www.tmp.kuredu.com Open in urlscan Pro
35.214.92.101 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.tmp.kuredu.com/
Submission: On February 12 via automatic, source certstream-suspicious (February 12th 2021, 8:33:04 pm UTC)

Summary HTTP 309 Redirects Links 53 Behaviour Indicators

Summary

This website contacted 59 IPs in 7 countries across 44 domains to perform 309 HTTP transactions. The main IP is 35.214.92.101, located in London, United Kingdom and belongs to GOOGLE, US. The main domain is www.tmp.kuredu.com.
TLS certificate: Issued by R3 on February 12th 2021. Valid for: 3 months.

This is the only time www.tmp.kuredu.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
22	35.214.92.101 35.214.92.101	15169 (GOOGLE) (GOOGLE)
62	2606:4700:303... 2606:4700:3034::6815:85d	13335 (CLOUDFLAR...) (CLOUDFLARENET)
5	2a00:1450:400... 2a00:1450:4001:809::2008	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:800::200e	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2003	15169 (GOOGLE) (GOOGLE)
8	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
1	65.9.69.77 65.9.69.77	16509 (AMAZON-02) (AMAZON-02)
8	2a00:1450:400... 2a00:1450:4001:82b::2004	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c04::9b	15169 (GOOGLE) (GOOGLE)
2 4	142.250.185.162 142.250.185.162	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f02... 2a03:2880:f02d:12:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2 4	104.16.107.139 104.16.107.139	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	104.18.70.113 104.18.70.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	151.101.12.65 151.101.12.65	54113 (FASTLY) (FASTLY)
1 6	2606:4700:10:... 2606:4700:10::ac43:2653	13335 (CLOUDFLAR...) (CLOUDFLARENET)
64	45.60.198.96 45.60.198.96	19551 (INCAPSULA) (INCAPSULA)
2	2a00:1450:400... 2a00:1450:400c:c04::9d	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:80f::2003	15169 (GOOGLE) (GOOGLE)
5	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	35.186.195.233 35.186.195.233	15169 (GOOGLE) (GOOGLE)
7 10	52.51.60.151 52.51.60.151	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:813::2002	15169 (GOOGLE) (GOOGLE)
1	54.154.130.111 54.154.130.111	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:212... 2600:9000:2127:c800:f:900d:ef80:93a1	16509 (AMAZON-02) (AMAZON-02)
4	23.36.239.12 23.36.239.12	16625 (AKAMAI-AS) (AKAMAI-AS)
1	104.18.72.113 104.18.72.113	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3 4	142.250.186.166 142.250.186.166	15169 (GOOGLE) (GOOGLE)
1	104.244.42.3 104.244.42.3	13414 (TWITTER) (TWITTER)
1 1	23.210.248.44 23.210.248.44	16625 (AKAMAI-AS) (AKAMAI-AS)
2	52.23.94.221 52.23.94.221	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2a00:1288:80:... 2a00:1288:80:800::7001	203220 (YAHOO-DEB) (YAHOO-DEB)
2 4	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	69.173.144.138 69.173.144.138	26667 (RUBICONPR...) (RUBICONPROJECT)
3 7	185.33.220.240 185.33.220.240	29990 (ASN-APPNEX) (ASN-APPNEX)
2	20.43.154.75 20.43.154.75	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1	2a00:1450:400... 2a00:1450:4001:829::2002	15169 (GOOGLE) (GOOGLE)
1	20.43.163.97 20.43.163.97	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 2	35.210.178.101 35.210.178.101	15169 (GOOGLE) (GOOGLE)
2 2	35.156.19.236 35.156.19.236	16509 (AMAZON-02) (AMAZON-02)
2	20.43.171.38 20.43.171.38	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
4	107.178.244.119 107.178.244.119	15169 (GOOGLE) (GOOGLE)
3	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
2 7	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:828::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2 2	99.80.71.186 99.80.71.186	16509 (AMAZON-02) (AMAZON-02)
1	2a00:1450:400... 2a00:1450:4001:829::200a	15169 (GOOGLE) (GOOGLE)
14	2606:4700::68... 2606:4700::6810:125e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2a04:4e42:3::621 2a04:4e42:3::621	54113 (FASTLY) (FASTLY)
2	52.218.112.67 52.218.112.67	16509 (AMAZON-02) (AMAZON-02)
2	151.101.193.182 151.101.193.182	54113 (FASTLY) (FASTLY)
3	151.101.113.182 151.101.113.182	54113 (FASTLY) (FASTLY)
3	151.101.65.62 151.101.65.62	54113 (FASTLY) (FASTLY)
8 18	52.209.184.14 52.209.184.14	16509 (AMAZON-02) (AMAZON-02)
2 4	54.228.192.197 54.228.192.197	16509 (AMAZON-02) (AMAZON-02)
1	34.247.1.48 34.247.1.48	16509 (AMAZON-02) (AMAZON-02)
1 2	52.50.104.129 52.50.104.129	16509 (AMAZON-02) (AMAZON-02)
1	23.79.152.128 23.79.152.128	16625 (AKAMAI-AS) (AKAMAI-AS)
1	185.64.189.110 185.64.189.110	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	65.9.94.97 65.9.94.97	16509 (AMAZON-02) (AMAZON-02)
1 2	104.108.145.8 104.108.145.8	16625 (AKAMAI-AS) (AKAMAI-AS)
1	151.101.114.133 151.101.114.133	54113 (FASTLY) (FASTLY)
309	59

22 35.214.92.101 (London, United Kingdom)

ASN15169 (GOOGLE, US)
PTR: 101.92.214.35.bc.googleusercontent.com

www.tmp.kuredu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

62 2606:4700:3034::6815:85d (United States)

ASN13335 (CLOUDFLARENET, US)

www.kuredu.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:809::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:800::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 65.9.69.77 (United States)

ASN16509 (AMAZON-02, US)

customs.affilired.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a00:1450:4001:82b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.185.162 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s51-in-f2.1e100.net

www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f02d:12:face:b00c:0:3 (United States)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 104.16.107.139 (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

v2.zopim.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.70.113 (United States)

ASN13335 (CLOUDFLARENET, US)

static.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.12.65 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

tag.marinsm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700:10::ac43:2653 (United States) 1 redirects

ASN13335 (CLOUDFLARENET, US)

onboard.triptease.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

64 45.60.198.96 (United States)

ASN19551 (INCAPSULA, US)

www.thehotelsnetwork.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c04::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:80f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a03:2880:f12d:83:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.195.233 (Kansas City, United States)

ASN15169 (GOOGLE, US)

api.triptease.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 52.51.60.151 (Dublin, Ireland) 7 redirects

ASN16509 (AMAZON-02, US)

pixel-geo.prfct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:813::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.154.130.111 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

smct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2127:c800:f:900d:ef80:93a1 (United States)

ASN16509 (AMAZON-02, US)

cdn.denomatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 23.36.239.12 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-36-239-12.deploy.static.akamaitechnologies.com

configch2.veinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.18.72.113 (United States)

ASN13335 (CLOUDFLARENET, US)

ekr.zdassets.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.166 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s08-in-f6.1e100.net

8124507.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ad.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.3 (United States)

ASN13414 (TWITTER, US)

analytics.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.210.248.44 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a23-210-248-44.deploy.static.akamaitechnologies.com

cw.addthis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.23.94.221 (United States)

ASN14618 (AMAZON-AES, US)

pixel.prfct.co	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1288:80:800::7001 (United Kingdom) 1 redirects

ASN203220 (YAHOO-DEB, GB)

ads.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 35.244.159.8 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 69.173.144.138 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 185.33.220.240 (Amsterdam, Netherlands) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

secure.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.43.154.75 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

cookiea1.veinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 20.43.163.97 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

sessionapihk.veinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.210.178.101 (Brussels, Belgium) 2 redirects

ASN15169 (GOOGLE, US)

a.volvelle.tech	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.156.19.236 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 20.43.171.38 (Singapore, Singapore)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

dtrchk.veinteractive.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 107.178.244.119 (Kansas City, United States)

ASN15169 (GOOGLE, US)

beacon.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.sojern.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2620:1ec:c11::200 (United States)

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

bat.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany) 2 redirects

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
www.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::200e (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

fcmatch.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fcmatch.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.80.71.186 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-99-80-71-186.eu-west-1.compute.amazonaws.com

match.adsrvr.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:829::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2606:4700::6810:125e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a04:4e42:3::621 (United States)

ASN54113 (FASTLY, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.218.112.67 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

s3-eu-west-1.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 151.101.193.182 (United States)

ASN54113 (FASTLY, US)

static.triptease.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.113.182 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

static-meta.triptease.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.65.62 (United States)

ASN54113 (FASTLY, US)

b.triptease.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 52.209.184.14 (Dublin, Ireland) 8 redirects

ASN16509 (AMAZON-02, US)

segment.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 54.228.192.197 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)

match.prod.bidr.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.247.1.48 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)

beacon.krxd.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.50.104.129 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-50-104-129.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.79.152.128 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-79-152-128.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.189.110 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 65.9.94.97 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

segments.company-target.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.108.145.8 (Berlin, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-108-145-8.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.101.114.133 (Frankfurt am Main, Germany)

ASN54113 (FASTLY, US)

messages.guest-experience.triptease.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
84	kuredu.com www.tmp.kuredu.com www.kuredu.com	4 MB
64	thehotelsnetwork.com www.thehotelsnetwork.com	1 MB
22	bidr.io 10 redirects segment.prod.bidr.io match.prod.bidr.io	13 KB
17	triptease.io 1 redirects onboard.triptease.io api.triptease.io static.triptease.io static-meta.triptease.io b.triptease.io messages.guest-experience.triptease.io	245 KB
16	doubleclick.net 7 redirects stats.g.doubleclick.net googleads.g.doubleclick.net 8124507.fls.doubleclick.net cm.g.doubleclick.net ad.doubleclick.net	10 KB
14	cloudflare.com cdnjs.cloudflare.com	269 KB
13	google.com 1 redirects www.google.com adservice.google.com fcmatch.google.com	2 KB
12	prfct.co 7 redirects pixel-geo.prfct.co pixel.prfct.co	5 KB
10	gstatic.com fonts.gstatic.com	305 KB
9	veinteractive.com configch2.veinteractive.com cookiea1.veinteractive.com sessionapihk.veinteractive.com dtrchk.veinteractive.com	90 KB
9	google-analytics.com www.google-analytics.com	74 KB
8	google.de www.google.de	1 KB
7	adnxs.com 3 redirects secure.adnxs.com ib.adnxs.com	7 KB
5	facebook.com www.facebook.com	776 B
5	googletagmanager.com www.googletagmanager.com	189 KB
4	sojern.com beacon.sojern.com pixel.sojern.com	3 KB
4	openx.net 2 redirects us-u.openx.net	806 B
4	zopim.com 2 redirects v2.zopim.com	245 KB
4	googleadservices.com www.googleadservices.com	49 KB
3	bing.com bat.bing.com	9 KB
3	facebook.net connect.facebook.net	161 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com	2 KB
2	company-target.com 1 redirects segments.company-target.com	1 KB
2	demdex.net 1 redirects dpm.demdex.net	2 KB
2	amazonaws.com s3-eu-west-1.amazonaws.com	950 KB
2	jsdelivr.net cdn.jsdelivr.net	8 KB
2	adsrvr.org 2 redirects match.adsrvr.org	1011 B
2	bidswitch.net 2 redirects x.bidswitch.net	1 KB
2	volvelle.tech 2 redirects a.volvelle.tech	2 KB
2	rubiconproject.com pixel.rubiconproject.com	478 B
2	zdassets.com static.zdassets.com ekr.zdassets.com	8 KB
1	pubmatic.com image2.pubmatic.com	977 B
1	bluekai.com tags.bluekai.com	729 B
1	krxd.net beacon.krxd.net	338 B
1	googleapis.com fonts.googleapis.com	624 B
1	youtube.com fcmatch.youtube.com	529 B
1	yahoo.com 1 redirects ads.yahoo.com	350 B
1	addthis.com 1 redirects cw.addthis.com	453 B
1	twitter.com analytics.twitter.com	574 B
1	denomatic.com cdn.denomatic.com	2 KB
1	smct.co smct.co	1 KB
1	marinsm.com tag.marinsm.com	4 KB
1	affilired.com customs.affilired.com	10 KB
0	maldiveswebcams.com Failed www.maldiveswebcams.com Failed
309	44

	Domain	Requested by
64	www.thehotelsnetwork.com	www.googletagmanager.com www.thehotelsnetwork.com
62	www.kuredu.com	www.tmp.kuredu.com www.kuredu.com
22	www.tmp.kuredu.com	www.tmp.kuredu.com www.kuredu.com
18	segment.prod.bidr.io	8 redirects b.triptease.io
14	cdnjs.cloudflare.com	www.thehotelsnetwork.com
10	pixel-geo.prfct.co	7 redirects www.tmp.kuredu.com
10	fonts.gstatic.com	www.tmp.kuredu.com fonts.googleapis.com
10	www.google.com	www.tmp.kuredu.com www.thehotelsnetwork.com
9	www.google-analytics.com	www.tmp.kuredu.com www.google-analytics.com www.thehotelsnetwork.com
8	www.google.de	www.tmp.kuredu.com www.thehotelsnetwork.com
6	onboard.triptease.io	1 redirects www.tmp.kuredu.com onboard.triptease.io
5	www.facebook.com	www.tmp.kuredu.com connect.facebook.net
5	www.googletagmanager.com	www.tmp.kuredu.com beacon.sojern.com static-meta.triptease.io www.googletagmanager.com
4	match.prod.bidr.io	2 redirects b.triptease.io match.prod.bidr.io
4	secure.adnxs.com	1 redirects www.tmp.kuredu.com
4	cm.g.doubleclick.net	4 redirects
4	us-u.openx.net	2 redirects www.tmp.kuredu.com match.prod.bidr.io
4	configch2.veinteractive.com	customs.affilired.com configch2.veinteractive.com
4	googleads.g.doubleclick.net	www.googleadservices.com
4	v2.zopim.com	2 redirects www.tmp.kuredu.com
4	www.googleadservices.com	www.googletagmanager.com www.thehotelsnetwork.com
4	stats.g.doubleclick.net	www.google-analytics.com
3	b.triptease.io	onboard.triptease.io b.triptease.io
3	static-meta.triptease.io	onboard.triptease.io www.thehotelsnetwork.com
3	ib.adnxs.com	2 redirects match.prod.bidr.io
3	pixel.sojern.com
3	bat.bing.com	beacon.sojern.com
3	connect.facebook.net	www.tmp.kuredu.com connect.facebook.net
2	dsum-sec.casalemedia.com	1 redirects match.prod.bidr.io
2	segments.company-target.com	1 redirects match.prod.bidr.io
2	dpm.demdex.net	1 redirects match.prod.bidr.io
2	static.triptease.io	onboard.triptease.io static.triptease.io
2	s3-eu-west-1.amazonaws.com	www.thehotelsnetwork.com
2	cdn.jsdelivr.net	www.thehotelsnetwork.com
2	match.adsrvr.org	2 redirects
2	ad.doubleclick.net	2 redirects
2	dtrchk.veinteractive.com	www.thehotelsnetwork.com
2	x.bidswitch.net	2 redirects
2	a.volvelle.tech	2 redirects
2	adservice.google.com	8124507.fls.doubleclick.net
2	cookiea1.veinteractive.com	configch2.veinteractive.com www.tmp.kuredu.com
2	pixel.rubiconproject.com	www.tmp.kuredu.com match.prod.bidr.io
2	pixel.prfct.co	www.tmp.kuredu.com
2	8124507.fls.doubleclick.net	1 redirects cdn.denomatic.com
2	api.triptease.io	onboard.triptease.io static.triptease.io
1	messages.guest-experience.triptease.io	www.thehotelsnetwork.com
1	image2.pubmatic.com	match.prod.bidr.io
1	tags.bluekai.com	match.prod.bidr.io
1	beacon.krxd.net	match.prod.bidr.io
1	fonts.googleapis.com	www.thehotelsnetwork.com
1	fcmatch.youtube.com
1	fcmatch.google.com	1 redirects
1	beacon.sojern.com	www.tmp.kuredu.com
1	sessionapihk.veinteractive.com	www.thehotelsnetwork.com
1	ads.yahoo.com	1 redirects
1	cw.addthis.com	1 redirects
1	analytics.twitter.com	www.tmp.kuredu.com
1	ekr.zdassets.com	v2.zopim.com
1	cdn.denomatic.com	customs.affilired.com
1	smct.co	customs.affilired.com
1	tag.marinsm.com	www.tmp.kuredu.com
1	static.zdassets.com	www.tmp.kuredu.com
1	customs.affilired.com	www.tmp.kuredu.com
0	www.maldiveswebcams.com Failed	www.kuredu.com
309	64

This site contains links to these domains. Also see Links.

Domain
www.kuredu.com
www.facebook.com
www.instagram.com
gifts.kuredu.com
geckodigital.co
www.youtube.com
www.tripadvisor.com
www.linkedin.com
twitter.com
thedconcept.com

Subject Issuer	Validity	Valid
tmp.kuredu.com R3	`2021-02-12` - `2021-05-13`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-07-25` - `2021-07-25`	a year	crt.sh
*.google-analytics.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.affilired.com GeoTrust EV RSA CA 2018	`2020-08-03` - `2021-10-02`	a year	crt.sh
*.google.com GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
www.googleadservices.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2020-12-22` - `2021-03-21`	3 months	crt.sh
ssl911790.cloudflaressl.com COMODO ECC Domain Validation Secure Server CA 2	`2020-10-28` - `2021-05-06`	6 months	crt.sh
g.ssl.fastly.net GlobalSign Organization Validation CA - SHA256 - G2	`2021-01-22` - `2021-07-11`	6 months	crt.sh
*.thehotelsnetwork.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-22` - `2022-01-22`	a year	crt.sh
www.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.triptease.io Sectigo RSA Organization Validation Secure Server CA	`2020-04-16` - `2022-05-07`	2 years	crt.sh
*.prfct.co DigiCert SHA2 Secure Server CA	`2019-09-03` - `2021-10-27`	2 years	crt.sh
smct.co Amazon	`2020-06-15` - `2021-07-15`	a year	crt.sh
*.denomatic.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-11` - `2021-11-11`	a year	crt.sh
*.veinteractive.com DigiCert SHA2 Secure Server CA	`2020-04-14` - `2021-07-14`	a year	crt.sh
*.doubleclick.net GTS CA 1O1	`2021-01-19` - `2021-04-13`	3 months	crt.sh
*.twitter.com DigiCert TLS RSA SHA256 2020 CA1	`2020-11-30` - `2021-11-29`	a year	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2020-06-18` - `2021-08-17`	a year	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-18` - `2022-01-18`	a year	crt.sh
*.adnxs.com DigiCert ECC Secure Server CA	`2019-01-23` - `2021-03-08`	2 years	crt.sh
cookiea1.veinteractive.com R3	`2020-12-09` - `2021-03-09`	3 months	crt.sh
*.zopim.com Sectigo RSA Domain Validation Secure Server CA	`2020-05-30` - `2021-05-30`	a year	crt.sh
sessionapihk.veinteractive.com R3	`2021-01-17` - `2021-04-17`	3 months	crt.sh
dtrchk.veinteractive.com R3	`2021-01-18` - `2021-04-18`	3 months	crt.sh
*.sojern.com DigiCert TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-20`	a year	crt.sh
www.bing.com Microsoft RSA TLS CA 02	`2021-01-19` - `2021-07-19`	6 months	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
f3.shared.global.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2020-10-26` - `2021-04-17`	6 months	crt.sh
*.s3-eu-west-1.amazonaws.com DigiCert Baltimore CA-2 G2	`2020-08-04` - `2021-08-09`	a year	crt.sh
q.ssl.fastly.net GlobalSign CloudSSL CA - SHA256 - G3	`2021-01-01` - `2021-04-10`	3 months	crt.sh
*.segment.prod.bidr.io Amazon	`2020-03-26` - `2021-04-26`	a year	crt.sh
*.match.prod.bidr.io Amazon	`2020-03-26` - `2021-04-26`	a year	crt.sh
beacon.krxd.net DigiCert TLS RSA SHA256 2020 CA1	`2021-01-13` - `2022-01-07`	a year	crt.sh
*.demdex.net DigiCert TLS RSA SHA256 2020 CA1	`2020-12-02` - `2022-01-02`	a year	crt.sh
odc-prod-01.oracle.com DigiCert Secure Site ECC CA-1	`2020-10-15` - `2021-04-09`	6 months	crt.sh
*.pubmatic.com DigiCert Baltimore TLS RSA SHA256 2020 CA1	`2020-12-07` - `2021-12-14`	a year	crt.sh
*.company-target.com Go Daddy Secure Certificate Authority - G2	`2019-06-19` - `2021-08-18`	2 years	crt.sh
san.casalemedia.com GeoTrust RSA CA 2018	`2020-03-02` - `2021-04-01`	a year	crt.sh
*.guest-experience.triptease.io R3	`2021-01-03` - `2021-04-03`	3 months	crt.sh

This page contains 17 frames:

Primary Page: https://www.tmp.kuredu.com/
Frame ID: 63E60709EE0CBBC360B7021090D3576C
Requests: 173 HTTP requests in this frame

Frame: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html
Frame ID: 14980A02E2BCA12BE7CE12EE46EB3B62
Requests: 8 HTTP requests in this frame

Frame: https://onboard.triptease.io/kernel/v3844.35532/kernel-host.html?originHost=www.tmp.kuredu.com
Frame ID: A981B856F63194876DC2AB4CBC10181A
Requests: 2 HTTP requests in this frame

Frame: https://www.thehotelsnetwork.com/widget/core/latest/hub/local.html?v=1
Frame ID: E4EEB9D9D89E0C86EBC5E4EC5F63DA89
Requests: 3 HTTP requests in this frame

Frame: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html
Frame ID: 640EC7AAEAF8D5EB3F85751C70E78DCF
Requests: 1 HTTP requests in this frame

Frame: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html
Frame ID: FD15CB8337013F223DDC9BF04A34DABC
Requests: 8 HTTP requests in this frame

Frame: https://8124507.fls.doubleclick.net/activityi;dc_pre=CPevic-Y5e4CFcvF7QodyhUHNQ;src=8124507;type=visit0;cat=visit0;u1=hotel_kuredu;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=19532358311361.957
Frame ID: 0F8CDDF5C1FF2F87F02809B517CA3672
Requests: 2 HTTP requests in this frame

Frame: https://configch2.veinteractive.com/scripts/shared/iframeStorage-5.0.0.html?iframeid=ve-storage-iframe&journeyCode=4c9d3231-aba4-4648-9ab4-b8bbc40545c4&journeyId=17005
Frame ID: C68305E99FE45C43D2470900082C752B
Requests: 2 HTTP requests in this frame

Frame: https://www.thehotelsnetwork.com/widget/core/latest/hub/session.html?v=1
Frame ID: 3F9269AAE11CDE71FBFBBE2E25486902
Requests: 4 HTTP requests in this frame

Frame: https://v2.zopim.com/widget/images/avatar_simple_visitor.png
Frame ID: CAB7C10EEBE2438E64CD2B2B7AF99208
Requests: 1 HTTP requests in this frame

Frame: data://truncated
Frame ID: 95F187506D71F62648B3EE8B0DCD60D7
Requests: 1 HTTP requests in this frame

Frame: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
Frame ID: 1322D3B2B8BA6C84E8F11F0F1444B7A9
Requests: 30 HTTP requests in this frame

Frame: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
Frame ID: BD94543D559F47FC6532E173D6E01334
Requests: 22 HTTP requests in this frame

Frame: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
Frame ID: 002F4C3524F9697E43FE45BF3B3EE9DE
Requests: 26 HTTP requests in this frame

Frame: https://b.triptease.io/?apikey=11905f281240e11c010d5ad195f1333929279936&bucket=1&conversion=false&clicked=false&searched=false&tripteaseUserId=ef52dbc7-fa22-4af9-bb5c-78de91410b9b
Frame ID: AF386CA37E674F0AB9A7AB0B7286CA75
Requests: 12 HTTP requests in this frame

Frame: https://match.prod.bidr.io/cookie-msync?buzz_key=triptease
Frame ID: 5A7696F6AEF4D5404CF87F0B368A249A
Requests: 11 HTTP requests in this frame

Frame: https://static.triptease.io/message-porter/dist/storageIframe.html
Frame ID: 9B69B013B31F5EB568E2D6A1E5FA039E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

PHP (Programming Languages) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

MySQL (Databases) Expand

Overall confidence: 100%
Detected patterns

headers link /rel="https:\/\/api\.w\.org\/"/i
html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

script /(?:\/([\d.]+))?(?:\/js)?\/bootstrap(?:\.min)?\.js/i

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Yoast SEO (SEO) Expand

Overall confidence: 100%
Detected patterns

html /<!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -/i

Zendesk Chat (Live Chat) Expand

Overall confidence: 100%
Detected patterns

script /v2\.zopim\.com/i

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

script /\/\/connect\.facebook\.net\/[^/]*\/[a-z]*\.js/i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

html //i

Page Statistics

309
Requests

99 %
HTTPS

39 %
IPv6

44
Domains

64
Subdomains

59
IPs

7
Countries

7857 kB
Transfer

14966 kB
Size

20
Cookies

53 Outgoing links

These are links going to different origins than the main page.

URL: https://www.kuredu.com/accommodation/deluxe-beach-villa/
Title: Deluxe Beach Villa

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/accommodation/premium-beach-villas/
Title: Premium Beach Villas

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/accommodation/beach-villa/
Title: Beach Villas

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/essentials/maldives-weather/
Title: Weather and Climate

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/essentials/maldives-reviews/
Title: Reviews

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/essentials/awards/
Title: Awards

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/download/AI_bands.pdf
Title: All-inclusive bands

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/essentials/family-holiday/
Title: Kids’ Club

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/download/Kuredu_Sustainability_Report.pdf
Title: Sustainability Report – Kuredu

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/download/Sustainability_Report_CCR.pdf
Title: Sustainability Report – CCR

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/download/Kuredu-Map.pdf
Title: Island Map

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/maldives-gallery/
Title: Gallery

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/maldives-gallery/images/
Title: Image Gallery

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/guest-images/
Title: Guest Images

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/wine-and-dine/
Title: Wine & Dine

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/wine-and-dine/beach-shack/
Title: Beach Shack

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/wine-and-dine/far-east/
Title: The Far East

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/wine-and-dine/francos/
Title: Franco’s

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/wine-and-dine/bars/
Title: Bars

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/recreation/
Title: Recreation

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/recreation/top-10/
Title: Top 10 Things To Do

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/recreation/snorkeling/
Title: Snorkelling

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/recreation/maldives-diving/
Title: Scuba Diving

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/recreation/tennis-padel/
Title: Tennis & Padel Tennis

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/recreation/gym/
Title: Gym

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/recreation/spa/
Title: Duniye Spa

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/recreation/entertainment/
Title: Entertainment

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/romance/
Title: Romance

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/romance/maldives-weddings/
Title: Exchange of Vows

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/romance/candlelight-dinner/
Title: Candlelight Dinner

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/romance/photography/
Title: Photography

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/romance/dream-island/
Title: Dream Island

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/community/
Title: Latest

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/community/blog/
Title: Latest News

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/jobs/
Title: Career Opportunities

Search URL Search Domain Scan URL

URL: https://www.facebook.com/KureduIslandResort
Title: Facebook

Search URL Search Domain Scan URL

URL: https://www.instagram.com/kuredu_island_resort/
Title: Instagram

Search URL Search Domain Scan URL

URL: http://gifts.kuredu.com/
Title: Gifts

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/contact-us/
Title: Contact

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/special-offers/
Title: Special Offers

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/
Title: English

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/de/
Title: Deutsch

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/ru/
Title: Русский

Search URL Search Domain Scan URL

URL: https://geckodigital.co/vt/Kuredu/
Title: Launch Tour

Search URL Search Domain Scan URL

URL: https://www.youtube.com/embed/I2f9LyiV7IQ?fs=1&autoplay=1&hd=1&rel=0

Search URL Search Domain Scan URL

URL: http://gifts.kuredu.com/shop/undersea-restaurant
Title: 5.8 UNDERSEA RESTAURANT AT HURAWALHI

Search URL Search Domain Scan URL

URL: https://www.kuredu.com/wine-and-dine/undersea-restaurant/
Title: Find out more

Search URL Search Domain Scan URL

URL: http://gifts.kuredu.com/shop/undersea-restaurant/
Title: Book Now

Search URL Search Domain Scan URL

URL: https://www.tripadvisor.com/Hotel_Review-g1480252-d316623-Reviews-Kuredu_Island_Resort_Spa-Kuredu.html

Search URL Search Domain Scan URL

URL: https://www.linkedin.com/company/kuredu-island-resort-&-spa/about/

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/KureduIslandResort

Search URL Search Domain Scan URL

URL: https://twitter.com/KureduResort

Search URL Search Domain Scan URL

URL: http://thedconcept.com/
Title: thedconcept

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 84

https://v2.zopim.com/?35sMl3TtCSbQlHPgsi3goXQqBhFW5Mk2 HTTP 302
https://static.zdassets.com/ekr/asset_composer.js

Request Chain 86

https://onboard.triptease.io/bootstrap.js?integrationId=01D1T6RBS9BAJFX5M0ZK2SEZ6C HTTP 307
https://onboard.triptease.io/bootstrap/v3844.35532/bootstrap.js

Request Chain 98

https://pixel-geo.prfct.co/tagjs?a_id=84479&source=js_tag HTTP 302
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=84479&source=js_tag

Request Chain 121

https://8124507.fls.doubleclick.net/activityi;src=8124507;type=visit0;cat=visit0;u1=hotel_kuredu;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=19532358311361.957 HTTP 302
https://8124507.fls.doubleclick.net/activityi;dc_pre=CPevic-Y5e4CFcvF7QodyhUHNQ;src=8124507;type=visit0;cat=visit0;u1=hotel_kuredu;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=19532358311361.957

Request Chain 132

https://pixel-geo.prfct.co/cs/?partnerId=twtr HTTP 302
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_X3FvHb6RVgF0eDFGg

Request Chain 133

https://pixel-geo.prfct.co/cs/?partnerId=crw HTTP 302
https://cw.addthis.com/t.gif?pid=37&pidt=0&pdid=pa_X3FvHb6RVgF0eDFGg&cu=https%3A%2F%2Fpixel.prfct.co%2Fcb%3FpartnerId%3Dcrw HTTP 302
https://pixel.prfct.co/cb?partnerId=crw

Request Chain 134

https://pixel-geo.prfct.co/cs/?partnerId=yah HTTP 302
https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_X3FvHb6RVgF0eDFGg&sigv=1&esig=2~88dfa033f82d0ff216012866acaceb017cb6b50d HTTP 302
https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_X3FvHb6RVgF0eDFGg

Request Chain 135

https://pixel-geo.prfct.co/cs/?partnerId=opx HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_X3FvHb6RVgF0eDFGg HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_X3FvHb6RVgF0eDFGg

Request Chain 136

https://pixel-geo.prfct.co/cs/?partnerId=rbcn HTTP 302
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_X3FvHb6RVgF0eDFGg

Request Chain 137

https://pixel-geo.prfct.co/cs/?partnerId=goo HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfWDNGdkhiNlJWZ0YwZURGR2c HTTP 302
https://pixel-geo.prfct.co/cb?partnerId=goo

Request Chain 139

https://secure.adnxs.com/seg?t=2&add=13950546 HTTP 307
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D13950546

Request Chain 153

https://v2.zopim.com/w?35sMl3TtCSbQlHPgsi3goXQqBhFW5Mk2 HTTP 302
https://v2.zopim.com/bin/v/widget_v2.329.js

Request Chain 155

https://a.volvelle.tech/sync?source=ve&redirect=//cookiea1.veinteractive.com/api/SyncCookie?clientName%3Dvolvelle%26journeyCode%3D4C9D3231-ABA4-4648-9AB4-B8BBC40545C4%26version%3D5.0.0%26referrer%3Dwww.tmp.kuredu.com%26offset%3D-60%26userId= HTTP 302
https://a.volvelle.tech/ul_cb/sync?source=ve&redirect=//cookiea1.veinteractive.com/api/SyncCookie?clientName%3Dvolvelle%26journeyCode%3D4C9D3231-ABA4-4648-9AB4-B8BBC40545C4%26version%3D5.0.0%26referrer%3Dwww.tmp.kuredu.com%26offset%3D-60%26userId= HTTP 302
https://x.bidswitch.net/syncd?dsp_id=190&user_group=1&user_id=669d952a-1961-467b-8185-34fa53e5133e&redir=https%3A%2F%2Fcookiea1.veinteractive.com%2Fapi%2FSyncCookie%3FclientName%3Dvolvelle%26journeyCode%3D4C9D3231-ABA4-4648-9AB4-B8BBC40545C4%26version%3D5.0.0%26referrer%3Dwww.tmp.kuredu.com%26offset%3D-60%26userId%3D669d952a-1961-467b-8185-34fa53e5133e HTTP 302
https://x.bidswitch.net/ul_cb/syncd?dsp_id=190&user_group=1&user_id=669d952a-1961-467b-8185-34fa53e5133e&redir=https%3A%2F%2Fcookiea1.veinteractive.com%2Fapi%2FSyncCookie%3FclientName%3Dvolvelle%26journeyCode%3D4C9D3231-ABA4-4648-9AB4-B8BBC40545C4%26version%3D5.0.0%26referrer%3Dwww.tmp.kuredu.com%26offset%3D-60%26userId%3D669d952a-1961-467b-8185-34fa53e5133e HTTP 302
https://cookiea1.veinteractive.com/api/SyncCookie?clientName=volvelle&journeyCode=4C9D3231-ABA4-4648-9AB4-B8BBC40545C4&version=5.0.0&referrer=www.tmp.kuredu.com&offset=-60&userId=669d952a-1961-467b-8185-34fa53e5133e

Request Chain 166

https://ad.doubleclick.net/ddm/activity/src=8267058;type=homep0;cat=apack0;qty=1;cost=0;u1=;u2=;u3=;u4=;u5=;u6=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u17=;u18=;u19=65452;u20=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=orderID HTTP 302
https://ad.doubleclick.net/ddm/activity/src=8267058;dc_pre=CPyKitCY5e4CFdeGsgodrg4G2A;type=homep0;cat=apack0;qty=1;cost=0;u1=;u2=;u3=;u4=;u5=;u6=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u17=;u18=;u19=65452;u20=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=orderID HTTP 302
https://adservice.google.com/ddm/fls/z/src=8267058;dc_pre=CPyKitCY5e4CFdeGsgodrg4G2A;type=homep0;cat=apack0;qty=1;cost=0;u1=;u2=;u3=;u4=;u5=;u6=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u17=;u18=;u19=65452;u20=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=orderID

Request Chain 169

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=kNwDJIEK8ZAd6L-ZVqXTBA&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=ELIsrW-1aSHgwEXrUVh4pyTUEEEPF6wAgcpFo6993Dh6Crxc7m5VOOJPcn_6LTXD&sjrn_ula=516973663 HTTP 302
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=ELIsrW-1aSHgwEXrUVh4pyTUEEEPF6wAgcpFo6993Dh6Crxc7m5VOOJPcn_6LTXD&sjrn_ula=516973663&google_gid=CAESEJ31aeJV4Gw7iawb809qV6w&google_cver=1

Request Chain 170

https://cm.g.doubleclick.net/pixel?google_hm=kNwDJIEK8ZAd6L-ZVqXTBA&google_nid=sojern_adh HTTP 302
https://fcmatch.google.com/pixel?google_gm=AMnCDopsr6J_yuPQEKV2HRvJ90TSFLeH10lASIcQYlAkXhRvUwq7prIyMvyds4JAldmzfxAE4I_pVHe1NQQ5r2A8UhKtY4cg8GUm2vMlL-G4rBYGKoalj70 HTTP 302
https://fcmatch.youtube.com/pixel?google_gm=AMnCDopsr6J_yuPQEKV2HRvJ90TSFLeH10lASIcQYlAkXhRvUwq7prIyMvyds4JAldmzfxAE4I_pVHe1NQQ5r2A8UhKtY4cg8GUm2vMlL-G4rBYGKoalj70

Request Chain 171

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=ELIsrW-1aSHgwEXrUVh4pyTUEEEPF6wAgcpFo6993Dh6Crxc7m5VOOJPcn_6LTXD HTTP 302
https://pixel.sojern.com/idsync/apn?id=4739265564283385809&sjrn_id=ELIsrW-1aSHgwEXrUVh4pyTUEEEPF6wAgcpFo6993Dh6Crxc7m5VOOJPcn_6LTXD

Request Chain 172

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=ELIsrW-1aSHgwEXrUVh4pyTUEEEPF6wAgcpFo6993Dh6Crxc7m5VOOJPcn_6LTXD&ttd_tpi=1 HTTP 302
https://match.adsrvr.org/track/cmb/generic?ttd_pid=ombl9hp&ttd_puid=ELIsrW-1aSHgwEXrUVh4pyTUEEEPF6wAgcpFo6993Dh6Crxc7m5VOOJPcn_6LTXD&ttd_tpi=1 HTTP 302
https://pixel.sojern.com/idsync/ttd?id=e5acd2cc-2a70-4222-bc25-a2487f256b7e&sjrn_id=ELIsrW-1aSHgwEXrUVh4pyTUEEEPF6wAgcpFo6993Dh6Crxc7m5VOOJPcn_6LTXD

Request Chain 280

https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-138&value= HTTP 303
https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-138&value=&_bee_ppp=1

Request Chain 281

https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-139&value= HTTP 303
https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-139&value=&_bee_ppp=1

Request Chain 282

https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-140&value= HTTP 303
https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-140&value=&_bee_ppp=1

Request Chain 283

https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-137&value= HTTP 303
https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-137&value=&_bee_ppp=1

Request Chain 284

https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-11104&value=1 HTTP 303
https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-11104&value=1&_bee_ppp=1

Request Chain 285

https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-11105&value= HTTP 303
https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-11105&value=&_bee_ppp=1

Request Chain 290

https://match.prod.bidr.io/cookie-sync/triptease?buyer_user_id=ef52dbc7-fa22-4af9-bb5c-78de91410b9b|11905f281240e11c010d5ad195f1333929279936 HTTP 303
https://match.prod.bidr.io/cookie-sync/triptease?buyer_user_id=ef52dbc7-fa22-4af9-bb5c-78de91410b9b%7C11905f281240e11c010d5ad195f1333929279936&_bee_ppp=1 HTTP 303
https://b.triptease.io/cookie-sync?partner=beeswax&beeswax_id=AAMvGE7ATcwAABA0BH-1yQ&buyer_user_id=ef52dbc7-fa22-4af9-bb5c-78de91410b9b%7C11905f281240e11c010d5ad195f1333929279936

Request Chain 291

https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-1&value=0.5&forward_to_cookie_sync=1 HTTP 303
https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-1&value=0.5&forward_to_cookie_sync=1&_bee_ppp=1 HTTP 303
https://match.prod.bidr.io/cookie-msync?buzz_key=triptease

Request Chain 294

https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCc1JrN0FUY3dBQUEzRjFnWWFnZw&bee_sync_partners=&bee_sync_current_partner=adx&bee_sync_hop_count=1 HTTP 302
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=&bee_sync_current_partner=adx&bee_sync_hop_count=1

Request Chain 295

https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AABsRk7ATcwAAA3F1gYagg HTTP 302
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=275754&dpuuid=AABsRk7ATcwAAA3F1gYagg

Request Chain 298

https://segments.company-target.com/log?vendor=choca&user_id=AABsRk7ATcwAAA3F1gYagg HTTP 303
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AABsRk7ATcwAAA3F1gYagg&verifyHash=ac436a4d1b4bbcf6cca362f922f78e811bd42643

Request Chain 299

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=130&external_user_id=AABsRk7ATcwAAA3F1gYagg&expiration=1614371568 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=130&external_user_id=AABsRk7ATcwAAA3F1gYagg&expiration=1614371568&C=1

Request Chain 300

https://ib.adnxs.com/setuid?entity=331&seg=6290637&code=AABsRk7ATcwAAA3F1gYagg HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D331%26seg%3D6290637%26code%3DAABsRk7ATcwAAA3F1gYagg

Request Chain 302

https://us-u.openx.net/w/1.0/sd?id=537125688&val=AABsRk7ATcwAAA3F1gYagg HTTP 302
https://us-u.openx.net/w/1.0/sd?cc=1&id=537125688&val=AABsRk7ATcwAAA3F1gYagg

309 HTTP transactions
-1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.tmp.kuredu.com/ 98 KB
18 KB 624ms
497ms Document
text/html 35.214.92.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.214.92.101 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS: 101.92.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 7d133ccd0fdbbdf13eb300b1befda950c9e59285576cd7bbf614e10c597550d5

Request headers

:method: GET
:authority: www.tmp.kuredu.com
:scheme: https
:path: /
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

server: nginx
date: Fri, 12 Feb 2021 20:32:42 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding
set-cookie: PHPSESSID=cb7efacc30186a760f74cd9ee552de54; path=/
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
x-cache-enabled: True
x-pingback: https://www.kuredu.com/xmlrpc.php
link: <https://www.kuredu.com/wp-json/>; rel="https://api.w.org/" <https://www.kuredu.com/wp-json/wp/v2/pages/33>; rel="alternate"; type="application/json" <https://www.kuredu.com/>; rel=shortlink
x-httpd-modphp: 1
access-control-allow-headers: origin, x-requested-with, content-type, if-modified-since
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
host-header: 6b7412fb82ca5edfd0917e3957f05d89
x-proxy-cache: MISS
x-proxy-cache-info: 0 NC:000000 UP:SKIP_CACHE_NO_CACHE
content-encoding: br

GET
H2 200 style.min.css
www.kuredu.com/wp-includes/css/dist/block-library/ 50 KB
8 KB 35ms
15ms Stylesheet
text/css 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3749804
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b39440000c295c8226000000001
last-modified: Fri, 11 Dec 2020 09:51:16 GMT
server: cloudflare
etag: W/"5fd34114-c8e9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=hVBBc%2Fs4YJsg2NWLhsUpKcz6eTH57HXkx3C5CzL6hkLu0rlL7xnUhEdxy%2B53xFgVR3lZYxG1SpMEAg%2BZGRceYM%2FIi8bueF87%2FIq43fyS1EfrAO3WnQH6SevxRw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 620914a208d7c295-FRA
expires: Fri, 31 Dec 2021 10:55:59 GMT

GET
H2 200 styles.css
www.kuredu.com/wp-content/plugins/contact-form-7/includes/css/ 2 KB
941 B 46ms
26ms Stylesheet
text/css 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/plugins/contact-form-7/includes/css/styles.css
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fbf8ab57db7f9981bd71d79c7daaa01a3c578ffa0aa8e9b4a9b2bfe2e9927427

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 48515
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b39460000c29598b1d000000001
last-modified: Wed, 30 Dec 2020 08:18:52 GMT
server: cloudflare
etag: W/"5fec37ec-780"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=oSJ5CzzPOcubL7bxld7m0KfV8deLH6L%2FiTbWUsT3VRGM9F8Z7eNQFAx8cm6W%2FIknNdhuc4PUGiOY6o53zwQXWIlvV1NjqR3i2mS6828GVt2z09pbJaMd1cOo8g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 620914a208ebc295-FRA
expires: Sat, 12 Feb 2022 07:04:08 GMT

GET
H2 200 fancybox.css
www.kuredu.com/wp-content/plugins/fancybox-for-wordpress/fancybox/ 7 KB
2 KB 43ms
24ms Stylesheet
text/css 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/plugins/fancybox-for-wordpress/fancybox/fancybox.css
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b1730289ee994a39aaff1b676f8b5895396e6f4abf56e909c4f0fd5b5140a2f1

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3747497
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b39460000c2958ca91000000001
last-modified: Sun, 13 Dec 2020 14:48:07 GMT
server: cloudflare
etag: W/"5fd629a7-1a43"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wln9pZm%2F%2Fl8ggJ%2B0%2FAgTaoiW6SJK2jt5fIkmRIOP8KJFt2Snig92DUHbGZIv7vFqzgc1pQSuXQ3NJ7dlaPiUn1vph26NkgJvzf35s6r9k937vgqY%2Fh4f7oF8iw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 620914a208e7c295-FRA
expires: Fri, 31 Dec 2021 11:34:26 GMT

GET
H2 200 settings.css
www.kuredu.com/wp-content/plugins/revslider/public/assets/css/ 29 KB
7 KB 36ms
17ms Stylesheet
text/css 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/plugins/revslider/public/assets/css/settings.css
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b0b1b6ccfa5a09e69e2e1e89777043a637e23f5b9aecc0a3a86e04495804b239

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3747497
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b39440000c295d533b000000001
last-modified: Wed, 01 Jul 2020 21:23:44 GMT
server: cloudflare
etag: W/"5efcfee0-7578"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=daODF%2FCHxrHtIDFCo7i4BPkyaZOti5jq%2FJzI7INH2sWMDJf%2BskA%2FOaZD57Bh45f8T26eogVqrhel0i865v1bxurfHFLVuySYRAVhu0zPU0f74oUc3lh3hSBwGA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 620914a208dbc295-FRA
expires: Fri, 31 Dec 2021 11:34:26 GMT

GET
H2 200 style.css
www.kuredu.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/ 2 KB
749 B 47ms
29ms Stylesheet
text/css 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/legacy-dropdown/style.css
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6c83de5fc90fc5cb12d3f086f9540a4a4beecdd13abcda42ce0f5e9bad4b27f5

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3747497
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b39450000c295a89ea000000001
last-modified: Sun, 13 Dec 2020 14:43:27 GMT
server: cloudflare
etag: W/"5fd6288f-759"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=nTKGj78hY2wNz9hmJEuoZ7GMjGg76tfCpw%2FRDIPt90IPpN7VriLq%2Fh5%2FblOfrLsv%2F5rESKV0x4k9G5gP4NhpAbeS0mqUYpLK9Xqm2UvAdQ2rMtsJ5JEGvPeotg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 620914a208e0c295-FRA
expires: Fri, 31 Dec 2021 11:34:26 GMT

GET
H2 200 style.css
www.kuredu.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/ 226 B
438 B 35ms
16ms Stylesheet
text/css 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/plugins/sitepress-multilingual-cms/templates/language-switchers/menu-item/style.css
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d82524320851cd20cae529e3b2e8f44041aac4cff1d5352d115fb2f3819d742

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3749641
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b39480000c29591a3f000000001
last-modified: Sun, 13 Dec 2020 14:43:27 GMT
server: cloudflare
etag: W/"5fd6288f-e2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Fptq94ONL3luPt7ujobW6u8a2DP%2BED2juj2Am6%2Fqoq4Gue9Mcx22g0uk8%2Fvlx45YXdBpHfPetsydZu1K65EaS7GuOIK43eI%2F0T8i7T2lI9OTFKVT1Kd3kB6wiQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 620914a208f3c295-FRA
expires: Fri, 31 Dec 2021 10:58:42 GMT

GET
H2 200 frontend.min.css
www.kuredu.com/wp-content/plugins/google-analytics-for-wordpress/assets/css/ 8 KB
1 KB 42ms
23ms Stylesheet
text/css 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/plugins/google-analytics-for-wordpress/assets/css/frontend.min.css
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 90368b5a3711b1777dc287f535cfc1be62b69a362a1af847558cb7c44c7f3974

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3749804
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b39470000c295f33c1000000001
last-modified: Wed, 30 Dec 2020 08:19:29 GMT
server: cloudflare
etag: W/"5fec3811-1e0f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=KyDi1TRWbfGtq3f%2FFdDejysaipA8EZxT4f%2BAr1q5HJMR8ZuH%2BM49IB3JFrVkWTSZz5VZ0M2TwTP2w0InzdU%2FUxfVigCps0G2wCtc9UE8Ma%2BIfS9rgD9sCW7K4g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 620914a208efc295-FRA
expires: Fri, 31 Dec 2021 10:55:59 GMT

GET
H2 200 style.css
www.kuredu.com/wp-content/themes/minimum/ 10 KB
4 KB 43ms
24ms Stylesheet
text/css 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/themes/minimum/style.css
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 69dbd001fce5311fa36d9d9eda355d9fa0bdbc685f6d79119eab10556c2128fa

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3747497
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b39460000c295ecab9000000001
last-modified: Wed, 01 Jul 2020 21:23:45 GMT
server: cloudflare
etag: W/"5efcfee1-269b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fx5J4G8Zc3kMhCg60SzbdQukwSzzQyL%2BqAulfAB7CkWVYPuZgLxVj9v%2FeSs7oP%2FK3zQF%2BeDKWjeZXdqS8p1DdoFdpfUOwXQDVle%2BTA2MG34JciTm6seun1KUmw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 620914a208e5c295-FRA
expires: Fri, 31 Dec 2021 11:34:26 GMT

GET
H2 200 stylesheet.min.css
www.kuredu.com/wp-content/themes/minimum/css/ 52 KB
9 KB 40ms
22ms Stylesheet
text/css 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/themes/minimum/css/stylesheet.min.css
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b6a2e5a784d965c36f1b374aef25080a5d7456068764781d32bb2877c2bfb7e1

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3747497
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b39480000c295fb17d000000001
last-modified: Wed, 01 Jul 2020 21:23:45 GMT
server: cloudflare
etag: W/"5efcfee1-d04c"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=8dqE%2BIkZHGBKNo42V%2BYOVDQMj53%2BwQxygXJ6ASgpgkdERObgNAt6FxvIejhDcufoQi0qepnERC343S9xA67jZ8ndckgaaHAMKSmrAfuvqA7gPIRpEddHhG9NwA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 620914a208f2c295-FRA
expires: Fri, 31 Dec 2021 11:34:26 GMT

GET
H2 200 style.css
www.kuredu.com/wp-content/themes/minimum-child/ 67 KB
13 KB 42ms
24ms Stylesheet
text/css 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/themes/minimum-child/style.css
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: f8331bd4947c124e1f887af753e58d046b1a5bb8079f00e598c7da9618ee9365

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3749804
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b39470000c29598b1e000000001
last-modified: Thu, 03 Sep 2020 10:35:40 GMT
server: cloudflare
etag: W/"5f50c6fc-10c24"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=I6EkV9bx9cYEwJ9WNgcBHSwB%2BgVem3tem8A2sNx4vBIgqTAms9431rQ%2FK7T6fESLBJGM%2FlIw1wntPn02%2Ff%2F0rPxeVxC79o1A%2FhSVn3tmUUeKwKd2eSZSUTf9Tw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 620914a208f0c295-FRA
expires: Fri, 31 Dec 2021 10:55:59 GMT

GET
H2 200 style.css
www.kuredu.com/wp-content/plugins/cf7-conditional-fields/ 2 KB
758 B 36ms
18ms Stylesheet
text/css 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/plugins/cf7-conditional-fields/style.css
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: dc19c2e40e42974f0416a3f4cc97e2dbb85a5b5598b76a75e9254164922e7be0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3749804
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b39460000c295a097c000000001
last-modified: Sun, 13 Dec 2020 14:41:45 GMT
server: cloudflare
etag: W/"5fd62829-654"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YfZS92mRzb9DoATboiGBb832Wbz9CfrxIKsjKfPNIc%2F3udfGnKDvIYtZFmryVdlAQndJURZLA3LMR7i%2BeIi2CVSa%2FAXgw59G9SUktMI48d7YAG0VTncZ%2B7ul9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 620914a208e6c295-FRA
expires: Fri, 31 Dec 2021 10:55:59 GMT

GET
H2 200 frontend.min.js Show response
www.kuredu.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/ 9 KB
3 KB 24ms
24ms Script
application/javascript 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/plugins/google-analytics-for-wordpress/assets/js/frontend.min.js
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63a6d926d277a3d64d30e349fa0ea2b0630e9801d173e1947ff3bd6060147ef4

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3747497
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b3a910000c2958bbb1000000001
last-modified: Wed, 30 Dec 2020 08:19:29 GMT
server: cloudflare
etag: W/"5fec3811-2452"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=7xvle%2B6aNVjDDbyPOT4T6mDn0%2B%2B%2BBdy4hs2paYifWLWSLgB46KMUupl5b%2F8HRe4l75qgXnnToYMFOP1yffoTSgipw2Uhow54N3LJFHxKTjuowfqFQ%2B6jW8HaHQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 620914a41c1bc295-FRA
expires: Fri, 31 Dec 2021 11:34:27 GMT

GET
H2 200 jquery.min.js Show response
www.kuredu.com/wp-includes/js/jquery/ 87 KB
30 KB 47ms
29ms Script
application/javascript 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-includes/js/jquery/jquery.min.js
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3747497
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b39490000c295c10bb000000001
last-modified: Fri, 11 Dec 2020 09:51:16 GMT
server: cloudflare
etag: W/"5fd34114-15d98"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lhcOC2vEGZSAWYHrCQ7IcvFJPPLjNvNa49ybveFnxcDPhNLIleglXDPtM5mXdKypVMAaKeBAot%2F8zvygh7EWAZfuQ1yBYUAbX%2F0bA65jtyGA0WTPmj44nkVzWw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 620914a208f5c295-FRA
expires: Fri, 31 Dec 2021 11:34:26 GMT

GET
H2 200 jquery-migrate.min.js Show response
www.kuredu.com/wp-includes/js/jquery/ 11 KB
4 KB 40ms
23ms Script
application/javascript 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-includes/js/jquery/jquery-migrate.min.js
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3747497
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b39490000c2959b98d000000001
last-modified: Fri, 11 Dec 2020 09:51:16 GMT
server: cloudflare
etag: W/"5fd34114-2bd8"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=G4h2SKTnOHp%2B6EBlu900xdS4NIm7B%2F0dDRczOoQ2eS02FR5%2FQTsF4EU0kGbSagfogrDSMXpJx8sBohI4g4Yd50ckd1t70w4qrBftwcAEBuNgWgzQrDTUb%2BbwnQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 620914a208f7c295-FRA
expires: Fri, 31 Dec 2021 11:34:26 GMT

GET
H2 200 fancybox.min.js Show response
www.kuredu.com/wp-content/uploads/siteground-optimizer-assets/ 15 KB
5 KB 30ms
22ms Script
application/javascript 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/uploads/siteground-optimizer-assets/fancybox.min.js
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e9947f9559c7f47cad1ac014457d0fc4b18102c5aae6ef6db5b26648b93fa9a3

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 144386
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b3a980000c29598b32000000001
last-modified: Sun, 13 Dec 2020 14:48:07 GMT
server: cloudflare
etag: W/"5fd629a7-3dc5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=4xiTvmp55ViTb4qXLLSBReQE%2FH3XcGbaKSU3WGYMx8VhkhnSPp9AtgfaO9OPtxJEfL1qkKMESW4ZftpQH6O5HPlzkIx88i7p88pPn7HtDeUIx%2F%2B76K9UB3shMw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 620914a42c29c295-FRA
expires: Fri, 11 Feb 2022 04:26:18 GMT

GET
H2 200 jquery.themepunch.tools.min.js Show response
www.kuredu.com/wp-content/plugins/revslider/public/assets/js/ 108 KB
36 KB 37ms
30ms Script
application/javascript 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.tools.min.js
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6eabb193731278713f4208ea84b8c7334c3dfc98f01cb074778280e1df536e62

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3747497
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b3a990000c29506160000000001
last-modified: Wed, 01 Jul 2020 21:23:44 GMT
server: cloudflare
etag: W/"5efcfee0-1afe3"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Y%2FnnjBaq0Dv3C3%2F8Hqea2bKqNnwM0fYq%2FLh%2BW7wJRQ%2FJXYJ3TU7vqmi6HmsXvxq6vqoZcqa%2BX4U%2Bnh3zjkvUeSBblwQTQu5ZSatxmFNxXsTpW1iukSVDFACipw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 620914a42c2cc295-FRA
expires: Fri, 31 Dec 2021 11:34:27 GMT

GET
H2 200 jquery.themepunch.revolution.min.js Show response
www.kuredu.com/wp-content/plugins/revslider/public/assets/js/ 63 KB
17 KB 33ms
26ms Script
application/javascript 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/plugins/revslider/public/assets/js/jquery.themepunch.revolution.min.js
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 5bf19de4a1e69b7b3cce947da22702f074c0963192bf9eb3ea9210ac07c52f67

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3747497
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b3a990000c295de217000000001
last-modified: Wed, 01 Jul 2020 21:23:44 GMT
server: cloudflare
etag: W/"5efcfee0-fd80"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bf%2BJqo4So%2FVJlXC0JedUERjy0Iqa5pCKLua34mNp0dGdbD9pOdSpXtsijliO7PY%2FEnpnIc9bIRX2vrawAb8MymuAkHKCYNqhGhDcgtgsVMnMbI06Bl4TyB6A7w%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 620914a42c2dc295-FRA
expires: Fri, 31 Dec 2021 11:34:27 GMT

GET
H2 200 wpml-legacy-dropdown-0.min.js Show response
www.kuredu.com/wp-content/uploads/siteground-optimizer-assets/ 438 B
646 B 29ms
22ms Script
application/javascript 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/uploads/siteground-optimizer-assets/wpml-legacy-dropdown-0.min.js
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7ff6424e9c659cb71d9bac860b01ecb8553ae588940d6be255b6a69e816f43a3

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1353377
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b3a9a0000c295949d0000000001
last-modified: Sun, 13 Dec 2020 14:43:27 GMT
server: cloudflare
etag: W/"5fd6288f-1b6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=3Jpa7vYpQPiftowX4BeWYc3ESWeyFCFGbr5XlBQpp3pXfNcRf8rWusHwPIethv2L3eKqUZ1e5NqDsQ52lAsRBjXEcuArZ8%2FC8D2Sm%2BE1K99yRHmQzzPyS5wY5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 620914a42c2ec295-FRA
expires: Fri, 28 Jan 2022 04:36:27 GMT

GET
H2 200 woocommerce.css
www.kuredu.com/wp-content/themes/minimum/css/ 49 KB
7 KB 33ms
16ms Stylesheet
text/css 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/themes/minimum/css/woocommerce.css
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 388119d97e88a76b46bac81c9b0f5d3cf812e189325dbd8c05d42ea5b18a9635

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3749804
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b39450000c29589b3c000000001
last-modified: Wed, 01 Jul 2020 21:23:45 GMT
server: cloudflare
etag: W/"5efcfee1-c534"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bgnlfL37g9sWLQeOtvJMGavn75Gn5J%2FIElQi8ibTr1ALBkV%2B0k%2FicOAwb8eI5MdXKGeCCcWaMNx9eaZHNmmKp%2F%2FtoEE2qZLBlBfY811yH1zCcunfjvLnEu20dw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 620914a208e2c295-FRA
expires: Fri, 31 Dec 2021 10:55:59 GMT

GET
H2 200 woocommerce-responsive.css
www.kuredu.com/wp-content/themes/minimum/css/ 8 KB
1 KB 38ms
21ms Stylesheet
text/css 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/themes/minimum/css/woocommerce-responsive.css
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6d513187946a55882e4ddd88ae942167d6f481f78ce8968a73f551bf9dce5b57

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3749804
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b39480000c295a91be000000001
last-modified: Wed, 01 Jul 2020 21:23:45 GMT
server: cloudflare
etag: W/"5efcfee1-1fa2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=sMOPTrr0Fab0NT8a0oiexXzXJslJ4D4t094KuYwZI%2F55ztapV0LA6Cdx8hN%2FPoH5l3%2FN0y5Op0hR%2FQcHQ3uoNzmaUVrNuuBp38uZBVx4N6wMhHOyx1p8uyUTNg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 620914a208f4c295-FRA
expires: Fri, 31 Dec 2021 10:55:59 GMT

GET
H2 200 style_dynamic.php
www.kuredu.com/wp-content/themes/minimum/css/ 19 KB
3 KB 319ms
302ms Stylesheet
text/css 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/themes/minimum/css/style_dynamic.php
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ee851b89454a61126375ec8e092e2818179e3a1b2cf8d5811132e2b01698d0c

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: W NC:000000 UP:SKIP_CACHE_NO_CACHE
x-httpd-modphp: 1
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
host-header: 6b7412fb82ca5edfd0917e3957f05d89
cf-request-id: 08398b39470000c295e30db000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bD7kLsitLUU%2BuGpA8tQqzVGVwIEUImGmsvCugYtSkiXKCwQiSgI2zd%2F7BzbprQL4KF%2FkcCJYC4rPYlijrD2hS3wLF86sPjo5exFXTO%2FaO%2BCe7570ei1PUsT5lQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 620914a208eec295-FRA
access-control-allow-headers: origin, x-requested-with, content-type, if-modified-since
x-proxy-cache: MISS
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 responsive.min.css
www.kuredu.com/wp-content/themes/minimum-child/css/ 16 KB
2 KB 37ms
20ms Stylesheet
text/css 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/themes/minimum-child/css/responsive.min.css
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 89cb9bc8792ead963cdcfb66ef1aafb2e725871b89514a3d90eb21e429bead13

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3749804
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b39470000c2958e9d4000000001
last-modified: Wed, 01 Jul 2020 21:23:45 GMT
server: cloudflare
etag: W/"5efcfee1-40c2"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2FZ93tch%2BNW5%2FRcvAPA7SAwgc1xBoVTdUZEH5DsMK62RdYPk1n5oS94gNUH%2BI8rVXCTBmbaHTWNnov6idMVVn%2BLJYomKeIQ%2BLSXlYy3SqquLedNNO30sZQMJFaA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 620914a208ecc295-FRA
expires: Fri, 31 Dec 2021 10:55:59 GMT

GET
H2 200 style_dynamic_responsive.php
www.kuredu.com/wp-content/themes/minimum/css/ 210 B
424 B 348ms
331ms Stylesheet
text/css 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/themes/minimum/css/style_dynamic_responsive.php
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8d54a11c74a1582f66fedcd54dc815acaa0ef72c4da8ded50e861b0fe2183b16

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: W NC:000000 UP:SKIP_CACHE_NO_CACHE
x-httpd-modphp: 1
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
host-header: 6b7412fb82ca5edfd0917e3957f05d89
cf-request-id: 08398b39460000c295f909f000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=weyOhYBDWCIT%2F9Ofbxyele6WlKO7nCiXGuaPjib%2BThn8FgcLcOhmCUYsGgBa7yPWVEF8p7CLXahH2lmSGyRlPPTbJJxh91qm5fhFVDEWoPOZZhHkd0aVb2h4tQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 620914a208e9c295-FRA
access-control-allow-headers: origin, x-requested-with, content-type, if-modified-since
x-proxy-cache: MISS
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 custom_css.php
www.kuredu.com/wp-content/themes/minimum/css/ 4 B
908 B 314ms
297ms Stylesheet
text/css 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/themes/minimum/css/custom_css.php
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 82101877b4694a5b91fd00ca4b1e0c22d43bd5eb08b7757ccd5e57e222a8c9a6

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: W NC:000000 UP:SKIP_CACHE_NO_CACHE
x-httpd-modphp: 1
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-length: 4
cf-request-id: 08398b39460000c2951237a000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qu3rG%2FwWnA%2FKw2d8bdge%2BsP1L4posWelUksep0ti146tRm5ORHe6Jc7gD5fZQjw49%2Fk%2FJ%2BneQAO%2FQf02dTmWyQWbq1MpO1WABrBTYPB%2BSZ2l%2Big3%2BZ%2B2hnyt4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 620914a208eac295-FRA
access-control-allow-headers: origin, x-requested-with, content-type, if-modified-since
x-proxy-cache: MISS
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 slicknav.css
www.tmp.kuredu.com/wp-content/themes/minimum-child/slicknav/ 3 KB
979 B 47ms
46ms Stylesheet
text/css 35.214.92.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tmp.kuredu.com/wp-content/themes/minimum-child/slicknav/slicknav.css
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.214.92.101 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS: 101.92.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3d7284d3983b2fefd266d9215144e1879d7ce928cb3a2ed5188685896788573b

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:42 GMT
content-encoding: br
last-modified: Fri, 12 Feb 2021 18:28:15 GMT
server: nginx
etag: W/"6026c8bf-a64"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Sat, 12 Feb 2022 20:32:42 GMT

GET
H2 200 jquery.slicknav.js Show response
www.tmp.kuredu.com/wp-content/themes/minimum-child/slicknav/ 10 KB
3 KB 55ms
54ms Script
application/javascript 35.214.92.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tmp.kuredu.com/wp-content/themes/minimum-child/slicknav/jquery.slicknav.js
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.214.92.101 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS: 101.92.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: da6e91ff998c140d224c4a49df76e14f1fc35ae136875cff7a78f3942132090a

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:42 GMT
content-encoding: br
last-modified: Fri, 12 Feb 2021 18:28:15 GMT
server: nginx
etag: W/"6026c8bf-29e0"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Sat, 12 Feb 2022 20:32:42 GMT

GET
H2 200 jquery.ba-resize.min.js Show response
www.tmp.kuredu.com/wp-content/themes/minimum-child/js/ 1 KB
788 B 59ms
59ms Script
application/javascript 35.214.92.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tmp.kuredu.com/wp-content/themes/minimum-child/js/jquery.ba-resize.min.js
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.214.92.101 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS: 101.92.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c81f8531af91e475374160a85fc008bfd60e39c24fb03c98e85fc498cab535b1

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:42 GMT
content-encoding: br
last-modified: Fri, 12 Feb 2021 18:28:15 GMT
server: nginx
etag: W/"6026c8bf-44a"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Sat, 12 Feb 2022 20:32:42 GMT

GET
H2 200 en.png
www.kuredu.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/ 600 B
925 B 31ms
24ms Image
image/png 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kuredu.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/en.png
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3f47c75fa68e49b1cdca50c61e9cd6603b57c521e5e6809df59a4a15e291a4ef

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1353377
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 600
cf-request-id: 08398b3a9b0000c29591a58000000001
last-modified: Sun, 13 Dec 2020 14:43:27 GMT
server: cloudflare
etag: "5fd6288f-258"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=%2Bqb3pGwGOPCbfiFe3DbdNtfHs9Nph3iCdvp29r0hHrDPDl33jwrIEBu8juK6JCpWHdIv58eEpUxjHcbABC9R%2BrwT2N7qeJfw3lmeyDKehWUoqctAAigGv6S8Jw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 620914a42c30c295-FRA
expires: Fri, 28 Jan 2022 04:36:27 GMT

GET
H2 200 de.png
www.kuredu.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/ 250 B
582 B 31ms
23ms Image
image/png 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kuredu.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/de.png
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: fb8abf4975a70816d1ecb0e3dff7ed44ff73201795790a55b4abfb0d1b6d162f

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3749805
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 250
cf-request-id: 08398b3a9a0000c295fc2f5000000001
last-modified: Sun, 13 Dec 2020 14:43:27 GMT
server: cloudflare
etag: "5fd6288f-fa"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=h8M1NlVNC2KF5oYxsVCDaHDa8iDBYFo9WKRgeBqnhm8eDUNFdNobjQ2xWRMEMBMQLYVArQtRSvQvaL5rbaWY%2FgDBVU6PGRH4SU3d5XobjCvl2gIv6St0wZzuVQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 620914a42c32c295-FRA
expires: Fri, 31 Dec 2021 10:55:59 GMT

GET
H2 200 ru.png
www.kuredu.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/ 241 B
690 B 31ms
24ms Image
image/png 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kuredu.com/wp-content/plugins/sitepress-multilingual-cms/res/flags/ru.png
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: bc78f50b6e27078e91fe318c8ebdc52bac6cabbe5c298f471bc60292e126e1a5

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3749805
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 241
cf-request-id: 08398b3a9b0000c295a323f000000001
last-modified: Sun, 13 Dec 2020 14:43:27 GMT
server: cloudflare
etag: "5fd6288f-f1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=88JBoxr%2FT2UHkwTYtRocBxkD6m%2F2ZkH045vqWW6gANukBS7sukyhFUkMGabWYeetWjz83Sb%2B4CK3wWxbBf9dIEFskG4fy%2BqM32mV0SgSyPfaj3tBJqMr4925HQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 620914a42c33c295-FRA
expires: Fri, 31 Dec 2021 10:55:59 GMT

GET
H2 200 logo-kuredu-d-hor.png
www.kuredu.com/wp-content/uploads/2017/12/ 12 KB
13 KB 22ms
15ms Image
image/png 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kuredu.com/wp-content/uploads/2017/12/logo-kuredu-d-hor.png
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 452e5cba2164fd384048347b9ed0af754c3b54b5fe60d4d08c5a1960867cd569

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3749805
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 12397
cf-request-id: 08398b3a9b0000c295da0dd000000001
last-modified: Wed, 01 Jul 2020 21:24:22 GMT
server: cloudflare
etag: "5efcff06-306d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=XrqM5k7q0LJ4INyi8qZ1I6f2oEUNAI9nVEIwA3zvHXJZtzCHPGEd2imoN%2FwcHKHqoSZ7iGCjnrccGTXOwJ3nFEfLr00YLqgg%2BgAZYvrI4wijELbnCTUKoWDW6A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 620914a42c35c295-FRA
expires: Fri, 31 Dec 2021 10:55:59 GMT

GET
H2 200 dummy.png
www.kuredu.com/wp-content/plugins/revslider/admin/assets/images/ 73 B
515 B 31ms
24ms Image
image/png 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kuredu.com/wp-content/plugins/revslider/admin/assets/images/dummy.png
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 17af9e65317bbbfbbd0bcdc729f14faadf37cd08cf30cc0fe0b72443e78cbffb

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1353377
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 73
cf-request-id: 08398b3aa00000c295b50f5000000001
last-modified: Wed, 01 Jul 2020 21:23:44 GMT
server: cloudflare
etag: "5efcfee0-49"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wDCPWWDlLQahYHp0GMoMa9kFG4Yq1z1XcohV7DYYtPPas4eGCNLxqMCnvWm6HfVIP%2BPv4KEWdGe9%2BGIqZaVR%2FHkiv%2F3q8CjLCS8ln6qyw%2BgzzkkpYbZNdvpUew%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 620914a42c39c295-FRA
expires: Fri, 28 Jan 2022 04:36:27 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 97 KB
37 KB 33ms
26ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-M9S496R

Requested by

Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

dbf2c11eb36dbb742f336ed3f5ba745a04ba41478f51ed98224ad0cdc7baad3c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37515
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 20:08:04 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Feb 2021 20:32:44 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 46 KB
18 KB 12ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 4057
date: Fri, 12 Feb 2021 19:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 12 Feb 2021 21:25:07 GMT

GET
H2 200 play_icon.png
www.tmp.kuredu.com/wp-content/uploads/2017/03/ 3 KB
3 KB 62ms
56ms Image
image/png 35.214.92.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tmp.kuredu.com/wp-content/uploads/2017/03/play_icon.png
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.214.92.101 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS: 101.92.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: b88e04362b9c04dc3abb9ce2ae93647b9a58fc28358b303940b5b1f36e7fe2aa

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
last-modified: Fri, 12 Feb 2021 18:27:50 GMT
server: nginx
etag: "6026c8a6-a7b"
x-proxy-cache-info: DT:1
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 2683
expires: Sat, 12 Feb 2022 20:32:43 GMT

GET
H2 200 booking-bar.css
www.kuredu.com/wp-content/themes/minimum-child/ 24 KB
2 KB 12ms
12ms Stylesheet
text/css 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/themes/minimum-child/booking-bar.css
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 1df5fe13d8332cc34889379574bb45b9871831cb38c2b67eebbd86833cfb8f76

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3749805
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b3a730000c295949cc000000001
last-modified: Wed, 01 Jul 2020 21:23:45 GMT
server: cloudflare
etag: W/"5efcfee1-619b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=o6jBTPR00PGxu5Ns%2ByY5iJTlxePY%2F5KfRM7iGuGsYPxSyTXh0JBOoDwkzahiZR4LhaI0d%2FY8hP0Y%2FQPn2tqZhkObfYWjq0kHuyRxc4MosYdiWo1d5U3czsunAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 620914a3ebabc295-FRA
expires: Fri, 31 Dec 2021 10:55:59 GMT

GET
H2 200 jquery-ui.min.css
www.kuredu.com/wp-content/themes/minimum-child/js/ 23 KB
3 KB 13ms
13ms Stylesheet
text/css 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/themes/minimum-child/js/jquery-ui.min.css
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8342e859509bee6884a96707217fe2ec649de0aa8d6a041506bea4ec5b83e660

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3749805
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b3a810000c2950d108000000001
last-modified: Wed, 01 Jul 2020 21:23:45 GMT
server: cloudflare
etag: W/"5efcfee1-5b4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=a8KzAP5CNurAB0zvcIVE3idbaTvwClz9e3%2FDVaRYU6wB%2BLRBKfBTe1CP0%2FBwCB1hCp9oDZhbOdiHsmjTP9IstjyUCR6%2Fh20QYcf0rfXy9Fq5fxXNzZ0dH5psiw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 620914a40beac295-FRA
expires: Fri, 31 Dec 2021 10:55:59 GMT

GET
H2 200 jquery-ui.theme.min.css
www.kuredu.com/wp-content/themes/minimum-child/js/ 17 KB
2 KB 13ms
12ms Stylesheet
text/css 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/themes/minimum-child/js/jquery-ui.theme.min.css
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 854e3fc2fbd7e0be0c62e8af3cb189304d5d27f6275c6a89f1f3ea4bc9dc0363

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3749805
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b3a900000c2959b99f000000001
last-modified: Wed, 01 Jul 2020 21:23:45 GMT
server: cloudflare
etag: W/"5efcfee1-43a1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=kZHutSALFTX59zCxBqMuyj2RxaS%2F3KCD70wDBaK%2FxWMjuydXSwXrG7NspS4fFCK18JrFxLoBXm%2B%2BXNWT77Mcn0QnTFMn2VvgEATrL066qTgrY5FKErstRAFFSA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 620914a41c17c295-FRA
expires: Fri, 31 Dec 2021 10:55:59 GMT

GET
H2 200 logo-kuredu-text-2.png
www.kuredu.com/wp-content/uploads/2017/12/ 18 KB
18 KB 32ms
26ms Image
image/png 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kuredu.com/wp-content/uploads/2017/12/logo-kuredu-text-2.png
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: aabeed16c8dc11a0474658f8bad3e09f036c99e585f0b24fffa68fcb78c640e5

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3749805
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 18119
cf-request-id: 08398b3aa00000c2950f8a8000000001
last-modified: Wed, 01 Jul 2020 21:24:22 GMT
server: cloudflare
etag: "5efcff06-46c7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RmOBf%2Bi8YypmSMNUipw4IOXo4uU3Mk%2BAjGWvRkQ0IIzRHLHOr0LsrLFVMFN%2F2m7APpxCypLwkQf7ROuTKbFBdOumNpk1bqIyJpbxtn6SUMx5JGDVI4u%2BvGRXog%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 620914a42c46c295-FRA
expires: Fri, 31 Dec 2021 10:55:59 GMT

GET
H2 200 contact-form-7.min.js Show response
www.kuredu.com/wp-content/uploads/siteground-optimizer-assets/ 9 KB
3 KB 38ms
32ms Script
application/javascript 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/uploads/siteground-optimizer-assets/contact-form-7.min.js
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3ab0b94c5a731a55a9f3c8c0e787a6b754bc750811124a4ddf5a59910134569a

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3747497
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b3aa00000c295093ad000000001
last-modified: Wed, 30 Dec 2020 08:18:52 GMT
server: cloudflare
etag: W/"5fec37ec-2242"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=JwKJJJjoXjYDj9FcT1nOEg3y%2BvbL6HwS21LU1qlCXLL6UiG9AYNffpAEWJC1h9xNg28zAx%2FqzqQXPZrc7XlmmZJUkWpR0GAX3t365qcia8%2BwbqLXj44BfqpYAw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 620914a42c47c295-FRA
expires: Fri, 31 Dec 2021 11:34:27 GMT

GET
H2 200 lazysizes.min.js Show response
www.kuredu.com/wp-content/plugins/sg-cachepress/assets/js/ 7 KB
4 KB 49ms
43ms Script
application/javascript 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/plugins/sg-cachepress/assets/js/lazysizes.min.js
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e2b128a72c6e2c5bc7c526c24799ae8b83a2c32ad25f71c3acc14c7c6e2e1469

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3747497
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b3aa40000c295f33d4000000001
last-modified: Sun, 13 Dec 2020 14:42:50 GMT
server: cloudflare
etag: W/"5fd6286a-1c44"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gjqFZ801Zlw1Ufb261fW09WfYDNcEfAJw4Sq3J7k32qAxk3%2BxcgPRUyVpyf7jwbBYKLb01TZCgkQvpaMGJGnGYrfbdEQcYY2n5c2Y5SwNYe03nVdhfIvTSXZSw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 620914a42c4ac295-FRA
expires: Fri, 31 Dec 2021 11:34:27 GMT

GET
H2 200 plugins.min.js Show response
www.kuredu.com/wp-content/uploads/siteground-optimizer-assets/ 122 KB
37 KB 42ms
36ms Script
application/javascript 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/uploads/siteground-optimizer-assets/plugins.min.js
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a0aab51f25c503011d439539cf636fe1bea87fb259ce5c58b3bfdaa4063393be

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3747497
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b3aa10000c295e137a000000001
last-modified: Wed, 01 Jul 2020 21:23:45 GMT
server: cloudflare
etag: W/"5efcfee1-1e83d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=MARHABO9IG%2FTyHbGqFz3kvSDbzvNX1UYjpxgWB3YwD6S462zJQMxUI7eFbNzQ59HFbICB1NISkrVsEoU8B8GzENeId5Pam3ZNn9m5zXO31DnzBsG%2BnqweR2nQQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 620914a42c4cc295-FRA
expires: Fri, 31 Dec 2021 11:34:27 GMT

GET
H2 200 default_dynamic.php Show response
www.kuredu.com/wp-content/themes/minimum/js/ 5 KB
2 KB 300ms
294ms Script
text/javascript 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/themes/minimum/js/default_dynamic.php
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c3ddc4a0f61e3e2dfd52cde91c21d8c1dbbf5803b347d6d724e6127d35047bb0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
content-encoding: br
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: W NC:000000 UP:SKIP_CACHE_NO_CACHE
x-httpd-modphp: 1
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
host-header: 6b7412fb82ca5edfd0917e3957f05d89
cf-request-id: 08398b3aa10000c295d534e000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=FyKeWeeILb4oLDdJ0V2iwbRdBcM%2FiLmLkR7SFI7qrwhiFQPIrr6LKXj8Ooz7TuzrqmpI%2BE8satzGDHdWIBWyKOMDu%2FNpv3U7mlSU422jEpLV0V%2Fv57d4TefJCg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 620914a42c4ec295-FRA
access-control-allow-headers: origin, x-requested-with, content-type, if-modified-since
x-proxy-cache: MISS
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 default.min.js Show response
www.kuredu.com/wp-content/themes/minimum-child/js/ 21 KB
5 KB 39ms
33ms Script
application/javascript 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/themes/minimum-child/js/default.min.js
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6a4521ea58eac9f3727a73446617e4dfb48a63af99d7e87a068960decb92f1b5

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3747497
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b3aa10000c295a91cf000000001
last-modified: Wed, 01 Jul 2020 21:23:45 GMT
server: cloudflare
etag: W/"5efcfee1-53d7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qIUjo3c76R6pW16jGn9hgaXGZfvdrH2p1iZ0yPwNnUpslLdBeHS%2BivoWAEiaeku2kGSFxXw5CMMHmGWOOs8OuTfr3K1ovjRvR1aRg36GpQemaX4fe6g8On0U4Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 620914a42c4fc295-FRA
expires: Fri, 31 Dec 2021 11:34:27 GMT

GET
H2 200 custom_js.php Show response
www.kuredu.com/wp-content/themes/minimum/js/ 2 B
294 B 370ms
365ms Script
text/javascript 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/themes/minimum/js/custom_js.php
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
access-control-allow-methods: PUT, GET, POST, DELETE, OPTIONS
cf-cache-status: DYNAMIC
nel: {"report_to":"cf-nel","max_age":604800}
x-proxy-cache-info: W NC:000000 UP:SKIP_CACHE_NO_CACHE
x-httpd-modphp: 1
host-header: 6b7412fb82ca5edfd0917e3957f05d89
content-length: 2
cf-request-id: 08398b3aa20000c295ecacc000000001
pragma: no-cache
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZVe80NU8m%2BDOZyqGx76OYQT2NzZQw2enBGLtV5NPRfIcj8cjL2ZQKvB6jh%2BjMpNLbw2%2B1zG8RKDurEdMSFXtWr5qKHbRQOpAfHz1oUlHRHbrKqSXoVZPI5643Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/javascript;charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
cf-ray: 620914a42c51c295-FRA
access-control-allow-headers: origin, x-requested-with, content-type, if-modified-since
x-proxy-cache: MISS
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 comment-reply.min.js Show response
www.kuredu.com/wp-includes/js/ 3 KB
2 KB 38ms
33ms Script
application/javascript 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-includes/js/comment-reply.min.js
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: a16df2f75e04129b12a5fde7311c7ea9131418080fd3f6bcb2b28ce1faa2fe8e

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1348632
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b3aa20000c295fc2f7000000001
last-modified: Sat, 31 Oct 2020 16:32:54 GMT
server: cloudflare
etag: W/"5f9d91b6-bdb"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=gxr50deIQd30hi%2BVY7OPHzoFwFLb4gnwjyhAEg9H7%2FE%2FJ08IRkgs5d2doPqUvdAz5BteWVfoDl4Cy7xVc8E70ppcXgIPau5mcBZqj89QoqUavew0QDsPYUkxYw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 620914a42c52c295-FRA
expires: Fri, 28 Jan 2022 05:55:32 GMT

GET
H2 404 recaptcha_ajax.js
www.google.com/recaptcha/api/js/ 0
0 43ms
38ms Script
text/html 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/recaptcha/api/js/recaptcha_ajax.js?ver=5.6.1
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 wpcf7cf-scripts.min.js Show response
www.kuredu.com/wp-content/uploads/siteground-optimizer-assets/ 45 KB
13 KB 38ms
34ms Script
application/javascript 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/uploads/siteground-optimizer-assets/wpcf7cf-scripts.min.js
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 4925356a591b78758713e8824c4d2aab0ab650d7be5ef4fe8ca224a5462215f5

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3747497
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b3aa20000c295b2200000000001
last-modified: Sun, 13 Dec 2020 14:41:45 GMT
server: cloudflare
etag: W/"5fd62829-b231"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WOICAOxFGDSy6qqTDOnUck5UiqUMGSPXl8lc1H4V%2BjJH6FaSSvAvraVj4NNGAdZnxbUFM%2Fd56qKGn7%2BFYhw27SW8ICDrzURui%2FoiWY3GxzWgbVOs1rDOG31Qdg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 620914a42c53c295-FRA
expires: Fri, 31 Dec 2021 11:34:27 GMT

GET
H2 200 wp-embed.min.js Show response
www.kuredu.com/wp-includes/js/ 1 KB
977 B 26ms
22ms Script
application/javascript 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-includes/js/wp-embed.min.js
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3747497
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b3aa30000c29589b53000000001
last-modified: Wed, 01 Jul 2020 21:23:48 GMT
server: cloudflare
etag: W/"5efcfee4-59a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=RqKhumQWTxzFIt1DG0IoMmsF3dRiiYf5IGLbwhAJu6EfWbdi6ToQYFLBoLSEu982%2FOmhEu9ihyxvgjo1ZW4kET6A%2F%2Fuk%2BIFXufTPLZOlVcp7vHlgTWPyTfzW9A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 620914a43c58c295-FRA
expires: Fri, 31 Dec 2021 11:34:27 GMT

GET
H2 200 jquery-ui.min.js Show response
www.kuredu.com/wp-content/themes/minimum-child/js/ 71 KB
21 KB 44ms
40ms Script
application/javascript 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/themes/minimum-child/js/jquery-ui.min.js
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 525a1dd0ac9f28e5270f71861775bbc4e53414e8864a39df220a04972fe20ca0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3747497
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b3aa80000c29506161000000001
last-modified: Wed, 01 Jul 2020 21:23:45 GMT
server: cloudflare
etag: W/"5efcfee1-11d4f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=YkZvF09J7bFCn%2FYiJc%2BTZl1NF8RV2DZchAWOnyxOWJgDO9ohkzSS2DT3BiL1%2B4a7pGGPqh0xEiZMKOkyLEuYEycPvziR0YE0SdLZKHisM%2BOi0luSPy18Tmx8LQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 620914a43c5ac295-FRA
expires: Fri, 31 Dec 2021 11:34:27 GMT

GET
H2 200 rev_slider.css
www.kuredu.com/wp-content/themes/minimum-child/css/ 9 KB
2 KB 12ms
12ms Stylesheet
text/css 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/themes/minimum-child/css/rev_slider.css
Requested by: Host: www.kuredu.com
URL: https://www.kuredu.com/wp-content/themes/minimum-child/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3587c8b92ff35354b032e274bc1a1c32deea1fb4d58502d109414eb99e87455

Request headers

Referer: https://www.kuredu.com/wp-content/themes/minimum-child/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3749804
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b39640000c29591a41000000001
last-modified: Wed, 01 Jul 2020 21:23:45 GMT
server: cloudflare
etag: W/"5efcfee1-2400"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NGBHRk8n%2Bx7Vs9uZUEuI8oeD4szPE2z5PPf7apn0UPPG9bEBc%2FR8SEcEpwPuHfGO5x0ai%2FV%2BMWDJo%2FPA4wW3R9fkMq5EtxwzSeyub6dcpTGFwqPmtYJHc00U4A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 620914a23924c295-FRA
expires: Fri, 31 Dec 2021 10:55:59 GMT

GET
H2 200 footer.css
www.kuredu.com/wp-content/themes/minimum-child/ 7 KB
1 KB 13ms
13ms Stylesheet
text/css 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/themes/minimum-child/footer.css
Requested by: Host: www.kuredu.com
URL: https://www.kuredu.com/wp-content/themes/minimum-child/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 63d691fc996055b3e6e692ba22b5ca6853d04f724b5425963117e6c7ea8994ff

Request headers

Referer: https://www.kuredu.com/wp-content/themes/minimum-child/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1353376
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b39640000c295f6985000000001
last-modified: Wed, 01 Jul 2020 21:23:45 GMT
server: cloudflare
etag: W/"5efcfee1-1c82"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D0jV6X%2FoZPjL%2BytcAqN5yZttHFOG%2BVSqlqgz2sAJm2VhRMavb1DdeRpCQCqURAIRL8r53oghjaPKG9y3CJ1ygHbNik8er23qLs9wVg5btK7PPaZXispfRNw4Nw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css
cache-control: max-age=31536000
cf-ray: 620914a23928c295-FRA
expires: Fri, 28 Jan 2022 04:36:27 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 118 KB
37 KB 34ms
30ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-W6JKRMX

Requested by

Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

bc2dce049e03a544cb7cb188696f0ace68b2b6bfcb9f02f72b3be0cb26d10aa6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38213
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 20:08:04 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Feb 2021 20:32:44 GMT

GET
H2 200 panorama_slider.html Show response
www.tmp.kuredu.com/360panoramas/pool/ Frame 1498 8 KB
3 KB 50ms
47ms Document
text/html 35.214.92.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.214.92.101 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS: 101.92.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 39387ac1906fded07b15ca30592db064684d02795189a7f7d7b3526b20d5e072

Request headers

:method: GET
:authority: www.tmp.kuredu.com
:scheme: https
:path: /360panoramas/pool/panorama_slider.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tmp.kuredu.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PHPSESSID=cb7efacc30186a760f74cd9ee552de54; __cfduid=d505bf24908bff1169df3b8dab99011621613161963
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tmp.kuredu.com/

Response headers

server: nginx
date: Fri, 12 Feb 2021 20:32:43 GMT
content-type: text/html
last-modified: Fri, 12 Feb 2021 18:27:05 GMT
vary: Accept-Encoding
etag: W/"6026c879-1f23"
expires: Wed, 11 Aug 2021 20:32:43 GMT
cache-control: max-age=15552000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br

GET
H2 200 fa_calendar-15.png
www.kuredu.com/wp-content/uploads/2017/12/ 234 B
592 B 36ms
35ms Image
image/png 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kuredu.com/wp-content/uploads/2017/12/fa_calendar-15.png
Requested by: Host: www.kuredu.com
URL: https://www.kuredu.com/wp-content/themes/minimum-child/style.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c57504aa8371478f20f11989080c9b87951c48f258d518c379b9a1ad9900f46b

Request headers

Referer: https://www.kuredu.com/wp-content/themes/minimum-child/style.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3749804
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 234
cf-request-id: 08398b3aa80000c295a89fb000000001
last-modified: Wed, 01 Jul 2020 21:24:22 GMT
server: cloudflare
etag: "5efcff06-ea"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=s37r2abDjTP7KCZo6QIC9ZSyRpFhty4hB0Z6yjQeTxr0I%2BHeg8li6Fe0%2FuhLbPnpmp1ick5IqwrToB0%2Fs1LyNAcOQwq02FHqfOlHcJzANeeFBB5AP1IIUw5%2Bhg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 620914a43c62c295-FRA
expires: Fri, 31 Dec 2021 10:56:00 GMT

GET
H2 200 sub_menu_arrow_right.png
www.kuredu.com/wp-content/themes/minimum/img/ 965 B
1 KB 34ms
34ms Image
image/png 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kuredu.com/wp-content/themes/minimum/img/sub_menu_arrow_right.png
Requested by: Host: www.kuredu.com
URL: https://www.kuredu.com/wp-content/themes/minimum/css/stylesheet.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 72e1b877edf927c55a89eb0839a884b48f8a60cc4bd6c9b1e865ab4257095c19

Request headers

Referer: https://www.kuredu.com/wp-content/themes/minimum/css/stylesheet.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1345690
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 965
cf-request-id: 08398b3aa90000c295a3241000000001
last-modified: Wed, 01 Jul 2020 21:23:45 GMT
server: cloudflare
etag: "5efcfee1-3c5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ZSsPP2UFxRVWy02WYdLKEXCIfJ5m7kIDup9hhj1%2Fm61P49KLdvy7A2V3oPa%2FlLx2RBq%2BToIf%2BCijjfa%2BT%2FBTDK0cbOGPR2WO6LmuZN9fCY4P73Qd5no3Ahl6nA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 620914a43c63c295-FRA
expires: Fri, 28 Jan 2022 06:44:34 GMT

GET
H2 200 6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7g.ttf
fonts.gstatic.com/s/sourcesanspro/v14/ 61 KB
29 KB 7ms
6ms Font
font/ttf 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK3dSBYKcSV-LCoeQqfX1RYOo3qPK7g.ttf

Requested by

Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

00207460dc1611a45a70d062f6e5574952fe12a419b19f83012437567134da91

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.tmp.kuredu.com
Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 16:36:25 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 359779
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29931
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:25 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Feb 2022 16:36:25 GMT

GET
H2 200 6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZY4lCdo18E.ttf
fonts.gstatic.com/s/sourcesanspro/v14/ 37 KB
19 KB 9ms
9ms Font
font/ttf 2a00:1450:4001:828::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZY4lCdo18E.ttf

Requested by

Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1625135a7516adc73644d4534059919ab360e397c1a3dc89210d1d986a0cb36a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.tmp.kuredu.com
Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 08 Feb 2021 14:10:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 368519
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19784
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:11:42 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 08 Feb 2022 14:10:45 GMT

GET
H3-Q050 200 mem8YaGs126MiZpBA-UFUZ0e.ttf
fonts.gstatic.com/s/opensans/v18/ 38 KB
38 KB 15ms
7ms Font
font/ttf 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v18/mem8YaGs126MiZpBA-UFUZ0e.ttf

Requested by

Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a17818dfc67b1eb130d318b28bc5e15417013117ba07cc59052ba9c05f3111fa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.tmp.kuredu.com
Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 08:13:13 GMT
x-content-type-options: nosniff
last-modified: Tue, 15 Sep 2020 18:09:25 GMT
server: sffe
age: 130771
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38460
x-xss-protection: 0
expires: Fri, 11 Feb 2022 08:13:13 GMT

GET
H3-Q050 200 6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7jsDc.ttf
fonts.gstatic.com/s/sourcesanspro/v14/ 37 KB
20 KB 15ms
9ms Font
font/ttf 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xK1dSBYKcSV-LCoeQqfX1RYOo3qPZ7jsDc.ttf

Requested by

Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4dedabcac682b665e87347797ba4ecb42575d62f3b4fd6b8b20cdcec20fc92bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.tmp.kuredu.com
Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 06:35:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 136625
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19893
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:59 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 06:35:39 GMT

GET
H3-Q050 200 6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZYokSdo18E.ttf
fonts.gstatic.com/s/sourcesanspro/v14/ 37 KB
19 KB 13ms
8ms Font
font/ttf 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZYokSdo18E.ttf

Requested by

Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9f95fd2304d6305f2a62b9d6658974ac74f6fcf828aeb25cfe706686bb283b60

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.tmp.kuredu.com
Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 13:08:30 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 113054
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19381
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:09:56 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 11 Feb 2022 13:08:30 GMT

GET
H3-Q050 200 6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwkxdr.ttf
fonts.gstatic.com/s/sourcesanspro/v14/ 60 KB
29 KB 7ms
6ms Font
font/ttf 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3i54rwkxdr.ttf

Requested by

Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

150c3ee916a10feab0b75ad817052e6ef9206ed32e48c460f2db6f4ba89a30d3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.tmp.kuredu.com
Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 04:53:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 56345
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29643
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:24 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 12 Feb 2022 04:53:39 GMT

GET
H2 200 calendar.png
www.kuredu.com/wp-content/uploads/2017/06/ 2 KB
2 KB 13ms
12ms Image
image/png 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kuredu.com/wp-content/uploads/2017/06/calendar.png
Requested by: Host: www.kuredu.com
URL: https://www.kuredu.com/wp-content/themes/minimum-child/booking-bar.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 22b3008d2e4bc7907aaf8a2ee8bd0618152235ac13fcf44233b18ec057f92b2a

Request headers

Referer: https://www.kuredu.com/wp-content/themes/minimum-child/booking-bar.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3747496
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 1902
cf-request-id: 08398b3b010000c295e30fb000000001
last-modified: Wed, 01 Jul 2020 21:24:21 GMT
server: cloudflare
etag: "5efcff05-76e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=6aIrX94oKqIq1EmeqpLbIPF4WDSFKjDnmGDCmxhjuUsltzxThpYK9k%2B%2B%2BJDejYglxJ0nRcQ0mmlQ%2FyRSbkc1WiYDKNQQj2rXrK7E01zqERhxEqXw9cKEgiJw7A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 620914a4cd44c295-FRA
expires: Fri, 31 Dec 2021 11:34:28 GMT

GET
H2 200 adults.png
www.kuredu.com/wp-content/uploads/2017/06/ 2 KB
2 KB 14ms
13ms Image
image/png 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kuredu.com/wp-content/uploads/2017/06/adults.png
Requested by: Host: www.kuredu.com
URL: https://www.kuredu.com/wp-content/themes/minimum-child/booking-bar.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 48bd45366772a5c46d78b82885dbd8d41c20fe75689e3c921a77169d1cf781cf

Request headers

Referer: https://www.kuredu.com/wp-content/themes/minimum-child/booking-bar.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3747496
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 1657
cf-request-id: 08398b3b020000c295cdacf000000001
last-modified: Wed, 01 Jul 2020 21:24:21 GMT
server: cloudflare
etag: "5efcff05-679"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=G0n0E6Jys6KzIlSFdbV%2BwSJd1FqkbQRf5vBJILhzHbvmCA2rwgjrDA5fqj039906jDrx1PipV9V551%2FzPlLb84ih0frx48DQCFKh64l6QRfvJEEdYXJv85PJAQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 620914a4cd45c295-FRA
expires: Fri, 31 Dec 2021 11:34:28 GMT

GET
H2 200 children.png
www.kuredu.com/wp-content/uploads/2017/06/ 2 KB
2 KB 12ms
12ms Image
image/png 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kuredu.com/wp-content/uploads/2017/06/children.png
Requested by: Host: www.kuredu.com
URL: https://www.kuredu.com/wp-content/themes/minimum-child/booking-bar.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: adad90d2735f950cf6506010a3cc4b704a3d3213284f8f31c40fac6c4bf1ba3c

Request headers

Referer: https://www.kuredu.com/wp-content/themes/minimum-child/booking-bar.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3749641
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 2038
cf-request-id: 08398b3b020000c2958b1bf000000001
last-modified: Wed, 01 Jul 2020 21:24:21 GMT
server: cloudflare
etag: "5efcff05-7f6"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=rf1aGlBR0l4C1cbaElk89wXenGmD45xCbdFhYjJRXrmtfhYOsN97l51FpLYtza0tyBu1EJepKJSP0ynWdSRkCvZm0A1Ki4cisJaR%2B0cvI0sAxZIGAmGHqSCW0A%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 620914a4dd49c295-FRA
expires: Fri, 31 Dec 2021 10:58:43 GMT

GET
H2 200 rooms.png
www.kuredu.com/wp-content/uploads/2017/06/ 2 KB
2 KB 14ms
14ms Image
image/png 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kuredu.com/wp-content/uploads/2017/06/rooms.png
Requested by: Host: www.kuredu.com
URL: https://www.kuredu.com/wp-content/themes/minimum-child/booking-bar.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 9f34b76bce47c04e802eeffb1f485a7918927515b9a280f4c45dc523a2729aa9

Request headers

Referer: https://www.kuredu.com/wp-content/themes/minimum-child/booking-bar.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3747496
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 1565
cf-request-id: 08398b3b020000c29589343000000001
last-modified: Wed, 01 Jul 2020 21:24:21 GMT
server: cloudflare
etag: "5efcff05-61d"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=ejwX0TrhngeyzwGdQPeCjADw6IsF6NNQdvnpCW2raMmpkqEMQ1ZmdLdwYPzm%2BKY5HRhXuAO2hiuQ%2Fa7nzDC1WsN0YWZwMuyIcSHmQay2bc%2Fpk7GRgFXPpcns0g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 620914a4dd4bc295-FRA
expires: Fri, 31 Dec 2021 11:34:28 GMT

GET
H3-Q050 200 6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwkxdr.ttf
fonts.gstatic.com/s/sourcesanspro/v14/ 60 KB
29 KB 7ms
7ms Font
font/ttf 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKydSBYKcSV-LCoeQqfX1RYOo3ig4vwkxdr.ttf

Requested by

Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b93eda831467a0b68d837374261f27fc68a4792af70f4482898feaffdd3efdc7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.tmp.kuredu.com
Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 08:52:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 214813
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29481
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:05 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Feb 2022 08:52:31 GMT

GET
H2 200 social.png
www.kuredu.com/wp-content/themes/minimum-child/images/ 10 KB
11 KB 14ms
14ms Image
image/png 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kuredu.com/wp-content/themes/minimum-child/images/social.png
Requested by: Host: www.kuredu.com
URL: https://www.kuredu.com/wp-content/themes/minimum-child/footer.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: b764827295efeaec3d7e091195a44e112f8407a82b8a6418dbd529ab6d15b48e

Request headers

Referer: https://www.kuredu.com/wp-content/themes/minimum-child/footer.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3749804
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 10583
cf-request-id: 08398b3b160000c295fb196000000001
last-modified: Wed, 01 Jul 2020 21:23:45 GMT
server: cloudflare
etag: "5efcfee1-2957"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=yiIqpHkZ6nn%2BE2ZRPLcy4P79GwPMuK8BDXa4GCDIodq3i05ucG%2FfI2cVOxFnuMfXHcn0fYT%2Bna24x%2FYnTgsN%2FwbYRp02IjwU28seGVNxyw9aXkpliN%2BZQVcKtg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 620914a4ed7cc295-FRA
expires: Fri, 31 Dec 2021 10:56:00 GMT

GET
H2 200 footer-icons.png
www.kuredu.com/wp-content/themes/minimum-child/images/ 12 KB
12 KB 13ms
13ms Image
image/png 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kuredu.com/wp-content/themes/minimum-child/images/footer-icons.png
Requested by: Host: www.kuredu.com
URL: https://www.kuredu.com/wp-content/themes/minimum-child/footer.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 0b78b797a9b82e22ab79858f28587559459a46cd306b0b93d5d89dbe0b4932b5

Request headers

Referer: https://www.kuredu.com/wp-content/themes/minimum-child/footer.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3747496
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 11871
cf-request-id: 08398b3b160000c295949d9000000001
last-modified: Wed, 01 Jul 2020 21:23:45 GMT
server: cloudflare
etag: "5efcfee1-2e5f"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=2vc8%2F0WPVTJwYeonRS5ePxFH7UHox8e3Y%2F5eFzitvZx%2BFc8gBC%2FB7MjJadFf4jFBVaZwu5OwCVLB7165%2FYa0M5dgc1UdOL%2B%2Bh4ruSu93ZczVoVl2TRPVZou6sw%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 620914a4fd7ec295-FRA
expires: Fri, 31 Dec 2021 11:34:28 GMT

GET
H3-Q050 200 jizaRExUiTo99u79D0aEwA.ttf
fonts.gstatic.com/s/ptsans/v12/ 138 KB
82 KB 8ms
7ms Font
font/ttf 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v12/jizaRExUiTo99u79D0aEwA.ttf

Requested by

Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

652a393da4f6acc6f7c69fc8291b78786006379eaf1177250af75383b07b93ab

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.tmp.kuredu.com
Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 07 Feb 2021 14:54:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 452278
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 84240
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:09:22 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 07 Feb 2022 14:54:46 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ 4 B
393 B 40ms
13ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&a=525718386&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tmp.kuredu.com%2F&ul=en-us&de=UTF-8&dt=Maldives%20Resorts%20-%20Kuredu%20is%20a%20top%20rated%20and%20popular%20resort&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABCAAAAC~&jid=450901480&gjid=1310350487&cid=1433961594.1613161964&tid=UA-41473275-3&_gid=1925978311.1613161964&_r=1&_slc=1&did=dZGIzZG&z=1060608872

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:44 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.tmp.kuredu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 / Show response
customs.affilired.com/track/ 36 KB
10 KB 255ms
40ms Script
text/javascript 65.9.69.77
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://customs.affilired.com/track/?merchant=4567
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.69.77 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: 3cdcd6e8a19baf2e7413ba9081f9d241908c0b25858a4935154ef31b32140c2e

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:28:15 GMT
content-encoding: gzip
server: nginx
age: 269
vary: Accept-Encoding
x-cache: Hit from cloudfront
p3p: policyref="/w3c/p3p.xml", CP="IVA SAM IND NON COR"
via: 1.1 f358cf5f46d10c349187abd5e20e06cf.cloudfront.net (CloudFront)
cache-control: max-age=604800
jb-x-cache: HIT
x-amz-cf-pop: FRA56-C1
content-type: text/javascript; charset=utf-8
x-amz-cf-id: nvMbD7GjxvnK63ptYTdeAKxIcuXmoSRiuItwTsO97BBIC86JvzOfbg==
expires: Fri, 19 Feb 2021 20:28:07 GMT

GET
H3-Q050 404 recaptcha_ajax.js
www.google.com/recaptcha/api/js/ 0
0 39ms
39ms Script
text/html 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.google.com/recaptcha/api/js/recaptcha_ajax.js?ver=5.6.1
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H3-Q050
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

GET
H2 200 footer-icons.png
www.tmp.kuredu.com/wp-content/themes/minimum-child/images/ 12 KB
12 KB 48ms
47ms Image
image/png 35.214.92.101
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tmp.kuredu.com/wp-content/themes/minimum-child/images/footer-icons.png
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.214.92.101 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS: 101.92.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 0b78b797a9b82e22ab79858f28587559459a46cd306b0b93d5d89dbe0b4932b5

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
last-modified: Fri, 12 Feb 2021 18:28:15 GMT
server: nginx
etag: "6026c8bf-2e5f"
x-proxy-cache-info: DT:1
content-type: image/png
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
accept-ranges: bytes
content-length: 11871
expires: Sat, 12 Feb 2022 20:32:43 GMT

GET
H2 200 jquery-2.1.1.min.js Show response
www.tmp.kuredu.com/360panoramas/pool/panorama_sliderdata/lib/ Frame 1498 82 KB
28 KB 61ms
59ms Script
application/javascript 35.214.92.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tmp.kuredu.com/360panoramas/pool/panorama_sliderdata/lib/jquery-2.1.1.min.js
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.214.92.101 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS: 101.92.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Request headers

Referer: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
content-encoding: br
last-modified: Fri, 12 Feb 2021 18:27:05 GMT
server: nginx
etag: W/"6026c879-14915"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Sat, 12 Feb 2022 20:32:43 GMT

GET
H2 200 jquery-ui.min.css
www.tmp.kuredu.com/360panoramas/pool/panorama_sliderdata/lib/jquery-ui-1.11.1/ Frame 1498 29 KB
7 KB 47ms
46ms Stylesheet
text/css 35.214.92.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tmp.kuredu.com/360panoramas/pool/panorama_sliderdata/lib/jquery-ui-1.11.1/jquery-ui.min.css
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.214.92.101 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS: 101.92.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: fef9445962ee41d926cf1794d3bf01ec91c0d4f9c1ef80a62a9d64137520031e

Request headers

Referer: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
content-encoding: br
last-modified: Fri, 12 Feb 2021 18:27:05 GMT
server: nginx
etag: W/"6026c879-75d3"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Sat, 12 Feb 2022 20:32:43 GMT

GET
H2 200 jquery-ui.min.js Show response
www.tmp.kuredu.com/360panoramas/pool/panorama_sliderdata/lib/jquery-ui-1.11.1/ Frame 1498 233 KB
58 KB 76ms
74ms Script
application/javascript 35.214.92.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tmp.kuredu.com/360panoramas/pool/panorama_sliderdata/lib/jquery-ui-1.11.1/jquery-ui.min.js
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.214.92.101 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS: 101.92.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e5def7b64a40d2dd4da526de10a1168cd6d5165a3d54f45b240288c1a677bb0d

Request headers

Referer: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
content-encoding: br
last-modified: Fri, 12 Feb 2021 18:27:05 GMT
server: nginx
etag: W/"6026c879-3a2ea"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Sat, 12 Feb 2022 20:32:43 GMT

GET
H2 200 jquery.ui.touch-punch.min.js Show response
www.tmp.kuredu.com/360panoramas/pool/panorama_sliderdata/lib/ Frame 1498 1 KB
772 B 88ms
86ms Script
application/javascript 35.214.92.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tmp.kuredu.com/360panoramas/pool/panorama_sliderdata/lib/jquery.ui.touch-punch.min.js
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.214.92.101 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS: 101.92.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd

Request headers

Referer: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
content-encoding: br
last-modified: Fri, 12 Feb 2021 18:27:05 GMT
server: nginx
etag: W/"6026c879-50b"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Sat, 12 Feb 2022 20:32:43 GMT

GET
H2 200 KolorTools.min.js Show response
www.tmp.kuredu.com/360panoramas/pool/panorama_sliderdata/lib/Kolor/ Frame 1498 17 KB
5 KB 89ms
87ms Script
application/javascript 35.214.92.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tmp.kuredu.com/360panoramas/pool/panorama_sliderdata/lib/Kolor/KolorTools.min.js
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.214.92.101 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS: 101.92.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c770fbeddf4e10189b4f4a7db3d911a90f359e631153d62ec0d8b21227b958aa

Request headers

Referer: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
content-encoding: br
last-modified: Fri, 12 Feb 2021 18:27:05 GMT
server: nginx
etag: W/"6026c879-4412"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Sat, 12 Feb 2022 20:32:43 GMT

GET
H2 200 KolorBootstrap.js Show response
www.tmp.kuredu.com/360panoramas/pool/panorama_sliderdata/graphics/ Frame 1498 12 KB
3 KB 89ms
88ms Script
application/javascript 35.214.92.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tmp.kuredu.com/360panoramas/pool/panorama_sliderdata/graphics/KolorBootstrap.js
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.214.92.101 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS: 101.92.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c899f3fd2c3b088c82ba325aa90d86973fdbf210b0d7f933a6b6c3348041f7e9

Request headers

Referer: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
content-encoding: br
last-modified: Fri, 12 Feb 2021 18:27:05 GMT
server: nginx
etag: W/"6026c879-2e72"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Sat, 12 Feb 2022 20:32:43 GMT

GET
H2 200 panorama_slider.js Show response
www.tmp.kuredu.com/360panoramas/pool/panorama_sliderdata/ Frame 1498 146 KB
114 KB 97ms
95ms Script
application/javascript 35.214.92.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tmp.kuredu.com/360panoramas/pool/panorama_sliderdata/panorama_slider.js
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.214.92.101 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS: 101.92.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3839642abfdd98a3e5dfa64badedca3cfcbf5701526c35142d4287a625de2ce3

Request headers

Referer: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
content-encoding: br
last-modified: Fri, 12 Feb 2021 18:27:05 GMT
server: nginx
etag: W/"6026c879-24842"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Sat, 12 Feb 2022 20:32:43 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
91 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-41473275-3&cid=1433961594.1613161964&jid=1906263211&gjid=1804400680&_gid=1925978311.1613161964&_u=aGDAgUABCAAAAG~&z=249134889

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 12 Feb 2021 20:32:44 GMT
content-type: text/plain
access-control-allow-origin: https://www.tmp.kuredu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
13 KB 137ms
57ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-M9S496R

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

c70c76846a8e9bf632e225948393882141c6ddb3ebab4ce1be1aa5deda981de3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12205
x-xss-protection: 0
server: cafe
etag: 14286597169266950975
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 12 Feb 2021 20:32:44 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 91 KB
23 KB 6ms
6ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 23762
x-fb-rlafr: 0
pragma: public
x-fb-debug: 9HoXLCLmgOzqJuzadbiqM8YTaHj9NKuJ8/EivD+fAPuCIGMWyn4S7kBbKM5CZnMcqFsi4pvMCstIWpBdg364Rw==
x-fb-trip-id: 917726464
x-frame-options: DENY
date: Fri, 12 Feb 2021 20:32:44 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2

200

asset_composer.js Show response
static.zdassets.com/ekr/
Redirect Chain

https://v2.zopim.com/?35sMl3TtCSbQlHPgsi3goXQqBhFW5Mk2
https://static.zdassets.com/ekr/asset_composer.js

24 KB
7 KB

88ms
40ms

Script
application/javascript

104.18.70.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://static.zdassets.com/ekr/asset_composer.js

Requested by

Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.70.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
content-encoding: br
cf-cache-status: HIT
age: 34
x-amz-server-side-encryption: AES256
x-amz-replication-status: COMPLETED
strict-transport-security: max-age=0
x-amz-request-id: D958C82D37DD7842
x-amz-id-2: HYiLRMjPv667ivceBml2OdaiJnenqBg09anHJlNqCtW5aayjYqBlcewCbUpGkbyLOjj28U2faQ4=
last-modified: Tue, 10 Mar 2020 23:13:51 GMT
server: cloudflare
etag: W/"f47f1934dec578b3ec2daacb7e61d9c9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript
cache-control: public, max-age=3600, s-maxage=60
x-amz-version-id: sY6Zq5SXmxNkbgD1V_h8h9T.ZhWYQwC3
cf-request-id: 08398b3c56000010bdcea9b000000001
cf-ray: 620914a6e90010bd-CPH

Redirect headers

date: Fri, 12 Feb 2021 20:32:44 GMT
cf-cache-status: HIT
server: cloudflare
age: 1782
etag: "5ee9874c-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/octet-stream
location: https://static.zdassets.com/ekr/asset_composer.js
cache-control: max-age=14400, max-age=14400, public, must-revalidate, proxy-revalidate
cf-ray: 620914a5de4c10bd-CPH
content-length: 0
cf-request-id: 08398b3bab000010bdfa00b000000001
expires: Sat, 13 Feb 2021 00:03:02 GMT

GET
H/1.1 200
OK 5b5716522fa1e241a400011b.js Show response
tag.marinsm.com/serve/ 10 KB
4 KB 115ms
32ms Script
text/javascript 151.101.12.65
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://tag.marinsm.com/serve/5b5716522fa1e241a400011b.js

Requested by

Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.65 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

Cowboy /

Resource Hash

d12bf6f2eb90f3cc37a14575c7d7e86ada7ab3a1e7cc641207e95641e5a32e2c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:32:44 GMT
Via: 1.1 vegur, 1.1 varnish
X-Content-Type-Options: nosniff
Age: 174
X-Cache: HIT
Connection: keep-alive
Content-Encoding: gzip
Content-Length: 3595
X-Served-By: cache-fra19137-FRA
Server: Cowboy
X-Timer: S1613161965.509647,VS0,VE1
Vary: Accept-Encoding
Content-Type: text/javascript
Cache-Control: max-age=1800
Accept-Ranges: bytes
X-Cache-Hits: 1

GET
H2

200

bootstrap.js Show response
onboard.triptease.io/bootstrap/v3844.35532/
Redirect Chain

https://onboard.triptease.io/bootstrap.js?integrationId=01D1T6RBS9BAJFX5M0ZK2SEZ6C
https://onboard.triptease.io/bootstrap/v3844.35532/bootstrap.js

426 KB
115 KB

26ms
26ms

Script
application/javascript

2606:4700:10::ac43:2653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/bootstrap/v3844.35532/bootstrap.js

Requested by

Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2653 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0db1d5051952fe11c2805e51f4f1160690dee0ed14bdb2eb3fb4e1b3f741fa62

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-goog-meta-git-hash: bf7facd019bbf8d578c4cd9c2467b90141cdd71e
age: 27663
x-guploader-uploadid: ABg5-UyZOV-V9nOAODmYbaPZXn040Mt9gzJHBW6-SpYePr84PSmnPIcOZDPNiigx14vbk8vWUS9rox41uTXNqkb5W-s
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-meta-build-version: 3844.35532
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08398b3bb700002c3e99119000000001
cf-ray: 620914a5f9172c3e-FRA
last-modified: Fri, 12 Feb 2021 12:47:25 GMT
server: cloudflare
etag: W/"4264cba79e0ead1f7a1cec0369349801"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
x-goog-hash: crc32c=lJovWw==, md5=QmTLp54OrR96HOwDaTSYAQ==
x-goog-generation: 1613134044994367
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 435982
content-type: application/javascript; charset=utf-8
expires: Sat, 12 Feb 2022 12:51:39 GMT

Redirect headers

date: Fri, 12 Feb 2021 20:32:44 GMT
server: cloudflare
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept
location: https://onboard.triptease.io/bootstrap/v3844.35532/bootstrap.js
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/plain;charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=600
strict-transport-security: max-age=15552000
cf-ray: 620914a5b88f2c3e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 63
cf-request-id: 08398b3b9100002c3e8099a000000001

GET
H3-Q050 200 collect
www.google-analytics.com/ 35 B
122 B 6ms
6ms Image
image/gif 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j87&a=525718386&t=pageview&_s=1&dl=https%3A%2F%2Fwww.tmp.kuredu.com%2F&ul=en-us&de=UTF-8&dt=Maldives%20Resorts%20-%20Kuredu%20is%20a%20top%20rated%20and%20popular%20resort&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=aGDAgUABCAAAAC~&jid=1906263211&gjid=1804400680&cid=1433961594.1613161964&tid=UA-41473275-3&_gid=1925978311.1613161964&did=dZGIzZG&gtm=2wg230M9S496R&z=1578865231

Requested by

Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 11 Feb 2021 23:03:24 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 77360
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hotel_price_widget.js Show response
www.thehotelsnetwork.com/js/ 43 KB
14 KB 200ms
132ms Script
application/javascript 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?hotel_id=1089357&property_id=1013843&account_key=F174E2F3A0ED27BE653C31CC1C22C70E
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-W6JKRMX
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 / PHP/7.3.26-1+0~20210112.74+debian10~1.gbpd78724
Resource Hash: 786fcc3c98b3a482c9c05226262fef58d99fd07195ce75e225ab520a3a105b1b

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:44 GMT
content-encoding: gzip
server: nginx/1.17.5
x-powered-by: PHP/7.3.26-1+0~20210112.74+debian10~1.gbpd78724
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: https://www.tmp.kuredu.com
x-iinfo: 9-21441100-21441101 NNNN CT(24 24 0) RT(1613161964043 0) q(0 0 0 0) r(1 1) U5
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
427 B 42ms
15ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-41473275-3&cid=1433961594.1613161964&jid=450901480&gjid=1310350487&_gid=1925978311.1613161964&_u=YEBAAUAACAAAAC~&z=1147021089

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 12 Feb 2021 20:32:44 GMT
content-type: text/plain
access-control-allow-origin: https://www.tmp.kuredu.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
238 B 32ms
31ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-41473275-3&cid=1433961594.1613161964&jid=1906263211&_u=aGDAgUABCAAAAG~&z=1991913767

Requested by

Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 32ms
32ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-41473275-3&cid=1433961594.1613161964&jid=1906263211&_u=aGDAgUABCAAAAG~&z=1991913767

Requested by

Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1300240423392726 Show response
connect.facebook.net/signals/config/ 240 KB
69 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1300240423392726?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

bc85a95b298592482135f920781a202d32b35712fec69e744be43e9a3c721daa

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70489
x-fb-rlafr: 0
pragma: public
x-fb-debug: qQ9tj6Gw+dIKd+hpQH47/qpniZuhs8M37rFuGK0pZ5eCk5qY3aWJH/nie1KMG0x/zrb4vrwHJuOfB+wxv9w/og==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 12 Feb 2021 20:32:44 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 272669191
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ 42 B
65 B 29ms
28ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-41473275-3&cid=1433961594.1613161964&jid=450901480&_u=YEBAAUAACAAAAC~&z=1813161932

Requested by

Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ 42 B
483 B 52ms
37ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-41473275-3&cid=1433961594.1613161964&jid=450901480&_u=YEBAAUAACAAAAC~&z=1813161932

Requested by

Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
410 B 20ms
5ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1300240423392726&ev=PageView&dl=https%3A%2F%2Fwww.tmp.kuredu.com%2F&rl=&if=false&ts=1613161964488&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1613161964486.1999571625&it=1613161964443&coo=false&rqm=GET

Requested by

Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 12 Feb 2021 20:32:44 GMT

GET
H2 200 identity Show response
api.triptease.io/identity-service/ 158 B
817 B 244ms
148ms Fetch
application/json 35.186.195.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.triptease.io/identity-service/identity
Requested by: Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01D1T6RBS9BAJFX5M0ZK2SEZ6C
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.195.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.11.3 /
Resource Hash: 1117a4607bda116a102e6a74493e71fd7f3d7cae62484972724f0c4f8efe5c3d

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
via: 1.1 google
last-modified: Fri, 12 Feb 2021 20:32:44 GMT
server: nginx/1.11.3
etag: W/eyJ1c2VySWQiOiJlZjUyZGJjNy1mYTIyLTRhZjktYmI1Yy03OGRlOTE0MTBiOWIiLCJzZXNzaW9uSWQiOiI5NmY0MTA4Ni0wY2NkLTQwMmUtOGRmMy1kZGM4MmU0MTljY2UiLCJ2YWxpZEZyb20iOiIxNjEzMTYxOTY0NzE4In0=
p3p: policyref="/p3p/policy.xml", CP="NON DEV PSA IVA IVD HIS OTP OUR OTR IND UNI NAV INT STA PUR"
access-control-allow-origin: https://www.tmp.kuredu.com
cache-control: private, must-revalidate
access-control-allow-credentials: true
content-type: application/json; charset=utf-8
alt-svc: clear
content-length: 158
expires: -1

GET
H2 200 kernel-host.html Show response
onboard.triptease.io/kernel/v3844.35532/ Frame A981 42 KB
13 KB 25ms
25ms Document
text/html 2606:4700:10::ac43:2653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/kernel/v3844.35532/kernel-host.html?originHost=www.tmp.kuredu.com

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01D1T6RBS9BAJFX5M0ZK2SEZ6C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2653 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4ae49687f3f44d52fa86fb460759c5b0505d0e4244c6cfa45f8167aea2010adc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onboard.triptease.io
:scheme: https
:path: /kernel/v3844.35532/kernel-host.html?originHost=www.tmp.kuredu.com
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tmp.kuredu.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tmp.kuredu.com/

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
content-type: text/html; charset=utf-8
set-cookie: __cfduid=dd22fc1001bbe1227cd1213044beb7cf41613161964; expires=Sun, 14-Mar-21 20:32:44 GMT; path=/; domain=.triptease.io; HttpOnly; SameSite=Lax; Secure
cf-ray: 620914a69a6f2c3e-FRA
access-control-allow-origin: *
age: 5915
cache-control: public, max-age=31536000
expires: Sat, 12 Feb 2022 18:54:09 GMT
last-modified: Fri, 12 Feb 2021 12:47:16 GMT
strict-transport-security: max-age=15552000
vary: Accept-Encoding
cf-cache-status: HIT
access-control-expose-headers: Content-Type
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08398b3c1d00002c3e911fd000000001
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
x-goog-generation: 1613134036204711
x-goog-hash: crc32c=omKS7g== md5=6WfXEvlEzdDsufZ8bISJhA==
x-goog-meta-build-version: 3844.35532
x-goog-meta-git-hash: bf7facd019bbf8d578c4cd9c2467b90141cdd71e
x-goog-metageneration: 2
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 43226
x-guploader-uploadid: ABg5-Uw3O7UT8oQq2XmXkYPcuqgR52BMtn8Ls1A2FjRF5UinWndMyZTjBnHM2sdKdKk8XfL_4ELgwvAsTPOCBt8MUQb8GTAosg
server: cloudflare
content-encoding: br

GET
H/1.1

200
OK

tagjs Show response
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/tagjs?a_id=84479&source=js_tag
https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=84479&source=js_tag

136 B
465 B

53ms
48ms

Script
text/javascript

52.51.60.151
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=84479&source=js_tag
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.60.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 4154a8cd0e4863a3839a1fa335b4e51caa8fa8a24fcc3222c8e142f77f823f35

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 136
Content-Type: text/javascript

Redirect headers

Location: https://pixel-geo.prfct.co/tagjs?check_cookie=1&a_id=84479&source=js_tag
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H2 200 revolution.extension.video.min.js Show response
www.kuredu.com/wp-content/plugins/revslider/public/assets/js/extensions/ 24 KB
6 KB 17ms
16ms Script
application/javascript 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.video.min.js?version=5.4.5
Requested by: Host: www.kuredu.com
URL: https://www.kuredu.com/wp-includes/js/jquery/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8c31c97858196d93a06ad02300c31b25acbb40b1b6e63c11c77ac6644f0cff01

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3749647
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b3c300000c295b510f000000001
last-modified: Wed, 01 Jul 2020 21:23:44 GMT
server: cloudflare
etag: W/"5efcfee0-5e93"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QCSn23h0zh3pTA%2FPx1S%2Bl0FI4%2FL%2BjZOTNIbE%2Fc4mx5I5fsJ3GCRfn0Vbnrwkk2f%2FCWDcGNq3xjLx46T%2Bi7KxcfUx1CSqU5Wgj8FkA8ccUwPdSPomlf03I%2Bj4EQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 620914a6b839c295-FRA
expires: Fri, 31 Dec 2021 10:58:37 GMT

GET
H2 200 revolution.extension.slideanims.min.js Show response
www.kuredu.com/wp-content/plugins/revslider/public/assets/js/extensions/ 29 KB
7 KB 13ms
12ms Script
application/javascript 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.slideanims.min.js?version=5.4.5
Requested by: Host: www.kuredu.com
URL: https://www.kuredu.com/wp-includes/js/jquery/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 80a9123891e91ebbb1c06a2d2c79533155a8f17c51ac09013efa57bc007f303a

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3747494
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b3c2f0000c295fb1a7000000001
last-modified: Wed, 01 Jul 2020 21:23:44 GMT
server: cloudflare
etag: W/"5efcfee0-72d9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mzv2S%2FC7Nnj6hobvmPWMkQMkIB4NVHHsWroj2AdAqC4f8u90X1Ykgs8twiyMLslgZldjV5%2BouyY6T4k%2FEq731tcz7cwmU%2FQ49WT%2FT47b%2F5TuezK%2FT3M09t5uvg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 620914a6b83bc295-FRA
expires: Fri, 31 Dec 2021 11:34:30 GMT

GET
H2 200 revolution.extension.layeranimation.min.js Show response
www.kuredu.com/wp-content/plugins/revslider/public/assets/js/extensions/ 55 KB
14 KB 20ms
19ms Script
application/javascript 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.layeranimation.min.js?version=5.4.5
Requested by: Host: www.kuredu.com
URL: https://www.kuredu.com/wp-includes/js/jquery/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6867ff7eec8e29d555e5bfcadc9e19f04d1e3a34de99255647f9ca573536b7ef

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3747494
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b3c300000c295b5110000000001
last-modified: Wed, 01 Jul 2020 21:23:44 GMT
server: cloudflare
etag: W/"5efcfee0-dac0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=QG%2BzKv0uR603plUPo9EoAVMW6GzYCoylclAsJ%2FnzcWgiMnRaaPCTtq1C%2BNbOymrXdefd8eTFGw52VDplCsLjvBtAvMyG6FriW0lIGviPHrLs4jKb2ObnP%2BSGWg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 620914a6b83ec295-FRA
expires: Fri, 31 Dec 2021 11:34:30 GMT

GET
H2 200 revolution.extension.navigation.min.js Show response
www.kuredu.com/wp-content/plugins/revslider/public/assets/js/extensions/ 25 KB
7 KB 18ms
18ms Script
application/javascript 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://www.kuredu.com/wp-content/plugins/revslider/public/assets/js/extensions/revolution.extension.navigation.min.js?version=5.4.5
Requested by: Host: www.kuredu.com
URL: https://www.kuredu.com/wp-includes/js/jquery/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6eec26458665f2ff755d8d9d752baf709166660fb8e5389c9fbe939df23ea2f1

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
content-encoding: br
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3749640
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
cf-request-id: 08398b3c300000c295e823d000000001
last-modified: Wed, 01 Jul 2020 21:23:44 GMT
server: cloudflare
etag: W/"5efcfee0-65f5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=d0STdyRgNN8lnspd%2BRdjNwiySa700isl1HZRQZyQCUdFjN2KbwlsbrTY45zdg4CZ8ynDa9FsMqTZWJS1p9DFUb7UM4i0hohhURkn5cBs2bv2uHLFSDDeFLiiDg%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript
cache-control: max-age=31536000
cf-ray: 620914a6b840c295-FRA
expires: Fri, 31 Dec 2021 10:58:44 GMT

GET oceanticker.htm
www.maldiveswebcams.com/kuredu/kuredu-weather-station/ 0
0

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/979410932/ 2 KB
1 KB 31ms
30ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/979410932/?random=1613161964632&cv=9&fst=1613161964632&num=1&label=tVcdCLyRyHsQ9L-C0wM&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg230&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.tmp.kuredu.com%2F&tiba=Maldives%20Resorts%20-%20Kuredu%20is%20a%20top%20rated%20and%20popular%20resort&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

387834fdce86b8f8305879c23fe6a042ca62d893e274b80dc90bc6b1bb16defd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:44 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1073
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK / Show response
smct.co/tm/ 1 KB
1 KB 200ms
49ms Script
application/javascript 54.154.130.111
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://smct.co/tm/?t=crownandchamparesorts.com
Requested by: Host: customs.affilired.com
URL: https://customs.affilired.com/track/?merchant=4567
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.154.130.111 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: Apache /
Resource Hash: fbc9cd141fc1dbf51361664080b10a6ca15d0f29c73fd27ab6707a8ad09f843f

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: cache
Date: Fri, 12 Feb 2021 20:32:44 GMT
Content-Encoding: gzip
Server: Apache
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Cache-Control: max-age=900
Connection: keep-alive
Content-Length: 763
Expires: Fri, 12 Feb 2021 20:47:44 GMT

GET
H2 200 129-a3b832293939.js Show response
cdn.denomatic.com/drs/ 4 KB
2 KB 61ms
14ms Script
application/javascript 2600:9000:2127:c800:f:900d:ef80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.denomatic.com/drs/129-a3b832293939.js?rnd=20190918
Requested by: Host: customs.affilired.com
URL: https://customs.affilired.com/track/?merchant=4567
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:2127:c800:f:900d:ef80:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: nginx /
Resource Hash: fa6626f8fab9373204ac676af662400e87bcead5cd2899b05fa264e7251c6dca

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 09:31:02 GMT
content-encoding: gzip
age: 40619
x-cache: Hit from cloudfront
content-length: 1204
jb-x-cache: HIT
last-modified: Wed, 02 Dec 2020 10:52:32 GMT
server: nginx
etag: "11a9-5b5790a4f8b7f-gzip"
vary: Accept-Encoding
content-type: application/javascript
via: 1.1 1d04caaed0a43993076e404ebf3738da.cloudfront.net (CloudFront)
cache-control: public, max-age=600, s-maxage=86400
x-amz-cf-pop: PRG50-C1
accept-ranges: bytes
x-amz-cf-id: mUBbQLHHIjIqZfb4nTTabBpotqdJDc1qkLxxgiEaZvzVhkbtwtQVAA==

GET
H/1.1 200
OK tag.js Show response
configch2.veinteractive.com/tags/4C9D3231/ABA4/4648/9AB4/B8BBC40545C4/ 41 KB
14 KB 103ms
36ms Script
application/javascript 23.36.239.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://configch2.veinteractive.com/tags/4C9D3231/ABA4/4648/9AB4/B8BBC40545C4/tag.js
Requested by: Host: customs.affilired.com
URL: https://customs.affilired.com/track/?merchant=4567
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.36.239.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-36-239-12.deploy.static.akamaitechnologies.com
Software: VeGlobal /
Resource Hash: 4681bbc4e8ce0b1c1f96177a210eb20589b60f45440d9a48d6f19263a8dcc8ee

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Fri, 12 Feb 2021 20:32:44 GMT
Content-Encoding: gzip
Content-MD5: YqEqZ+4MPjSZWgyXmqaq/Q==
Connection: keep-alive
Content-Length: 13755
x-ms-lease-status: unlocked
Last-Modified: Wed, 29 May 2019 16:05:56 GMT
Server: VeGlobal
ETag: 0x8D6E44F8870E144
Vary: Accept-Encoding
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-ms-request-id: eb0c4eaa-301e-006b-66f6-d536c3000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control: max-age=1106, s-maxage=1800
x-ms-version: 2009-09-19

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/979410932/ 42 B
96 B 20ms
19ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/979410932/?random=1613161964632&cv=9&fst=1613160000000&num=1&label=tVcdCLyRyHsQ9L-C0wM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg230&sendb=1&frm=0&url=https%3A%2F%2Fwww.tmp.kuredu.com%2F&tiba=Maldives%20Resorts%20-%20Kuredu%20is%20a%20top%20rated%20and%20popular%20resort&async=1&fmt=3&is_vtc=1&random=207528622&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Requested by

Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/979410932/ 42 B
112 B 22ms
21ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/979410932/?random=1613161964632&cv=9&fst=1613160000000&num=1&label=tVcdCLyRyHsQ9L-C0wM&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2wg230&sendb=1&frm=0&url=https%3A%2F%2Fwww.tmp.kuredu.com%2F&tiba=Maldives%20Resorts%20-%20Kuredu%20is%20a%20top%20rated%20and%20popular%20resort&async=1&fmt=3&is_vtc=1&random=207528622&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Requested by

Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:44 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 kernel.js
onboard.triptease.io/kernel/v3844.35532/ Frame A981 51 KB
15 KB 16ms
16ms Other
application/javascript 2606:4700:10::ac43:2653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/kernel/v3844.35532/kernel.js?

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/kernel/v3844.35532/kernel-host.html?originHost=www.tmp.kuredu.com

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2653 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b6ee2fd7b63e59c8c95c90b1d8f2e2da58aba323b2f02b391a296762c0198409

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://onboard.triptease.io/kernel/v3844.35532/kernel-host.html?originHost=www.tmp.kuredu.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-goog-meta-git-hash: bf7facd019bbf8d578c4cd9c2467b90141cdd71e
age: 27671
x-guploader-uploadid: ABg5-Uw0M_vMgU3MsK-Vw_BjWNPfxhlAvgdCFVUa223CouF388m-4G2dp1zPpk0evSfPT56t3uXIytOaQtDgJmuuNI6j0rTxRw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-meta-build-version: 3844.35532
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08398b3c9e00002c3e75969000000001
cf-ray: 620914a76c422c3e-FRA
last-modified: Fri, 12 Feb 2021 12:47:16 GMT
server: cloudflare
etag: W/"fdea8819436626a1237c12bf20d017be"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
x-goog-hash: crc32c=qw0eJw==, md5=/eqIGUNmJqEjfBK/INAXvg==
x-goog-generation: 1613134036199696
access-control-allow-origin: *
access-control-expose-headers: Content-Type
cache-control: public, max-age=31536000
x-goog-stored-content-length: 51755
content-type: application/javascript; charset=utf-8
expires: Sat, 12 Feb 2022 12:51:33 GMT

GET
H2 200 local.html Show response
www.thehotelsnetwork.com/widget/core/latest/hub/ Frame E4EE 434 B
783 B 107ms
106ms Document
text/html 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/widget/core/latest/hub/local.html?v=1
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?hotel_id=1089357&property_id=1013843&account_key=F174E2F3A0ED27BE653C31CC1C22C70E
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 75e5e437609a25580c641028bc90e28e538bf878c635114c2639e19fedaf813c

Request headers

:method: GET
:authority: www.thehotelsnetwork.com
:scheme: https
:path: /widget/core/latest/hub/local.html?v=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tmp.kuredu.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __thn_ss=88e654b1f9a19f320dd7e34b4bb7dee8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tmp.kuredu.com/

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
content-type: text/html
server: nginx/1.17.5
last-modified: Fri, 12 Feb 2021 13:38:47 GMT
vary: Accept-Encoding
etag: W/"602684e7-12c"
expires: Sun, 14 Mar 2021 20:32:44 GMT
cache-control: max-age=2592000 public
content-encoding: gzip
set-cookie: visid_incap_2454396=wnBrc/VWSmq0CtGsPFB+fuzlJmAAAAAAQUIPAAAAAABZZM/fdBBh3xcom20VaQ4u; expires=Sat, 12 Feb 2022 17:22:54 GMT; HttpOnly; path=/; Domain=.thehotelsnetwork.com nlbi_2454396=xTT6QBW48GlumvtIAg94agAAAAA/jEaMWi+FVYwmwP+0yPsg; path=/; Domain=.thehotelsnetwork.com incap_ses_1368_2454396=VNCDb8OC6StaJrSBzhz8EuzlJmAAAAAAKuSI/gBJjlV1jTZ18dx1WA==; path=/; Domain=.thehotelsnetwork.com
x-cdn: Incapsula
x-iinfo: 9-21441114-21441115 NNNN CT(23 23 0) RT(1613161964262 0) q(0 0 1 0) r(1 1) U5

GET
H2 200 35sMl3TtCSbQlHPgsi3goXQqBhFW5Mk2 Show response
ekr.zdassets.com/compose/zopim_chat/ 194 B
655 B 803ms
763ms XHR
application/json 104.18.72.113
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://ekr.zdassets.com/compose/zopim_chat/35sMl3TtCSbQlHPgsi3goXQqBhFW5Mk2

Requested by

Host: v2.zopim.com
URL: https://v2.zopim.com/?35sMl3TtCSbQlHPgsi3goXQqBhFW5Mk2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.18.72.113 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0c8cb2f6c1e974d053c921a967371415776e51687fae31621a74cfa14e7d299e

Security Headers

Name	Value
Strict-Transport-Security	max-age=0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:45 GMT
content-encoding: br
vary: Origin, Accept-Encoding
cf-cache-status: MISS
status: 200 OK
strict-transport-security: max-age=0
cf-request-id: 08398b3cd30000736b05090000000001
x-request-id: 4325c303-28d6-4fb3-9384-eefc59d8e070
x-runtime: 0.003824
server: cloudflare
etag: W/"0c8cb2f6c1e974d053c921a967371415"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
access-control-max-age: 7200
access-control-allow-methods: GET, POST, OPTIONS
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers
cache-control: max-age=600, public, s-maxage=60, stale-while-revalidate=600, stale-if-error=3600
cf-ray: 620914a7b92a736b-CPH

GET panorama_slider.html
www.tmp.kuredu.com/360panoramas/pool/ Frame 640E 0
0

GET
H2 200 panorama_slider.html Show response
www.tmp.kuredu.com/360panoramas/pool/ Frame FD15 8 KB
3 KB 44ms
43ms Document
text/html 35.214.92.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html
Requested by: Host: www.kuredu.com
URL: https://www.kuredu.com/wp-includes/js/jquery/jquery.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.214.92.101 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS: 101.92.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 39387ac1906fded07b15ca30592db064684d02795189a7f7d7b3526b20d5e072

Request headers

:method: GET
:authority: www.tmp.kuredu.com
:scheme: https
:path: /360panoramas/pool/panorama_slider.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tmp.kuredu.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: PHPSESSID=cb7efacc30186a760f74cd9ee552de54; __cfduid=d505bf24908bff1169df3b8dab99011621613161963; _ga=GA1.2.1433961594.1613161964; _gid=GA1.2.1925978311.1613161964; _gat=1; _ga=GA1.3.1433961594.1613161964; _gid=GA1.3.1925978311.1613161964; _dc_gtm_UA-41473275-3=1; _fbp=fb.1.1613161964486.1999571625
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tmp.kuredu.com/

Response headers

server: nginx
date: Fri, 12 Feb 2021 20:32:43 GMT
content-type: text/html
last-modified: Fri, 12 Feb 2021 18:27:05 GMT
vary: Accept-Encoding
etag: W/"6026c879-1f23"
expires: Wed, 11 Aug 2021 20:32:43 GMT
cache-control: max-age=15552000
host-header: 8441280b0c35cbc1147f8ba998a563a7
x-proxy-cache-info: DT:1
content-encoding: br

GET
H3-Q050 200 6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkido18E.ttf
fonts.gstatic.com/s/sourcesanspro/v14/ 37 KB
20 KB 7ms
6ms Font
font/ttf 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/sourcesanspro/v14/6xKwdSBYKcSV-LCoeQqfX1RYOo3qPZZMkido18E.ttf

Requested by

Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

04cdf7aa1a6fd9ec695ab6c7f0bc888672e0c628155b0bedd8b76707ee29b713

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.tmp.kuredu.com
Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 10 Feb 2021 06:18:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 224074
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 19947
x-xss-protection: 0
last-modified: Tue, 15 Sep 2020 18:10:00 GMT
server: sffe
vary: Accept-Encoding
content-type: font/ttf
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 10 Feb 2022 06:18:10 GMT

GET
H2 200 favicon.png
www.kuredu.com/ 3 KB
3 KB 13ms
12ms Image
image/png 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kuredu.com/favicon.png
Requested by: Host: www.kuredu.com
URL: https://www.kuredu.com/wp-content/themes/minimum-child/css/rev_slider.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 6eba933655548fcffab43f16885368cf0e760a6ca2a1da1ccf73e6c2a03f957e

Request headers

Referer: https://www.kuredu.com/wp-content/themes/minimum-child/css/rev_slider.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3747493
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 2871
cf-request-id: 08398b3cda0000c2959b9c1000000001
last-modified: Wed, 01 Jul 2020 21:23:48 GMT
server: cloudflare
etag: "5efcfee4-b37"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=qCOaKsS4x94qOy%2BU%2B7bMnTwm4%2B1QM8qA8pFm6wmPiTTO6FPj9WlO79sKHBHY48FWWllinaIfAUXK4KzSY45Ak8cTRp1bkg7HQIy00qbda2HIAaDThfvo95wRXQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 620914a7c9d9c295-FRA
expires: Fri, 31 Dec 2021 11:34:31 GMT

GET
H2 200 slider_arrows.png
www.kuredu.com/wp-content/themes/minimum-child/images/ 2 KB
2 KB 15ms
14ms Image
image/png 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kuredu.com/wp-content/themes/minimum-child/images/slider_arrows.png
Requested by: Host: www.kuredu.com
URL: https://www.kuredu.com/wp-content/themes/minimum-child/css/rev_slider.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 598d372762ec5d139f6bede42d56987ac9125abe37eaee3e5f987b6e3ac4cc20

Request headers

Referer: https://www.kuredu.com/wp-content/themes/minimum-child/css/rev_slider.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3749640
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 2039
cf-request-id: 08398b3cf10000c2950d12a000000001
last-modified: Wed, 01 Jul 2020 21:23:45 GMT
server: cloudflare
etag: "5efcfee1-7f7"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=mur%2BderigPw6mYvtxtlDKW05E%2BKJHwu3gDTLqo6OE2pmp7FQCXhWZAoHccqblSirsJ7leoW98hlbWnz1N0UwLAc%2Fs56sM2LpyOFs3X5Al5q%2B4hF1exxS6j182Q%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/png
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 620914a7ea07c295-FRA
expires: Fri, 31 Dec 2021 10:58:44 GMT

GET
H2 200 aerial-test_4.jpg
www.kuredu.com/wp-content/uploads/revslider/360-test/ 3 MB
3 MB 13ms
13ms Image
image/jpeg 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kuredu.com/wp-content/uploads/revslider/360-test/aerial-test_4.jpg
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 8ad0d9269b6c9d70212c0f251693f0b54a8161a1f7fe6233b6c616a57cb32315

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1348630
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 2760210
cf-request-id: 08398b3d010000c295b511b000000001
last-modified: Wed, 01 Jul 2020 21:24:19 GMT
server: cloudflare
etag: "5efcff03-2a1e12"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=tcQ5GmXxLTyzsQG9uDlVvlCSxMv5KxbDXhIiGCbGqnSNsyw5C8d9%2Fsa88w2mbXcwJSEdmvw24EMwU4C7wooLCMdN39jihz3zwyyiXUefbEv1FhNHNEYp1sigMQ%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 620914a7fa29c295-FRA
expires: Fri, 28 Jan 2022 05:55:34 GMT

GET
H2 200 sandbank1.jpg
www.kuredu.com/wp-content/uploads/2019/02/ 133 KB
133 KB 18ms
18ms Image
image/jpeg 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kuredu.com/wp-content/uploads/2019/02/sandbank1.jpg
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 787c24e9cfed7bfe802abee61b57ed66dd474df3c0675a469884ba8f9575a998

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3749356
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 135734
cf-request-id: 08398b3d010000c295e8249000000001
last-modified: Wed, 01 Jul 2020 22:45:26 GMT
server: cloudflare
etag: "5efd1206-21236"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NuGECHHnctqdTqskpaBHCcE4swVX11Vs3lExo6Ir398VTLZ1jtkU0jhJnZSPYU8BStW9LC3VoKl5ZE2%2FHWrAVwaH2onASrpbRyRqvu2Io3%2FDLbyofC%2FgKwIYuA%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 620914a7fa2dc295-FRA
expires: Fri, 31 Dec 2021 11:03:28 GMT

GET
H2 200 pix.jpg
www.kuredu.com/wp-content/uploads/2016/09/ 231 KB
232 KB 14ms
14ms Image
image/jpeg 2606:4700:3034::6815:85d
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.kuredu.com/wp-content/uploads/2016/09/pix.jpg
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:3034::6815:85d , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3eff153572282e788ce15ce28b9041e88c2e096aa88836c565a330ff494355f8

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 3749803
x-proxy-cache-info: DT:1
host-header: 8441280b0c35cbc1147f8ba998a563a7
content-length: 236506
cf-request-id: 08398b3d040000c2958a3d7000000001
last-modified: Wed, 01 Jul 2020 21:24:13 GMT
server: cloudflare
etag: "5efcfefd-39bda"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=NH%2B49U832YcQ829QLf5%2FhL%2BMq5eJ9NJo%2Bv0OsiJnEdzzoA5Cmz%2F%2Fgx%2BWCFzMa79zQkoBVH13HLALVk1myVV01u%2FJEebxgir1QSV7bS5ahqeWICugW1EG0Hgg5g%3D%3D"}],"group":"cf-nel","max_age":604800}
content-type: image/jpeg
cache-control: max-age=31536000
accept-ranges: bytes
cf-ray: 620914a80a31c295-FRA
expires: Fri, 31 Dec 2021 10:56:01 GMT

GET
H3-Q050

200

activityi;dc_pre=CPevic-Y5e4CFcvF7QodyhUHNQ;src=8124507;type=visit0;cat=visit0;u1=hotel_kuredu;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=19532358311361.957 Show response
8124507.fls.doubleclick.net/ Frame 0F8C
Redirect Chain

https://8124507.fls.doubleclick.net/activityi;src=8124507;type=visit0;cat=visit0;u1=hotel_kuredu;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=19532358311361.957?
https://8124507.fls.doubleclick.net/activityi;dc_pre=CPevic-Y5e4CFcvF7QodyhUHNQ;src=8124507;type=visit0;cat=visit0;u1=hotel_kuredu;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord...

416 B
1 KB

208ms
168ms

Document
text/html

142.250.186.166
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8124507.fls.doubleclick.net/activityi;dc_pre=CPevic-Y5e4CFcvF7QodyhUHNQ;src=8124507;type=visit0;cat=visit0;u1=hotel_kuredu;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=19532358311361.957?

Requested by

Host: cdn.denomatic.com
URL: https://cdn.denomatic.com/drs/129-a3b832293939.js?rnd=20190918

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

142.250.186.166 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s08-in-f6.1e100.net

Software

cafe /

Resource Hash

b95b07a9985f4df8cc8b5fe6974faf78becbb570e2df44dfd72aa00d60bf7bf4

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: 8124507.fls.doubleclick.net
:scheme: https
:path: /activityi;dc_pre=CPevic-Y5e4CFcvF7QodyhUHNQ;src=8124507;type=visit0;cat=visit0;u1=hotel_kuredu;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=19532358311361.957?
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tmp.kuredu.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tmp.kuredu.com/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 12 Feb 2021 20:32:45 GMT
expires: Fri, 12 Feb 2021 20:32:45 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 336
x-xss-protection: 0
set-cookie: IDE=AHWqTUn7BVzuDjA9PE15KvAm-aHCGb2jGaIcBGEkHMJxbRdb883PcfRvjr4hMZ1F; expires=Wed, 09-Mar-2022 20:32:45 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; domain=.doubleclick.net; path=/; expires=Mon, 21 Jul 2008 23:59:00 GMT; SameSite=none; Secure
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

Redirect headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 12 Feb 2021 20:32:44 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
follow-only-when-prerender-shown: 1
strict-transport-security: max-age=21600
location: https://8124507.fls.doubleclick.net/activityi;dc_pre=CPevic-Y5e4CFcvF7QodyhUHNQ;src=8124507;type=visit0;cat=visit0;u1=hotel_kuredu;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=19532358311361.957?
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H/1.1 200
OK capture-apps-5.0.0.js Show response
configch2.veinteractive.com/scripts/5.0/ 267 KB
69 KB 115ms
48ms Script
application/javascript 23.36.239.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://configch2.veinteractive.com/scripts/5.0/capture-apps-5.0.0.js

Requested by

Host: configch2.veinteractive.com
URL: https://configch2.veinteractive.com/tags/4C9D3231/ABA4/4648/9AB4/B8BBC40545C4/tag.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.36.239.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-239-12.deploy.static.akamaitechnologies.com

Software

VeGlobal /

Resource Hash

a5abe1baaa27ae92b90140e88b785041c32708e93da61d851c318d38766b4202

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Origin: https://www.tmp.kuredu.com
Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Fri, 12 Feb 2021 20:32:44 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-MD5: 9YR36TlJ0kUR464MBkY32Q==
Connection: keep-alive
Content-Length: 69764
X-XSS-Protection: 1;mode=block
x-ms-lease-status: unlocked
Last-Modified: Fri, 05 Feb 2021 13:13:45 GMT
Server: VeGlobal
ETag: 0x8D8C9D7DE25A84C
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
x-ms-request-id: 438ae7ca-d01e-00e2-38c1-fb8fe7000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control: max-age=2200, s-maxage=3600
x-ms-version: 2009-09-19

GET
H2 200 jquery-2.1.1.min.js Show response
www.tmp.kuredu.com/360panoramas/pool/panorama_sliderdata/lib/ Frame FD15 82 KB
28 KB 59ms
53ms Script
application/javascript 35.214.92.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tmp.kuredu.com/360panoramas/pool/panorama_sliderdata/lib/jquery-2.1.1.min.js
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.214.92.101 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS: 101.92.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4

Request headers

Referer: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
content-encoding: br
last-modified: Fri, 12 Feb 2021 18:27:05 GMT
server: nginx
etag: W/"6026c879-14915"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Sat, 12 Feb 2022 20:32:43 GMT

GET
H2 200 jquery-ui.min.css
www.tmp.kuredu.com/360panoramas/pool/panorama_sliderdata/lib/jquery-ui-1.11.1/ Frame FD15 29 KB
7 KB 48ms
42ms Stylesheet
text/css 35.214.92.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tmp.kuredu.com/360panoramas/pool/panorama_sliderdata/lib/jquery-ui-1.11.1/jquery-ui.min.css
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.214.92.101 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS: 101.92.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: fef9445962ee41d926cf1794d3bf01ec91c0d4f9c1ef80a62a9d64137520031e

Request headers

Referer: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
content-encoding: br
last-modified: Fri, 12 Feb 2021 18:27:05 GMT
server: nginx
etag: W/"6026c879-75d3"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: text/css
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Sat, 12 Feb 2022 20:32:43 GMT

GET
H2 200 jquery-ui.min.js Show response
www.tmp.kuredu.com/360panoramas/pool/panorama_sliderdata/lib/jquery-ui-1.11.1/ Frame FD15 233 KB
58 KB 74ms
69ms Script
application/javascript 35.214.92.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tmp.kuredu.com/360panoramas/pool/panorama_sliderdata/lib/jquery-ui-1.11.1/jquery-ui.min.js
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.214.92.101 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS: 101.92.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: e5def7b64a40d2dd4da526de10a1168cd6d5165a3d54f45b240288c1a677bb0d

Request headers

Referer: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
content-encoding: br
last-modified: Fri, 12 Feb 2021 18:27:05 GMT
server: nginx
etag: W/"6026c879-3a2ea"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Sat, 12 Feb 2022 20:32:43 GMT

GET
H2 200 jquery.ui.touch-punch.min.js Show response
www.tmp.kuredu.com/360panoramas/pool/panorama_sliderdata/lib/ Frame FD15 1 KB
772 B 80ms
74ms Script
application/javascript 35.214.92.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tmp.kuredu.com/360panoramas/pool/panorama_sliderdata/lib/jquery.ui.touch-punch.min.js
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.214.92.101 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS: 101.92.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd

Request headers

Referer: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
content-encoding: br
last-modified: Fri, 12 Feb 2021 18:27:05 GMT
server: nginx
etag: W/"6026c879-50b"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Sat, 12 Feb 2022 20:32:43 GMT

GET
H2 200 KolorTools.min.js Show response
www.tmp.kuredu.com/360panoramas/pool/panorama_sliderdata/lib/Kolor/ Frame FD15 17 KB
5 KB 87ms
81ms Script
application/javascript 35.214.92.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tmp.kuredu.com/360panoramas/pool/panorama_sliderdata/lib/Kolor/KolorTools.min.js
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.214.92.101 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS: 101.92.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c770fbeddf4e10189b4f4a7db3d911a90f359e631153d62ec0d8b21227b958aa

Request headers

Referer: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
content-encoding: br
last-modified: Fri, 12 Feb 2021 18:27:05 GMT
server: nginx
etag: W/"6026c879-4412"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Sat, 12 Feb 2022 20:32:43 GMT

GET
H2 200 KolorBootstrap.js Show response
www.tmp.kuredu.com/360panoramas/pool/panorama_sliderdata/graphics/ Frame FD15 12 KB
3 KB 93ms
88ms Script
application/javascript 35.214.92.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tmp.kuredu.com/360panoramas/pool/panorama_sliderdata/graphics/KolorBootstrap.js
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.214.92.101 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS: 101.92.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: c899f3fd2c3b088c82ba325aa90d86973fdbf210b0d7f933a6b6c3348041f7e9

Request headers

Referer: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
content-encoding: br
last-modified: Fri, 12 Feb 2021 18:27:05 GMT
server: nginx
etag: W/"6026c879-2e72"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Sat, 12 Feb 2022 20:32:43 GMT

GET
H2 200 panorama_slider.js Show response
www.tmp.kuredu.com/360panoramas/pool/panorama_sliderdata/ Frame FD15 146 KB
114 KB 102ms
97ms Script
application/javascript 35.214.92.101
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://www.tmp.kuredu.com/360panoramas/pool/panorama_sliderdata/panorama_slider.js
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 35.214.92.101 London, United Kingdom, ASN15169 (GOOGLE, US),
Reverse DNS: 101.92.214.35.bc.googleusercontent.com
Software: nginx /
Resource Hash: 3839642abfdd98a3e5dfa64badedca3cfcbf5701526c35142d4287a625de2ce3

Request headers

Referer: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:43 GMT
content-encoding: br
last-modified: Fri, 12 Feb 2021 18:27:05 GMT
server: nginx
etag: W/"6026c879-24842"
vary: Accept-Encoding
x-proxy-cache-info: DT:1
content-type: application/javascript
cache-control: max-age=31536000
host-header: 8441280b0c35cbc1147f8ba998a563a7
expires: Sat, 12 Feb 2022 20:32:43 GMT

GET
H2 200 hub.min.js Show response
www.thehotelsnetwork.com/widget/core/latest/hub/ Frame E4EE 2 KB
1 KB 133ms
129ms Script
application/javascript 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/widget/core/latest/hub/hub.min.js?v=1
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/latest/hub/local.html?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 1e3698d98f74965f6d2b7f57bda9efedeb8117f70e99b1378841686bb1ce5fae

Request headers

Referer: https://www.thehotelsnetwork.com/widget/core/latest/hub/local.html?v=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:44 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 13:38:47 GMT
server: nginx/1.17.5
etag: W/"602684e7-87c"
vary: Accept-Encoding
content-type: application/javascript
x-iinfo: 9-21441135-21441136 NNNN CT(23 50 0) RT(1613161964389 0) q(0 0 1 0) r(1 1) U5
cache-control: max-age=2592000, public
x-cdn: Incapsula
expires: Sun, 14 Mar 2021 20:32:44 GMT

GET
H2 200 _Incapsula_Resource Show response
www.thehotelsnetwork.com/ Frame E4EE 144 KB
21 KB 41ms
36ms Script
application/javascript 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=736781409
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/latest/hub/local.html?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: a2ca5d2a435c4e1fe00d5d38b01bd4c21dda81a87fd61f6020f03aadfda034e1

Request headers

Referer: https://www.thehotelsnetwork.com/widget/core/latest/hub/local.html?v=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 21007
content-type: application/javascript

GET
H2

200

adsct
analytics.twitter.com/i/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=twtr
https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_X3FvHb6RVgF0eDFGg

43 B
574 B

255ms
159ms

Image
image/gif

104.244.42.3
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_X3FvHb6RVgF0eDFGg

Requested by

Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

104.244.42.3 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_f /

Resource Hash

ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
status: 200 OK
x-twitter-response-tags: BouncerCompliant
content-length: 65
x-xss-protection: 0
x-response-time: 110
pragma: no-cache
last-modified: Fri, 12 Feb 2021 20:32:45 GMT
server: tsa_f
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=631138519
content-type: image/gif;charset=utf-8
cache-control: no-cache, no-store, must-revalidate, pre-check=0, post-check=0
x-connection-hash: 4ab674f6dd2c0b093e567e6a994ba757
x-transaction: 00c066cc00ccc4ae
expires: Tue, 31 Mar 1981 05:00:00 GMT

Redirect headers

Location: https://analytics.twitter.com/i/adsct?p_id=48571&p_user_id=pa_X3FvHb6RVgF0eDFGg
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

cb
pixel.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=crw
https://cw.addthis.com/t.gif?pid=37&pidt=0&pdid=pa_X3FvHb6RVgF0eDFGg&cu=https%3A%2F%2Fpixel.prfct.co%2Fcb%3FpartnerId%3Dcrw
https://pixel.prfct.co/cb?partnerId=crw

43 B
365 B

390ms
118ms

Image
image/gif

52.23.94.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.prfct.co/cb?partnerId=crw
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.23.94.221 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

Redirect headers

location: https://pixel.prfct.co/cb?partnerId=crw
pragma: no-cache
date: Fri, 12 Feb 2021 20:32:45 GMT
cache-control: max-age=0, no-cache, no-store
content-length: 0
expires: Fri, 12 Feb 2021 20:32:45 GMT

GET
H/1.1

200
OK

cb
pixel.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=yah
https://ads.yahoo.com/cms/v1?nwid=10001073209&eid=pa_X3FvHb6RVgF0eDFGg&sigv=1&esig=2~88dfa033f82d0ff216012866acaceb017cb6b50d
https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_X3FvHb6RVgF0eDFGg

43 B
460 B

469ms
110ms

Image
image/gif

52.23.94.221
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_X3FvHb6RVgF0eDFGg
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.23.94.221 , United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

Redirect headers

date: Fri, 12 Feb 2021 20:32:45 GMT
referrer-policy: no-referrer-when-downgrade
server: ATS
age: 0
expect-ct: max-age=31536000, report-uri="http://csp.yahoo.com/beacon/csp?src=yahoocom-expect-ct-report-only"
strict-transport-security: max-age=15552000
p3p: policyref="https://policies.yahoo.com/w3c/p3p.xml", CP="CAO DSP COR CUR ADM DEV TAI PSA PSD IVAi IVDi CONi TELo OTPi OUR DELi SAMi OTRi UNRi PUBi IND PHY ONL UNI PUR FIN COM NAV INT DEM CNT STA POL HEA PRE LOC GOV"
location: https://pixel.prfct.co/cb?partnerId=yah&xid=E0&eid=pa_X3FvHb6RVgF0eDFGg
x-xss-protection: 1; mode=block
content-length: 0
x-content-type-options: nosniff

GET
H2

200

sd
us-u.openx.net/w/1.0/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=opx
https://us-u.openx.net/w/1.0/sd?id=537114372&val=pa_X3FvHb6RVgF0eDFGg
https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_X3FvHb6RVgF0eDFGg

43 B
180 B

74ms
73ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_X3FvHb6RVgF0eDFGg
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:45 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537114372&val=pa_X3FvHb6RVgF0eDFGg
date: Fri, 12 Feb 2021 20:32:45 GMT
via: 1.1 google
server: OXGW/16.202.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=rbcn
https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_X3FvHb6RVgF0eDFGg

0
239 B

161ms
43ms

Image
image/gif

69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_X3FvHb6RVgF0eDFGg
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

Redirect headers

Location: https://pixel.rubiconproject.com/tap.php?v=189868&nid=4106&expires=30&put=pa_X3FvHb6RVgF0eDFGg
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"

GET
H/1.1

200
OK

cb
pixel-geo.prfct.co/
Redirect Chain

https://pixel-geo.prfct.co/cs/?partnerId=goo
https://cm.g.doubleclick.net/pixel?google_nid=nowspots_bidder&google_hm=cGFfWDNGdkhiNlJWZ0YwZURGR2c
https://pixel-geo.prfct.co/cb?partnerId=goo

43 B
365 B

54ms
51ms

Image
image/gif

52.51.60.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/cb?partnerId=goo
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.60.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:45 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel-geo.prfct.co/cb?partnerId=goo
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 240
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK /
pixel-geo.prfct.co/seg/ 43 B
365 B 126ms
126ms Image
image/gif 52.51.60.151
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel-geo.prfct.co/seg/?add=13950546&source=js_tag&a_id=84479
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.51.60.151 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Cache-Control: no-store, no-cache, private
Connection: keep-alive
P3P: CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Content-Length: 43
Content-Type: image/gif

GET
H/1.1

200
OK

bounce
secure.adnxs.com/
Redirect Chain

https://secure.adnxs.com/seg?t=2&add=13950546
https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D13950546

43 B
1 KB

71ms
70ms

Image
image/gif

185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D13950546

Requested by

Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 20:32:45 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.52:80
AN-X-Request-Uuid: 6189a02d-1d52-4bdc-8144-546125d8a743
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 20:32:45 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.122:80
AN-X-Request-Uuid: ed92c5eb-3f77-44f8-90a2-326d784c6e1f
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://secure.adnxs.com/bounce?%2Fseg%3Ft%3D2%26add%3D13950546
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 get_loader_data Show response
www.thehotelsnetwork.com/ 21 KB
9 KB 95ms
94ms Fetch
application/json 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/get_loader_data?hotel_id=1089357&property_id=1013843&account_key=F174E2F3A0ED27BE653C31CC1C22C70E
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?hotel_id=1089357&property_id=1013843&account_key=F174E2F3A0ED27BE653C31CC1C22C70E
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 / PHP/7.3.26-1+0~20210112.74+debian10~1.gbpd78724
Resource Hash: 867791e500d7e643653ed9882a387d956093a82acbf854bbd9acf7c36bc0da28

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:45 GMT
content-encoding: gzip
server: nginx/1.17.5
x-powered-by: PHP/7.3.26-1+0~20210112.74+debian10~1.gbpd78724
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tmp.kuredu.com
x-iinfo: 9-21441148-21441115 PNNN RT(1613161964529 0) q(0 0 0 0) r(0 0) U5
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H/1.1 200
OK iframeStorage-5.0.0.html Show response
configch2.veinteractive.com/scripts/shared/ Frame C683 65 B
893 B 31ms
31ms Document
text/html 23.36.239.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://configch2.veinteractive.com/scripts/shared/iframeStorage-5.0.0.html?iframeid=ve-storage-iframe&journeyCode=4c9d3231-aba4-4648-9ab4-b8bbc40545c4&journeyId=17005

Requested by

Host: configch2.veinteractive.com
URL: https://configch2.veinteractive.com/scripts/5.0/capture-apps-5.0.0.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.36.239.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-239-12.deploy.static.akamaitechnologies.com

Software

VeGlobal /

Resource Hash

213ab3f08a031987e68cc30cb6d2e2578dacd683ebf24cc77224eda53f9d9408

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Host: configch2.veinteractive.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.tmp.kuredu.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tmp.kuredu.com/

Response headers

Content-Length: 100
Content-Type: text/html
Content-Encoding: gzip
Content-MD5: rG6hSPWWSxWFHG7Zl8URaA==
Last-Modified: Fri, 05 Feb 2021 13:13:58 GMT
ETag: 0x8D8C9D7E5BD780E
x-ms-request-id: 37219e91-a01e-0003-6f8d-fe6892000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Access-Control-Allow-Origin: *
Cache-Control: max-age=3135, s-maxage=3600
Date: Fri, 12 Feb 2021 20:32:45 GMT
Connection: keep-alive
Vary: Accept-Encoding
X-XSS-Protection: 1;mode=block
X-Content-Type-Options: nosniff
Server: VeGlobal

POST
H2 200 /
www.facebook.com/tr/ 0
87 B 6ms
6ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundarytuAsAOPVlBBBST18

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 12 Feb 2021 20:32:44 GMT
content-type: text/plain
access-control-allow-origin: https://www.tmp.kuredu.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H/1.1 200
OK ifs-5.0.0.js Show response
configch2.veinteractive.com/scripts/shared/ Frame C683 6 KB
3 KB 31ms
31ms Script
application/javascript 23.36.239.12
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://configch2.veinteractive.com/scripts/shared/ifs-5.0.0.js

Requested by

Host: configch2.veinteractive.com
URL: https://configch2.veinteractive.com/scripts/shared/iframeStorage-5.0.0.html?iframeid=ve-storage-iframe&journeyCode=4c9d3231-aba4-4648-9ab4-b8bbc40545c4&journeyId=17005

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

23.36.239.12 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),

Reverse DNS

a23-36-239-12.deploy.static.akamaitechnologies.com

Software

VeGlobal /

Resource Hash

d9f2e0a1bc226916b01541b994a337443b58e345b15c0be56b5ce69ccf147054

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1;mode=block

Request headers

Referer: https://configch2.veinteractive.com/scripts/shared/iframeStorage-5.0.0.html?iframeid=ve-storage-iframe&journeyCode=4c9d3231-aba4-4648-9ab4-b8bbc40545c4&journeyId=17005
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-ms-blob-type: BlockBlob
Date: Fri, 12 Feb 2021 20:32:45 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Content-MD5: D1+U1i8RZ6qhegVFm2Adpg==
Connection: keep-alive
Content-Length: 2281
X-XSS-Protection: 1;mode=block
x-ms-lease-status: unlocked
Last-Modified: Fri, 05 Feb 2021 13:13:59 GMT
Server: VeGlobal
ETag: 0x8D8C9D7E688B4E9
Vary: Accept-Encoding
Content-Type: application/javascript
Access-Control-Allow-Origin: *
x-ms-request-id: a112b9e7-d01e-012a-03c3-fb5885000000
Access-Control-Expose-Headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
Cache-Control: max-age=2070, s-maxage=3600
x-ms-version: 2009-09-19

GET
H2 200 4C9D3231-ABA4-4648-9AB4-B8BBC40545C4 Show response
cookiea1.veinteractive.com/api/Set/ 76 B
618 B 655ms
189ms XHR
application/json 20.43.154.75
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://cookiea1.veinteractive.com/api/Set/4C9D3231-ABA4-4648-9AB4-B8BBC40545C4?ifs=true&offset=-60&referrer=www.tmp.kuredu.com&status=0&ttl=0&uid=&version=5.0.0

Requested by

Host: configch2.veinteractive.com
URL: https://configch2.veinteractive.com/scripts/5.0/capture-apps-5.0.0.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.43.154.75 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

4746598c8ed8682db55684255c1c3afe2e54b54451a901777b29c9eccdc0e3ac

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript
Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:45 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
p3p: policyref="/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
access-control-allow-origin: https://www.tmp.kuredu.com
arr-disable-session-affinity: true
access-control-allow-credentials: true
strict-transport-security: max-age=15724800
content-type: application/json; charset=utf-8
x-xss-protection: 1; mode=block

GET
H2 200 index.min.js Show response
www.thehotelsnetwork.com/widget/core/3.9/dist/main/ 454 KB
139 KB 168ms
97ms Script
application/javascript 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/widget/core/3.9/dist/main/index.min.js?h=fdb0448640f4e619
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?hotel_id=1089357&property_id=1013843&account_key=F174E2F3A0ED27BE653C31CC1C22C70E
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: d03c48dd4209a688778eaf286b4864bfb8a4c8c5bf8fa23e1034c68800e61d8a

Request headers

Origin: https://www.tmp.kuredu.com
Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:45 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 13:38:58 GMT
server: nginx/1.17.5
etag: W/"602684f2-71632"
vary: Accept-Encoding, Origin
content-type: application/javascript
access-control-allow-origin: https://www.tmp.kuredu.com
x-iinfo: 10-30472038-30472039 NNNY CT(0 0 0) RT(1613161964702 0) q(0 0 0 0) r(0 0) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:45 GMT

GET
H2 200 dc_pre=CPevic-Y5e4CFcvF7QodyhUHNQ;src=8124507;type=visit0;cat=visit0;u1=hotel_kuredu;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=19532358311361.957
adservice.google.com/ddm/fls/z/ Frame 0F8C 42 B
262 B 42ms
42ms Image
image/gif 2a00:1450:4001:829::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CPevic-Y5e4CFcvF7QodyhUHNQ;src=8124507;type=visit0;cat=visit0;u1=hotel_kuredu;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=19532358311361.957

Requested by

Host: 8124507.fls.doubleclick.net
URL: https://8124507.fls.doubleclick.net/activityi;dc_pre=CPevic-Y5e4CFcvF7QodyhUHNQ;src=8124507;type=visit0;cat=visit0;u1=hotel_kuredu;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=19532358311361.957?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://8124507.fls.doubleclick.net/activityi;dc_pre=CPevic-Y5e4CFcvF7QodyhUHNQ;src=8124507;type=visit0;cat=visit0;u1=hotel_kuredu;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=19532358311361.957?
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:45 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 session.html Show response
www.thehotelsnetwork.com/widget/core/latest/hub/ Frame 3F92 435 B
725 B 60ms
59ms Document
text/html 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/widget/core/latest/hub/session.html?v=1
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?hotel_id=1089357&property_id=1013843&account_key=F174E2F3A0ED27BE653C31CC1C22C70E
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 0a37de6ab4b58d2dfed40f7e40ab8b13ce92270e6410d3b651552edb54eb9b4b

Request headers

:method: GET
:authority: www.thehotelsnetwork.com
:scheme: https
:path: /widget/core/latest/hub/session.html?v=1
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tmp.kuredu.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __thn_ss=88e654b1f9a19f320dd7e34b4bb7dee8
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tmp.kuredu.com/

Response headers

date: Fri, 12 Feb 2021 20:32:45 GMT
content-type: text/html
server: nginx/1.17.5
last-modified: Fri, 12 Feb 2021 13:38:47 GMT
vary: Accept-Encoding
etag: W/"602684e7-12c"
expires: Sun, 14 Mar 2021 20:32:45 GMT
cache-control: max-age=2592000 public
content-encoding: gzip
set-cookie: visid_incap_2454396=wnBrc/VWSmq0CtGsPFB+fuzlJmAAAAAAQUIPAAAAAABZZM/fdBBh3xcom20VaQ4u; expires=Sat, 12 Feb 2022 17:22:54 GMT; HttpOnly; path=/; Domain=.thehotelsnetwork.com nlbi_2454396=pOoyZ7BJZl1MlN9nAg94agAAAAB1AGDMf7B0Cc3L1tMdZkZh; path=/; Domain=.thehotelsnetwork.com incap_ses_1368_2454396=ozzPEUxY5H9aJrSBzhz8EuzlJmAAAAAA0XgdHAzsb9HQbpxN9i/4EQ==; path=/; Domain=.thehotelsnetwork.com
x-cdn: Incapsula
x-iinfo: 9-21441184-21441136 PNNN RT(1613161964904 0) q(0 0 0 0) r(0 0) U5

GET
H2 200 hub.min.js Show response
www.thehotelsnetwork.com/widget/core/latest/hub/ Frame 3F92 2 KB
1 KB 58ms
58ms Script
application/javascript 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/widget/core/latest/hub/hub.min.js?v=1
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/latest/hub/session.html?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 1e3698d98f74965f6d2b7f57bda9efedeb8117f70e99b1378841686bb1ce5fae

Request headers

Referer: https://www.thehotelsnetwork.com/widget/core/latest/hub/session.html?v=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:45 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 13:38:47 GMT
server: nginx/1.17.5
etag: W/"602684e7-87c"
vary: Accept-Encoding
content-type: application/javascript
x-iinfo: 9-21441186-21441101 PNNN RT(1613161964969 0) q(0 0 0 0) r(0 0) U5
cache-control: max-age=2592000, public
x-cdn: Incapsula
expires: Sun, 14 Mar 2021 20:32:45 GMT

GET
H2 200 _Incapsula_Resource Show response
www.thehotelsnetwork.com/ Frame 3F92 144 KB
21 KB 37ms
37ms Script
application/javascript 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=6&cb=1194921688
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/latest/hub/session.html?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: a9b3d26fead132e8b0bf1da948d0230ef3504e4274eb1152e8a48320519c6d7f

Request headers

Referer: https://www.thehotelsnetwork.com/widget/core/latest/hub/session.html?v=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 21098
content-type: application/javascript

GET
H2 200 _Incapsula_Resource
www.thehotelsnetwork.com/ Frame 3F92 1 B
261 B 36ms
36ms Image
text/plain 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thehotelsnetwork.com/_Incapsula_Resource?SWKMTFSR=1&e=0.24353848000880784
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/latest/hub/session.html?v=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thehotelsnetwork.com/widget/core/latest/hub/session.html?v=1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 add_widget_url_history Show response
www.thehotelsnetwork.com/ 12 B
429 B 79ms
79ms XHR
application/json 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/add_widget_url_history?account_key=F174E2F3A0ED27BE653C31CC1C22C70E&property_id=1013843&url=https%3A%2F%2Fwww.tmp.kuredu.com%2F&user_id=1033238&visit_date=0
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/3.9/dist/main/index.min.js?h=fdb0448640f4e619
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 / PHP/7.3.26-1+0~20210112.74+debian10~1.gbpd78724
Resource Hash: a627cdef47d90beb8922c69653ebe40592d9af103fb4e925c2dee8bc0615f83e

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:45 GMT
content-encoding: gzip
server: nginx/1.17.5
x-powered-by: PHP/7.3.26-1+0~20210112.74+debian10~1.gbpd78724
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tmp.kuredu.com
x-iinfo: 9-21441200-21441115 PNNN RT(1613161965181 0) q(0 0 0 0) r(1 1) U5
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 430c4980fdabd385.min.js Show response
www.thehotelsnetwork.com/widget/core/3.9/dist/engines/ 28 KB
10 KB 63ms
62ms Script
application/javascript 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/widget/core/3.9/dist/engines/430c4980fdabd385.min.js?h=ed904f188f74f1d8
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?hotel_id=1089357&property_id=1013843&account_key=F174E2F3A0ED27BE653C31CC1C22C70E
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: d905e1694f82c103d6b96ef8b9ddaa434a03e117c7dafe35868a2af7c1c402bf

Request headers

Origin: https://www.tmp.kuredu.com
Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:45 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 13:38:58 GMT
server: nginx/1.17.5
etag: W/"602684f2-70c1"
vary: Accept-Encoding, Origin
content-type: application/javascript
access-control-allow-origin: https://www.tmp.kuredu.com
x-iinfo: 10-30472100-30472039 PNNy RT(1613161965183 0) q(0 0 0 0) r(1 1) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:45 GMT

GET
H2

200

widget_v2.329.js Show response
v2.zopim.com/bin/v/
Redirect Chain

https://v2.zopim.com/w?35sMl3TtCSbQlHPgsi3goXQqBhFW5Mk2
https://v2.zopim.com/bin/v/widget_v2.329.js

1 MB
244 KB

33ms
32ms

Script
application/javascript

104.16.107.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://v2.zopim.com/bin/v/widget_v2.329.js
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.107.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 98da4e695c13cfab6997df8e98a5e33cfc0541ee0a66aae15d169e7dd491f6d7

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:45 GMT
content-encoding: gzip
cf-cache-status: HIT
last-modified: Wed, 10 Jun 2020 07:11:49 GMT
server: cloudflare
age: 412157
etag: W/"5ee087b5-102db5"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: public, max-age=315360000
cf-ray: 620914adab8310bd-CPH
cf-request-id: 08398b4088000010bd0e859000000001
expires: Mon, 10 Feb 2031 20:32:45 GMT

Redirect headers

date: Fri, 12 Feb 2021 20:32:45 GMT
cf-cache-status: DYNAMIC
server: cloudflare
etag: "5ee9874c-0"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type: application/octet-stream
location: https://v2.zopim.com/bin/v/widget_v2.329.js
cache-control: max-age=14400, max-age=14400, public, must-revalidate, proxy-revalidate
cf-ray: 620914ad39d810bd-CPH
content-length: 0
cf-request-id: 08398b4045000010bd35be4000000001
expires: Sat, 13 Feb 2021 00:32:45 GMT

GET
H2 200 appsmanagerinit Show response
sessionapihk.veinteractive.com/api/ 695 B
2 KB 646ms
189ms XHR
application/json 20.43.163.97
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://sessionapihk.veinteractive.com/api/appsmanagerinit?isCookieEnabled=true&timeToLive=60&captureVersion=5.0&journeyCode=4C9D3231-ABA4-4648-9AB4-B8BBC40545C4&landingPage=https%3A%2F%2Fwww.tmp.kuredu.com%2F&offset=-60&referrerDomain=&status=3&uid=e096a0c8-c2eb-419a-8075-023650afb16f&userAgent=Mozilla%2F5.0%20(Macintosh%3B%20Intel%20Mac%20OS%20X%2010_14_5)%20AppleWebKit%2F537.36%20(KHTML%2C%20like%20Gecko)%20Chrome%2F83.0.4103.61%20Safari%2F537.36

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/3.9/dist/main/index.min.js?h=fdb0448640f4e619

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.43.163.97 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

c16ad98896e97f388c8a6448c5e54d7e52875c0fc65d6d8820cd9d583a812f39

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript
Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tmp.kuredu.com
access-control-allow-credentials: true
strict-transport-security: max-age=15724800
vary: Accept-Encoding
x-xss-protection: 1; mode=block

GET
H2

204

SyncCookie
cookiea1.veinteractive.com/api/
Redirect Chain

https://a.volvelle.tech/sync?source=ve&redirect=//cookiea1.veinteractive.com/api/SyncCookie?clientName%3Dvolvelle%26journeyCode%3D4C9D3231-ABA4-4648-9AB4-B8BBC40545C4%26version%3D5.0.0%26referrer%3...
https://a.volvelle.tech/ul_cb/sync?source=ve&redirect=//cookiea1.veinteractive.com/api/SyncCookie?clientName%3Dvolvelle%26journeyCode%3D4C9D3231-ABA4-4648-9AB4-B8BBC40545C4%26version%3D5.0.0%26refe...
https://x.bidswitch.net/syncd?dsp_id=190&user_group=1&user_id=669d952a-1961-467b-8185-34fa53e5133e&redir=https%3A%2F%2Fcookiea1.veinteractive.com%2Fapi%2FSyncCookie%3FclientName%3Dvolvelle%26journe...
https://x.bidswitch.net/ul_cb/syncd?dsp_id=190&user_group=1&user_id=669d952a-1961-467b-8185-34fa53e5133e&redir=https%3A%2F%2Fcookiea1.veinteractive.com%2Fapi%2FSyncCookie%3FclientName%3Dvolvelle%26...
https://cookiea1.veinteractive.com/api/SyncCookie?clientName=volvelle&journeyCode=4C9D3231-ABA4-4648-9AB4-B8BBC40545C4&version=5.0.0&referrer=www.tmp.kuredu.com&offset=-60&userId=669d952a-1961-467b...

0
285 B

187ms
187ms

Image
text/plain

20.43.154.75
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cookiea1.veinteractive.com/api/SyncCookie?clientName=volvelle&journeyCode=4C9D3231-ABA4-4648-9AB4-B8BBC40545C4&version=5.0.0&referrer=www.tmp.kuredu.com&offset=-60&userId=669d952a-1961-467b-8185-34fa53e5133e

Requested by

Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.43.154.75 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:46 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
p3p: policyref="/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
arr-disable-session-affinity: true
access-control-allow-credentials: true
strict-transport-security: max-age=15724800
x-xss-protection: 1; mode=block

Redirect headers

location: https://cookiea1.veinteractive.com/api/SyncCookie?clientName=volvelle&journeyCode=4C9D3231-ABA4-4648-9AB4-B8BBC40545C4&version=5.0.0&referrer=www.tmp.kuredu.com&offset=-60&userId=669d952a-1961-467b-8185-34fa53e5133e
date: Fri, 12 Feb 2021 20:32:46 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2 200 get_widget_fingerprint_data Show response
www.thehotelsnetwork.com/ 8 KB
3 KB 189ms
188ms XHR
application/json 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/get_widget_fingerprint_data?fingerprint=d019acdaba939864138ca994757b37c9&language=en&hotel_id=1089357&property_id=1013843
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/3.9/dist/main/index.min.js?h=fdb0448640f4e619
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 / PHP/7.3.26-1+0~20210112.74+debian10~1.gbpd78724
Resource Hash: dc5d50565f09834264b26d6bfd04d64593e088f2a84f0aadd372907acb7002a0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:46 GMT
content-encoding: gzip
server: nginx/1.17.5
x-powered-by: PHP/7.3.26-1+0~20210112.74+debian10~1.gbpd78724
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tmp.kuredu.com
x-iinfo: 9-21441256-21441136 PNNN RT(1613161965995 0) q(0 0 0 0) r(2 2) U5
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H2 200 FormMappings
dtrchk.veinteractive.com/ Frame 0
0 654ms
187ms Other 20.43.171.38
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dtrchk.veinteractive.com/FormMappings

Protocol

Server

20.43.171.38 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Origin: https://www.tmp.kuredu.com
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Sec-Fetch-Mode: cors

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-length: 0
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-origin: https://www.tmp.kuredu.com
access-control-max-age: 300
request-context: appId=cid-v1:0715a89b-f04e-49bf-b38a-d4de39bef50f
strict-transport-security: max-age=15724800
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

POST
H2 204 FormMappings Show response
dtrchk.veinteractive.com/ 0
259 B 556ms
185ms XHR
text/plain 20.43.171.38
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

https://dtrchk.veinteractive.com/FormMappings

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/3.9/dist/main/index.min.js?h=fdb0448640f4e619

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

20.43.171.38 Singapore, Singapore, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15724800
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/javascript
Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
content-type: application/json;charset=UTF-8

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
access-control-allow-origin: https://www.tmp.kuredu.com
access-control-allow-credentials: true
strict-transport-security: max-age=15724800
x-xss-protection: 1; mode=block
request-context: appId=cid-v1:0715a89b-f04e-49bf-b38a-d4de39bef50f

GET
H2 200 avatar_simple_visitor.png
v2.zopim.com/widget/images/ Frame CAB7 638 B
984 B 29ms
29ms Image
image/png 104.16.107.139
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://v2.zopim.com/widget/images/avatar_simple_visitor.png
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 104.16.107.139 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 59b0b341f2377d03855e6151484cc22019c58f997a11577715121d710fd2386c

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:46 GMT
cf-cache-status: HIT
age: 412157
cf-polished: origSize=1922
content-length: 638
cf-request-id: 08398b44c4000010bd182f7000000001
last-modified: Thu, 02 Mar 2017 11:22:19 GMT
server: cloudflare
etag: "58b8006b-782"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: image/png
expires: Fri, 19 Feb 2021 20:32:46 GMT
cache-control: public, max-age=604800
accept-ranges: bytes
cf-ray: 620914b4687210bd-CPH
cf-bgj: imgq:100,h2pri

GET
DATA 200
OK truncated
/ Frame 95F1 13 KB
13 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: c2d83ad40a286051bd88ec3207cfeccf2e94ad85e777d9fe84708256f37ace14

Request headers

Origin: https://www.tmp.kuredu.com
Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
H2 200 get_widget_fingerprint_tools Show response
www.thehotelsnetwork.com/ 6 KB
2 KB 363ms
363ms XHR
application/json 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/get_widget_fingerprint_tools?fingerprint=d019acdaba939864138ca994757b37c9&language=en&country=dk&page_id=1035990&page_name=Index&hotel_id=1089357&property_id=1013843
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/3.9/dist/main/index.min.js?h=fdb0448640f4e619
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 / PHP/7.3.26-1+0~20210112.74+debian10~1.gbpd78724
Resource Hash: b1c51120880f659bd4d1756a60a17d3fc5316f566f2bee85cca96d99a0924c16

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
server: nginx/1.17.5
x-powered-by: PHP/7.3.26-1+0~20210112.74+debian10~1.gbpd78724
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tmp.kuredu.com
x-iinfo: 9-21441281-21441136 PNNN RT(1613161966382 0) q(0 0 0 0) r(4 4) U5
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 11 Show response
beacon.sojern.com/pixel/cp/ 6 KB
2 KB 160ms
72ms Script
application/javascript 107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://beacon.sojern.com/pixel/cp/11?f_v=cp_v1_js&p_v=1&hpid=65452&pt=HOME_PAGE
Requested by: Host: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: 9dddde874818fbfdca967d672007c8842ef13a61ab43fe242342321fb5762b9b

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:46 GMT
via: 1.1 google
vary: Accept-Encoding
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
content-encoding: gzip
content-type: application/javascript
alt-svc: clear
content-length: 1542

GET
H2 200 2006010353049042 Show response
connect.facebook.net/signals/config/ 240 KB
69 KB 7ms
7ms Script
application/x-javascript 2a03:2880:f02d:12:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/2006010353049042?v=2.9.33&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f02d:12:face:b00c:0:3 , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

9cd30c4bebbbda387960bdaa61d453da0e110f66d4c46d3ae01c913efdbdbb15

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 70489
x-fb-rlafr: 0
pragma: public
x-fb-debug: GnSOyVRIXOb3ZvMi6OiSzwQ5mob289Q8G47QypwCBo0PNDa3Ptkqjhhfac6RxTCnYXq1MhWlDUb9P63Bhb7O0Q==
x-fb-trip-id: 917726464
x-frame-options: DENY
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
date: Fri, 12 Feb 2021 20:32:46 GMT
strict-transport-security: max-age=31536000; preload; includeSubDomains
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: application/x-javascript; charset=utf-8
vary: Accept-Encoding
cache-control: public, max-age=1200
x-content-id: 1212899010
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
39 KB 47ms
31ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-772268528

Requested by

Host: beacon.sojern.com
URL: https://beacon.sojern.com/pixel/cp/11?f_v=cp_v1_js&p_v=1&hpid=65452&pt=HOME_PAGE

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

1d795f8e75363c2788d3e6a2b8096ae98efb360e8994de269dc94399a763253f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39133
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 20:08:04 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Feb 2021 20:32:47 GMT

GET
H2 200 bat.js Show response
bat.bing.com/ 27 KB
9 KB 48ms
32ms Script
application/javascript 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL: https://bat.bing.com/bat.js
Requested by: Host: beacon.sojern.com
URL: https://beacon.sojern.com/pixel/cp/11?f_v=cp_v1_js&p_v=1&hpid=65452&pt=HOME_PAGE
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: 4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:46 GMT
content-encoding: gzip
last-modified: Tue, 20 Oct 2020 22:19:32 GMT
x-msedge-ref: Ref A: 158815F5B48548ADA40AB91DD2297469 Ref B: FRAEDGE1417 Ref C: 2021-02-12T20:32:47Z
etag: "0b27f152fa7d61:0"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: private,max-age=1800
accept-ranges: bytes
content-length: 8454

GET
H3-Q050

200

src=8267058;dc_pre=CPyKitCY5e4CFdeGsgodrg4G2A;type=homep0;cat=apack0;qty=1;cost=0;u1=;u2=;u3=;u4=;u5=;u6=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u17=;u18=;u19=65452;u20=;dc_lat=;dc_rdid=;tag_fo...
adservice.google.com/ddm/fls/z/
Redirect Chain

https://ad.doubleclick.net/ddm/activity/src=8267058;type=homep0;cat=apack0;qty=1;cost=0;u1=;u2=;u3=;u4=;u5=;u6=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u17=;u18=;u19=65452;u20=;dc_lat=;dc_rdid=;...
https://ad.doubleclick.net/ddm/activity/src=8267058;dc_pre=CPyKitCY5e4CFdeGsgodrg4G2A;type=homep0;cat=apack0;qty=1;cost=0;u1=;u2=;u3=;u4=;u5=;u6=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u17=;u18...
https://adservice.google.com/ddm/fls/z/src=8267058;dc_pre=CPyKitCY5e4CFdeGsgodrg4G2A;type=homep0;cat=apack0;qty=1;cost=0;u1=;u2=;u3=;u4=;u5=;u6=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u17=;u18=...

42 B
722 B

62ms
49ms

Image
image/gif

2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/src=8267058;dc_pre=CPyKitCY5e4CFdeGsgodrg4G2A;type=homep0;cat=apack0;qty=1;cost=0;u1=;u2=;u3=;u4=;u5=;u6=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u17=;u18=;u19=65452;u20=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=orderID

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:47 GMT
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
location: https://adservice.google.com/ddm/fls/z/src=8267058;dc_pre=CPyKitCY5e4CFdeGsgodrg4G2A;type=homep0;cat=apack0;qty=1;cost=0;u1=;u2=;u3=;u4=;u5=;u6=;u8=;u9=;u10=;u11=;u12=;u13=;u14=;u15=;u16=;u17=;u18=;u19=65452;u20=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=orderID
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK px
secure.adnxs.com/ 0
952 B 75ms
74ms Image
application/javascript 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/px?id=1320892&t=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 20:32:47 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.132:80
AN-X-Request-Uuid: 3af69d28-6eb9-4b59-99e4-bffb92bd34cd
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 200
OK seg
secure.adnxs.com/ 0
1 KB 107ms
36ms Image
application/javascript 185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://secure.adnxs.com/seg?add=23303653&t=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 20:32:47 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.223.141:80
AN-X-Request-Uuid: 22c267d5-60fa-4595-be33-012d474b9af3
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

AdX
pixel.sojern.com/idSync/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=kNwDJIEK8ZAd6L-ZVqXTBA&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=ELIsrW-1aSHgwEXrUVh4pyTUEEEPF6wAgcpFo6993Dh6Crxc7m5...
https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=ELIsrW-1aSHgwEXrUVh4pyTUEEEPF6wAgcpFo6993Dh6Crxc7m5VOOJPcn_6LTXD&sjrn_ula=516973663&google_gid=CAESEJ31aeJV4Gw7iawb809qV6w&google_cver=1

42 B
282 B

71ms
70ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=ELIsrW-1aSHgwEXrUVh4pyTUEEEPF6wAgcpFo6993Dh6Crxc7m5VOOJPcn_6LTXD&sjrn_ula=516973663&google_gid=CAESEJ31aeJV4Gw7iawb809qV6w&google_cver=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: clear
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:47 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://pixel.sojern.com/idSync/AdX?exchangeProfileId=&sjrn_id=ELIsrW-1aSHgwEXrUVh4pyTUEEEPF6wAgcpFo6993Dh6Crxc7m5VOOJPcn_6LTXD&sjrn_ula=516973663&google_gid=CAESEJ31aeJV4Gw7iawb809qV6w&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 412
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

pixel
fcmatch.youtube.com/
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_hm=kNwDJIEK8ZAd6L-ZVqXTBA&google_nid=sojern_adh
https://fcmatch.google.com/pixel?google_gm=AMnCDopsr6J_yuPQEKV2HRvJ90TSFLeH10lASIcQYlAkXhRvUwq7prIyMvyds4JAldmzfxAE4I_pVHe1NQQ5r2A8UhKtY4cg8GUm2vMlL-G4rBYGKoalj70
https://fcmatch.youtube.com/pixel?google_gm=AMnCDopsr6J_yuPQEKV2HRvJ90TSFLeH10lASIcQYlAkXhRvUwq7prIyMvyds4JAldmzfxAE4I_pVHe1NQQ5r2A8UhKtY4cg8GUm2vMlL-G4rBYGKoalj70

170 B
529 B

34ms
14ms

Image
image/png

2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://fcmatch.youtube.com/pixel?google_gm=AMnCDopsr6J_yuPQEKV2HRvJ90TSFLeH10lASIcQYlAkXhRvUwq7prIyMvyds4JAldmzfxAE4I_pVHe1NQQ5r2A8UhKtY4cg8GUm2vMlL-G4rBYGKoalj70

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:47 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:47 GMT
server: HTTP server (unknown)
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8
location: https://fcmatch.youtube.com/pixel?google_gm=AMnCDopsr6J_yuPQEKV2HRvJ90TSFLeH10lASIcQYlAkXhRvUwq7prIyMvyds4JAldmzfxAE4I_pVHe1NQQ5r2A8UhKtY4cg8GUm2vMlL-G4rBYGKoalj70
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 360
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2

200

apn
pixel.sojern.com/idsync/
Redirect Chain

https://ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=ELIsrW-1aSHgwEXrUVh4pyTUEEEPF6wAgcpFo6993Dh6Crxc7m5VOOJPcn_6LTXD
https://pixel.sojern.com/idsync/apn?id=4739265564283385809&sjrn_id=ELIsrW-1aSHgwEXrUVh4pyTUEEEPF6wAgcpFo6993Dh6Crxc7m5VOOJPcn_6LTXD

42 B
264 B

69ms
68ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/apn?id=4739265564283385809&sjrn_id=ELIsrW-1aSHgwEXrUVh4pyTUEEEPF6wAgcpFo6993Dh6Crxc7m5VOOJPcn_6LTXD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: clear
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 20:32:47 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.166:80
AN-X-Request-Uuid: 01bde1f4-ae9b-44ab-961f-e967ff8f2cc0
Server: nginx/1.17.9
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://pixel.sojern.com/idsync/apn?id=4739265564283385809&sjrn_id=ELIsrW-1aSHgwEXrUVh4pyTUEEEPF6wAgcpFo6993Dh6Crxc7m5VOOJPcn_6LTXD
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

200

ttd
pixel.sojern.com/idsync/
Redirect Chain

https://match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=ELIsrW-1aSHgwEXrUVh4pyTUEEEPF6wAgcpFo6993Dh6Crxc7m5VOOJPcn_6LTXD&ttd_tpi=1
https://match.adsrvr.org/track/cmb/generic?ttd_pid=ombl9hp&ttd_puid=ELIsrW-1aSHgwEXrUVh4pyTUEEEPF6wAgcpFo6993Dh6Crxc7m5VOOJPcn_6LTXD&ttd_tpi=1
https://pixel.sojern.com/idsync/ttd?id=e5acd2cc-2a70-4222-bc25-a2487f256b7e&sjrn_id=ELIsrW-1aSHgwEXrUVh4pyTUEEEPF6wAgcpFo6993Dh6Crxc7m5VOOJPcn_6LTXD

42 B
275 B

68ms
68ms

Image
image/gif

107.178.244.119
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.sojern.com/idsync/ttd?id=e5acd2cc-2a70-4222-bc25-a2487f256b7e&sjrn_id=ELIsrW-1aSHgwEXrUVh4pyTUEEEPF6wAgcpFo6993Dh6Crxc7m5VOOJPcn_6LTXD
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 107.178.244.119 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
via: 1.1 google
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
alt-svc: clear
content-length: 42
vary: Accept-Encoding
content-type: image/gif

Redirect headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:47 GMT
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
location: https://pixel.sojern.com/idsync/ttd?id=e5acd2cc-2a70-4222-bc25-a2487f256b7e&sjrn_id=ELIsrW-1aSHgwEXrUVh4pyTUEEEPF6wAgcpFo6993Dh6Crxc7m5VOOJPcn_6LTXD
cache-control: private,no-cache, must-revalidate
content-type: text/html
content-length: 327

GET
H2 200 /
www.facebook.com/tr/ 44 B
147 B 7ms
6ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2006010353049042&ev=PageView&dl=https%3A%2F%2Fwww.tmp.kuredu.com%2F&rl=&if=false&ts=1613161967009&sw=1600&sh=1200&v=2.9.33&r=stable&ec=0&o=30&fbp=fb.1.1613161964486.1999571625&it=1613161964443&coo=false&tm=1&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 12 Feb 2021 20:32:47 GMT

GET
H2 200 /
www.facebook.com/tr/ 44 B
101 B 7ms
7ms Image
image/gif 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=2006010353049042&ev=HomePage&dl=https%3A%2F%2Fwww.tmp.kuredu.com%2F&rl=&if=false&ts=1613161967010&cd[content_type]=hotel&cd[content_ids]=%5B%2265452%22%5D&cd[value]=0&cd[purchase_value]=0&sw=1600&sh=1200&v=2.9.33&r=stable&ec=1&o=30&fbp=fb.1.1613161964486.1999571625&it=1613161964443&coo=false&tm=2&rqm=GET

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
server: proxygen-bolt
strict-transport-security: max-age=31536000; includeSubDomains
content-type: image/gif
cache-control: no-cache, must-revalidate, max-age=0
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 44
expires: Fri, 12 Feb 2021 20:32:47 GMT

GET
H2 204 0
bat.bing.com/action/ 0
92 B 31ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=26031035&Ver=2&mid=3e4da1a6-4d08-4b17-acc7-22be8c35ff56&sid=779c99106d7111eba9e71352a082bdec&vid=779caaf06d7111eba92a4da0e2c083cf&vids=1&pi=0&lg=en-US&sw=1600&sh=1200&sc=24&tl=Maldives%20Resorts%20-%20Kuredu%20is%20a%20top%20rated%20and%20popular%20resort&p=https%3A%2F%2Fwww.tmp.kuredu.com%2F&r=&lt=3630&evt=pageLoad&msclkid=N&sv=1&rn=731390
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 12 Feb 2021 20:32:46 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 958E37DD51464198B8780D8177E51385 Ref B: FRAEDGE1417 Ref C: 2021-02-12T20:32:47Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 204 0
bat.bing.com/action/ 0
148 B 30ms
30ms Image
text/plain 2620:1ec:c11::200
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bat.bing.com/action/0?ti=26031035&Ver=2&mid=3e4da1a6-4d08-4b17-acc7-22be8c35ff56&sid=779c99106d7111eba9e71352a082bdec&vid=779caaf06d7111eba92a4da0e2c083cf&vids=0&ec=remarketing&evt=custom&msclkid=N&rn=184322
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2620:1ec:c11::200 , United States, ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

access-control-allow-origin: *
pragma: no-cache
date: Fri, 12 Feb 2021 20:32:46 GMT
cache-control: no-cache, must-revalidate
x-msedge-ref: Ref A: 64A55BAD40A442738C9D140DFFE340BB Ref B: FRAEDGE1417 Ref C: 2021-02-12T20:32:47Z
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
12 KB 31ms
31ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-772268528

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c70c76846a8e9bf632e225948393882141c6ddb3ebab4ce1be1aa5deda981de3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12205
x-xss-protection: 0
server: cafe
etag: 14286597169266950975
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 12 Feb 2021 20:32:47 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/772268528/ 2 KB
1 KB 32ms
32ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/772268528/?random=1613161967090&cv=9&fst=1613161967090&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa230&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tmp.kuredu.com%2F&tiba=Maldives%20Resorts%20-%20Kuredu%20is%20a%20top%20rated%20and%20popular%20resort&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

6e6defdf5f9d44331abd4183485730bc6c99263d4340e2433da1bc4c6dbe6444

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1051
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/772268528/ 42 B
89 B 20ms
19ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/772268528/?random=1613161967090&cv=9&fst=1613160000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa230&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tmp.kuredu.com%2F&tiba=Maldives%20Resorts%20-%20Kuredu%20is%20a%20top%20rated%20and%20popular%20resort&async=1&fmt=3&is_vtc=1&random=2231252575&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/772268528/ 42 B
89 B 29ms
28ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/772268528/?random=1613161967090&cv=9&fst=1613160000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa230&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tmp.kuredu.com%2F&tiba=Maldives%20Resorts%20-%20Kuredu%20is%20a%20top%20rated%20and%20popular%20resort&async=1&fmt=3&is_vtc=1&random=2231252575&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 add_visit Show response
www.thehotelsnetwork.com/ 90 B
518 B 342ms
342ms XHR
application/json 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/add_visit
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/3.9/dist/main/index.min.js?h=fdb0448640f4e619
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 / PHP/7.3.26-1+0~20210112.74+debian10~1.gbpd78724
Resource Hash: 1d4378063acb027b668a1f70a3e921c285d1d0c18b44b26eef889eb9e68a6adb

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
server: nginx/1.17.5
x-powered-by: PHP/7.3.26-1+0~20210112.74+debian10~1.gbpd78724
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tmp.kuredu.com
x-iinfo: 9-21441294-21441136 PNNN RT(1613161966749 0) q(0 0 0 0) r(3 3) U5
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3-Q050 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
12 KB 34ms
34ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/3.9/dist/main/index.min.js?h=fdb0448640f4e619

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

c70c76846a8e9bf632e225948393882141c6ddb3ebab4ce1be1aa5deda981de3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12205
x-xss-protection: 0
server: cafe
etag: 14286597169266950975
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 12 Feb 2021 20:32:47 GMT

GET
H2 200 hotel-exit-widget Show response
www.thehotelsnetwork.com/ Frame 1322 34 KB
11 KB 103ms
102ms Document
text/html 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/3.9/dist/main/index.min.js?h=fdb0448640f4e619
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 / PHP/7.3.26-1+0~20210112.74+debian10~1.gbpd78724
Resource Hash: ded374ed7c1afb99ee25d9415515dcf82eb963535fae60c2b8ceda01ef57e078

Request headers

:method: GET
:authority: www.thehotelsnetwork.com
:scheme: https
:path: /hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tmp.kuredu.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __thn_ss=88e654b1f9a19f320dd7e34b4bb7dee8; thn_id=d019acdaba939864138ca994757b37c9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tmp.kuredu.com/

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.17.5
vary: Accept-Encoding
x-powered-by: PHP/7.3.26-1+0~20210112.74+debian10~1.gbpd78724
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
set-cookie: visid_incap_2454396=wnBrc/VWSmq0CtGsPFB+fuzlJmAAAAAAQUIPAAAAAABZZM/fdBBh3xcom20VaQ4u; expires=Sat, 12 Feb 2022 17:22:54 GMT; HttpOnly; path=/; Domain=.thehotelsnetwork.com nlbi_2454396=u2WYbCbNWFucr04OAg94agAAAAB7Q1Kk0ZFddLXC5NekycZM; path=/; Domain=.thehotelsnetwork.com incap_ses_1368_2454396=tUC6ZEDnyT5aJrSBzhz8Eu7lJmAAAAAAGvKx4q5j2q4l1u17TagfsQ==; path=/; Domain=.thehotelsnetwork.com
x-cdn: Incapsula
x-iinfo: 9-21441295-21441115 PNNN RT(1613161966758 0) q(0 0 0 0) r(1 1) U5

GET
H2 200 reviews-iframe.min.js Show response
www.thehotelsnetwork.com/widget/core/3.9/dist/modules/ 6 KB
2 KB 64ms
64ms Script
application/javascript 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/widget/core/3.9/dist/modules/reviews-iframe.min.js?h=03564495e457f660
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?hotel_id=1089357&property_id=1013843&account_key=F174E2F3A0ED27BE653C31CC1C22C70E
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: c6e1aee5fdee4990155ef791c8d74f98935a89696863368b12f51cde8d1b7570

Request headers

Origin: https://www.tmp.kuredu.com
Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 13:38:58 GMT
server: nginx/1.17.5
etag: W/"602684f2-1738"
vary: Accept-Encoding, Origin
content-type: application/javascript
access-control-allow-origin: https://www.tmp.kuredu.com
x-iinfo: 10-30472227-30472228 NNNY CT(0 0 0) RT(1613161966758 0) q(0 0 0 0) r(0 0) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H2 200 welcome-iframe.min.js Show response
www.thehotelsnetwork.com/widget/core/3.9/dist/modules/ 9 KB
3 KB 66ms
65ms Script
application/javascript 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/widget/core/3.9/dist/modules/welcome-iframe.min.js?h=518fe7261b2a7749
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?hotel_id=1089357&property_id=1013843&account_key=F174E2F3A0ED27BE653C31CC1C22C70E
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: faa5cc8b0c24e3b10d9793f9059810ba412ee6169b47554607e73b4fc27aa42d

Request headers

Origin: https://www.tmp.kuredu.com
Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 13:38:58 GMT
server: nginx/1.17.5
etag: W/"602684f2-2317"
vary: Accept-Encoding, Origin
content-type: application/javascript
access-control-allow-origin: https://www.tmp.kuredu.com
x-iinfo: 10-30472229-30472039 PNNy RT(1613161966760 0) q(0 0 0 0) r(0 0) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H3-Q050 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/932798970/ 2 KB
1 KB 134ms
134ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/932798970/?random=1613161967227&cv=9&fst=1613161967227&num=1&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&data=hotel_id%3D1089357%3Bhotel_name%3DKuredu%20Island%20Resort%20%26%20Spa%3Bhotel_location%3De%3Bpage_id%3D1035990%3Bpage_name%3DIndex&frm=0&url=https%3A%2F%2Fwww.tmp.kuredu.com%2F&tiba=Maldives%20Resorts%20-%20Kuredu%20is%20a%20top%20rated%20and%20popular%20resort&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2cd68a7d6aa62486459b7ec8a3ccdb60b62747677d7db386012c14c31027fa29

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1092
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 hotel-review-monitor-widget Show response
www.thehotelsnetwork.com/ Frame BD94 34 KB
10 KB 230ms
229ms Document
text/html 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/3.9/dist/modules/reviews-iframe.min.js?h=03564495e457f660
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 / PHP/7.3.26-1+0~20210112.74+debian10~1.gbpd78724
Resource Hash: 0f0df986e5195131fa29644c205024c02336380315250305e919e7f625dfb14b

Request headers

:method: GET
:authority: www.thehotelsnetwork.com
:scheme: https
:path: /hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tmp.kuredu.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __thn_ss=88e654b1f9a19f320dd7e34b4bb7dee8; thn_id=d019acdaba939864138ca994757b37c9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tmp.kuredu.com/

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.17.5
vary: Accept-Encoding
x-powered-by: PHP/7.3.26-1+0~20210112.74+debian10~1.gbpd78724
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
access-control-allow-origin: https://www.tmp.kuredu.com
access-control-allow-credentials: true
content-encoding: gzip
set-cookie: visid_incap_2454396=wnBrc/VWSmq0CtGsPFB+fuzlJmAAAAAAQUIPAAAAAABZZM/fdBBh3xcom20VaQ4u; expires=Sat, 12 Feb 2022 17:22:54 GMT; HttpOnly; path=/; Domain=.thehotelsnetwork.com nlbi_2454396=EfU/AqVGaWkJkK3NAg94agAAAADoIUG28eyiQ1e5knfeu7E6; path=/; Domain=.thehotelsnetwork.com incap_ses_1368_2454396=/CxbeYDP/itaJrSBzhz8Eu/lJmAAAAAAuk1k0yIlUm3jkh+DM9nF8w==; path=/; Domain=.thehotelsnetwork.com
x-cdn: Incapsula
x-iinfo: 9-21441297-21441101 PNNN RT(1613161966832 0) q(0 0 0 0) r(2 2) U5

GET
H2 200 hotel-layer Show response
www.thehotelsnetwork.com/ Frame 002F 45 KB
14 KB 93ms
93ms Document
text/html 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/3.9/dist/modules/welcome-iframe.min.js?h=518fe7261b2a7749
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 / PHP/7.3.26-1+0~20210112.74+debian10~1.gbpd78724
Resource Hash: 4a01f782261e17343d9b542e0366ab78fc911c0815ac9767dc89e4962851c588

Request headers

:method: GET
:authority: www.thehotelsnetwork.com
:scheme: https
:path: /hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tmp.kuredu.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: __thn_ss=88e654b1f9a19f320dd7e34b4bb7dee8; thn_id=d019acdaba939864138ca994757b37c9
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tmp.kuredu.com/

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-type: text/html; charset=UTF-8
server: nginx/1.17.5
vary: Accept-Encoding
x-powered-by: PHP/7.3.26-1+0~20210112.74+debian10~1.gbpd78724
expires: Thu, 19 Nov 1981 08:52:00 GMT
cache-control: no-store, no-cache, must-revalidate
pragma: no-cache
content-encoding: gzip
set-cookie: visid_incap_2454396=wnBrc/VWSmq0CtGsPFB+fuzlJmAAAAAAQUIPAAAAAABZZM/fdBBh3xcom20VaQ4u; expires=Sat, 12 Feb 2022 17:22:54 GMT; HttpOnly; path=/; Domain=.thehotelsnetwork.com nlbi_2454396=d+oEaZyePHZSeAVKAg94agAAAABUi45lUSUpaJMJjxi4NeH4; path=/; Domain=.thehotelsnetwork.com incap_ses_1368_2454396=Y8VzF1r68kBaJrSBzhz8Eu7lJmAAAAAAEqy3c4bsq9opZhGdYEPa5A==; path=/; Domain=.thehotelsnetwork.com
x-cdn: Incapsula
x-iinfo: 9-21441298-21441115 PNNN RT(1613161966834 0) q(0 0 0 0) r(0 0) U5

GET
H2 200 styles.popup.css
www.thehotelsnetwork.com/css/ Frame 1322 132 KB
16 KB 90ms
89ms Stylesheet
text/css 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/css/styles.popup.css?v=1612462426
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: c402ed386916ee7c827a6decccbb06e131141cde68e8d74bb0053d2a4b24105e

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 18:13:46 GMT
server: nginx/1.17.5
etag: W/"601c395a-20e1b"
vary: Accept-Encoding, Origin
content-type: text/css
x-iinfo: 9-21441301-21441303 NNNY CT(0 0 0) RT(1613161966867 0) q(0 0 0 0) r(1 1) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H2 200 animate.min.css
www.thehotelsnetwork.com/js/node_modules/animate.css/ Frame 1322 57 KB
5 KB 67ms
66ms Stylesheet
text/css 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/js/node_modules/animate.css/animate.min.css
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 1ed082521f47921ffff14d4ec1c6c3f1ea55114741bee23cc23d4ab6a3213642

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: nginx/1.17.5
etag: W/"1dc09d84-e283"
vary: Accept-Encoding, Origin
content-type: text/css
x-iinfo: 9-21441302-21441304 NNNY CT(0 0 0) RT(1613161966867 0) q(0 0 0 2) r(1 1) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H2 200 css
fonts.googleapis.com/ Frame 1322 2 KB
624 B 15ms
14ms Stylesheet
text/css 2a00:1450:4001:829::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Raleway

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

82b01959cc0372b3bc00ce2ff05bdfa6439aef4595ca1fadcb730e32275bb844

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 18:39:16 GMT
server: ESF
date: Fri, 12 Feb 2021 20:32:47 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 12 Feb 2021 20:32:47 GMT

GET
H2 200 powered_by_thn_dark.png
www.thehotelsnetwork.com/img/ Frame 1322 2 KB
3 KB 119ms
117ms Image
image/png 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thehotelsnetwork.com/img/powered_by_thn_dark.png
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 8ea35788f24deb141dd976e3437087a8dfca4b734930a9aa3e6cd033cc658def

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
last-modified: Thu, 04 Feb 2021 18:13:46 GMT
server: nginx/1.17.5
etag: "601c395a-8a9"
vary: Origin
content-type: image/png
x-iinfo: 9-21441311-21441324 NNNY CT(0 0 0) RT(1613161966877 0) q(0 1 1 1) r(1 1) U5
cache-control: max-age=2592000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 2217
x-cdn: Incapsula
expires: Sun, 14 Mar 2021 20:32:47 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.0.3/ Frame 1322 82 KB
26 KB 45ms
41ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.0.3/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.thehotelsnetwork.com
Referer: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1379565
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26454
cf-request-id: 08398b46d20000d6d5c99c1000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14696"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=DYfcEHaUHhPdhE%2BAh9nlHaGW%2FLyRtXwZRClDQ6X2vcBgUBp%2BIcCWCGm10l%2Bo2OrZYpof4o2Wsb26tEgzt3IjSbHEBiY%2B0zXyUyywoIZoKhk8w2v9bMf7iQdhOC5bc4PD6Q%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 620914b7bebcd6d5-FRA
expires: Wed, 02 Feb 2022 20:32:47 GMT

GET
H2 200 jquery-ui.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.10.3/ Frame 1322 223 KB
51 KB 28ms
24ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

071c69e4b4c2536bf5db0d9dd24c4a6f4bede45e0482daf3709289491dd7c62a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.thehotelsnetwork.com
Referer: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1560544
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51226
cf-request-id: 08398b46d30000d6d5e88f6000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-37aee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=bmH71lgTLHUsHSQTQPac%2FBgpR4RJYI1x5AhuuuXRg4ftxfCWJuydN5YYpizqBxWL3UVNm133kUG8HzAxsyGDqZjnvfA0cz%2FMG4asRw%2F0vxQB7EKueXZwxS0AcHuD7A2a7Q%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 620914b7bebed6d5-FRA
expires: Wed, 02 Feb 2022 20:32:47 GMT

GET
H2 200 underscore-min.min.js Show response
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.11.0/ Frame 1322 18 KB
7 KB 18ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.11.0/underscore-min.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

156bfee744eabb673d4ba08576f87dd2b52e84469dffafc0cd4cd62cc3e49e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.thehotelsnetwork.com
Referer: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4206906
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6322
cf-request-id: 08398b46d30000d6d5c61f5000000001
timing-allow-origin: *
last-modified: Fri, 28 Aug 2020 22:36:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f4986ff-473a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=GT05zpzhsxdI3eZvR2LTWA9v%2FHIU%2FIWR46A8gksmA4DC4wcE5jwcHaZf8rP5LVwNK3C35hfX%2F%2BecEY%2FoCRISveopjaPe8NCMfmZhWQbE0BIBeXSd%2BTIt3ejZ3n5gBtOzBQ%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 620914b7bebfd6d5-FRA
expires: Wed, 02 Feb 2022 20:32:47 GMT

GET
H2 200 utils.js Show response
www.thehotelsnetwork.com/js/ Frame 1322 55 KB
15 KB 93ms
89ms Script
application/javascript 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/js/utils.js
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: fed30dc4b5e541ebaafb3f79656b5b6e099573582621535f8e47c7e8ec4cf92d

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 13:40:50 GMT
server: nginx/1.17.5
etag: W/"60268562-dbcf"
vary: Accept-Encoding, Origin
content-type: application/javascript
x-iinfo: 9-21441305-21441307 NNNY CT(0 0 0) RT(1613161966872 0) q(0 0 0 0) r(1 1) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H2 200 php.js Show response
www.thehotelsnetwork.com/js/ Frame 1322 9 KB
3 KB 101ms
97ms Script
application/javascript 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/js/php.js
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 20f4691a0dda462da5185710f46ae05ead50962a7ad9b37a3a5578f4d27b62e2

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 18:13:46 GMT
server: nginx/1.17.5
etag: W/"601c395a-25ac"
vary: Accept-Encoding, Origin
content-type: application/javascript
x-iinfo: 9-21441306-21441115 PNNN RT(1613161966872 0) q(0 1 1 1) r(1 1) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H2 200 bootstrap.min.js Show response
www.thehotelsnetwork.com/js/libs/ Frame 1322 27 KB
8 KB 98ms
94ms Script
application/javascript 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/js/libs/bootstrap.min.js
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: fc1d94f50dd3822e1e53cb96af4f040d2ad8b5c7b984bae5e84efc7641acfada

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 18:13:46 GMT
server: nginx/1.17.5
etag: W/"601c395a-6cae"
vary: Accept-Encoding, Origin
content-type: application/javascript
x-iinfo: 9-21441308-21441304 PNNy RT(1613161966873 0) q(0 1 1 1) r(1 1) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H2 200 moment.min.js Show response
www.thehotelsnetwork.com/js/libs/rangepicker/ Frame 1322 33 KB
12 KB 117ms
113ms Script
application/javascript 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/js/libs/rangepicker/moment.min.js
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 4b5dcd8c4de34bf3e2bbbb1499ef55172ca6a8c7124c5aaa04cc6ea48a084b8b

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 18:13:46 GMT
server: nginx/1.17.5
etag: W/"601c395a-857b"
vary: Accept-Encoding, Origin
content-type: application/javascript
x-iinfo: 9-21441309-21441303 PNNy RT(1613161966874 0) q(0 1 1 1) r(1 1) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H2 200 es6-promise.auto.min.js Show response
cdnjs.cloudflare.com/ajax/libs/es6-promise/4.1.1/ Frame 1322 6 KB
2 KB 26ms
23ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/es6-promise/4.1.1/es6-promise.auto.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

388dcdf7308a69b0e8bf6ad917397c94951709c3fb126b06706a0fe83317402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.thehotelsnetwork.com
Referer: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1982957
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2190
cf-request-id: 08398b46d30000d6d5c7275000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e54-18d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=WvDFE8JO2wWEGIZFEz%2Bj6H9LyxtUizTkmygJhqUNsZn1eqfwTuFuPwNI8%2FxUij73LBKkwtrD%2B001PWCx2YyHKT0d614OzjKHfbvLgZ5Nacr1CyXz6xbYEPBt8sazN097gg%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 620914b7bec0d6d5-FRA
expires: Wed, 02 Feb 2022 20:32:47 GMT

GET
H2 200 fetch.umd.js Show response
cdn.jsdelivr.net/npm/whatwg-fetch@3.0.0/dist/ Frame 1322 14 KB
4 KB 9ms
5ms Script
application/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/whatwg-fetch@3.0.0/dist/fetch.umd.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9a0c4301b6e804a7a808eb69694ed08567605811ae9bef1d3f19c88e20bdec92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.thehotelsnetwork.com
Referer: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 155243
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3924
etag: W/"39d5-UI75N4tJ00i8iMkuAvRZcklx6l8"
x-served-by: cache-fra19178-FRA
date: Fri, 12 Feb 2021 20:32:47 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 systemjs.min.js Show response
www.thehotelsnetwork.com/widget/core/3.9/dist/modules/ Frame 1322 7 KB
3 KB 120ms
117ms Script
application/javascript 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/widget/core/3.9/dist/modules/systemjs.min.js?h=fb46a3e8ff97d09f
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: ed7f19698ca4d3fb8898052377e05f9c854c04615ae944240a3069fbb4e3b8e0

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 13:38:58 GMT
server: nginx/1.17.5
etag: W/"602684f2-1bb9"
vary: Accept-Encoding, Origin
content-type: application/javascript
x-iinfo: 9-21441310-21441307 PNNy RT(1613161966876 0) q(0 1 1 1) r(1 1) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H2 200 ionicons.min.css
www.thehotelsnetwork.com/css/ Frame 1322 50 KB
8 KB 121ms
118ms Stylesheet
text/css 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/css/ionicons.min.css
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 18:13:46 GMT
server: nginx/1.17.5
etag: W/"601c395a-c854"
vary: Accept-Encoding, Origin
content-type: text/css
x-iinfo: 9-21441312-21441304 PNNy RT(1613161966878 0) q(0 1 1 0) r(1 1) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H2 200 jquery-ui.min.css
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.10.3/themes/smoothness/ Frame 1322 26 KB
5 KB 16ms
13ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.10.3/themes/smoothness/jquery-ui.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4007a847abc4399c1a96d516763161315a841de3cfa7760df9523345efc56f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.thehotelsnetwork.com
Referer: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1984425
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4459
cf-request-id: 08398b46d40000d6d577aa4000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-693b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=uq3O2G2zfdYMDpE6%2BFFGeZYfQb5bwwdE1RZ64dqcOkwnw7fMCmfGjmNCrq5wILJyVM9TJo4ICxySmrJqK3td9qv%2BpKfsum7tvbIBw3LuR0U6OJUtn7C%2BHUjVfFYiAv1M4g%3D%3D"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 620914b7bec4d6d5-FRA
expires: Wed, 02 Feb 2022 20:32:47 GMT

GET
H2 200 slick.css
www.thehotelsnetwork.com/js/libs/slick/ Frame 1322 2 KB
967 B 197ms
194ms Stylesheet
text/css 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/js/libs/slick/slick.css
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 6f173fbde897c4b5e403c91d99bfc6d671efea799450ca3b11c0d1bcce2ddfc1

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 18:13:46 GMT
server: nginx/1.17.5
etag: W/"601c395a-6b6"
vary: Accept-Encoding, Origin
content-type: text/css
x-iinfo: 9-21441313-21441115 PNNN RT(1613161966879 0) q(0 2 2 1) r(2 2) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H2 200 daterangepicker.css
www.thehotelsnetwork.com/js/libs/rangepicker/ Frame 1322 6 KB
2 KB 202ms
200ms Stylesheet
text/css 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/js/libs/rangepicker/daterangepicker.css
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 628a3678cd1164568c233881fc6e9e065f06d4d5213e2fc367b2d1c6cad14a7e

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 18:13:46 GMT
server: nginx/1.17.5
etag: W/"601c395a-16ca"
vary: Accept-Encoding, Origin
content-type: text/css
x-iinfo: 9-21441315-21441339 NNNY CT(0 0 0) RT(1613161966884 0) q(0 2 2 0) r(2 2) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/932798970/ 42 B
66 B 19ms
19ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/932798970/?random=1613161967227&cv=9&fst=1613160000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=hotel_id%3D1089357%3Bhotel_name%3DKuredu%20Island%20Resort%20%26%20Spa%3Bhotel_location%3De%3Bpage_id%3D1035990%3Bpage_name%3DIndex&frm=0&url=https%3A%2F%2Fwww.tmp.kuredu.com%2F&tiba=Maldives%20Resorts%20-%20Kuredu%20is%20a%20top%20rated%20and%20popular%20resort&async=1&fmt=3&is_vtc=1&random=1129858054&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/932798970/ 42 B
66 B 32ms
32ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/932798970/?random=1613161967227&cv=9&fst=1613160000000&num=1&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&sendb=1&data=hotel_id%3D1089357%3Bhotel_name%3DKuredu%20Island%20Resort%20%26%20Spa%3Bhotel_location%3De%3Bpage_id%3D1035990%3Bpage_name%3DIndex&frm=0&url=https%3A%2F%2Fwww.tmp.kuredu.com%2F&tiba=Maldives%20Resorts%20-%20Kuredu%20is%20a%20top%20rated%20and%20popular%20resort&async=1&fmt=3&is_vtc=1&random=1129858054&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 styles.popup.css
www.thehotelsnetwork.com/css/ Frame 002F 132 KB
16 KB 87ms
86ms Stylesheet
text/css 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/css/styles.popup.css?v=1612462426
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: c402ed386916ee7c827a6decccbb06e131141cde68e8d74bb0053d2a4b24105e

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 18:13:46 GMT
server: nginx/1.17.5
etag: W/"601c395a-20e1b"
vary: Accept-Encoding, Origin
content-type: text/css
x-iinfo: 9-21441325-21441303 PNNy RT(1613161966932 0) q(0 0 0 -1) r(0 0) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H2 200 animate.min.css
www.thehotelsnetwork.com/js/node_modules/animate.css/ Frame 002F 57 KB
5 KB 79ms
79ms Stylesheet
text/css 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/js/node_modules/animate.css/animate.min.css
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 1ed082521f47921ffff14d4ec1c6c3f1ea55114741bee23cc23d4ab6a3213642

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
server: nginx/1.17.5
etag: W/"1dc09d84-e283"
vary: Accept-Encoding, Origin
content-type: text/css
x-iinfo: 9-21441326-21441324 PNNy RT(1613161966934 0) q(0 0 0 -1) r(0 0) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H2 200 powered_by_thn_dark.png
www.thehotelsnetwork.com/img/ Frame 002F 2 KB
3 KB 121ms
119ms Image
image/png 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thehotelsnetwork.com/img/powered_by_thn_dark.png
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 8ea35788f24deb141dd976e3437087a8dfca4b734930a9aa3e6cd033cc658def

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
last-modified: Thu, 04 Feb 2021 18:13:46 GMT
server: nginx/1.17.5
etag: "601c395a-8a9"
vary: Origin
content-type: image/png
x-iinfo: 9-21441332-21441115 PNNN RT(1613161966940 0) q(0 0 0 -1) r(1 1) U5
cache-control: max-age=2592000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 2217
x-cdn: Incapsula
expires: Sun, 14 Mar 2021 20:32:47 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.0.3/ Frame 002F 82 KB
26 KB 17ms
14ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.0.3/jquery.min.js

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.thehotelsnetwork.com
Referer: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1379565
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26454
cf-request-id: 08398b47150000d6d5eb3b8000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14696"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=g0MvbUadStCAM0BPtQU%2B5nHviwJDuxpsq1J1OBeKWBtF%2F8o%2FxnV%2Bk4O1N%2BBvEUwM7BkdhG8RAfOkOY3QP9YRLslyjr7lK%2FgaBRXcX6oX%2FFjS01n24DjwKGrhQw8qhmxhiQ%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 620914b82f7ad6d5-FRA
expires: Wed, 02 Feb 2022 20:32:47 GMT

GET
H2 200 jquery-ui.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.10.3/ Frame 002F 223 KB
50 KB 16ms
13ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

071c69e4b4c2536bf5db0d9dd24c4a6f4bede45e0482daf3709289491dd7c62a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.thehotelsnetwork.com
Referer: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1560544
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51226
cf-request-id: 08398b47150000d6d5daa2f000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-37aee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=SFBAf%2BfyMbwMs6e2nbiX99iSjUmK0%2F9WpspsdV7dBYJdumoCgwTzQCWG0wN0Nu%2BrzoqUD0JVv8y8i5WxxkLMbPVvuxX90e2lhBuOAa70nz94fouvFL0VuDe0pWwGAOQhQQ%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 620914b82f7ed6d5-FRA
expires: Wed, 02 Feb 2022 20:32:47 GMT

GET
H2 200 underscore-min.min.js Show response
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.11.0/ Frame 002F 18 KB
6 KB 15ms
12ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.11.0/underscore-min.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

156bfee744eabb673d4ba08576f87dd2b52e84469dffafc0cd4cd62cc3e49e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.thehotelsnetwork.com
Referer: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4206906
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6322
cf-request-id: 08398b47150000d6d5e584a000000001
timing-allow-origin: *
last-modified: Fri, 28 Aug 2020 22:36:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f4986ff-473a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=lg1awDqa%2BirZYSD2vDrKYXEK6dwh2v0YdsqSPBXYNnXvQlqE1899NTYOdRxtwx9XxHfBfs4RdvX5%2Fi92jIPfhZYfVc%2BK05hmO3ao1BEGoWWMvLzdo49loendwZUd6QIvzA%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 620914b82f80d6d5-FRA
expires: Wed, 02 Feb 2022 20:32:47 GMT

GET
H2 200 utils.js Show response
www.thehotelsnetwork.com/js/ Frame 002F 55 KB
15 KB 82ms
80ms Script
application/javascript 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/js/utils.js
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: fed30dc4b5e541ebaafb3f79656b5b6e099573582621535f8e47c7e8ec4cf92d

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 13:43:23 GMT
server: nginx/1.17.5
etag: W/"602685fb-dbcf"
vary: Accept-Encoding, Origin
content-type: application/javascript
x-iinfo: 9-21441327-21441307 PNNy RT(1613161966936 0) q(0 0 0 -1) r(0 0) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H2 200 php.js Show response
www.thehotelsnetwork.com/js/ Frame 002F 9 KB
3 KB 82ms
79ms Script
application/javascript 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/js/php.js
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 20f4691a0dda462da5185710f46ae05ead50962a7ad9b37a3a5578f4d27b62e2

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 18:13:46 GMT
server: nginx/1.17.5
etag: W/"601c395a-25ac"
vary: Accept-Encoding, Origin
content-type: application/javascript
x-iinfo: 9-21441328-21441304 PNNy RT(1613161966936 0) q(0 0 0 -1) r(0 0) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H2 200 bootstrap.min.js Show response
www.thehotelsnetwork.com/js/libs/ Frame 002F 27 KB
8 KB 105ms
103ms Script
application/javascript 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/js/libs/bootstrap.min.js
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: fc1d94f50dd3822e1e53cb96af4f040d2ad8b5c7b984bae5e84efc7641acfada

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 18:13:46 GMT
server: nginx/1.17.5
etag: W/"601c395a-6cae"
vary: Accept-Encoding, Origin
content-type: application/javascript
x-iinfo: 9-21441329-21441324 PNNy RT(1613161966937 0) q(0 0 0 -1) r(1 1) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H2 200 moment.min.js Show response
www.thehotelsnetwork.com/js/libs/rangepicker/ Frame 002F 33 KB
12 KB 123ms
120ms Script
application/javascript 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/js/libs/rangepicker/moment.min.js
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 4b5dcd8c4de34bf3e2bbbb1499ef55172ca6a8c7124c5aaa04cc6ea48a084b8b

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 18:13:46 GMT
server: nginx/1.17.5
etag: W/"601c395a-857b"
vary: Accept-Encoding, Origin
content-type: application/javascript
x-iinfo: 9-21441330-21441304 PNNy RT(1613161966938 0) q(0 0 0 -1) r(1 1) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H2 200 es6-promise.auto.min.js Show response
cdnjs.cloudflare.com/ajax/libs/es6-promise/4.1.1/ Frame 002F 6 KB
3 KB 20ms
17ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/es6-promise/4.1.1/es6-promise.auto.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

388dcdf7308a69b0e8bf6ad917397c94951709c3fb126b06706a0fe83317402a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.thehotelsnetwork.com
Referer: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1982957
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 2190
cf-request-id: 08398b471a0000d6d5a3207000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:09:56 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03e54-18d1"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=27c1PchSOqMHH9xTTUnYPXH10SQls1WnVJV0N4Kk47RzD0OPEAGBZWPBxjULsbRl6qcFzqPWt%2BA5pbfv6R4Jk51YAspriwpUvfUfei87yM%2FdE%2BxUripB4LY%2BSLubSgklVA%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 620914b82f81d6d5-FRA
expires: Wed, 02 Feb 2022 20:32:47 GMT

GET
H2 200 fetch.umd.js Show response
cdn.jsdelivr.net/npm/whatwg-fetch@3.0.0/dist/ Frame 002F 14 KB
4 KB 9ms
7ms Script
application/javascript 2a04:4e42:3::621
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/whatwg-fetch@3.0.0/dist/fetch.umd.js

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:3::621 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9a0c4301b6e804a7a808eb69694ed08567605811ae9bef1d3f19c88e20bdec92

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.thehotelsnetwork.com
Referer: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
age: 155243
x-cache: HIT
cross-origin-resource-policy: cross-origin
content-length: 3924
etag: W/"39d5-UI75N4tJ00i8iMkuAvRZcklx6l8"
x-served-by: cache-fra19178-FRA
date: Fri, 12 Feb 2021 20:32:47 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 systemjs.min.js Show response
www.thehotelsnetwork.com/widget/core/3.9/dist/modules/ Frame 002F 7 KB
3 KB 122ms
120ms Script
application/javascript 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/widget/core/3.9/dist/modules/systemjs.min.js?h=fb46a3e8ff97d09f
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: ed7f19698ca4d3fb8898052377e05f9c854c04615ae944240a3069fbb4e3b8e0

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 13:38:58 GMT
server: nginx/1.17.5
etag: W/"602684f2-1bb9"
vary: Accept-Encoding, Origin
content-type: application/javascript
x-iinfo: 9-21441331-21441307 PNNy RT(1613161966938 0) q(0 0 0 -1) r(1 1) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H2 200 ionicons.min.css
www.thehotelsnetwork.com/css/ Frame 002F 50 KB
8 KB 139ms
137ms Stylesheet
text/css 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/css/ionicons.min.css
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 18:13:46 GMT
server: nginx/1.17.5
etag: W/"601c395a-c854"
vary: Accept-Encoding, Origin
content-type: text/css
x-iinfo: 9-21441333-21441307 PNNy RT(1613161966940 0) q(0 1 1 -1) r(1 1) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H2 200 jquery-ui.min.css
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.10.3/themes/smoothness/ Frame 002F 26 KB
5 KB 18ms
16ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.10.3/themes/smoothness/jquery-ui.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4007a847abc4399c1a96d516763161315a841de3cfa7760df9523345efc56f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.thehotelsnetwork.com
Referer: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1984425
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4459
cf-request-id: 08398b47160000d6d58ba31000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-693b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=wVwVPgqY19Gm9kVUVJib9kLgF4q%2BGGjA5JbIisRaLlEhZ%2FTtvxiJ01noRVeJqphp01mzlbddL6tOCE2HyNufQAVXiIlWtudImCB3IK8r7xNOs8dN41RzbrjujD4%2BZD5gSw%3D%3D"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 620914b82f84d6d5-FRA
expires: Wed, 02 Feb 2022 20:32:47 GMT

GET
H2 200 slick.css
www.thehotelsnetwork.com/js/libs/slick/ Frame 002F 2 KB
974 B 142ms
140ms Stylesheet
text/css 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/js/libs/slick/slick.css
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 6f173fbde897c4b5e403c91d99bfc6d671efea799450ca3b11c0d1bcce2ddfc1

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 18:13:46 GMT
server: nginx/1.17.5
etag: W/"601c395a-6b6"
vary: Accept-Encoding, Origin
content-type: text/css
x-iinfo: 9-21441334-21441101 PNNN RT(1613161966941 0) q(0 1 1 -1) r(1 1) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H2 200 daterangepicker.css
www.thehotelsnetwork.com/js/libs/rangepicker/ Frame 002F 6 KB
2 KB 159ms
158ms Stylesheet
text/css 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/js/libs/rangepicker/daterangepicker.css
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 628a3678cd1164568c233881fc6e9e065f06d4d5213e2fc367b2d1c6cad14a7e

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 18:13:46 GMT
server: nginx/1.17.5
etag: W/"601c395a-16ca"
vary: Accept-Encoding, Origin
content-type: text/css
x-iinfo: 9-21441335-21441339 PNNy RT(1613161966942 0) q(0 1 1 -1) r(1 1) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H2 200 MuseoSans_300.woff
www.thehotelsnetwork.com/fonts/museo_sans/ Frame 1322 45 KB
46 KB 69ms
69ms Font
application/font-woff 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/fonts/museo_sans/MuseoSans_300.woff
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/css/styles.popup.css?v=1612462426
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 4e6c7a5fb79536b62227fe8e8fef74a4be45e30ff7ef349f18232559ba259f2d

Request headers

Origin: https://www.thehotelsnetwork.com
Referer: https://www.thehotelsnetwork.com/css/styles.popup.css?v=1612462426
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
last-modified: Thu, 04 Feb 2021 18:13:46 GMT
server: nginx/1.17.5
etag: "601c395a-b58c"
vary: Origin
content-type: application/font-woff
access-control-allow-origin: https://www.thehotelsnetwork.com
x-iinfo: 9-21441338-21441303 PNNy RT(1613161967002 0) q(0 0 0 -1) r(0 0) U5
cache-control: max-age=2592000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 46476
x-cdn: Incapsula
expires: Sun, 14 Mar 2021 20:32:47 GMT

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 1322 46 KB
19 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 4060
date: Fri, 12 Feb 2021 19:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 12 Feb 2021 21:25:07 GMT

GET
H/1.1 200
OK 8ff3fe2877c99ff8c507a91cb5b82f92.jpg
s3-eu-west-1.amazonaws.com/thn-hotel-landing-photos/1440_770/ Frame 1322 182 KB
182 KB 207ms
56ms Image
image/jpeg 52.218.112.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/thn-hotel-landing-photos/1440_770/8ff3fe2877c99ff8c507a91cb5b82f92.jpg?t=1613161967
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.112.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 72ef0717a0aee12edaa8137c0bacfebeb0c31b6224632656f795c38b6c25e4dd

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:32:48 GMT
Last-Modified: Mon, 17 Sep 2018 15:28:17 GMT
Server: AmazonS3
x-amz-request-id: 38D3E4402BDCC72A
ETag: "f88df304b30b376d70cfb415e5063fed"
Content-Type: image/jpeg
Accept-Ranges: bytes
Content-Length: 185879
x-amz-id-2: mQ9RMIfA23wQrovmpY1zb+nVuoX1wDDbkQLsNZHOgOflBEQ+8ugMCRlOn//RBzAG5YpOGveg1TM=

GET
H3-Q050 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrcVIT9d0c8.woff
fonts.gstatic.com/s/raleway/v19/ Frame 1322 20 KB
20 KB 7ms
7ms Font
font/woff 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v19/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvaorCIPrcVIT9d0c8.woff

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Raleway

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ce54b04189785e70833abbf94a6b9190378afbab6de6ef04167db6f986b594b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://www.thehotelsnetwork.com
Referer: https://fonts.googleapis.com/css?family=Raleway
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 11 Feb 2021 12:56:45 GMT
x-content-type-options: nosniff
last-modified: Thu, 28 Jan 2021 22:20:54 GMT
server: sffe
age: 113762
content-type: font/woff
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20040
x-xss-protection: 0
expires: Fri, 11 Feb 2022 12:56:45 GMT

GET
H2 200 ionicons.min.css
www.thehotelsnetwork.com/css/ Frame 1322 50 KB
9 KB 57ms
57ms Stylesheet
text/css 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/css/ionicons.min.css
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 18:13:46 GMT
server: nginx/1.17.5
etag: W/"601c395a-c854"
vary: Accept-Encoding, Origin
content-type: text/css
x-iinfo: 9-21441343-21441115 PNNN RT(1613161967036 0) q(0 0 0 -1) r(0 0) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H2 200 MuseoSans_300.woff
www.thehotelsnetwork.com/fonts/museo_sans/ Frame 002F 45 KB
46 KB 58ms
58ms Font
application/font-woff 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/fonts/museo_sans/MuseoSans_300.woff
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/css/styles.popup.css?v=1612462426
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 4e6c7a5fb79536b62227fe8e8fef74a4be45e30ff7ef349f18232559ba259f2d

Request headers

Origin: https://www.thehotelsnetwork.com
Referer: https://www.thehotelsnetwork.com/css/styles.popup.css?v=1612462426
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
last-modified: Thu, 04 Feb 2021 18:13:46 GMT
server: nginx/1.17.5
etag: "601c395a-b58c"
vary: Origin
content-type: application/font-woff
access-control-allow-origin: https://www.thehotelsnetwork.com
x-iinfo: 9-21441346-21441115 PNNN RT(1613161967064 0) q(0 0 0 -1) r(0 0) U5
cache-control: max-age=2592000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 46476
x-cdn: Incapsula
expires: Sun, 14 Mar 2021 20:32:47 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ Frame 1322 4 B
74 B 13ms
13ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&aip=1&a=815582767&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thehotelsnetwork.com%2Fhotel-exit-widget%3Fhotel_id%3D1089357%26property_id%3D1013843%26page_id%3D1035990%26page_name%3DIndex%26lang%3Den%26fingerprint%3Dd019acdaba939864138ca994757b37c9%26visit_date%3D1613161966%26token%3D%252FSLqGy2JRtKn8xcEIIsEqw%253D%253D%26type%3Dcustom%26exit_popup_id%3D1070477%26link_callback%3D0%26browser%3DChrome%26logged%3D0%26source_url%3Dhttps%253A%252F%252Fwww.tmp.kuredu.com%252F%253Farrive%253D2021-02-12%2526depart%253D2021-02-13%2526adult%253D2%2526start%253Davailresults&dr=https%3A%2F%2Fwww.tmp.kuredu.com%2F&ul=en-us&de=UTF-8&dt=The%20Hotels%20Network%20%E2%80%93%20Get%20More%20Direct%20Bookings%20for%20Your%20Hotel&sd=24-bit&sr=1600x1200&vp=&je=0&_u=YEBAAEABAAAAAC~&jid=1180309943&gjid=92578534&cid=237693307.1613161968&tid=UA-62725679-1&_gid=701394602.1613161968&_r=1&_slc=1&z=2030823473

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thehotelsnetwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 /
www.facebook.com/tr/ 0
31 B 6ms
6ms Other
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/tr/

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: multipart/form-data; boundary=----WebKitFormBoundaryYyE4VMkZ6F4LhXav

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
server: proxygen-bolt
date: Fri, 12 Feb 2021 20:32:47 GMT
content-type: text/plain
access-control-allow-origin: https://www.tmp.kuredu.com
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
content-length: 0

GET
H3-Q050 200 analytics.js Show response
www.google-analytics.com/ Frame 002F 46 KB
18 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 4060
date: Fri, 12 Feb 2021 19:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 12 Feb 2021 21:25:07 GMT

GET
H2 200 notificationfx.min.js Show response
www.thehotelsnetwork.com/widget/core/3.9/dist/modules/ Frame 002F 404 KB
135 KB 87ms
86ms Script
application/javascript 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/widget/core/3.9/dist/modules/notificationfx.min.js?h=ca22296f478b35c3
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/3.9/dist/modules/systemjs.min.js?h=fb46a3e8ff97d09f
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 9bc72da4ed73ff244bb57567fc3c93bf06214fb36e24402299d4c3c911e74a5b

Request headers

Origin: https://www.thehotelsnetwork.com
Referer: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 13:38:58 GMT
server: nginx/1.17.5
etag: W/"602684f2-6516a"
vary: Accept-Encoding, Origin
content-type: application/javascript
access-control-allow-origin: https://www.thehotelsnetwork.com
x-iinfo: 9-21441348-21441339 PNNy RT(1613161967091 0) q(0 0 0 -1) r(1 1) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H/1.1 200
OK 65037348024c30ef677c727c80e6a2c6_en.png
s3-eu-west-1.amazonaws.com/popups-photos/welcome/full_img/1440_820/ Frame 002F 767 KB
768 KB 213ms
63ms Image
image/png 52.218.112.67
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://s3-eu-west-1.amazonaws.com/popups-photos/welcome/full_img/1440_820/65037348024c30ef677c727c80e6a2c6_en.png?t=1613161967
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.218.112.67 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 1a61842191f002e606518ef8b880c54be0bcc2ee4f65a332b403ec642c06fa20

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:32:48 GMT
Last-Modified: Wed, 13 Jan 2021 04:35:55 GMT
Server: AmazonS3
x-amz-request-id: E6BAFFBFA47AAB54
ETag: "874a516bd405f206578ac661fc32e61f"
Content-Type: image/png
Accept-Ranges: bytes
Content-Length: 785865
x-amz-id-2: Jz/FL1FwWXjfWcca8C69Cw0Kg3jmIX034XJOuo6DFLB9g+QkYmU3M//ImQFbzN3k1EXlNYYagLA=

GET
H2 200 daterangepicker.css
www.thehotelsnetwork.com/js/libs/rangepicker/ Frame 1322 6 KB
2 KB 59ms
59ms Stylesheet
text/css 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/js/libs/rangepicker/daterangepicker.css
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 628a3678cd1164568c233881fc6e9e065f06d4d5213e2fc367b2d1c6cad14a7e

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 18:13:46 GMT
server: nginx/1.17.5
etag: W/"601c395a-16ca"
vary: Accept-Encoding, Origin
content-type: text/css
x-iinfo: 9-21441349-21441307 PNNy RT(1613161967093 0) q(0 0 0 -1) r(1 1) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H2 200 ionicons.min.css
www.thehotelsnetwork.com/css/ Frame 002F 50 KB
8 KB 62ms
61ms Stylesheet
text/css 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/css/ionicons.min.css
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 18:13:46 GMT
server: nginx/1.17.5
etag: W/"601c395a-c854"
vary: Accept-Encoding, Origin
content-type: text/css
x-iinfo: 9-21441350-21441303 PNNy RT(1613161967096 0) q(0 0 0 -1) r(1 1) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

POST
H3-Q050 200 collect Show response
stats.g.doubleclick.net/j/ Frame 1322 4 B
75 B 15ms
15ms XHR
text/plain 2a00:1450:400c:c04::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-62725679-1&cid=237693307.1613161968&jid=1180309943&gjid=92578534&_gid=701394602.1613161968&_u=YEBAAEAAAAAAAC~&z=1027629821

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 12 Feb 2021 20:32:47 GMT
content-type: text/plain
access-control-allow-origin: https://www.thehotelsnetwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 styles.reviews.css
www.thehotelsnetwork.com/css/ Frame BD94 69 KB
9 KB 80ms
80ms Stylesheet
text/css 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/css/styles.reviews.css?v=1612462426
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 39bc7425c5edbe2f886156f9bdee2a578fdabdcfe04accce9ad63911aa31e05c

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 18:13:46 GMT
server: nginx/1.17.5
etag: W/"601c395a-11489"
vary: Accept-Encoding, Origin
content-type: text/css
x-iinfo: 9-21441351-21441324 PNNy RT(1613161967102 0) q(0 0 0 -1) r(0 0) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H2 200 powered_by_thn.png
www.thehotelsnetwork.com/img/ Frame BD94 2 KB
2 KB 56ms
55ms Image
image/png 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thehotelsnetwork.com/img/powered_by_thn.png
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: f25368bce4de6aeb2b4491ee41ec963bd2658c1fed05fe2994fb8e4f35d1af97

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
last-modified: Thu, 04 Feb 2021 18:13:46 GMT
server: nginx/1.17.5
etag: "601c395a-7f2"
vary: Origin
content-type: image/png
x-iinfo: 9-21441352-21441136 PNNN RT(1613161967103 0) q(0 0 0 -1) r(0 0) U5
cache-control: max-age=2592000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 2034
x-cdn: Incapsula
expires: Sun, 14 Mar 2021 20:32:47 GMT

GET
H2 200 jquery.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery/2.0.3/ Frame BD94 82 KB
26 KB 15ms
12ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery/2.0.3/jquery.min.js

Requested by

Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.thehotelsnetwork.com
Referer: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1379565
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 26454
cf-request-id: 08398b47bc0000d6d5ab886000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-14696"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=Ag%2Bm3w3I7iy99RNuazpPid3%2FtE0dNVcgDWQltBmIrnq3qCjUmEqqP6iyzZ39D16708MtfQCGg85ie1ECxmmX%2BVGnLcs8qsd5HP3pDF1LjLG0WV102CW%2BgUYcZ9ZA8KvvMw%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 620914b92996d6d5-FRA
expires: Wed, 02 Feb 2022 20:32:47 GMT

GET
H2 200 jquery-ui.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.10.3/ Frame BD94 223 KB
50 KB 20ms
18ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.10.3/jquery-ui.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

071c69e4b4c2536bf5db0d9dd24c4a6f4bede45e0482daf3709289491dd7c62a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.thehotelsnetwork.com
Referer: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1560544
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 51226
cf-request-id: 08398b47bd0000d6d5e5858000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-37aee"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=fUjkJTMBDb4%2FlgXj4sxz%2BncKBxlTDl8cOkRV6iPvt5HZYfAADbn%2F6pTbxnJPKTUAy6wKNLyqF8t30ebErkhcK0u%2F5FXt3xQREbxN4t3DsYstz4gSVuI0OkDHpgn%2BX422uw%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 620914b92998d6d5-FRA
expires: Wed, 02 Feb 2022 20:32:47 GMT

GET
H2 200 underscore-min.min.js Show response
cdnjs.cloudflare.com/ajax/libs/underscore.js/1.11.0/ Frame BD94 18 KB
7 KB 19ms
17ms Script
application/javascript 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/underscore.js/1.11.0/underscore-min.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

156bfee744eabb673d4ba08576f87dd2b52e84469dffafc0cd4cd62cc3e49e64

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.thehotelsnetwork.com
Referer: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 4206906
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 6322
cf-request-id: 08398b47bd0000d6d5b327a000000001
timing-allow-origin: *
last-modified: Fri, 28 Aug 2020 22:36:47 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5f4986ff-473a"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=P9sqq0nvratPsckUqjFrVcz9HW54DC5LNG7Bzl4qsy6YPuTjO9l1p1jmJ1n%2BiB0mQpAEn%2F1Ns9Qcz8mU9x7XiGpYSxuO%2Faqyje54wRWAJpAb1bAcBUx%2Bh44qqywTDPAuzA%3D%3D"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 620914b9299bd6d5-FRA
expires: Wed, 02 Feb 2022 20:32:47 GMT

GET
H2 200 utils.js Show response
www.thehotelsnetwork.com/js/ Frame BD94 55 KB
15 KB 84ms
81ms Script
application/javascript 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/js/utils.js
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: fed30dc4b5e541ebaafb3f79656b5b6e099573582621535f8e47c7e8ec4cf92d

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Fri, 12 Feb 2021 13:40:47 GMT
server: nginx/1.17.5
etag: W/"6026855f-dbcf"
vary: Accept-Encoding, Origin
content-type: application/javascript
x-iinfo: 9-21441355-21441303 PNNy RT(1613161967106 0) q(0 0 0 -1) r(0 0) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H2 200 php.js Show response
www.thehotelsnetwork.com/js/ Frame BD94 9 KB
3 KB 79ms
77ms Script
application/javascript 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/js/php.js
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 20f4691a0dda462da5185710f46ae05ead50962a7ad9b37a3a5578f4d27b62e2

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 18:13:46 GMT
server: nginx/1.17.5
etag: W/"601c395a-25ac"
vary: Accept-Encoding, Origin
content-type: application/javascript
x-iinfo: 9-21441356-21441136 PNNN RT(1613161967107 0) q(0 0 0 -1) r(0 0) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H2 200 bootstrap.min.js Show response
www.thehotelsnetwork.com/js/libs/ Frame BD94 27 KB
8 KB 98ms
96ms Script
application/javascript 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/js/libs/bootstrap.min.js
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: fc1d94f50dd3822e1e53cb96af4f040d2ad8b5c7b984bae5e84efc7641acfada

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 18:13:46 GMT
server: nginx/1.17.5
etag: W/"601c395a-6cae"
vary: Accept-Encoding, Origin
content-type: application/javascript
x-iinfo: 9-21441357-21441101 PNNN RT(1613161967108 0) q(0 0 0 -1) r(0 0) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H2 200 moment.min.js Show response
www.thehotelsnetwork.com/js/libs/rangepicker/ Frame BD94 33 KB
12 KB 112ms
110ms Script
application/javascript 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/js/libs/rangepicker/moment.min.js
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 4b5dcd8c4de34bf3e2bbbb1499ef55172ca6a8c7124c5aaa04cc6ea48a084b8b

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 18:13:46 GMT
server: nginx/1.17.5
etag: W/"601c395a-857b"
vary: Accept-Encoding, Origin
content-type: application/javascript
x-iinfo: 9-21441358-21441324 PNNy RT(1613161967109 0) q(0 0 0 -1) r(0 0) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H2 200 _Incapsula_Resource Show response
www.thehotelsnetwork.com/ Frame BD94 140 KB
20 KB 42ms
40ms Script
application/javascript 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=16&cb=1974089566
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: cfdbc5777285189566eb2614dce381a1fc5500be59b887afc2c9e05f570d91c8

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 20390
content-type: application/javascript

GET
H2 200 ionicons.min.css
www.thehotelsnetwork.com/css/ Frame BD94 50 KB
8 KB 113ms
111ms Stylesheet
text/css 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/css/ionicons.min.css
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 18:13:46 GMT
server: nginx/1.17.5
etag: W/"601c395a-c854"
vary: Accept-Encoding, Origin
content-type: text/css
x-iinfo: 9-21441353-21441136 PNNN RT(1613161967105 0) q(0 0 0 -1) r(0 0) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H2 200 jquery-ui.min.css
cdnjs.cloudflare.com/ajax/libs/jqueryui/1.10.3/themes/smoothness/ Frame BD94 26 KB
5 KB 16ms
14ms Stylesheet
text/css 2606:4700::6810:125e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jqueryui/1.10.3/themes/smoothness/jquery-ui.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:125e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f4007a847abc4399c1a96d516763161315a841de3cfa7760df9523345efc56f3

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

Origin: https://www.thehotelsnetwork.com
Referer: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"report_to":"cf-nel","max_age":604800}
age: 1984425
cross-origin-resource-policy: cross-origin
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 4459
cf-request-id: 08398b47bd0000d6d5c7287000000001
timing-allow-origin: *
last-modified: Mon, 04 May 2020 16:11:48 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec4-693b"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15780000
report-to: {"max_age":604800,"group":"cf-nel","endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report?s=D%2FMAP6aCNfzbFf3pqIWRjVR1AlHSyEkUjRroJ0%2By6b8KGqdUOvSyEMYAAczOfGxW69FOK0jSYggxXgmh6B4b%2Fr5%2BY6QSBBhkvhmiZC4U9RYD9CpE06PBczjVA5wNWnLwTw%3D%3D"}]}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
vary: Accept-Encoding
cache-control: public, max-age=30672000
accept-ranges: bytes
cf-ray: 620914b9299dd6d5-FRA
expires: Wed, 02 Feb 2022 20:32:47 GMT

GET
H2 200 slick.css
www.thehotelsnetwork.com/js/libs/slick/ Frame BD94 2 KB
965 B 131ms
129ms Stylesheet
text/css 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/js/libs/slick/slick.css
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 6f173fbde897c4b5e403c91d99bfc6d671efea799450ca3b11c0d1bcce2ddfc1

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 18:13:46 GMT
server: nginx/1.17.5
etag: W/"601c395a-6b6"
vary: Accept-Encoding, Origin
content-type: text/css
x-iinfo: 9-21441362-21441324 PNNy RT(1613161967120 0) q(0 0 0 -1) r(1 1) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H2 200 daterangepicker.css
www.thehotelsnetwork.com/js/libs/rangepicker/ Frame BD94 6 KB
2 KB 113ms
112ms Stylesheet
text/css 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/js/libs/rangepicker/daterangepicker.css
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 628a3678cd1164568c233881fc6e9e065f06d4d5213e2fc367b2d1c6cad14a7e

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 18:13:46 GMT
server: nginx/1.17.5
etag: W/"601c395a-16ca"
vary: Accept-Encoding, Origin
content-type: text/css
x-iinfo: 9-21441354-21441304 PNNy RT(1613161967106 0) q(0 0 0 -1) r(0 0) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H2 200 daterangepicker.css
www.thehotelsnetwork.com/js/libs/rangepicker/ Frame 002F 6 KB
2 KB 70ms
69ms Stylesheet
text/css 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/js/libs/rangepicker/daterangepicker.css
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 628a3678cd1164568c233881fc6e9e065f06d4d5213e2fc367b2d1c6cad14a7e

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: gzip
last-modified: Thu, 04 Feb 2021 18:13:46 GMT
server: nginx/1.17.5
etag: W/"601c395a-16ca"
vary: Accept-Encoding, Origin
content-type: text/css
x-iinfo: 9-21441360-21441101 PNNN RT(1613161967117 0) q(0 0 0 -1) r(0 0) U5
cache-control: max-age=31536000, public
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Sat, 12 Feb 2022 20:32:47 GMT

GET
H2 200 ionicons.ttf
www.thehotelsnetwork.com/fonts/ Frame 1322 184 KB
185 KB 72ms
72ms Font
application/octet-stream 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/fonts/ionicons.ttf?v=2.0.0
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/css/ionicons.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9

Request headers

Origin: https://www.thehotelsnetwork.com
Referer: https://www.thehotelsnetwork.com/css/ionicons.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
last-modified: Thu, 04 Feb 2021 18:13:46 GMT
server: nginx/1.17.5
etag: "601c395a-2e05c"
vary: Origin
content-type: application/octet-stream
access-control-allow-origin: https://www.thehotelsnetwork.com
x-iinfo: 9-21441363-21441307 PNNy RT(1613161967121 0) q(0 0 0 -1) r(0 0) U5
cache-control: max-age=2592000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 188508
x-cdn: Incapsula
expires: Sun, 14 Mar 2021 20:32:47 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ Frame 002F 2 B
27 B 13ms
12ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&aip=1&a=1430851109&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thehotelsnetwork.com%2Fhotel-layer%3Fproperty_id%3D1013843%26hotel_id%3D1089357%26page_id%3D1035990%26page_name%3DIndex%26type%3D%26welcome_popup_id%3D1074576%26lang%3Den%26currency%3DEUR%26source%3D%26source_url%3Dhttps%253A%252F%252Fwww.tmp.kuredu.com%252F%253Farrive%253D2021-02-12%2526depart%253D2021-02-13%2526adult%253D2%2526start%253Davailresults%26link_callback%3D0%26browser%3DChrome%26token%3D%252FSLqGy2JRtKn8xcEIIsEqw%253D%253D%26mirror_rtl_lang%3D1%26fingerprint%3Dd019acdaba939864138ca994757b37c9%26logged%3D0&dr=https%3A%2F%2Fwww.tmp.kuredu.com%2F&ul=en-us&de=UTF-8&dt=The%20Hotels%20Network%20%E2%80%93%20Get%20More%20Direct%20Bookings%20for%20Your%20Hotel&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=QACAAEABAAAAAC~&jid=&gjid=&cid=237693307.1613161968&tid=UA-62725679-1&_gid=701394602.1613161968&_slc=1&z=1499477470

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-layer?property_id=1013843&hotel_id=1089357&page_id=1035990&page_name=Index&type=&welcome_popup_id=1074576&lang=en&currency=EUR&source=&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults&link_callback=0&browser=Chrome&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&mirror_rtl_lang=1&fingerprint=d019acdaba939864138ca994757b37c9&logged=0
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thehotelsnetwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.com/ads/ Frame 1322 42 B
65 B 29ms
29ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-62725679-1&cid=237693307.1613161968&jid=1180309943&_u=YEBAAEAAAAAAAC~&z=1530772423

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 ga-audiences
www.google.de/ads/ Frame 1322 42 B
65 B 29ms
29ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-62725679-1&cid=237693307.1613161968&jid=1180309943&_u=YEBAAEAAAAAAAC~&z=1530772423

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-exit-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&page_name=Index&lang=en&fingerprint=d019acdaba939864138ca994757b37c9&visit_date=1613161966&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D&type=custom&exit_popup_id=1070477&link_callback=0&browser=Chrome&logged=0&source_url=https%3A%2F%2Fwww.tmp.kuredu.com%2F%3Farrive%3D2021-02-12%26depart%3D2021-02-13%26adult%3D2%26start%3Davailresults
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ionicons.ttf
www.thehotelsnetwork.com/fonts/ Frame 002F 184 KB
185 KB 58ms
58ms Font
application/octet-stream 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/fonts/ionicons.ttf?v=2.0.0
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/css/ionicons.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9

Request headers

Origin: https://www.thehotelsnetwork.com
Referer: https://www.thehotelsnetwork.com/css/ionicons.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
last-modified: Thu, 04 Feb 2021 18:13:46 GMT
server: nginx/1.17.5
etag: "601c395a-2e05c"
vary: Origin
content-type: application/octet-stream
access-control-allow-origin: https://www.thehotelsnetwork.com
x-iinfo: 9-21441369-21441101 PNNN RT(1613161967174 0) q(0 0 0 -1) r(1 1) U5
cache-control: max-age=2592000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 188508
x-cdn: Incapsula
expires: Sun, 14 Mar 2021 20:32:47 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ Frame BD94 46 KB
18 KB 5ms
5ms Script
text/javascript 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 03:00:57 GMT
server: Golfe2
age: 4060
date: Fri, 12 Feb 2021 19:25:07 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18817
expires: Fri, 12 Feb 2021 21:25:07 GMT

GET
H2 200 _Incapsula_Resource
www.thehotelsnetwork.com/ Frame BD94 1 B
260 B 31ms
31ms Image
text/plain 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.thehotelsnetwork.com/_Incapsula_Resource?SWKMTFSR=1&e=0.6471006708064777
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

cache-control: no-cache, no-store
x-robots-tag: noindex
content-length: 1
content-type: text/plain

GET
H2 200 ionicons.ttf
www.thehotelsnetwork.com/fonts/ Frame BD94 184 KB
185 KB 58ms
58ms Font
application/octet-stream 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/fonts/ionicons.ttf?v=2.0.0
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/css/ionicons.min.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 /
Resource Hash: 2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9

Request headers

Origin: https://www.thehotelsnetwork.com
Referer: https://www.thehotelsnetwork.com/css/ionicons.min.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
last-modified: Thu, 04 Feb 2021 18:13:46 GMT
server: nginx/1.17.5
etag: "601c395a-2e05c"
vary: Origin
content-type: application/octet-stream
access-control-allow-origin: https://www.thehotelsnetwork.com
x-iinfo: 9-21441377-21441324 PNNy RT(1613161967280 0) q(0 0 0 -1) r(1 1) U5
cache-control: max-age=2592000, public
access-control-allow-credentials: true
accept-ranges: bytes
content-length: 188508
x-cdn: Incapsula
expires: Sun, 14 Mar 2021 20:32:47 GMT

POST
H3-Q050 200 collect Show response
www.google-analytics.com/j/ Frame BD94 4 B
27 B 13ms
13ms XHR
text/plain 2a00:1450:4001:800::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j87&aip=1&a=1559626356&t=pageview&_s=1&dl=https%3A%2F%2Fwww.thehotelsnetwork.com%2Fhotel-review-monitor-widget%3Fhotel_id%3D1089357%26property_id%3D1013843%26page_id%3D1035990%26lang%3Den%26mobile%3D0%26tablet%3D0%26token%3D%252FSLqGy2JRtKn8xcEIIsEqw%253D%253D&dr=https%3A%2F%2Fwww.tmp.kuredu.com%2F&ul=en-us&de=UTF-8&dt=The%20Hotels%20Network&sd=24-bit&sr=1600x1200&vp=300x150&je=0&_u=YEBAAEABAAAAAC~&jid=672882849&gjid=31151338&cid=1175984287.1613161968&tid=UA-62725679-1&_gid=546103107.1613161968&_r=1&_slc=1&z=572932811

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:47 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.thehotelsnetwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ Frame BD94 4 B
94 B 16ms
16ms XHR
text/plain 2a00:1450:400c:c04::9b
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j87&tid=UA-62725679-1&cid=1175984287.1613161968&jid=672882849&gjid=31151338&_gid=546103107.1613161968&_u=YEBAAEAAAAAAAC~&z=33181776

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c04::9b Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
date: Fri, 12 Feb 2021 20:32:47 GMT
content-type: text/plain
access-control-allow-origin: https://www.thehotelsnetwork.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ Frame BD94 42 B
107 B 33ms
32ms Image
image/gif 2a00:1450:4001:827::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-62725679-1&cid=1175984287.1613161968&jid=672882849&_u=YEBAAEAAAAAAAC~&z=1357764769

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ Frame BD94 42 B
107 B 30ms
30ms Image
image/gif 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j87&tid=UA-62725679-1&cid=1175984287.1613161968&jid=672882849&_u=YEBAAEAAAAAAAC~&z=1357764769

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.thehotelsnetwork.com/hotel-review-monitor-widget?hotel_id=1089357&property_id=1013843&page_id=1035990&lang=en&mobile=0&tablet=0&token=%2FSLqGy2JRtKn8xcEIIsEqw%3D%3D
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:47 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 default.js Show response
onboard.triptease.io/integrations/v3844.35532/ 111 KB
32 KB 46ms
31ms Script
application/javascript 2606:4700:10::ac43:2653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/integrations/v3844.35532/default.js

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01D1T6RBS9BAJFX5M0ZK2SEZ6C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2653 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

19fc0261a1412029e7fbb7cfe3ab1831714b80e165141c246a0c15609d5e1fe7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Origin: https://www.tmp.kuredu.com
Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:47 GMT
content-encoding: br
vary: Accept-Encoding
cf-cache-status: HIT
x-goog-meta-git-hash: bf7facd019bbf8d578c4cd9c2467b90141cdd71e
age: 4940
x-guploader-uploadid: ABg5-UwYgzES91huVCi9bAtSPIQaVh5Q1AIOpBijmvT0i87UI__orar1NCcQjl3laqHYiG2vIHliMqSJPJKnM1BIhSw
x-goog-storage-class: MULTI_REGIONAL
x-goog-metageneration: 1
x-goog-stored-content-encoding: identity
x-goog-meta-build-version: 3844.35532
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08398b48e200004a7340248000000001
cf-ray: 620914bb0aa84a73-FRA
last-modified: Fri, 12 Feb 2021 12:50:04 GMT
server: cloudflare
etag: W/"8f45b163f841e6649e2b84cda1fb3700"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
strict-transport-security: max-age=15552000
x-goog-hash: crc32c=8jxxSQ==, md5=j0WxY/hB5mSeK4TNofs3AA==
x-goog-generation: 1613134204178017
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, max-age=31536000
x-goog-stored-content-length: 114146
content-type: application/javascript; charset=utf-8
expires: Sat, 12 Feb 2022 18:55:42 GMT

GET
H2 200 bootstrap-message-engine.js Show response
static.triptease.io/message-porter/dist/ 133 KB
42 KB 91ms
21ms Script
application/javascript 151.101.193.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.triptease.io/message-porter/dist/bootstrap-message-engine.js

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01D1T6RBS9BAJFX5M0ZK2SEZ6C

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.182 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

f3f862559d0bdb30c5c1332060e56479726ab5555cd143b01f7f017aac9bf574

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

Origin: https://www.tmp.kuredu.com
Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-encoding: gzip
vary: Accept-Encoding
age: 561
x-guploader-uploadid: ABg5-Uw8pUWonyoUWW84DOFleV5AFoZv7hzsjFCpKPmNsUEJHSCrgkBrD9udWoPs1241b4fpoTup-QcZ6aqxRLVWAJ0Hzy9IvQ
x-goog-stored-content-encoding: identity
x-served-by: cache-cph20639-CPH
x-timer: S1613161968.078607,VS0,VE0
etag: "c14eedeeec3bf835bf70377f337a6f55"
pseudo-session-id: 90bb26882a02defb7e930f023763018c731a6ee071109a809f051b2e937c446e
x-goog-generation: 1612350376674054
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
cache-control: public, Surrogate-Control=86400, max-age=600
x-cache-hits: 6
date: Fri, 12 Feb 2021 20:32:48 GMT
via: 1.1 varnish
x-goog-meta-goog-reserved-file-mtime: 1612350040
x-cache: HIT
x-goog-storage-class: STANDARD
backend-url: /message-porter/dist/bootstrap-message-engine.js
x-goog-metageneration: 2
content-length: 41984
last-modified: Wed, 03 Feb 2021 11:06:16 GMT
server: UploadServer
strict-transport-security: max-age=31557600
x-goog-hash: crc32c=ORWrsw==, md5=wU7t7uw7+DW/cDd/M3pvVQ==
pseudo-device-id: c7981dae9c49bc05b2fa76282b8a794bd1de8bcf34bbc6563c391311aecbdc38
expires: Thu, 11 Feb 2021 01:11:44 GMT
x-goog-stored-content-length: 136137
surrogate-key-debug: message-porter message-porter-bootstrap-message-engine message-porter-js
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 main.js Show response
static-meta.triptease.io/client/ 50 KB
16 KB 126ms
32ms Script
text/plain 151.101.113.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-meta.triptease.io/client/main.js
Requested by: Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01D1T6RBS9BAJFX5M0ZK2SEZ6C
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.182 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 562c564811d314df2909abe92bb378220b78fd21b61f21dca30cfb2ac36431fa

Request headers

Origin: https://www.tmp.kuredu.com
Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:48 GMT
content-encoding: gzip
age: 105
x-envoy-upstream-healthchecked-cluster: client.management
x-cache: HIT
x-envoy-upstream-service-time: 2
content-length: 15674
x-served-by: cache-hhn4068-HHN
access-control-allow-origin: *
server: istio-envoy
x-timer: S1613161968.107849,VS0,VE1
vary: Origin, Accept-Encoding
content-type: text/plain; charset=utf-8
via: 1.1 google, 1.1 varnish
cache-control: max-age=3600,stale-while-revalidate=1800
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1 200
OK application.js Show response
b.triptease.io/ 3 KB
3 KB 97ms
27ms Script
application/javascript 151.101.65.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://b.triptease.io/application.js
Requested by: Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01D1T6RBS9BAJFX5M0ZK2SEZ6C
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 31fe2771abb1c8ba1821942d2b65e28eb65f8b6bec7d63bd8fb1a65c5dd7901a

Request headers

Origin: https://www.tmp.kuredu.com
Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:32:48 GMT
Via: 1.1 google, 1.1 varnish
Age: 3072
X-Served-By: cache-cph20621-CPH
X-Cache: HIT
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=60
Connection: keep-alive
Accept-Ranges: bytes
X-Timer: S1613161968.083536,VS0,VE0
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, session-token
Content-Length: 2883
X-Cache-Hits: 13

GET
H2 200 11905f281240e11c010d5ad195f1333929279936 Show response
static-meta.triptease.io/client/bundle-data/ 323 B
346 B 40ms
39ms Fetch
application/json 151.101.113.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-meta.triptease.io/client/bundle-data/11905f281240e11c010d5ad195f1333929279936
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/3.9/dist/main/index.min.js?h=fdb0448640f4e619
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.182 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 5023cc8260c96d9d7d40b4367cfebf97b7b77c61e4bc00eaf2527f958c2e1421

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:48 GMT
content-encoding: gzip
age: 104
x-cache: HIT
x-envoy-upstream-service-time: 803
content-length: 253
x-served-by: cache-hhn4068-HHN
access-control-allow-origin: *
server: istio-envoy
x-timer: S1613161968.175518,VS0,VE1
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
via: 1.1 google, 1.1 varnish
cache-control: max-age=3600,stale-while-revalidate=1800
accept-ranges: bytes
x-cache-hits: 1

GET
H/1.1 200
OK / Show response
b.triptease.io/ Frame AF38 3 KB
3 KB 244ms
191ms Document
text/html 151.101.65.62
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://b.triptease.io/?apikey=11905f281240e11c010d5ad195f1333929279936&bucket=1&conversion=false&clicked=false&searched=false&tripteaseUserId=ef52dbc7-fa22-4af9-bb5c-78de91410b9b
Requested by: Host: b.triptease.io
URL: https://b.triptease.io/application.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: 021709995223ef4c461cf02de5d139ed59c1a23c46569d398320c30ada39ae3f

Request headers

Host: b.triptease.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://www.tmp.kuredu.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tmp.kuredu.com/

Response headers

Connection: keep-alive
cache-control: private, no-store
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, session-token
Via: 1.1 google, 1.1 varnish
Accept-Ranges: bytes
Date: Fri, 12 Feb 2021 20:32:48 GMT
X-Served-By: cache-cph20636-CPH
X-Cache: MISS
X-Cache-Hits: 0
X-Timer: S1613161968.228399,VS0,VE165
transfer-encoding: chunked

GET
H2 200 11905f281240e11c010d5ad195f1333929279936 Show response
static-meta.triptease.io/client/bundle-data/ 323 B
318 B 38ms
37ms Fetch
application/json 151.101.113.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://static-meta.triptease.io/client/bundle-data/11905f281240e11c010d5ad195f1333929279936
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/3.9/dist/main/index.min.js?h=fdb0448640f4e619
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.113.182 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: istio-envoy /
Resource Hash: 5023cc8260c96d9d7d40b4367cfebf97b7b77c61e4bc00eaf2527f958c2e1421

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:48 GMT
content-encoding: gzip
age: 104
x-cache: HIT
x-envoy-upstream-service-time: 803
content-length: 253
x-served-by: cache-hhn4068-HHN
access-control-allow-origin: *
server: istio-envoy
x-timer: S1613161968.182988,VS0,VE0
vary: Origin, Accept-Encoding
content-type: application/json; charset=utf-8
via: 1.1 google, 1.1 varnish
cache-control: max-age=3600,stale-while-revalidate=1800
accept-ranges: bytes
x-cache-hits: 2

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 19ms
18ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-647615377

Requested by

Host: static-meta.triptease.io
URL: https://static-meta.triptease.io/client/main.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4c5e7cd403fb7cd79681594e687ae48d0c70272ba1d4028f90b99113b01f4df9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39135
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 20:08:04 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Feb 2021 20:32:48 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 97 KB
38 KB 21ms
21ms Script
application/javascript 2a00:1450:4001:809::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-647615377&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-772268528

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

cf258bcf3f345a9c4f4fd24a9f0e0ba5e6b225789e1eebf148efb732ff523750

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:48 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39106
x-xss-protection: 0
last-modified: Fri, 12 Feb 2021 20:08:04 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 12 Feb 2021 20:32:48 GMT

GET
H2 200 conversion_async.js Show response
www.googleadservices.com/pagead/ 30 KB
12 KB 65ms
65ms Script
text/javascript 142.250.185.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleadservices.com/pagead/conversion_async.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-647615377

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s51-in-f2.1e100.net

Software

cafe /

Resource Hash

c70c76846a8e9bf632e225948393882141c6ddb3ebab4ce1be1aa5deda981de3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 12205
x-xss-protection: 0
server: cafe
etag: 14286597169266950975
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Fri, 12 Feb 2021 20:32:48 GMT

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/647615377/ 2 KB
1 KB 30ms
30ms Script
text/javascript 2a00:1450:4001:813::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/647615377/?random=1613161968308&cv=9&fst=1613161968308&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa230&sendb=1&ig=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tmp.kuredu.com%2F&tiba=Maldives%20Resorts%20-%20Kuredu%20is%20a%20top%20rated%20and%20popular%20resort&hn=www.googleadservices.com&async=1&rfmt=3&fmt=4

Requested by

Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion_async.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9be1ec9191b7cd2ec5d19d87c0fc5526b5c05fcc58ce54c85401a6401b8111a0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 1050
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.com/pagead/1p-user-list/647615377/ 42 B
89 B 23ms
22ms Image
image/gif 2a00:1450:4001:82b::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/647615377/?random=1613161968308&cv=9&fst=1613160000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa230&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tmp.kuredu.com%2F&tiba=Maldives%20Resorts%20-%20Kuredu%20is%20a%20top%20rated%20and%20popular%20resort&async=1&fmt=3&is_vtc=1&random=2804888891&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 /
www.google.de/pagead/1p-user-list/647615377/ 42 B
89 B 20ms
19ms Image
image/gif 2a00:1450:4001:80f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/647615377/?random=1613161968308&cv=9&fst=1613160000000&num=1&bg=ffffff&guid=ON&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=60&u_java=false&u_nplug=0&u_nmime=0&gtm=2oa230&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fwww.tmp.kuredu.com%2F&tiba=Maldives%20Resorts%20-%20Kuredu%20is%20a%20top%20rated%20and%20popular%20resort&async=1&fmt=3&is_vtc=1&random=2804888891&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:48 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

associate-segment
segment.prod.bidr.io/ Frame AF38
Redirect Chain

https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-138&value=
https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-138&value=&_bee_ppp=1

43 B
793 B

52ms
51ms

Image
image/gif

52.209.184.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-138&value=&_bee_ppp=1

Requested by

Host: b.triptease.io
URL: https://b.triptease.io/?apikey=11905f281240e11c010d5ad195f1333929279936&bucket=1&conversion=false&clicked=false&searched=false&tripteaseUserId=ef52dbc7-fa22-4af9-bb5c-78de91410b9b

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.184.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://b.triptease.io/?apikey=11905f281240e11c010d5ad195f1333929279936&bucket=1&conversion=false&clicked=false&searched=false&tripteaseUserId=ef52dbc7-fa22-4af9-bb5c-78de91410b9b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 12 Feb 2021 20:32:48 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-138&value=&_bee_ppp=1
Date: Fri, 12 Feb 2021 20:32:48 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1

200
OK

associate-segment
segment.prod.bidr.io/ Frame AF38
Redirect Chain

https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-139&value=
https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-139&value=&_bee_ppp=1

43 B
793 B

51ms
51ms

Image
image/gif

52.209.184.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-139&value=&_bee_ppp=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.184.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://b.triptease.io/?apikey=11905f281240e11c010d5ad195f1333929279936&bucket=1&conversion=false&clicked=false&searched=false&tripteaseUserId=ef52dbc7-fa22-4af9-bb5c-78de91410b9b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 12 Feb 2021 20:32:48 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-139&value=&_bee_ppp=1
Date: Fri, 12 Feb 2021 20:32:48 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1

200
OK

associate-segment
segment.prod.bidr.io/ Frame AF38
Redirect Chain

https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-140&value=
https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-140&value=&_bee_ppp=1

43 B
793 B

61ms
50ms

Image
image/gif

52.209.184.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-140&value=&_bee_ppp=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.184.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://b.triptease.io/?apikey=11905f281240e11c010d5ad195f1333929279936&bucket=1&conversion=false&clicked=false&searched=false&tripteaseUserId=ef52dbc7-fa22-4af9-bb5c-78de91410b9b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 12 Feb 2021 20:32:48 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-140&value=&_bee_ppp=1
Date: Fri, 12 Feb 2021 20:32:48 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1

200
OK

associate-segment
segment.prod.bidr.io/ Frame AF38
Redirect Chain

https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-137&value=
https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-137&value=&_bee_ppp=1

43 B
793 B

53ms
50ms

Image
image/gif

52.209.184.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-137&value=&_bee_ppp=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.184.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://b.triptease.io/?apikey=11905f281240e11c010d5ad195f1333929279936&bucket=1&conversion=false&clicked=false&searched=false&tripteaseUserId=ef52dbc7-fa22-4af9-bb5c-78de91410b9b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 12 Feb 2021 20:32:48 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-137&value=&_bee_ppp=1
Date: Fri, 12 Feb 2021 20:32:48 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1

200
OK

associate-segment
segment.prod.bidr.io/ Frame AF38
Redirect Chain

https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-11104&value=1
https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-11104&value=1&_bee_ppp=1

43 B
793 B

78ms
47ms

Image
image/gif

52.209.184.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-11104&value=1&_bee_ppp=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.184.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://b.triptease.io/?apikey=11905f281240e11c010d5ad195f1333929279936&bucket=1&conversion=false&clicked=false&searched=false&tripteaseUserId=ef52dbc7-fa22-4af9-bb5c-78de91410b9b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 12 Feb 2021 20:32:48 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-11104&value=1&_bee_ppp=1
Date: Fri, 12 Feb 2021 20:32:48 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1

200
OK

associate-segment
segment.prod.bidr.io/ Frame AF38
Redirect Chain

https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-11105&value=
https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-11105&value=&_bee_ppp=1

43 B
793 B

53ms
49ms

Image
image/gif

52.209.184.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-11105&value=&_bee_ppp=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.184.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://b.triptease.io/?apikey=11905f281240e11c010d5ad195f1333929279936&bucket=1&conversion=false&clicked=false&searched=false&tripteaseUserId=ef52dbc7-fa22-4af9-bb5c-78de91410b9b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 12 Feb 2021 20:32:48 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

location: https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-11105&value=&_bee_ppp=1
Date: Fri, 12 Feb 2021 20:32:48 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1 200
OK associate-segment
segment.prod.bidr.io/ Frame AF38 43 B
430 B 51ms
50ms Image
image/gif 52.209.184.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-11106&value=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.184.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://b.triptease.io/?apikey=11905f281240e11c010d5ad195f1333929279936&bucket=1&conversion=false&clicked=false&searched=false&tripteaseUserId=ef52dbc7-fa22-4af9-bb5c-78de91410b9b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 12 Feb 2021 20:32:48 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK associate-segment
segment.prod.bidr.io/ Frame AF38 43 B
430 B 50ms
49ms Image
image/gif 52.209.184.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-11107&value=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.184.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://b.triptease.io/?apikey=11905f281240e11c010d5ad195f1333929279936&bucket=1&conversion=false&clicked=false&searched=false&tripteaseUserId=ef52dbc7-fa22-4af9-bb5c-78de91410b9b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 12 Feb 2021 20:32:48 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK associate-segment
segment.prod.bidr.io/ Frame AF38 43 B
430 B 48ms
48ms Image
image/gif 52.209.184.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-11108&value=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.184.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://b.triptease.io/?apikey=11905f281240e11c010d5ad195f1333929279936&bucket=1&conversion=false&clicked=false&searched=false&tripteaseUserId=ef52dbc7-fa22-4af9-bb5c-78de91410b9b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 12 Feb 2021 20:32:48 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1 200
OK associate-segment
segment.prod.bidr.io/ Frame AF38 43 B
430 B 49ms
48ms Image
image/gif 52.209.184.14
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-11109&value=1

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.209.184.14 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://b.triptease.io/?apikey=11905f281240e11c010d5ad195f1333929279936&bucket=1&conversion=false&clicked=false&searched=false&tripteaseUserId=ef52dbc7-fa22-4af9-bb5c-78de91410b9b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 12 Feb 2021 20:32:48 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

cookie-sync
b.triptease.io/ Frame AF38
Redirect Chain

https://match.prod.bidr.io/cookie-sync/triptease?buyer_user_id=ef52dbc7-fa22-4af9-bb5c-78de91410b9b|11905f281240e11c010d5ad195f1333929279936
https://match.prod.bidr.io/cookie-sync/triptease?buyer_user_id=ef52dbc7-fa22-4af9-bb5c-78de91410b9b%7C11905f281240e11c010d5ad195f1333929279936&_bee_ppp=1
https://b.triptease.io/cookie-sync?partner=beeswax&beeswax_id=AAMvGE7ATcwAABA0BH-1yQ&buyer_user_id=ef52dbc7-fa22-4af9-bb5c-78de91410b9b%7C11905f281240e11c010d5ad195f1333929279936

147 B
147 B

206ms
206ms

Image
text/plain

151.101.65.62
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://b.triptease.io/cookie-sync?partner=beeswax&beeswax_id=AAMvGE7ATcwAABA0BH-1yQ&buyer_user_id=ef52dbc7-fa22-4af9-bb5c-78de91410b9b%7C11905f281240e11c010d5ad195f1333929279936
Requested by: Host: b.triptease.io
URL: https://b.triptease.io/?apikey=11905f281240e11c010d5ad195f1333929279936&bucket=1&conversion=false&clicked=false&searched=false&tripteaseUserId=ef52dbc7-fa22-4af9-bb5c-78de91410b9b
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.65.62 , United States, ASN54113 (FASTLY, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://b.triptease.io/?apikey=11905f281240e11c010d5ad195f1333929279936&bucket=1&conversion=false&clicked=false&searched=false&tripteaseUserId=ef52dbc7-fa22-4af9-bb5c-78de91410b9b
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:32:48 GMT
Via: 1.1 google, 1.1 varnish
X-Timer: S1613161969.683646,VS0,VE187
X-Served-By: cache-cph20636-CPH
transfer-encoding: chunked
X-Cache: MISS
access-control-allow-origin: *
cache-control: private, no-store
Connection: keep-alive
Accept-Ranges: bytes
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, session-token
X-Cache-Hits: 0

Redirect headers

location: https://b.triptease.io/cookie-sync?partner=beeswax&beeswax_id=AAMvGE7ATcwAABA0BH-1yQ&buyer_user_id=ef52dbc7-fa22-4af9-bb5c-78de91410b9b%7C11905f281240e11c010d5ad195f1333929279936
Date: Fri, 12 Feb 2021 20:32:48 GMT
Server: nginx
Connection: keep-alive
Content-Length: 0
strict-transport-security: max-age=2592000; includeSubDomains

GET
H/1.1

200
OK

cookie-msync Show response
match.prod.bidr.io/ Frame 5A76
Redirect Chain

https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-1&value=0.5&forward_to_cookie_sync=1
https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-1&value=0.5&forward_to_cookie_sync=1&_bee_ppp=1
https://match.prod.bidr.io/cookie-msync?buzz_key=triptease

1 KB
2 KB

62ms
61ms

Document
text/html

54.228.192.197
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://match.prod.bidr.io/cookie-msync?buzz_key=triptease

Requested by

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.228.192.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

e1b88fddc80876aaccc7f3dea0efe00bbb64f8ea1cdda84d9d3c4f17688c8804

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Host: match.prod.bidr.io
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://b.triptease.io/?apikey=11905f281240e11c010d5ad195f1333929279936&bucket=1&conversion=false&clicked=false&searched=false&tripteaseUserId=ef52dbc7-fa22-4af9-bb5c-78de91410b9b
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Cookie: bitoIsSecure=ok; bito=AABsRk7ATcwAAA3F1gYagg
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://b.triptease.io/?apikey=11905f281240e11c010d5ad195f1333929279936&bucket=1&conversion=false&clicked=false&searched=false&tripteaseUserId=ef52dbc7-fa22-4af9-bb5c-78de91410b9b

Response headers

cache-control: no-cache, must-revalidate
content-type: text/html; charset=utf-8
Date: Fri, 12 Feb 2021 20:32:48 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 1450
Connection: keep-alive

Redirect headers

Date: Fri, 12 Feb 2021 20:32:48 GMT
location: https://match.prod.bidr.io/cookie-msync?buzz_key=triptease
Server: nginx
set-cookie: bito=AAAYfE7ATcwAAA1iviJ-9A; Domain=bidr.io; expires=Mon, 14 Mar 2022 15:32:48 GMT; Path=/; SameSite=None; Secure bitoIsSecure=ok; Domain=bidr.io; expires=Mon, 14 Mar 2022 15:32:48 GMT; Path=/; SameSite=None; Secure checkForPermission=""; Domain=bidr.io; expires=Thu, 01 May 2008 00:00:00 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

POST
H2 204 batch
onboard.triptease.io/message/ 0
403 B 151ms
151ms Other
text/plain 2606:4700:10::ac43:2653
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://onboard.triptease.io/message/batch

Requested by

Host: onboard.triptease.io
URL: https://onboard.triptease.io/bootstrap.js?integrationId=01D1T6RBS9BAJFX5M0ZK2SEZ6C

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700:10::ac43:2653 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 12 Feb 2021 20:32:48 GMT
cf-cache-status: DYNAMIC
server: cloudflare
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
access-control-allow-origin: *
x-cloud-trace-context: 0f95cd2bdf5940a48be39cbda659504e
strict-transport-security: max-age=15552000
cf-ray: 620914bf6c002c3e-FRA
alt-svc: h3-27=":443"; ma=86400, h3-28=":443"; ma=86400, h3-29=":443"; ma=86400
cf-request-id: 08398b4ba400002c3ec20f3000000001

GET
H2 204 usermatch.gif
beacon.krxd.net/ Frame 5A76 0
338 B 158ms
51ms Image
text/plain 34.247.1.48
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beacon.krxd.net/usermatch.gif?partner=beeswax&partner_uid=AABsRk7ATcwAAA3F1gYagg
Requested by: Host: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-msync?buzz_key=triptease
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 34.247.1.48 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://match.prod.bidr.io/cookie-msync?buzz_key=triptease
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:48 GMT
cache-control: private, no-cache, no-store
x-request-time: D=47 t=1613161968
x-served-by: beacon-n014-dub-prod.krxd.net
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"

GET
H/1.1

200
OK

adx
match.prod.bidr.io/cookie-sync/ Frame 5A76
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=beeswaxio&google_sc=&google_hm=QUFCc1JrN0FUY3dBQUEzRjFnWWFnZw&bee_sync_partners=&bee_sync_current_partner=adx&bee_sync_hop_count=1
https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=&bee_sync_current_partner=adx&bee_sync_hop_count=1

43 B
430 B

50ms
49ms

Image
image/gif

54.228.192.197
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=&bee_sync_current_partner=adx&bee_sync_hop_count=1

Requested by

Host: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-msync?buzz_key=triptease

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.228.192.197 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

nginx /

Resource Hash

dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains

Request headers

Referer: https://match.prod.bidr.io/cookie-msync?buzz_key=triptease
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
Date: Fri, 12 Feb 2021 20:32:48 GMT
Server: nginx
strict-transport-security: max-age=2592000; includeSubDomains
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
cache-control: no-cache, must-revalidate
Connection: keep-alive
content-type: image/gif
Content-Length: 43
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:48 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://match.prod.bidr.io/cookie-sync/adx?bee_sync_partners=&bee_sync_current_partner=adx&bee_sync_hop_count=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 316
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

demconf.jpg
dpm.demdex.net/ Frame 5A76
Redirect Chain

https://dpm.demdex.net/ibs:dpid=275754&dpuuid=AABsRk7ATcwAAA3F1gYagg
https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=275754&dpuuid=AABsRk7ATcwAAA3F1gYagg

42 B
915 B

52ms
52ms

Image
image/gif

52.50.104.129
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=275754&dpuuid=AABsRk7ATcwAAA3F1gYagg

Requested by

Host: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-msync?buzz_key=triptease

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

52.50.104.129 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-50-104-129.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

Referer: https://match.prod.bidr.io/cookie-msync?buzz_key=triptease
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

DCS: dcs-prod-irl1-v089-0f228079d.edge-irl1.demdex.com 5.80.6.20210202104731 0ms (+1ms)
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: gHMKNlNgS9U=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: image/gif
Content-Length: 42
Expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 3xhMA2PjTYQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=275754&dpuuid=AABsRk7ATcwAAA3F1gYagg
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK 35244
tags.bluekai.com/site/ Frame 5A76 62 B
729 B 261ms
183ms Image
image/gif 23.79.152.128
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tags.bluekai.com/site/35244?id=AABsRk7ATcwAAA3F1gYagg
Requested by: Host: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-msync?buzz_key=triptease
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 23.79.152.128 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-79-152-128.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80

Request headers

Referer: https://match.prod.bidr.io/cookie-msync?buzz_key=triptease
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:32:48 GMT
Connection: keep-alive
P3P: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
Content-Length: 62
BK-Server: c73c
Content-Type: image/gif

GET
H/1.1 200
OK Pug
image2.pubmatic.com/AdServer/ Frame 5A76 42 B
977 B 139ms
34ms Image
image/gif 185.64.189.110
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTMyOTcmdGw9MTI5NjAw&piggybackCookie=AABsRk7ATcwAAA3F1gYagg
Requested by: Host: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-msync?buzz_key=triptease
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 185.64.189.110 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6 /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

Referer: https://match.prod.bidr.io/cookie-msync?buzz_key=triptease
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

X-Cnection: close
Pragma: no-cache
Date: Fri, 12 Feb 2021 20:32:48 GMT
X-lat: Pug22002:0:803
Server: Apache/2.2.24 (Unix) mod_ssl/2.2.24 OpenSSL/1.0.0-fips mod_fastcgi/2.4.6
P3P: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC", CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
Cache-Control: no-store, no-cache, private
Content-Type: image/gif; charset=utf-8
Content-Length: 42

GET
H/1.1

200
OK

validateCookie
segments.company-target.com/ Frame 5A76
Redirect Chain

https://segments.company-target.com/log?vendor=choca&user_id=AABsRk7ATcwAAA3F1gYagg
https://segments.company-target.com/validateCookie?vendor=choca&user_id=AABsRk7ATcwAAA3F1gYagg&verifyHash=ac436a4d1b4bbcf6cca362f922f78e811bd42643

26 B
409 B

256ms
256ms

Image
image/gif

65.9.94.97
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://segments.company-target.com/validateCookie?vendor=choca&user_id=AABsRk7ATcwAAA3F1gYagg&verifyHash=ac436a4d1b4bbcf6cca362f922f78e811bd42643
Requested by: Host: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-msync?buzz_key=triptease
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_128_GCM
Server: 65.9.94.97 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: 3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1

Request headers

Referer: https://match.prod.bidr.io/cookie-msync?buzz_key=triptease
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Fri, 12 Feb 2021 20:32:49 GMT
Via: 1.1 c76f57c516237f120f723cde4dab446f.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: PRG50-C1
Vary: Origin
X-Cache: Miss from cloudfront
Content-Type: image/gif
Transfer-Encoding: chunked
Connection: keep-alive
trace-id: 8e3f7bb4822f37c9
X-Amz-Cf-Id: duW7_eApAG4lTquHnP2ciLSISMGYxaEMqot7CzY4M7VpeW38DnJzwA==

Redirect headers

Date: Fri, 12 Feb 2021 20:32:48 GMT
Via: 1.1 c76f57c516237f120f723cde4dab446f.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: PRG50-C1
Vary: Origin
X-Cache: Miss from cloudfront
Location: /validateCookie?vendor=choca&user_id=AABsRk7ATcwAAA3F1gYagg&verifyHash=ac436a4d1b4bbcf6cca362f922f78e811bd42643
Connection: keep-alive
trace-id: 729628fa2e454f39
Content-Length: 0
X-Amz-Cf-Id: K90Ku0zKt-2UaUblZtHlUE9DeIBVZFb2DybmAyupT7NxUjVlGwOmmA==

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 5A76
Redirect Chain

https://dsum-sec.casalemedia.com/rum?cm_dsp_id=130&external_user_id=AABsRk7ATcwAAA3F1gYagg&expiration=1614371568
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=130&external_user_id=AABsRk7ATcwAAA3F1gYagg&expiration=1614371568&C=1

43 B
1007 B

93ms
93ms

Image
image/gif

104.108.145.8
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=130&external_user_id=AABsRk7ATcwAAA3F1gYagg&expiration=1614371568&C=1
Requested by: Host: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-msync?buzz_key=triptease
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 104.108.145.8 Berlin, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-108-145-8.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://match.prod.bidr.io/cookie-msync?buzz_key=triptease
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 20:32:49 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Fri, 12 Feb 2021 20:32:49 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 20:32:48 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=130&external_user_id=AABsRk7ATcwAAA3F1gYagg&expiration=1614371568&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 312
Expires: Fri, 12 Feb 2021 20:32:48 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame 5A76
Redirect Chain

https://ib.adnxs.com/setuid?entity=331&seg=6290637&code=AABsRk7ATcwAAA3F1gYagg
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D331%26seg%3D6290637%26code%3DAABsRk7ATcwAAA3F1gYagg

43 B
1 KB

35ms
35ms

Image
image/gif

185.33.220.240
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D331%26seg%3D6290637%26code%3DAABsRk7ATcwAAA3F1gYagg

Requested by

Host: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-msync?buzz_key=triptease

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

185.33.220.240 Amsterdam, Netherlands, ASN29990 (ASN-APPNEX, US),

Reverse DNS

717.bm-nginx-loadbalancer.mgmt.ams1.adnexus.net

Software

nginx/1.17.9 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://match.prod.bidr.io/cookie-msync?buzz_key=triptease
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 20:32:48 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.235:80
AN-X-Request-Uuid: 6488790c-15e9-4e0e-bc7e-94b614f13822
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Fri, 12 Feb 2021 20:32:48 GMT
X-Proxy-Origin: 82.102.20.235; 82.102.20.235; 717.bm-nginx-loadbalancer.mgmt.ams1; *.adnxs.com; 185.33.220.59:80
AN-X-Request-Uuid: 761a44cf-5d5f-4db7-9b60-7cec2916ab31
Server: nginx/1.17.9
P3P: policyref="http://cdn.adnxs.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D331%26seg%3D6290637%26code%3DAABsRk7ATcwAAA3F1gYagg
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H/1.1 204
No Content tap.php
pixel.rubiconproject.com/ Frame 5A76 0
239 B 43ms
42ms Image
image/gif 69.173.144.138
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=183462&nid=4114&put=AABsRk7ATcwAAA3F1gYagg&expires=30
Requested by: Host: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-msync?buzz_key=triptease
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_GCM
Server: 69.173.144.138 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://match.prod.bidr.io/cookie-msync?buzz_key=triptease
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
X-RPHost: 704c1e4d3fcc922a3031d436b584678b
Content-Type: image/gif

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 5A76
Redirect Chain

https://us-u.openx.net/w/1.0/sd?id=537125688&val=AABsRk7ATcwAAA3F1gYagg
https://us-u.openx.net/w/1.0/sd?cc=1&id=537125688&val=AABsRk7ATcwAAA3F1gYagg

43 B
106 B

74ms
74ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?cc=1&id=537125688&val=AABsRk7ATcwAAA3F1gYagg
Requested by: Host: match.prod.bidr.io
URL: https://match.prod.bidr.io/cookie-msync?buzz_key=triptease
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/16.202.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

Referer: https://match.prod.bidr.io/cookie-msync?buzz_key=triptease
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:48 GMT
via: 1.1 google
server: OXGW/16.202.0
vary: Accept
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
content-type: image/gif
alt-svc: clear
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

location: https://us-u.openx.net/w/1.0/sd?cc=1&id=537125688&val=AABsRk7ATcwAAA3F1gYagg
date: Fri, 12 Feb 2021 20:32:48 GMT
via: 1.1 google
server: OXGW/16.202.0
alt-svc: clear
content-length: 0
p3p: CP="CUR ADM OUR NOR STA NID"

GET
H2 200 storageIframe.html Show response
static.triptease.io/message-porter/dist/ Frame 9B69 5 KB
3 KB 63ms
20ms Document
text/html 151.101.193.182
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://static.triptease.io/message-porter/dist/storageIframe.html

Requested by

Host: static.triptease.io
URL: https://static.triptease.io/message-porter/dist/bootstrap-message-engine.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.193.182 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

UploadServer /

Resource Hash

6da611933f86cbcaacc6496c736f61875366ff7f4c48f702d0a0738164b99be5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600

Request headers

:method: GET
:authority: static.triptease.io
:scheme: https
:path: /message-porter/dist/storageIframe.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.tmp.kuredu.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://www.tmp.kuredu.com/

Response headers

x-guploader-uploadid: ABg5-Uzh-Wn9sbDtBmX4inYW01anadQS4qRcoFlDlqvGRWJlF6orftIt4nICJ8FyrNaGq4PcJ-gd-U5w4aUEUKXGrB0
cache-control: public, Surrogate-Control=86400, max-age=600
expires: Sun, 07 Feb 2021 04:14:02 GMT
last-modified: Wed, 17 Jun 2020 15:29:52 GMT
etag: "28c1512e0ab48e1743c1b601423d1e55"
x-goog-generation: 1592407792271429
x-goog-metageneration: 71
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 4973
x-goog-meta-goog-reserved-file-mtime: 1592407707
content-type: text/html
x-goog-hash: crc32c=z6zvgQ== md5=KMFRLgq0jhdDwbYBQj0eVQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
content-encoding: gzip
accept-ranges: bytes
date: Fri, 12 Feb 2021 20:32:50 GMT
via: 1.1 varnish
age: 199
x-served-by: cache-cph20630-CPH
x-cache: HIT
x-cache-hits: 5
x-timer: S1613161970.228258,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
backend-url: /message-porter/dist/storageIframe.html
pseudo-device-id: 7d38448b740c129b1bba08b5e125f51a1b4d749866f3211b07553e3b1e9c45e5
pseudo-session-id: 4129520a0d19b889ddae919c5c32dc8bb692e29da7739575b5ca208764d3e682
surrogate-key-debug: message-porter message-porter-storageIframe message-porter-html
timing-allow-origin: *
content-length: 1772

GET
H2 200 messages Show response
messages.guest-experience.triptease.io/11905f281240e11c010d5ad195f1333929279936/ 273 B
702 B 102ms
33ms Fetch
application/json 151.101.114.133
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL: https://messages.guest-experience.triptease.io/11905f281240e11c010d5ad195f1333929279936/messages?language=en-US
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/3.9/dist/main/index.min.js?h=fdb0448640f4e619
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 151.101.114.133 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),
Reverse DNS
Software: Google Frontend /
Resource Hash: 6ea65cf3fb3d7fbd3d2cf8b952aa0262e68488ca425d9745b002c78df01628ef

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 12 Feb 2021 20:32:50 GMT
via: 1.1 varnish
age: 105
x-cache: HIT
x-cache-hits: 1
x-city: broenshoej
content-length: 273
x-served-by: cache-hhn4082-HHN
access-control-allow-origin: https://www.tmp.kuredu.com
server: Google Frontend
vary: Origin
tt_keys: campaigns-11905f281240e11c010d5ad195f1333929279936
x-region-code: 84
x-cloud-trace-context: e9743c9aee12ba6a4f213f4ec212eaee
cache-control: max-age=600
access-control-allow-credentials: true
tt_host: messages.guest-experience.triptease.io
accept-ranges: bytes
content-type: application/json; charset=utf-8
x-country-code: DK
access-control-expose-headers: X-Country-Code, X-Region-Code

POST
H2 200 event
api.triptease.io/zappy/ 0
124 B 151ms
151ms Other
text/plain 35.186.195.233
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://api.triptease.io/zappy/event?eventName=propensityToConvert&eventAppName=messageEngine
Requested by: Host: static.triptease.io
URL: https://static.triptease.io/message-porter/dist/bootstrap-message-engine.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.195.233 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: nginx/1.11.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Fri, 12 Feb 2021 20:32:50 GMT
via: 1.1 google
server: nginx/1.11.3
access-control-max-age: 86400
access-control-allow-methods: GET,PUT,POST,DELETE
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.tmp.kuredu.com
alt-svc: clear
content-length: 0

POST
H2 200 add_visit Show response
www.thehotelsnetwork.com/ 145 B
732 B 379ms
379ms XHR
application/json 45.60.198.96
INCAPSULA

General

Check archive.org

Show headers Download Go to

Full URL: https://www.thehotelsnetwork.com/add_visit
Requested by: Host: www.thehotelsnetwork.com
URL: https://www.thehotelsnetwork.com/widget/core/3.9/dist/main/index.min.js?h=fdb0448640f4e619
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 45.60.198.96 , United States, ASN19551 (INCAPSULA, US),
Reverse DNS
Software: nginx/1.17.5 / PHP/7.3.26-1+0~20210112.74+debian10~1.gbpd78724
Resource Hash: 3842a22f666a9bd10d5c21d62cd72d78ce2159ac73df19eaeabab3004ae0dac9

Request headers

Referer: https://www.tmp.kuredu.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Fri, 12 Feb 2021 20:32:51 GMT
content-encoding: gzip
server: nginx/1.17.5
x-powered-by: PHP/7.3.26-1+0~20210112.74+debian10~1.gbpd78724
vary: Accept-Encoding
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.tmp.kuredu.com
x-iinfo: 9-21441506-21441101 PNNN RT(1613161970517 0) q(0 0 0 -1) r(3 3) U5
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
x-cdn: Incapsula
expires: Thu, 19 Nov 1981 08:52:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.maldiveswebcams.com
URL: https://www.maldiveswebcams.com/kuredu/kuredu-weather-station/oceanticker.htm

Domain: www.tmp.kuredu.com
URL: https://www.tmp.kuredu.com/360panoramas/pool/panorama_slider.html

Verdicts & Comments Add Verdict or Comment

168 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

20 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
www.thehotelsnetwork.com/	1970-01-20 09:37:13	Name: thn_id Value: d019acdaba939864138ca994757b37c9
.veinteractive.com/	1970-01-19 16:06:05	Name: 4C9D3231-ABA4-4648-9AB4-B8BBC40545C4 Value: sessionId%3D%257B%2522Features%2522%253A%255B%257B%2522Key%2522%253A%2522aa%2522%252C%2522Value%2522%253A%2522featureB.v1%2522%257D%252C%257B%2522Key%2522%253A%2522promocodeRequest%2522%252C%2522Value%2522%253A%2522getpromocode.v1%2522%257D%252C%257B%2522Key%2522%253A%2522recEngine%2522%252C%2522Value%2522%253A%2522recommendedProducts.v1%2522%257D%252C%257B%2522Key%2522%253A%2522userActivation%2522%252C%2522Value%2522%253A%2522afterExit.v1%2522%257D%252C%257B%2522Key%2522%253A%2522getCapturedCurrency%2522%252C%2522Value%2522%253A%2522fromStateOrUserSource.v1%2522%257D%252C%257B%2522Key%2522%253A%2522currentProductFromReferrer%2522%252C%2522Value%2522%253A%2522getCurrentProductFromReferrer.v1%2522%257D%252C%257B%2522Key%2522%253A%2522sendToKafka%2522%252C%2522Value%2522%253A%2522sendToKafka.v1%2522%257D%252C%257B%2522Key%2522%253A%2522panelEnabledOnTimeInterval%2522%252C%2522Value%2522%253A%2522enabled%2522%257D%252C%257B%2522Key%2522%253A%2522videoInPanel%2522%252C%2522Value%2522%253A%2522enabled%2522%257D%252C%257B%2522Key%2522%253A%2522newProductSearchEndpoint%2522%252C%2522Value%2522%253A%2522enabled%2522%257D%252C%257B%2522Key%2522%253A%2522useCapturedProduct%2522%252C%2522Value%2522%253A%2522enabled%2522%257D%252C%257B%2522Key%2522%253A%2522useApiCallForEventHub%2522%252C%2522Value%2522%253A%2522disabled%2522%257D%252C%257B%2522Key%2522%253A%2522useSessionApiForInitCall%2522%252C%2522Value%2522%253A%2522enabled%2522%257D%252C%257B%2522Key%2522%253A%2522usePanelApiForCalls%2522%252C%2522Value%2522%253A%2522enabled%2522%257D%252C%257B%2522Key%2522%253A%2522useNewDtrcForCalls%2522%252C%2522Value%2522%253A%2522enabled%2522%257D%255D%252C%2522InactiveApps%2522%253A%255B%255D%252C%2522SessionId%2522%253A%25225f422810-6c5d-4702-9c8f-ca9601249d71%2522%252C%2522SessionOrigin%2522%253A1%257D
.triptease.io/	1970-01-20 00:51:37	Name: triptease-user-id Value: ef52dbc7-fa22-4af9-bb5c-78de91410b9b
.kuredu.com/	1970-01-20 00:51:37	Name: __zlcmid Value: 12cjo3qjRtubzoG
.doubleclick.net/	1970-01-20 01:27:37	Name: IDE Value: AHWqTUlCfZXZTLR7NJQYwpWiq9H9FANl64IotYZfKZQms4UOXjhIY_DrCX6jZeAN
www.tmp.kuredu.com/	1970-01-19 16:06:27	Name: triptease-identity-data Value: eyJzZXNzaW9uSWQiOiI5NmY0MTA4Ni0wY2NkLTQwMmUtOGRmMy1kZGM4MmU0MTljY2UiLCJ1c2VySWQiOiJlZjUyZGJjNy1mYTIyLTRhZjktYmI1Yy03OGRlOTE0MTBiOWIiLCJpc0ZyZXNoVXNlciI6dHJ1ZSwiaXNGcmVzaFNlc3Npb24iOnRydWV9
.triptease.io/	1970-01-19 16:06:30	Name: triptease-session-id Value: 96f41086-0ccd-402e-8df3-ddc82e419cce
.kuredu.com/	1970-01-19 18:15:37	Name: _fbp Value: fb.1.1613161964486.1999571625
.tmp.kuredu.com/	1970-01-20 09:37:13	Name: _ga Value: GA1.3.1433961594.1613161964
www.tmp.kuredu.com/	1970-01-21 11:54:01	Name: tt-domain-user-id Value: 01EYBZ498HAJ8SKZ7XDRW2S4DD
.tmp.kuredu.com/	1970-01-19 16:06:02	Name: _dc_gtm_UA-41473275-3 Value: 1
.tmp.kuredu.com/	1970-01-19 16:07:28	Name: _gid Value: GA1.3.1925978311.1613161964
www.tmp.kuredu.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: cb7efacc30186a760f74cd9ee552de54
www.tmp.kuredu.com/	1970-01-19 16:49:13	Name: 17005.vst Value: %7B%22s%22%3A%225f422810-6c5d-4702-9c8f-ca9601249d71%22%2C%22t%22%3A%22new%22%2C%22lu%22%3A1613161966445%2C%22lv%22%3A1613161966445%2C%22lp%22%3A0%7D
.kuredu.com/	1970-01-19 16:07:28	Name: _gid Value: GA1.2.1925978311.1613161964
.veinteractive.com/	1970-01-20 01:31:57	Name: __ssid Value: e096a0c8-c2eb-419a-8075-023650afb16f
.kuredu.com/	1970-01-20 09:37:13	Name: _ga Value: GA1.2.1433961594.1613161964
www.thehotelsnetwork.com/	1969-12-31 23:59:59	Name: __thn_ss Value: 88e654b1f9a19f320dd7e34b4bb7dee8
.kuredu.com/	1970-01-19 16:06:02	Name: _gat Value: 1
.kuredu.com/	1970-01-19 16:49:13	Name: __cfduid Value: d505bf24908bff1169df3b8dab99011621613161963

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
console-api	log	URL: https://www.kuredu.com/wp-includes/js/jquery/jquery-migrate.min.js(Line 2) Message: JQMIGRATE: Migrate is installed, version 3.3.2
console-api	log	URL: https://www.thehotelsnetwork.com/widget/core/3.9/dist/main/index.min.js?h=fdb0448640f4e619(Line 25) Message: ga Tracker script loaded.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8124507.fls.doubleclick.net
a.volvelle.tech
ad.doubleclick.net
ads.yahoo.com
adservice.google.com
analytics.twitter.com
api.triptease.io
b.triptease.io
bat.bing.com
beacon.krxd.net
beacon.sojern.com
cdn.denomatic.com
cdn.jsdelivr.net
cdnjs.cloudflare.com
cm.g.doubleclick.net
configch2.veinteractive.com
connect.facebook.net
cookiea1.veinteractive.com
customs.affilired.com
cw.addthis.com
dpm.demdex.net
dsum-sec.casalemedia.com
dtrchk.veinteractive.com
ekr.zdassets.com
fcmatch.google.com
fcmatch.youtube.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
ib.adnxs.com
image2.pubmatic.com
match.adsrvr.org
match.prod.bidr.io
messages.guest-experience.triptease.io
onboard.triptease.io
pixel-geo.prfct.co
pixel.prfct.co
pixel.rubiconproject.com
pixel.sojern.com
s3-eu-west-1.amazonaws.com
secure.adnxs.com
segment.prod.bidr.io
segments.company-target.com
sessionapihk.veinteractive.com
smct.co
static-meta.triptease.io
static.triptease.io
static.zdassets.com
stats.g.doubleclick.net
tag.marinsm.com
tags.bluekai.com
us-u.openx.net
v2.zopim.com
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleadservices.com
www.googletagmanager.com
www.kuredu.com
www.maldiveswebcams.com
www.thehotelsnetwork.com
www.tmp.kuredu.com
x.bidswitch.net
www.maldiveswebcams.com
www.tmp.kuredu.com
104.108.145.8
104.16.107.139
104.18.70.113
104.18.72.113
104.244.42.3
107.178.244.119
142.250.185.162
142.250.186.166
151.101.113.182
151.101.114.133
151.101.12.65
151.101.193.182
151.101.65.62
185.33.220.240
185.64.189.110
20.43.154.75
20.43.163.97
20.43.171.38
23.210.248.44
23.36.239.12
23.79.152.128
2600:9000:2127:c800:f:900d:ef80:93a1
2606:4700:10::ac43:2653
2606:4700:3034::6815:85d
2606:4700::6810:125e
2620:1ec:c11::200
2a00:1288:80:800::7001
2a00:1450:4001:800::200e
2a00:1450:4001:809::2002
2a00:1450:4001:809::2008
2a00:1450:4001:80f::2003
2a00:1450:4001:811::2003
2a00:1450:4001:813::2002
2a00:1450:4001:827::2003
2a00:1450:4001:827::2004
2a00:1450:4001:828::2003
2a00:1450:4001:828::200e
2a00:1450:4001:829::2002
2a00:1450:4001:829::200a
2a00:1450:4001:82a::200e
2a00:1450:4001:82b::2004
2a00:1450:400c:c04::9b
2a00:1450:400c:c04::9d
2a03:2880:f02d:12:face:b00c:0:3
2a03:2880:f12d:83:face:b00c:0:25de
2a04:4e42:3::621
34.247.1.48
35.156.19.236
35.186.195.233
35.210.178.101
35.214.92.101
35.244.159.8
45.60.198.96
52.209.184.14
52.218.112.67
52.23.94.221
52.50.104.129
52.51.60.151
54.154.130.111
54.228.192.197
65.9.69.77
65.9.94.97
69.173.144.138
99.80.71.186
000854d782781aff1b16ea5451c1da3d07efadd35ab911ccb7e4b851571a25bd
00207460dc1611a45a70d062f6e5574952fe12a419b19f83012437567134da91
021709995223ef4c461cf02de5d139ed59c1a23c46569d398320c30ada39ae3f
029e0a2e809fd6b5dbe76abe8b7a74936be306c9a8c27c814c4d44aa54623300
04cdf7aa1a6fd9ec695ab6c7f0bc888672e0c628155b0bedd8b76707ee29b713
071c69e4b4c2536bf5db0d9dd24c4a6f4bede45e0482daf3709289491dd7c62a
0a37de6ab4b58d2dfed40f7e40ab8b13ce92270e6410d3b651552edb54eb9b4b
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
0b78b797a9b82e22ab79858f28587559459a46cd306b0b93d5d89dbe0b4932b5
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c8cb2f6c1e974d053c921a967371415776e51687fae31621a74cfa14e7d299e
0db1d5051952fe11c2805e51f4f1160690dee0ed14bdb2eb3fb4e1b3f741fa62
0f0df986e5195131fa29644c205024c02336380315250305e919e7f625dfb14b
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
1117a4607bda116a102e6a74493e71fd7f3d7cae62484972724f0c4f8efe5c3d
150c3ee916a10feab0b75ad817052e6ef9206ed32e48c460f2db6f4ba89a30d3
156bfee744eabb673d4ba08576f87dd2b52e84469dffafc0cd4cd62cc3e49e64
1625135a7516adc73644d4534059919ab360e397c1a3dc89210d1d986a0cb36a
17af9e65317bbbfbbd0bcdc729f14faadf37cd08cf30cc0fe0b72443e78cbffb
19fc0261a1412029e7fbb7cfe3ab1831714b80e165141c246a0c15609d5e1fe7
1a61842191f002e606518ef8b880c54be0bcc2ee4f65a332b403ec642c06fa20
1d4378063acb027b668a1f70a3e921c285d1d0c18b44b26eef889eb9e68a6adb
1d795f8e75363c2788d3e6a2b8096ae98efb360e8994de269dc94399a763253f
1df5fe13d8332cc34889379574bb45b9871831cb38c2b67eebbd86833cfb8f76
1e3698d98f74965f6d2b7f57bda9efedeb8117f70e99b1378841686bb1ce5fae
1ed082521f47921ffff14d4ec1c6c3f1ea55114741bee23cc23d4ab6a3213642
20f4691a0dda462da5185710f46ae05ead50962a7ad9b37a3a5578f4d27b62e2
213ab3f08a031987e68cc30cb6d2e2578dacd683ebf24cc77224eda53f9d9408
22b3008d2e4bc7907aaf8a2ee8bd0618152235ac13fcf44233b18ec057f92b2a
2ba7f20b1d8990e17a47fe3d88e4c766628aaa2baf1dd30fca0a0db59836f5f9
2cd68a7d6aa62486459b7ec8a3ccdb60b62747677d7db386012c14c31027fa29
31fe2771abb1c8ba1821942d2b65e28eb65f8b6bec7d63bd8fb1a65c5dd7901a
3839642abfdd98a3e5dfa64badedca3cfcbf5701526c35142d4287a625de2ce3
3842a22f666a9bd10d5c21d62cd72d78ce2159ac73df19eaeabab3004ae0dac9
387834fdce86b8f8305879c23fe6a042ca62d893e274b80dc90bc6b1bb16defd
388119d97e88a76b46bac81c9b0f5d3cf812e189325dbd8c05d42ea5b18a9635
388dcdf7308a69b0e8bf6ad917397c94951709c3fb126b06706a0fe83317402a
39387ac1906fded07b15ca30592db064684d02795189a7f7d7b3526b20d5e072
39bc7425c5edbe2f886156f9bdee2a578fdabdcfe04accce9ad63911aa31e05c
3ab0b94c5a731a55a9f3c8c0e787a6b754bc750811124a4ddf5a59910134569a
3b7b8a4b411ddf8db9bacc2f3aabf406f8e4c0c087829b336ca331c40adfdff1
3cdcd6e8a19baf2e7413ba9081f9d241908c0b25858a4935154ef31b32140c2e
3d7284d3983b2fefd266d9215144e1879d7ce928cb3a2ed5188685896788573b
3ee851b89454a61126375ec8e092e2818179e3a1b2cf8d5811132e2b01698d0c
3eff153572282e788ce15ce28b9041e88c2e096aa88836c565a330ff494355f8
3f47c75fa68e49b1cdca50c61e9cd6603b57c521e5e6809df59a4a15e291a4ef
4154a8cd0e4863a3839a1fa335b4e51caa8fa8a24fcc3222c8e142f77f823f35
452e5cba2164fd384048347b9ed0af754c3b54b5fe60d4d08c5a1960867cd569
4681bbc4e8ce0b1c1f96177a210eb20589b60f45440d9a48d6f19263a8dcc8ee
4746598c8ed8682db55684255c1c3afe2e54b54451a901777b29c9eccdc0e3ac
48bd45366772a5c46d78b82885dbd8d41c20fe75689e3c921a77169d1cf781cf
4925356a591b78758713e8824c4d2aab0ab650d7be5ef4fe8ca224a5462215f5
4a01f782261e17343d9b542e0366ab78fc911c0815ac9767dc89e4962851c588
4ae49687f3f44d52fa86fb460759c5b0505d0e4244c6cfa45f8167aea2010adc
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4b5dcd8c4de34bf3e2bbbb1499ef55172ca6a8c7124c5aaa04cc6ea48a084b8b
4c5e7cd403fb7cd79681594e687ae48d0c70272ba1d4028f90b99113b01f4df9
4dd6c09ddcb0e53a6290cc1df35224856073ba5f89d4134bd7c69e4fd9c6f515
4dedabcac682b665e87347797ba4ecb42575d62f3b4fd6b8b20cdcec20fc92bc
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4e6c7a5fb79536b62227fe8e8fef74a4be45e30ff7ef349f18232559ba259f2d
5023cc8260c96d9d7d40b4367cfebf97b7b77c61e4bc00eaf2527f958c2e1421
525a1dd0ac9f28e5270f71861775bbc4e53414e8864a39df220a04972fe20ca0
562c564811d314df2909abe92bb378220b78fd21b61f21dca30cfb2ac36431fa
598d372762ec5d139f6bede42d56987ac9125abe37eaee3e5f987b6e3ac4cc20
59b0b341f2377d03855e6151484cc22019c58f997a11577715121d710fd2386c
5bf19de4a1e69b7b3cce947da22702f074c0963192bf9eb3ea9210ac07c52f67
5c2288ca7b324881faae5e368eb4d69457e2784e042e868de335d3827bb90981
60240d5a27ede94fd35fea44bd110b88c7d8cfc08127f032d13b0c622b8be827
628a3678cd1164568c233881fc6e9e065f06d4d5213e2fc367b2d1c6cad14a7e
63a6d926d277a3d64d30e349fa0ea2b0630e9801d173e1947ff3bd6060147ef4
63d691fc996055b3e6e692ba22b5ca6853d04f724b5425963117e6c7ea8994ff
652a393da4f6acc6f7c69fc8291b78786006379eaf1177250af75383b07b93ab
6867ff7eec8e29d555e5bfcadc9e19f04d1e3a34de99255647f9ca573536b7ef
69dbd001fce5311fa36d9d9eda355d9fa0bdbc685f6d79119eab10556c2128fa
6a4521ea58eac9f3727a73446617e4dfb48a63af99d7e87a068960decb92f1b5
6c83de5fc90fc5cb12d3f086f9540a4a4beecdd13abcda42ce0f5e9bad4b27f5
6d513187946a55882e4ddd88ae942167d6f481f78ce8968a73f551bf9dce5b57
6d82524320851cd20cae529e3b2e8f44041aac4cff1d5352d115fb2f3819d742
6da611933f86cbcaacc6496c736f61875366ff7f4c48f702d0a0738164b99be5
6e6defdf5f9d44331abd4183485730bc6c99263d4340e2433da1bc4c6dbe6444
6ea65cf3fb3d7fbd3d2cf8b952aa0262e68488ca425d9745b002c78df01628ef
6eabb193731278713f4208ea84b8c7334c3dfc98f01cb074778280e1df536e62
6eba933655548fcffab43f16885368cf0e760a6ca2a1da1ccf73e6c2a03f957e
6ebcda7a3a41ef97f0b4071160ceb1020e540fdc0f790079a5c2ef01ab654fe0
6eec26458665f2ff755d8d9d752baf709166660fb8e5389c9fbe939df23ea2f1
6f173fbde897c4b5e403c91d99bfc6d671efea799450ca3b11c0d1bcce2ddfc1
72e1b877edf927c55a89eb0839a884b48f8a60cc4bd6c9b1e865ab4257095c19
72ef0717a0aee12edaa8137c0bacfebeb0c31b6224632656f795c38b6c25e4dd
75e5e437609a25580c641028bc90e28e538bf878c635114c2639e19fedaf813c
786fcc3c98b3a482c9c05226262fef58d99fd07195ce75e225ab520a3a105b1b
787c24e9cfed7bfe802abee61b57ed66dd474df3c0675a469884ba8f9575a998
7d133ccd0fdbbdf13eb300b1befda950c9e59285576cd7bbf614e10c597550d5
7eb70257593da06f682a3ddda54a9d260d4fc514f645237f5ca74b08f8da61a6
7ff6424e9c659cb71d9bac860b01ecb8553ae588940d6be255b6a69e816f43a3
80a9123891e91ebbb1c06a2d2c79533155a8f17c51ac09013efa57bc007f303a
82101877b4694a5b91fd00ca4b1e0c22d43bd5eb08b7757ccd5e57e222a8c9a6
82b01959cc0372b3bc00ce2ff05bdfa6439aef4595ca1fadcb730e32275bb844
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
8342e859509bee6884a96707217fe2ec649de0aa8d6a041506bea4ec5b83e660
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
854e3fc2fbd7e0be0c62e8af3cb189304d5d27f6275c6a89f1f3ea4bc9dc0363
867791e500d7e643653ed9882a387d956093a82acbf854bbd9acf7c36bc0da28
874706b2b1311a0719b5267f7d1cf803057e367e94ae1ff7bf78c5450d30f5d4
89cb9bc8792ead963cdcfb66ef1aafb2e725871b89514a3d90eb21e429bead13
8ad0d9269b6c9d70212c0f251693f0b54a8161a1f7fe6233b6c616a57cb32315
8c31c97858196d93a06ad02300c31b25acbb40b1b6e63c11c77ac6644f0cff01
8d54a11c74a1582f66fedcd54dc815acaa0ef72c4da8ded50e861b0fe2183b16
8ea35788f24deb141dd976e3437087a8dfca4b734930a9aa3e6cd033cc658def
90368b5a3711b1777dc287f535cfc1be62b69a362a1af847558cb7c44c7f3974
98da4e695c13cfab6997df8e98a5e33cfc0541ee0a66aae15d169e7dd491f6d7
9a0c4301b6e804a7a808eb69694ed08567605811ae9bef1d3f19c88e20bdec92
9bc72da4ed73ff244bb57567fc3c93bf06214fb36e24402299d4c3c911e74a5b
9be1ec9191b7cd2ec5d19d87c0fc5526b5c05fcc58ce54c85401a6401b8111a0
9cd30c4bebbbda387960bdaa61d453da0e110f66d4c46d3ae01c913efdbdbb15
9dddde874818fbfdca967d672007c8842ef13a61ab43fe242342321fb5762b9b
9e7ea2b4ba8e2bcc4a964d6192e4671dc5f6863a1c7e35b52b229a3c1e67a68d
9f34b76bce47c04e802eeffb1f485a7918927515b9a280f4c45dc523a2729aa9
9f95fd2304d6305f2a62b9d6658974ac74f6fcf828aeb25cfe706686bb283b60
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
a0aab51f25c503011d439539cf636fe1bea87fb259ce5c58b3bfdaa4063393be
a16df2f75e04129b12a5fde7311c7ea9131418080fd3f6bcb2b28ce1faa2fe8e
a17818dfc67b1eb130d318b28bc5e15417013117ba07cc59052ba9c05f3111fa
a2ca5d2a435c4e1fe00d5d38b01bd4c21dda81a87fd61f6020f03aadfda034e1
a57b5242b9a9adc4c1ef846c365147b89c472b9cd770face331efcb965346b25
a5abe1baaa27ae92b90140e88b785041c32708e93da61d851c318d38766b4202
a627cdef47d90beb8922c69653ebe40592d9af103fb4e925c2dee8bc0615f83e
a9b3d26fead132e8b0bf1da948d0230ef3504e4274eb1152e8a48320519c6d7f
aabeed16c8dc11a0474658f8bad3e09f036c99e585f0b24fffa68fcb78c640e5
ac8778041fdb7f2e08ceb574c9a766247ea26f1a7d90fa854c4efcf4b361a957
adad90d2735f950cf6506010a3cc4b704a3d3213284f8f31c40fac6c4bf1ba3c
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b0b1b6ccfa5a09e69e2e1e89777043a637e23f5b9aecc0a3a86e04495804b239
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b1730289ee994a39aaff1b676f8b5895396e6f4abf56e909c4f0fd5b5140a2f1
b1c51120880f659bd4d1756a60a17d3fc5316f566f2bee85cca96d99a0924c16
b6a2e5a784d965c36f1b374aef25080a5d7456068764781d32bb2877c2bfb7e1
b6ee2fd7b63e59c8c95c90b1d8f2e2da58aba323b2f02b391a296762c0198409
b764827295efeaec3d7e091195a44e112f8407a82b8a6418dbd529ab6d15b48e
b88e04362b9c04dc3abb9ce2ae93647b9a58fc28358b303940b5b1f36e7fe2aa
b93eda831467a0b68d837374261f27fc68a4792af70f4482898feaffdd3efdc7
b95b07a9985f4df8cc8b5fe6974faf78becbb570e2df44dfd72aa00d60bf7bf4
bc2dce049e03a544cb7cb188696f0ace68b2b6bfcb9f02f72b3be0cb26d10aa6
bc78f50b6e27078e91fe318c8ebdc52bac6cabbe5c298f471bc60292e126e1a5
bc85a95b298592482135f920781a202d32b35712fec69e744be43e9a3c721daa
c16ad98896e97f388c8a6448c5e54d7e52875c0fc65d6d8820cd9d583a812f39
c2d83ad40a286051bd88ec3207cfeccf2e94ad85e777d9fe84708256f37ace14
c3ddc4a0f61e3e2dfd52cde91c21d8c1dbbf5803b347d6d724e6127d35047bb0
c402ed386916ee7c827a6decccbb06e131141cde68e8d74bb0053d2a4b24105e
c57504aa8371478f20f11989080c9b87951c48f258d518c379b9a1ad9900f46b
c6e1aee5fdee4990155ef791c8d74f98935a89696863368b12f51cde8d1b7570
c70c76846a8e9bf632e225948393882141c6ddb3ebab4ce1be1aa5deda981de3
c770fbeddf4e10189b4f4a7db3d911a90f359e631153d62ec0d8b21227b958aa
c81f8531af91e475374160a85fc008bfd60e39c24fb03c98e85fc498cab535b1
c899f3fd2c3b088c82ba325aa90d86973fdbf210b0d7f933a6b6c3348041f7e9
ce54b04189785e70833abbf94a6b9190378afbab6de6ef04167db6f986b594b9
cf258bcf3f345a9c4f4fd24a9f0e0ba5e6b225789e1eebf148efb732ff523750
cfdbc5777285189566eb2614dce381a1fc5500be59b887afc2c9e05f570d91c8
d03c48dd4209a688778eaf286b4864bfb8a4c8c5bf8fa23e1034c68800e61d8a
d12bf6f2eb90f3cc37a14575c7d7e86ada7ab3a1e7cc641207e95641e5a32e2c
d905e1694f82c103d6b96ef8b9ddaa434a03e117c7dafe35868a2af7c1c402bf
d9f2e0a1bc226916b01541b994a337443b58e345b15c0be56b5ce69ccf147054
da6e91ff998c140d224c4a49df76e14f1fc35ae136875cff7a78f3942132090a
dbf2c11eb36dbb742f336ed3f5ba745a04ba41478f51ed98224ad0cdc7baad3c
dc19c2e40e42974f0416a3f4cc97e2dbb85a5b5598b76a75e9254164922e7be0
dc5d50565f09834264b26d6bfd04d64593e088f2a84f0aadd372907acb7002a0
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
de2bbd8e0b32f53a53c1729bedb350cea59e9115fba4f2bed8e2e3dd1f76d9fa
ded374ed7c1afb99ee25d9415515dcf82eb963535fae60c2b8ceda01ef57e078
e1b88fddc80876aaccc7f3dea0efe00bbb64f8ea1cdda84d9d3c4f17688c8804
e2b128a72c6e2c5bc7c526c24799ae8b83a2c32ad25f71c3acc14c7c6e2e1469
e3587c8b92ff35354b032e274bc1a1c32deea1fb4d58502d109414eb99e87455
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e441c3e2771625ba05630ab464275136a82c99650ee2145ca5aa9853bedeb01b
e5def7b64a40d2dd4da526de10a1168cd6d5165a3d54f45b240288c1a677bb0d
e9947f9559c7f47cad1ac014457d0fc4b18102c5aae6ef6db5b26648b93fa9a3
eb4b7a1be5f80c37ac74daa6f20b193b24414f23da856ad2560a0053e65a2cb7
ed7f19698ca4d3fb8898052377e05f9c854c04615ae944240a3069fbb4e3b8e0
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f25368bce4de6aeb2b4491ee41ec963bd2658c1fed05fe2994fb8e4f35d1af97
f3f862559d0bdb30c5c1332060e56479726ab5555cd143b01f7f017aac9bf574
f4007a847abc4399c1a96d516763161315a841de3cfa7760df9523345efc56f3
f8331bd4947c124e1f887af753e58d046b1a5bb8079f00e598c7da9618ee9365
fa6626f8fab9373204ac676af662400e87bcead5cd2899b05fa264e7251c6dca
faa5cc8b0c24e3b10d9793f9059810ba412ee6169b47554607e73b4fc27aa42d
fb8abf4975a70816d1ecb0e3dff7ed44ff73201795790a55b4abfb0d1b6d162f
fbc9cd141fc1dbf51361664080b10a6ca15d0f29c73fd27ab6707a8ad09f843f
fbf8ab57db7f9981bd71d79c7daaa01a3c578ffa0aa8e9b4a9b2bfe2e9927427
fc1d94f50dd3822e1e53cb96af4f040d2ad8b5c7b984bae5e84efc7641acfada
fed30dc4b5e541ebaafb3f79656b5b6e099573582621535f8e47c7e8ec4cf92d
fef9445962ee41d926cf1794d3bf01ec91c0d4f9c1ef80a62a9d64137520031e

www.tmp.kuredu.com Open in urlscan Pro 35.214.92.101 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

309 Requests

99 %HTTPS

39 %IPv6

44 Domains

64 Subdomains

59 IPs

7 Countries

7857 kBTransfer

14966 kBSize

20 Cookies

53 Outgoing links

Redirected requests

309 HTTP transactions Everything HTML Script AJAX CSS Image Expand all -1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.tmp.kuredu.com Open in urlscan Pro
35.214.92.101 Public Scan

Screenshot
Live screenshot

Full Image

309
Requests

99 %
HTTPS

39 %
IPv6

44
Domains

64
Subdomains

59
IPs

7
Countries

7857 kB
Transfer

14966 kB
Size

20
Cookies

309 HTTP transactions
-1 data transactions