%257B%2522id%2522%253A%2522all%2522%257D&d=1&r=0&bf=069c425302d2ded623ada622025e7720&itp=true
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.169.1.172 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-169-1-172.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.21.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:47:13 GMT
cache-control: max-age=3600
user-region: EU
server: nginx/1.21.5
content-type: image/gif
content-length: 0
p3p: CP='This is not a P3P policy!'

GET
H2 200 r
tr.brand-display.com/tracking/api/ 0
921 B 162ms
161ms Image
image/gif 54.169.1.172
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.brand-display.com/tracking/api/r?r0=1&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dknorex%26google_hm%3D%25%25KNXQ_B64_ENC%25%25%26google_cm&bf=069c425302d2ded623ada622025e7720
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.169.1.172 Singapore, Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-169-1-172.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.21.5 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:47:13 GMT
cache-control: max-age=3600
user-region: EU
server: nginx/1.21.5
content-type: image/gif
content-length: 0
p3p: CP='This is not a P3P policy!'

GET
H2

200

pixel
dmp.brand-display.com/cm2/api/
Redirect Chain

https://tags.bluekai.com/site/46117?id=069c425302d2ded623ada622025e7720&limit=1&redir=https%3A%2F%2Fdmp.brand-display.com%2Fcm2%2Fapi%2Fpixel%3Fpartner%3D0004%26pid%3D%24_BK_UUID%26bf%3D069c425302d...
https://dmp.brand-display.com/cm2/api/pixel?partner=0004&pid=$_BK_UUID&bf=069c425302d2ded623ada622025e7720

43 B
260 B

279ms
155ms

Image
image/gif

54.71.47.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm2/api/pixel?partner=0004&pid=$_BK_UUID&bf=069c425302d2ded623ada622025e7720
Protocol: H2
Server: 54.71.47.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-71-47-92.us-west-2.compute.amazonaws.com
Software: nginx/1.20.2 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 09:47:13 GMT
last-modified: Fri, 14 Jan 2022 09:47:13 GMT
server: nginx/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Fri, 14 Jan 2022 09:47:14 GMT

Redirect headers

Location: https://dmp.brand-display.com/cm2/api/pixel?partner=0004&pid=$_BK_UUID&bf=069c425302d2ded623ada622025e7720
Date: Fri, 14 Jan 2022 09:47:13 GMT
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2 200 sd
us-u.openx.net/w/1.0/ 43 B
274 B 34ms
17ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=539237773&val=069c425302d2ded623ada622025e7720
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/17.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 09:47:13 GMT
via: 1.1 google
server: OXGW/17.0.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2

204

sync
ups.analytics.yahoo.com/ups/55859/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=316&user_id=069c425302d2ded623ada622025e7720&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=316&user_id=069c425302d2ded623ada622025e7720&expires=30
https://pixel.advertising.com/ups/55859/sync?uid=9f2241f4-1faf-40d5-a42a-a6720e7afa49&_origin=1&gdpr=&gdpr_consent=
https://pixel.advertising.com/ups/55859/sync?uid=9f2241f4-1faf-40d5-a42a-a6720e7afa49&_origin=1&gdpr=&gdpr_consent=&verify=true
https://ups.analytics.yahoo.com/ups/55859/sync?uid=9f2241f4-1faf-40d5-a42a-a6720e7afa49&_origin=1&gdpr=&gdpr_consent=&apid=UPf341d890-751e-11ec-a5e9-06185f11e5ce
https://ups.analytics.yahoo.com/ups/55859/sync?uid=9f2241f4-1faf-40d5-a42a-a6720e7afa49&_origin=1&gdpr=&gdpr_consent=&apid=UPf341d890-751e-11ec-a5e9-06185f11e5ce&verify=true

0
332 B

9ms
9ms

Image
text/plain

3.126.56.137
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ups.analytics.yahoo.com/ups/55859/sync?uid=9f2241f4-1faf-40d5-a42a-a6720e7afa49&_origin=1&gdpr=&gdpr_consent=&apid=UPf341d890-751e-11ec-a5e9-06185f11e5ce&verify=true

Protocol

Server

3.126.56.137 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-3-126-56-137.eu-central-1.compute.amazonaws.com

Software

ATS/9.1.0.33 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:47:13 GMT
server: ATS/9.1.0.33
age: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

Redirect headers

location: https://ups.analytics.yahoo.com/ups/55859/sync?uid=9f2241f4-1faf-40d5-a42a-a6720e7afa49&_origin=1&gdpr=&gdpr_consent=&apid=UPf341d890-751e-11ec-a5e9-06185f11e5ce&verify=true
date: Fri, 14 Jan 2022 09:47:13 GMT
server: ATS/9.1.0.33
age: 0
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV

GET
H2 200 taboola
dmp.brand-display.com/cm/api/ 43 B
261 B 475ms
154ms Image
image/gif 54.71.47.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/taboola?_t=1642153633154&bf=069c425302d2ded623ada622025e7720
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.71.47.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-71-47-92.us-west-2.compute.amazonaws.com
Software: nginx/1.20.2 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 09:47:13 GMT
last-modified: Fri, 14 Jan 2022 09:47:13 GMT
server: nginx/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Fri, 14 Jan 2022 09:47:14 GMT

GET
H2 200 appnexus
dmp.brand-display.com/cm/api/ 43 B
260 B 476ms
155ms Image
image/gif 54.71.47.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/appnexus?_t=1642153633155&bf=069c425302d2ded623ada622025e7720
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.71.47.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-71-47-92.us-west-2.compute.amazonaws.com
Software: nginx/1.20.2 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 09:47:13 GMT
last-modified: Fri, 14 Jan 2022 09:47:13 GMT
server: nginx/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Fri, 14 Jan 2022 09:47:14 GMT

GET
H2 200 liveramp
dmp.brand-display.com/cm/api/ 43 B
260 B 627ms
307ms Image
image/gif 54.71.47.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/liveramp?_t={CACHEBUSTER}&bf=069c425302d2ded623ada622025e7720
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.71.47.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-71-47-92.us-west-2.compute.amazonaws.com
Software: nginx/1.20.2 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 09:47:13 GMT
last-modified: Fri, 14 Jan 2022 09:47:13 GMT
server: nginx/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Fri, 14 Jan 2022 09:47:14 GMT

GET
H2 200 tapad
dmp.brand-display.com/cm/api/ 43 B
260 B 476ms
156ms Image
image/gif 54.71.47.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/tapad?_t=1642153633155&bf=069c425302d2ded623ada622025e7720
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.71.47.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-71-47-92.us-west-2.compute.amazonaws.com
Software: nginx/1.20.2 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 09:47:13 GMT
last-modified: Fri, 14 Jan 2022 09:47:13 GMT
server: nginx/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Fri, 14 Jan 2022 09:47:14 GMT

GET
H2 200 roqad
dmp.brand-display.com/cm/api/ 43 B
260 B 626ms
306ms Image
image/gif 54.71.47.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/roqad?_t=1642153633155&bf=069c425302d2ded623ada622025e7720
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.71.47.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-71-47-92.us-west-2.compute.amazonaws.com
Software: nginx/1.20.2 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 09:47:13 GMT
last-modified: Fri, 14 Jan 2022 09:47:13 GMT
server: nginx/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Fri, 14 Jan 2022 09:47:14 GMT

GET
H2 200 smaato
dmp.brand-display.com/cm/api/ 43 B
260 B 627ms
307ms Image
image/gif 54.71.47.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/smaato?bf=069c425302d2ded623ada622025e7720
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.71.47.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-71-47-92.us-west-2.compute.amazonaws.com
Software: nginx/1.20.2 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 09:47:13 GMT
last-modified: Fri, 14 Jan 2022 09:47:13 GMT
server: nginx/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Fri, 14 Jan 2022 09:47:14 GMT

GET
H2 200 index
dmp.brand-display.com/cm/api/ 43 B
260 B 156ms
155ms Image
image/gif 54.71.47.92
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/index?cm_callback_url=%2F%2Fdsum-sec.casalemedia.com%2Frum&cm_dsp_id=191&bf=069c425302d2ded623ada622025e7720
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.71.47.92 Boardman, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-71-47-92.us-west-2.compute.amazonaws.com
Software: nginx/1.20.2 /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 14 Jan 2022 09:47:13 GMT
last-modified: Fri, 14 Jan 2022 09:47:13 GMT
server: nginx/1.20.2
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
expires: Fri, 14 Jan 2022 09:47:14 GMT

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 7ms
7ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=408482393299012&ev=Microdata&dl=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&rl=&if=false&ts=1642153633237&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtResorts%20World%20Genting%5Cn%22%2C%22meta%3Adescription%22%3A%22Genting%20Resorts%20World%20description.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1642153631597.1595486609&it=1642153631369&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:47:13 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Fri, 14 Jan 2022 09:47:13 GMT

GET
H2 200 flags.png
cdn.book.rwgenting.com/assets/JavaScript/assets/img/ 69 KB
69 KB 33ms
33ms Image
image/png 163.181.56.170
TAOBAO Zhejiang T...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cdn.book.rwgenting.com/assets/JavaScript/assets/img/flags.png

Requested by

Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/ruxitagentjs_ICA2Vfhjqr_10229211201102017.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

163.181.56.170 Frankfurt am Main, Germany, ASN24429 (TAOBAO Zhejiang Taobao Network Co.,Ltd, CN),

Reverse DNS

Software

Tengine / ASP.NET

Resource Hash

0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:45:23 GMT
via: cache1.l2hk71[0,0,304-0,H], cache2.l2hk71[0,0], ens-cache5.de4[0,0,200-0,H], ens-cache7.de4[1,0]
age: 111
x-powered-by: ASP.NET
x-cache: HIT TCP_MEM_HIT dirn:8:209407079
x-swift-cachetime: 3600
x-swift-savetime: Fri, 14 Jan 2022 09:47:11 GMT
content-length: 70857
x-xss-protection: 1;mode=block
last-modified: Fri, 23 Oct 2020 01:48:19 GMT
server: Tengine
etag: "4daaa95dea8d61:0"
x-frame-options: SAMEORIGIN
ali-swift-global-savetime: 1642153523
content-type: image/png
access-control-allow-origin: https://book.rwgenting.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
eagleid: 2ff62b1f16421536341758728e

GET
H3 200 /
www.facebook.com/tr/ 44 B
88 B 10ms
10ms Image
image/gif 2a03:2880:f12d:181:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1994258390890728&ev=Microdata&dl=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&rl=&if=false&ts=1642153634286&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%5Cn%5CtResorts%20World%20Genting%5Cn%22%2C%22meta%3Adescription%22%3A%22Genting%20Resorts%20World%20description.%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.48&r=stable&ec=1&o=30&fbp=fb.1.1642153631597.1595486609&it=1642153631369&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f12d:181:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://book.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36

Response headers

date: Fri, 14 Jan 2022 09:47:14 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
content-length: 44
alt-svc: h3=":443"; ma=3600, h3-29=":443"; ma=3600
priority: u=3,i
expires: Fri, 14 Jan 2022 09:47:14 GMT

POST
H/1.1 200
OK rb_1bc59e15-cee8-4c80-ba89-4884d9a1b081 Show response
book.rwgenting.com/member2/ 118 B
484 B 193ms
193ms XHR
text/plain 170.33.9.200
ASEPL-AS-AP Aliba...

General

Check archive.org

Show headers Download Go to

Full URL

https://book.rwgenting.com/member2/rb_1bc59e15-cee8-4c80-ba89-4884d9a1b081?type=js&session=1%249EC33D466E632B171A5C59426FFF913B%7C7e623eebafedbfe3%7C1&svrid=1&flavor=post&visitID=HOESPNPFURQURMNLKVPHHFKWAOCVLEJA-0&modifiedSince=1639648617298&referer=https%3A%2F%2Fbook.rwgenting.com%2Fmember2%2FHotelApp%2FHotelList.aspx%3Fpaymode%3D1%26checkin%3D14%252F01%252F2022%26checkout%3D15%252F01%252F2022%26night%3D1%26DestinationID%3D1%26ccDate%3D0%26RoomOrPackage%3DRoomPackage%26room%3D1%26pageid%3D1%26ig%3D0%26disp%3Dhotel%26currency%3DMYR%26indexType%3D3&app=7e623eebafedbfe3&crc=3093087854&end=1

Requested by

Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/ruxitagentjs_ICA2Vfhjqr_10229211201102017.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.33.9.200 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba.com Singapore E-Commerce Private Limited, SG),

Reverse DNS

Software

/ ASP.NET

Resource Hash

d5b6cae2a7697672a19e88b803f3ccf5e9324cadabc5aaa29705e56dc9ef8e8e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 14 Jan 2022 09:47:14 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 118
X-XSS-PROTECTION: 1;mode=block
X-UA-Compatible: IE=11

POST
H/1.1 200
OK rb_1bc59e15-cee8-4c80-ba89-4884d9a1b081 Show response
book.rwgenting.com/member2/ 118 B
484 B 349ms
348ms XHR
text/plain 170.33.9.200
ASEPL-AS-AP Aliba...

General

Check archive.org

Show headers Download Go to

Full URL

Requested by

Host: book.rwgenting.com
URL: https://book.rwgenting.com/member2/ruxitagentjs_ICA2Vfhjqr_10229211201102017.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

170.33.9.200 , Singapore, ASN134963 (ASEPL-AS-AP Alibaba.com Singapore E-Commerce Private Limited, SG),

Reverse DNS

Software

/ ASP.NET

Resource Hash

d5b6cae2a7697672a19e88b803f3ccf5e9324cadabc5aaa29705e56dc9ef8e8e

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Request headers

Referer: https://book.rwgenting.com/member2/HotelApp/HotelList.aspx?paymode=1&checkin=14%2F01%2F2022&checkout=15%2F01%2F2022&night=1&DestinationID=1&ccDate=0&RoomOrPackage=RoomPackage&room=1&pageid=1&ig=0&disp=hotel&currency=MYR&indexType=3
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.71 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Fri, 14 Jan 2022 09:47:16 GMT
X-Powered-By: ASP.NET
X-Frame-Options: SAMEORIGIN
Content-Type: text/plain; charset=utf-8
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 118
X-XSS-PROTECTION: 1;mode=block
X-UA-Compatible: IE=11

Verdicts & Comments Add Verdict or Comment

189 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

39 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
book.rwgenting.com/	1969-12-31 23:59:59	Name: aliyungf_tc Value: c07ea6e1778b7bf73823390c7b80b8b1cf6629e6a270f83c4cb537107053e510
book.rwgenting.com/	1970-01-20 00:09:15	Name: acw_tc Value: aa21200416421536262561516e33ef13f7b14e543cf62c315f12394fb6851b
book.rwgenting.com/	1970-01-20 01:49:13	Name: .ASPXANONYMOUS Value: PdahKBkBhTlAgzpY4LZzqB5SZLTp0LyxREg7tSWbjmM8nJZWE0BrQDI9ZO4aWr3IgqqXK92uXPYbRUxuhQK__OpiPUS1uAANAV0bT2BgQt7DB3Fq-TshikT0lzXOReyn4rfKCQJQWT4ZHax_YKsaXQ2
book.rwgenting.com/	1969-12-31 23:59:59	Name: ASP.NET_SessionId Value: bfhze5vye4msmflqmgm4t03k
book.rwgenting.com/	1969-12-31 23:59:59	Name: Redis_SessionId Value: 7ac6c190-fa69-4e87-9938-e901f3e29d4d
.rwgenting.com/	1969-12-31 23:59:59	Name: dtCookie Value: 1$9EC33D466E632B171A5C59426FFF913B\|7e623eebafedbfe3\|1
.rwgenting.com/	1969-12-31 23:59:59	Name: rxVisitor Value: 1642153628558RGSVL24FKE8DN1UJA8EU3D4P8I5UBL7N
.rwgenting.com/	1969-12-31 23:59:59	Name: dtLatC Value: 238
.rwgenting.com/	1969-12-31 23:59:59	Name: dtSa Value: -
.rwgenting.com/	1970-01-20 02:18:49	Name: _gcl_au Value: 1.1.1062555807.1642153631
.rwgenting.com/	1970-01-20 17:40:25	Name: _ga Value: GA1.2.1326671075.1642153631
.rwgenting.com/	1970-01-20 00:10:40	Name: _gid Value: GA1.2.1180251381.1642153631
.rwgenting.com/	1970-01-20 00:09:13	Name: _gat Value: 1
.rwgenting.com/	1970-01-20 00:09:13	Name: _gat_UA-3398302-53 Value: 1
.doubleclick.net/	1970-01-20 09:30:49	Name: IDE Value: AHWqTUl8tKMrYZRr-jeN40cMinIYyfu9T2BmF9LBn5ouQ7MKuD-x_VsKVGlmuTYoJQc
.krxd.net/	1970-01-20 04:28:25	Name: _kuid_ Value: OmdN6OUa
.rwgenting.com/	1970-01-20 02:18:49	Name: _fbp Value: fb.1.1642153631597.1595486609
.facebook.com/	1970-01-20 02:18:49	Name: fr Value: 0c0h5bdMPksuM1P62..Bh4Uaf...1.0.Bh4Uaf.
.rwgenting.com/	1969-12-31 23:59:59	Name: rxvt Value: 1642155432401\|1642153628560
.rwgenting.com/	1969-12-31 23:59:59	Name: dtPC Value: 1$553628556_424h-vHOESPNPFURQURMNLKVPHHFKWAOCVLEJA-0e0
book.rwgenting.com/	1970-01-20 00:52:25	Name: _knxcm_ Value: googleT1642153633.0004T1642153633.0005T1642153633.0006T1642153633.0008T1642153633.0010T1642153633.0011T1642153633.0013T1642153633.0015T1642153633.0016T1642153633.0011T1642153633
.bidswitch.net/	1970-01-20 08:54:49	Name: tuuid Value: 9f2241f4-1faf-40d5-a42a-a6720e7afa49
.bidswitch.net/	1970-01-20 08:54:49	Name: c Value: 1642153633
.bidswitch.net/	1970-01-20 08:54:49	Name: tuuid_lu Value: 1642153633
.advertising.com/	1970-01-20 08:56:16	Name: APID Value: UPf341d890-751e-11ec-a5e9-06185f11e5ce
.yahoo.com/	1970-01-20 08:55:11	Name: A3 Value: d=AQABBKFG4WECEKQCmEO8fk_j4IzCpUR_v6IFEgEBAQGY4mHrYQAAAAAA_eMAAA&S=AQAAAlizaxqJ8T0l8kKqqQl4v1M
.analytics.yahoo.com/	1970-01-20 08:56:16	Name: IDSYNC Value: 173n~22nl
.yahoo.com/	1970-01-20 00:34:33	Name: APID Value: UPf341d890-751e-11ec-a5e9-06185f11e5ce
.yahoo.com/	1970-01-20 00:10:40	Name: APIDTS Value: 1642153633
.brand-display.com/	1970-01-20 17:40:25	Name: _knxq_ Value:
.brand-display.com/	1970-01-20 17:40:25	Name: _knxp_ Value:
.brand-display.com/	1970-01-20 17:40:25	Name: _knxcv_ Value:
.brand-display.com/	1970-01-20 17:40:25	Name: _knxu_ Value:
.brand-display.com/	1970-01-20 17:40:25	Name: _knxcm_ Value:
.brand-display.com/	1970-01-20 17:40:25	Name: _ga Value:
.brand-display.com/	1970-01-20 17:40:25	Name: __gads Value:
.brand-display.com/	1970-01-20 17:40:25	Name: __utma Value:
.brand-display.com/	1970-01-20 17:40:25	Name: allowCookies Value: false
book.rwgenting.com/	1969-12-31 23:59:59	Name: SERVERID Value: e10310933937d857b8dfc7d3f5d73753\|1642153636\|1642153626

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1;mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

6541830.fls.doubleclick.net
8661995.fls.doubleclick.net
adservice.google.com
beacon.krxd.net
book.rwgenting.com
cdn.book.rwgenting.com
cdn.brand-display.com
cdn.krxd.net
cdn.rwgenting.com
connect.facebook.net
consumer.krxd.net
dmp.brand-display.com
googleads.g.doubleclick.net
pixel.advertising.com
stats.g.doubleclick.net
tags.bluekai.com
tr.brand-display.com
ups.analytics.yahoo.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
x.bidswitch.net
104.90.192.27
142.250.181.226
142.250.186.102
151.101.2.133
163.181.56.170
170.33.9.200
18.185.252.3
18.66.248.117
2a00:1450:4001:809::200e
2a00:1450:4001:82b::2004
2a00:1450:4001:82b::2008
2a00:1450:4001:82f::2002
2a00:1450:4001:831::2003
2a00:1450:400c:c06::9c
2a00:1450:4019:809::2002
2a03:2880:f02d:100:face:b00c:0:3
2a03:2880:f12d:181:face:b00c:0:25de
3.126.56.137
3.67.18.150
35.244.159.8
54.169.1.172
54.71.47.92
79.133.177.227
99.80.155.235
05c4cc82e30439bb88e3189e19b3ae0ea83c22fff0eb8c94aea737fd377be643
07473486b9e5f4c8a56307b2a4b5beddb0599045807b764347702c0b6fe9042f
083e309c8998a21f312ca427b00f484b95c7eefa961e7ccb564fa7a3380920f3
0a012cf808a24573168308916092d2d4bd3f2b4af8e16b59167013cc77acee55
0fb0e95b94cf7237570b8b5195d5bfb98e714ca5231b18ba092cf387ff97f14e
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
19f6b7d7d53847ac8a12c35c4a1c4d00c0338b0de9c66c78256d18b433dce49d
1a84f467ad2c041ede1d2514d5c5f6c9edfbe47d5a7b9342743965c789ca0248
1cbad725743197d672e59e394c5b5c12e143515aa48c96bee97f56077cefe4ae
1fe7c9b04cd9ebd46cd5a636bd2c2b1d54054f3995db24951c0d0318ec71d70c
27988668fad87e9782d62f51b22f6feda6fdb2ef16a315b968728f164be1c6f7
27de96de6b1e61132441689a2670147e9eb0ec235cb6c417815a9fefe53ef428
2b2d91260c94d59c9a6bb47c0c1848d5af6af772f9e9ed01a7c7d23b06f1f4fe
2c4499bc3200dc93e2d3aadb3e6307fccb1809e84f176cac60c0ffbe3446f87c
3285328f5b846d5005916db2ba67b472f6ba13d4bc36f9156247399b97029c27
35c2abbb007e8759aa20134675135e391661086589ab5935f800bdec911d907e
39552c65dca63a153fa82b1463652393f010ea6602e0e963195dc6a46407fb7d
3bad7d670a6660817708b9fb30b07ab22cd3db5d87f2bc2f141a67f4da9ebeb7
3bcfa04dbc2db44af54bd72a0f7b98912368f16f525729a1b9b673f62ca7e5c9
40732e9dcfa704cf615e4691bb07aecfd1cc5e063220a46e4a7ff6560c77f5db
494f93c5215e411d1e4b082d9375e93c1d978b805f50262ffcd31b853bf4b71c
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4efefe4a8090d4c75325d54f571f21440761e4b1b3fd1c5fc2aab797c0db38d4
51b0fa6fa24f457766b1480b814cce77f28adf07ec6061db7a69cd3ea857009e
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5890e0f5759cdace55c64dac8afe9034088b05b7e04248f71d4a304421e8a16b
611880322593d348bffb60a868b6b68e04b77fbd9a8cd913af906695b8018a7e
6acc5eebfc83c2aabc8251d201df3004c6aaf801565a9e7d75196f2ac2b380c7
6bed0015effa80a4cc88a233c4c2f16a4b827516626dc957126f61a76cfaff65
6db045d05ad2f199b07a5ae91c6833ca6023e2455d1257c4525514652d184bee
7479bb8deda6353b23cbeb56069b89d132c3dd0384c81c192ed75086ef459cd4
7a36ffc84d41538d505db8ff4a5a2a7f6db1a736c7ece2c2e4b6285bc633cf5e
7b85a02b04b5b57387fca1e766d3478accf8b14142f11cd2665fdd80c890f773
7fe4f253cda78ed0fcc7864e70be03562fbb48756b15af4b0976f1993ab7af37
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
84ff28fcfc239a426ba27cd4238f5a19e9db9e3a89e6609eb5459143aea0b6e3
89f8a11cde8bfe9354d5942292b01bec29f2301be2b0a1b749401a6f41779155
8e0450cc4717f2613dc6ff9af944c62e92dff62dc9d50a10851553ac9c58544f
8e2ee291b854590ed2a22402a42adfb5c6cd63bf070f8d6f47c379b1c8f4f97f
8e48ede4b6042c4aee0155ad5009896d35e0ede7614a23bc4757b0085b8226c0
9409d775f1f80a4bde9b7e814ac3cf72ee325183778ad98a8a665ecb1be4de0b
981830d7bd9000e3f5adfcfca19307bb14c9ba612bb258aab51637d2d8b8ee39
a01ebe9b22e5cb9dd317e47b353988588b0245980ab8f56de2791fbb29908db7
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a8a6ad2ebe0ee1ac697c5d4faa59713d1a396e47573236ed51171c532ccae05e
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b15097aa1de678f4c1730b29d5d9b3282fb9f350d65b0db089fc470b223355dd
b23807a4c5d90afca0dc47d688c0a05302779429dab75f5e6182562dcc2970f6
b2d9f9172b520a90aa25fa1a3faa3614500563672f12e90a0eae864adeb40c1b
b61a1721320ab1fceaad57a4a7f4d0fe5497be843b774a3b755c44567059ca59
b9b47c8bafc4618d804c7c54ac03c39b29beb9ed5b1e7d9dbadb0f28d71c3d94
ba50544bc52682e3884d79402fa65bbc8149866ff097223c48d9da54bb02e280
bdcdee66eb73eaff67c185ce622c4f82d65cdc893b785259b0207e3e60c8ca9d
be51042d7ff22f961ff064c4b38943ece5ff3ff49573c2e0c59c2691cdb3ceb5
c08e671967a1e37c99c6644d9ce66597c324639607a4df7df671d4d6b4229268
c19343ba42a4e4d4cc8381824f50d3147d2b46ba79a6b14bbde40b4d95c8b484
c3ae7372a47cd7d715d810afcc30e506bb81888fe24e5db453b6857814ae89b8
c635ad039a51f60103d07ee88fb6655f294efe3730724f0be8cdc0e4e86fa340
c9a44e891c1ef7eb3586042297b67b1b914c9a0343a461845030d207c0f048e3
cc47c9a01ef522ca502936e7d59d7c08ae33a04b0352e618e9235cdae911b5a4
cd19986cea50d5c6c624ae11c59a2ec069df3de5fde964d09b4765487e6e7ac5
d0670324e6062e1b6c0fdd2ad008effa9ff4bbeb10b780cd0c1577e0c05a5285
d5b6cae2a7697672a19e88b803f3ccf5e9324cadabc5aaa29705e56dc9ef8e8e
d629f50bab9a4ad963767dbb37d0511e0af980ebb00222c492ffdf2a8b690e1c
d7fdda27c5a552b3585259c828b032dfc29b52d68f9cd8d21a7481d901dd8e47
d84ca9189c0c93cefe8b06881f550047a3a0ea57684f87753335a609309400e8
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e08a8b816844b1b36de422161848b43b2f43b83a9c3363523b239ad7dedf8477
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e9280b5bfa336c5e503b5b9bba8061418ee489b4fbf9f62885a02e60a18c6dd4
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f45a8c136d571fa6860bf7bdefcce5d27fa6a18c4441f3a4dbda41e6e349b60f
f5c2adae89718a53679c5a07e14dbeb4cde33d917a1419006aa26b81968eece1
f7c17c5d408b16a711610246f3d2a2659d7570e63827f1833d10d5c45f691792

book.rwgenting.com Open in urlscan Pro 170.33.9.200 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

108 Requests

98 %HTTPS

38 %IPv6

16 Domains

26 Subdomains

21 IPs

6 Countries

2395 kBTransfer

5566 kBSize

39 Cookies

71 Outgoing links

Redirected requests

108 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 0 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

book.rwgenting.com Open in urlscan Pro
170.33.9.200 Public Scan

Screenshot
Live screenshot

Full Image

108
Requests

98 %
HTTPS

38 %
IPv6

16
Domains

26
Subdomains

21
IPs

6
Countries

2395 kB
Transfer

5566 kB
Size

39
Cookies

108 HTTP transactions
0 data transactions