GET
H2
|
200
|
Primary Request
/
Show response
thesandboxhanaleibay.buy-ondemand.com/
Redirect Chain
-
https://1hbca137.l-it.us/
-
https://thesandboxhanaleibay.buy-ondemand.com/?Cabana=137
|
9 KB
4 KB
|
302ms
94ms
|
Document
text/html |
23.99.12.114
MICROSOFT-CORP-MS...
|
|
General
- Full URL
- https://thesandboxhanaleibay.buy-ondemand.com/?Cabana=137
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
23.99.12.114
San Jose, United States,
ASN8075
(MICROSOFT-CORP-MSN-AS-BLOCK, US),
- Reverse DNS
- Software
-
/
- Resource Hash
- 6b508f2f53b70d769781668d6a47663bd350ab560a780f85a70c0eb01d574f5c
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' *.cardinalcommerce.com *.google.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; font-src 'self' data: *.gstatic.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; img-src 'self' data: *.gstatic.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; script-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.cardinalcommerce.com *.cookielaw.org *.googleapis.com *.freedompay.com *.cardinalcommerce.com *.google-analytics.com *.googletagmanager.com *.google.com *.facebook.net *.stripe.com *.nr-data.net *.fontawesome.com *.pingdom.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; style-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.googleapis.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; connect-src 'self' *.dcap.com *.shift4test.com *.i4go.com *.google.com google.com *.cardinalcommerce.com *.google-analytics.com *.facebook.com *.disneylandparis.com *.disney.com *.locize.io *.nr-data.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.fontawesome.com *.rguest.eu *.pingdom.net *.onetrust.com *.cookielaw.org; frame-ancestors 'self' *.istay.io *.dcap.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; form-action 'self' *.dcap.com *.facebook.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; frame-src 'self' intent: *.naver.com *.dcap.com *.samsung.com *.hyundaicard.com *.hanacard.co.kr *.vpay.co.kr *.wooricard.com *.kbcard.com *.nonghyup.com *.lottecard.co.kr *.samsungcard.co.kr *.citibank.co.kr *.kakao.com *.facebook.com *.shift4test.com *.i4go.com *.easypay.co.kr *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; object-src 'none' |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
deny |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
app-c957db7d91d9192e2981.css
ondemand-cdn-static-asset-prod-westus.rguest.com/static/assets/build/
|
3 MB
829 KB
|
325ms
56ms
|
Stylesheet
text/css |
2620:1ec:46::40
MICROSOFT-CORP-MS...
|
|
General
- Full URL
- https://ondemand-cdn-static-asset-prod-westus.rguest.com/static/assets/build/app-c957db7d91d9192e2981.css
- Requested by
- Host: thesandboxhanaleibay.buy-ondemand.com
URL: https://thesandboxhanaleibay.buy-ondemand.com/?Cabana=137
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2620:1ec:46::40
, United States,
ASN8075
(MICROSOFT-CORP-MSN-AS-BLOCK, US),
- Reverse DNS
- Software
-
/
- Resource Hash
- ea9a1d1e8faf7e80c4355a14834125dfc5a300d828fc6d284afd0c4017c9ee83
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' *.cardinalcommerce.com *.google.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; font-src 'self' data: *.gstatic.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; img-src 'self' data: *.gstatic.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; script-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.cardinalcommerce.com *.cookielaw.org *.googleapis.com *.freedompay.com *.cardinalcommerce.com *.google-analytics.com *.googletagmanager.com *.google.com *.facebook.net *.stripe.com *.nr-data.net *.fontawesome.com *.pingdom.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; style-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.googleapis.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; connect-src 'self' *.dcap.com *.shift4test.com *.i4go.com *.google.com google.com *.cardinalcommerce.com *.google-analytics.com *.facebook.com *.disneylandparis.com *.disney.com *.locize.io *.nr-data.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.fontawesome.com *.rguest.eu *.pingdom.net *.onetrust.com *.cookielaw.org; frame-ancestors 'self' *.istay.io *.dcap.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; form-action 'self' *.dcap.com *.facebook.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; frame-src 'self' intent: *.naver.com *.dcap.com *.samsung.com *.hyundaicard.com *.hanacard.co.kr *.vpay.co.kr *.wooricard.com *.kbcard.com *.nonghyup.com *.lottecard.co.kr *.samsungcard.co.kr *.citibank.co.kr *.kakao.com *.facebook.com *.shift4test.com *.i4go.com *.easypay.co.kr *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; object-src 'none' |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
deny |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
app-bundle-59065667c94d1f291d03.js
Show response
ondemand-cdn-static-asset-prod-westus.rguest.com/static/assets/build/
|
8 MB
2 MB
|
349ms
85ms
|
Script
application/javascript |
2620:1ec:46::40
MICROSOFT-CORP-MS...
|
|
General
- Full URL
- https://ondemand-cdn-static-asset-prod-westus.rguest.com/static/assets/build/app-bundle-59065667c94d1f291d03.js
- Requested by
- Host: thesandboxhanaleibay.buy-ondemand.com
URL: https://thesandboxhanaleibay.buy-ondemand.com/?Cabana=137
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2620:1ec:46::40
, United States,
ASN8075
(MICROSOFT-CORP-MSN-AS-BLOCK, US),
- Reverse DNS
- Software
-
/
- Resource Hash
- 530598ed8f550a8c6a91173e264bb4b55fa8f21964e71a524e7bed6a214ab438
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' *.cardinalcommerce.com *.google.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; font-src 'self' data: *.gstatic.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; img-src 'self' data: *.gstatic.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; script-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.cardinalcommerce.com *.cookielaw.org *.googleapis.com *.freedompay.com *.cardinalcommerce.com *.google-analytics.com *.googletagmanager.com *.google.com *.facebook.net *.stripe.com *.nr-data.net *.fontawesome.com *.pingdom.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; style-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.googleapis.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; connect-src 'self' *.dcap.com *.shift4test.com *.i4go.com *.google.com google.com *.cardinalcommerce.com *.google-analytics.com *.facebook.com *.disneylandparis.com *.disney.com *.locize.io *.nr-data.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.fontawesome.com *.rguest.eu *.pingdom.net *.onetrust.com *.cookielaw.org; frame-ancestors 'self' *.istay.io *.dcap.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; form-action 'self' *.dcap.com *.facebook.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; frame-src 'self' intent: *.naver.com *.dcap.com *.samsung.com *.hyundaicard.com *.hanacard.co.kr *.vpay.co.kr *.wooricard.com *.kbcard.com *.nonghyup.com *.lottecard.co.kr *.samsungcard.co.kr *.citibank.co.kr *.kakao.com *.facebook.com *.shift4test.com *.i4go.com *.easypay.co.kr *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; object-src 'none' |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
deny |
X-Xss-Protection |
1; mode=block |
|
PUT
H2
|
200
|
anonymous
Show response
thesandboxhanaleibay.buy-ondemand.com/api/login/
|
7 B
3 KB
|
271ms
270ms
|
XHR
text/html |
23.99.12.114
MICROSOFT-CORP-MS...
|
|
General
- Full URL
- https://thesandboxhanaleibay.buy-ondemand.com/api/login/anonymous
- Requested by
- Host: ondemand-cdn-static-asset-prod-westus.rguest.com
URL: https://ondemand-cdn-static-asset-prod-westus.rguest.com/static/assets/build/app-bundle-59065667c94d1f291d03.js
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
23.99.12.114
San Jose, United States,
ASN8075
(MICROSOFT-CORP-MSN-AS-BLOCK, US),
- Reverse DNS
- Software
-
/
- Resource Hash
- c88a0b907419a70c27ab7c1f8e5fb54441a4d9c3567e4c928fa7b2091194aecf
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' *.cardinalcommerce.com *.google.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; font-src 'self' data: *.gstatic.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; img-src 'self' data: *.gstatic.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; script-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.cardinalcommerce.com *.cookielaw.org *.googleapis.com *.freedompay.com *.cardinalcommerce.com *.google-analytics.com *.googletagmanager.com *.google.com *.facebook.net *.stripe.com *.nr-data.net *.fontawesome.com *.pingdom.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; style-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.googleapis.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; connect-src 'self' *.dcap.com *.shift4test.com *.i4go.com *.google.com google.com *.cardinalcommerce.com *.google-analytics.com *.facebook.com *.disneylandparis.com *.disney.com *.locize.io *.nr-data.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.fontawesome.com *.rguest.eu *.pingdom.net *.onetrust.com *.cookielaw.org; frame-ancestors 'self' *.istay.io *.dcap.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; form-action 'self' *.dcap.com *.facebook.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; frame-src 'self' intent: *.naver.com *.dcap.com *.samsung.com *.hyundaicard.com *.hanacard.co.kr *.vpay.co.kr *.wooricard.com *.kbcard.com *.nonghyup.com *.lottecard.co.kr *.samsungcard.co.kr *.citibank.co.kr *.kakao.com *.facebook.com *.shift4test.com *.i4go.com *.easypay.co.kr *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; object-src 'none' |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
deny |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
0-678f6ebbec2ecf547061.css
ondemand-cdn-static-asset-prod-westus.rguest.com/static/assets/build/
|
21 KB
5 KB
|
46ms
29ms
|
Stylesheet
text/css |
2620:1ec:46::40
MICROSOFT-CORP-MS...
|
|
General
- Full URL
- https://ondemand-cdn-static-asset-prod-westus.rguest.com/static/assets/build/0-678f6ebbec2ecf547061.css
- Requested by
- Host: ondemand-cdn-static-asset-prod-westus.rguest.com
URL: https://ondemand-cdn-static-asset-prod-westus.rguest.com/static/assets/build/app-bundle-59065667c94d1f291d03.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2620:1ec:46::40
, United States,
ASN8075
(MICROSOFT-CORP-MSN-AS-BLOCK, US),
- Reverse DNS
- Software
-
/
- Resource Hash
- 6fc4f54c474148b9c2a2a6a2f4031dd88ca6daa5e8c379d8642cdd1590613715
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' *.cardinalcommerce.com *.google.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; font-src 'self' data: *.gstatic.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; img-src 'self' data: *.gstatic.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; script-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.cardinalcommerce.com *.cookielaw.org *.googleapis.com *.freedompay.com *.cardinalcommerce.com *.google-analytics.com *.googletagmanager.com *.google.com *.facebook.net *.stripe.com *.nr-data.net *.fontawesome.com *.pingdom.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; style-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.googleapis.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; connect-src 'self' *.dcap.com *.shift4test.com *.i4go.com *.google.com google.com *.cardinalcommerce.com *.google-analytics.com *.facebook.com *.disneylandparis.com *.disney.com *.locize.io *.nr-data.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.fontawesome.com *.rguest.eu *.pingdom.net *.onetrust.com *.cookielaw.org; frame-ancestors 'self' *.istay.io *.dcap.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; form-action 'self' *.dcap.com *.facebook.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; frame-src 'self' intent: *.naver.com *.dcap.com *.samsung.com *.hyundaicard.com *.hanacard.co.kr *.vpay.co.kr *.wooricard.com *.kbcard.com *.nonghyup.com *.lottecard.co.kr *.samsungcard.co.kr *.citibank.co.kr *.kakao.com *.facebook.com *.shift4test.com *.i4go.com *.easypay.co.kr *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; object-src 'none' |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
deny |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
0-bundle-0f4357f56f1c9e812786.js
Show response
ondemand-cdn-static-asset-prod-westus.rguest.com/static/assets/build/
|
1 MB
176 KB
|
47ms
30ms
|
Script
application/javascript |
2620:1ec:46::40
MICROSOFT-CORP-MS...
|
|
General
- Full URL
- https://ondemand-cdn-static-asset-prod-westus.rguest.com/static/assets/build/0-bundle-0f4357f56f1c9e812786.js
- Requested by
- Host: ondemand-cdn-static-asset-prod-westus.rguest.com
URL: https://ondemand-cdn-static-asset-prod-westus.rguest.com/static/assets/build/app-bundle-59065667c94d1f291d03.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2620:1ec:46::40
, United States,
ASN8075
(MICROSOFT-CORP-MSN-AS-BLOCK, US),
- Reverse DNS
- Software
-
/
- Resource Hash
- 30f69c4449c42e8beccd4a517e700a862ffa05066aa9b5720fc732dd26775948
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' *.cardinalcommerce.com *.google.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; font-src 'self' data: *.gstatic.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; img-src 'self' data: *.gstatic.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; script-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.cardinalcommerce.com *.cookielaw.org *.googleapis.com *.freedompay.com *.cardinalcommerce.com *.google-analytics.com *.googletagmanager.com *.google.com *.facebook.net *.stripe.com *.nr-data.net *.fontawesome.com *.pingdom.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; style-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.googleapis.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; connect-src 'self' *.dcap.com *.shift4test.com *.i4go.com *.google.com google.com *.cardinalcommerce.com *.google-analytics.com *.facebook.com *.disneylandparis.com *.disney.com *.locize.io *.nr-data.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.fontawesome.com *.rguest.eu *.pingdom.net *.onetrust.com *.cookielaw.org; frame-ancestors 'self' *.istay.io *.dcap.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; form-action 'self' *.dcap.com *.facebook.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; frame-src 'self' intent: *.naver.com *.dcap.com *.samsung.com *.hyundaicard.com *.hanacard.co.kr *.vpay.co.kr *.wooricard.com *.kbcard.com *.nonghyup.com *.lottecard.co.kr *.samsungcard.co.kr *.citibank.co.kr *.kakao.com *.facebook.com *.shift4test.com *.i4go.com *.easypay.co.kr *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; object-src 'none' |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
deny |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
2-bundle-91758dc63387c733835b.js
Show response
ondemand-cdn-static-asset-prod-westus.rguest.com/static/assets/build/
|
76 KB
16 KB
|
48ms
32ms
|
Script
application/javascript |
2620:1ec:46::40
MICROSOFT-CORP-MS...
|
|
General
- Full URL
- https://ondemand-cdn-static-asset-prod-westus.rguest.com/static/assets/build/2-bundle-91758dc63387c733835b.js
- Requested by
- Host: ondemand-cdn-static-asset-prod-westus.rguest.com
URL: https://ondemand-cdn-static-asset-prod-westus.rguest.com/static/assets/build/app-bundle-59065667c94d1f291d03.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2620:1ec:46::40
, United States,
ASN8075
(MICROSOFT-CORP-MSN-AS-BLOCK, US),
- Reverse DNS
- Software
-
/
- Resource Hash
- 52060cdfbb2290b54092eaab5c2f30f736e6028d560a7834066f692009a3c7e8
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' *.cardinalcommerce.com *.google.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; font-src 'self' data: *.gstatic.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; img-src 'self' data: *.gstatic.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; script-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.cardinalcommerce.com *.cookielaw.org *.googleapis.com *.freedompay.com *.cardinalcommerce.com *.google-analytics.com *.googletagmanager.com *.google.com *.facebook.net *.stripe.com *.nr-data.net *.fontawesome.com *.pingdom.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; style-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.googleapis.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; connect-src 'self' *.dcap.com *.shift4test.com *.i4go.com *.google.com google.com *.cardinalcommerce.com *.google-analytics.com *.facebook.com *.disneylandparis.com *.disney.com *.locize.io *.nr-data.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.fontawesome.com *.rguest.eu *.pingdom.net *.onetrust.com *.cookielaw.org; frame-ancestors 'self' *.istay.io *.dcap.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; form-action 'self' *.dcap.com *.facebook.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; frame-src 'self' intent: *.naver.com *.dcap.com *.samsung.com *.hyundaicard.com *.hanacard.co.kr *.vpay.co.kr *.wooricard.com *.kbcard.com *.nonghyup.com *.lottecard.co.kr *.samsungcard.co.kr *.citibank.co.kr *.kakao.com *.facebook.com *.shift4test.com *.i4go.com *.easypay.co.kr *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; object-src 'none' |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
deny |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
3-bundle-0a9724da2ef2440c69eb.js
Show response
ondemand-cdn-static-asset-prod-westus.rguest.com/static/assets/build/
|
250 KB
48 KB
|
43ms
32ms
|
Script
application/javascript |
2620:1ec:46::40
MICROSOFT-CORP-MS...
|
|
General
- Full URL
- https://ondemand-cdn-static-asset-prod-westus.rguest.com/static/assets/build/3-bundle-0a9724da2ef2440c69eb.js
- Requested by
- Host: ondemand-cdn-static-asset-prod-westus.rguest.com
URL: https://ondemand-cdn-static-asset-prod-westus.rguest.com/static/assets/build/app-bundle-59065667c94d1f291d03.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2620:1ec:46::40
, United States,
ASN8075
(MICROSOFT-CORP-MSN-AS-BLOCK, US),
- Reverse DNS
- Software
-
/
- Resource Hash
- 54d1c287f932cad7ff182da34dd5e7e4ebe4223aaa12c2d443b3518b7a27236d
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' *.cardinalcommerce.com *.google.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; font-src 'self' data: *.gstatic.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; img-src 'self' data: *.gstatic.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; script-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.cardinalcommerce.com *.cookielaw.org *.googleapis.com *.freedompay.com *.cardinalcommerce.com *.google-analytics.com *.googletagmanager.com *.google.com *.facebook.net *.stripe.com *.nr-data.net *.fontawesome.com *.pingdom.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; style-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.googleapis.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; connect-src 'self' *.dcap.com *.shift4test.com *.i4go.com *.google.com google.com *.cardinalcommerce.com *.google-analytics.com *.facebook.com *.disneylandparis.com *.disney.com *.locize.io *.nr-data.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.fontawesome.com *.rguest.eu *.pingdom.net *.onetrust.com *.cookielaw.org; frame-ancestors 'self' *.istay.io *.dcap.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; form-action 'self' *.dcap.com *.facebook.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; frame-src 'self' intent: *.naver.com *.dcap.com *.samsung.com *.hyundaicard.com *.hanacard.co.kr *.vpay.co.kr *.wooricard.com *.kbcard.com *.nonghyup.com *.lottecard.co.kr *.samsungcard.co.kr *.citibank.co.kr *.kakao.com *.facebook.com *.shift4test.com *.i4go.com *.easypay.co.kr *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; object-src 'none' |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
deny |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
agilysys-icon-d4d803d5f5f166a21136c07d266fd006.ttf
ondemand-cdn-static-asset-prod-westus.rguest.com/static/assets/build/
|
256 KB
117 KB
|
156ms
60ms
|
Font
font/ttf |
2620:1ec:46::40
MICROSOFT-CORP-MS...
|
|
General
- Full URL
- https://ondemand-cdn-static-asset-prod-westus.rguest.com/static/assets/build/agilysys-icon-d4d803d5f5f166a21136c07d266fd006.ttf
- Requested by
- Host: ondemand-cdn-static-asset-prod-westus.rguest.com
URL: https://ondemand-cdn-static-asset-prod-westus.rguest.com/static/assets/build/app-c957db7d91d9192e2981.css
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2620:1ec:46::40
, United States,
ASN8075
(MICROSOFT-CORP-MSN-AS-BLOCK, US),
- Reverse DNS
- Software
-
/
- Resource Hash
- 3acc573a80d88e155a6efd6488ec2f2f477496b00121cf206411f12509440fff
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' *.cardinalcommerce.com *.google.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; font-src 'self' data: *.gstatic.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; img-src 'self' data: *.gstatic.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; script-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.cardinalcommerce.com *.cookielaw.org *.googleapis.com *.freedompay.com *.cardinalcommerce.com *.google-analytics.com *.googletagmanager.com *.google.com *.facebook.net *.stripe.com *.nr-data.net *.fontawesome.com *.pingdom.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; style-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.googleapis.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; connect-src 'self' *.dcap.com *.shift4test.com *.i4go.com *.google.com google.com *.cardinalcommerce.com *.google-analytics.com *.facebook.com *.disneylandparis.com *.disney.com *.locize.io *.nr-data.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.fontawesome.com *.rguest.eu *.pingdom.net *.onetrust.com *.cookielaw.org; frame-ancestors 'self' *.istay.io *.dcap.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; form-action 'self' *.dcap.com *.facebook.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; frame-src 'self' intent: *.naver.com *.dcap.com *.samsung.com *.hyundaicard.com *.hanacard.co.kr *.vpay.co.kr *.wooricard.com *.kbcard.com *.nonghyup.com *.lottecard.co.kr *.samsungcard.co.kr *.citibank.co.kr *.kakao.com *.facebook.com *.shift4test.com *.i4go.com *.easypay.co.kr *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; object-src 'none' |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
deny |
X-Xss-Protection |
1; mode=block |
|
GET
DATA
|
200
OK
|
truncated
/
|
16 KB
16 KB
|
|
Font
font/woff2 |
|
|
|
GET
H2
|
200
|
favicon
thesandboxhanaleibay.buy-ondemand.com/api/image/
|
651 KB
654 KB
|
174ms
174ms
|
Other
image/png |
23.99.12.114
MICROSOFT-CORP-MS...
|
|
General
- Full URL
- https://thesandboxhanaleibay.buy-ondemand.com/api/image/favicon
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
23.99.12.114
San Jose, United States,
ASN8075
(MICROSOFT-CORP-MSN-AS-BLOCK, US),
- Reverse DNS
- Software
-
/
- Resource Hash
- 08022e30f496890870c31e59ab4e5956eec0d925fdfa1ffe55dc5f43c8ce4813
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' *.cardinalcommerce.com *.google.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; font-src 'self' data: *.gstatic.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; img-src 'self' data: *.gstatic.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; script-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.cardinalcommerce.com *.cookielaw.org *.googleapis.com *.freedompay.com *.cardinalcommerce.com *.google-analytics.com *.googletagmanager.com *.google.com *.facebook.net *.stripe.com *.nr-data.net *.fontawesome.com *.pingdom.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; style-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.googleapis.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; connect-src 'self' *.dcap.com *.shift4test.com *.i4go.com *.google.com google.com *.cardinalcommerce.com *.google-analytics.com *.facebook.com *.disneylandparis.com *.disney.com *.locize.io *.nr-data.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.fontawesome.com *.rguest.eu *.pingdom.net *.onetrust.com *.cookielaw.org; frame-ancestors 'self' *.istay.io *.dcap.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; form-action 'self' *.dcap.com *.facebook.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; frame-src 'self' intent: *.naver.com *.dcap.com *.samsung.com *.hyundaicard.com *.hanacard.co.kr *.vpay.co.kr *.wooricard.com *.kbcard.com *.nonghyup.com *.lottecard.co.kr *.samsungcard.co.kr *.citibank.co.kr *.kakao.com *.facebook.com *.shift4test.com *.i4go.com *.easypay.co.kr *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; object-src 'none' |
Strict-Transport-Security |
max-age=31536000; includeSubDomains, max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
SAMEORIGIN |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
config
Show response
thesandboxhanaleibay.buy-ondemand.com/api/
|
6 KB
4 KB
|
220ms
219ms
|
XHR
application/json |
23.99.12.114
MICROSOFT-CORP-MS...
|
|
General
- Full URL
- https://thesandboxhanaleibay.buy-ondemand.com/api/config
- Requested by
- Host: ondemand-cdn-static-asset-prod-westus.rguest.com
URL: https://ondemand-cdn-static-asset-prod-westus.rguest.com/static/assets/build/app-bundle-59065667c94d1f291d03.js
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
23.99.12.114
San Jose, United States,
ASN8075
(MICROSOFT-CORP-MSN-AS-BLOCK, US),
- Reverse DNS
- Software
-
/
- Resource Hash
- aa108a9a4ca0729216438b9aadb936bc2cfac4e646b32aac2c405e6b5c52258e
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' *.cardinalcommerce.com *.google.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; font-src 'self' data: *.gstatic.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; img-src 'self' data: *.gstatic.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; script-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.cardinalcommerce.com *.cookielaw.org *.googleapis.com *.freedompay.com *.cardinalcommerce.com *.google-analytics.com *.googletagmanager.com *.google.com *.facebook.net *.stripe.com *.nr-data.net *.fontawesome.com *.pingdom.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; style-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.googleapis.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; connect-src 'self' *.dcap.com *.shift4test.com *.i4go.com *.google.com google.com *.cardinalcommerce.com *.google-analytics.com *.facebook.com *.disneylandparis.com *.disney.com *.locize.io *.nr-data.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.fontawesome.com *.rguest.eu *.pingdom.net *.onetrust.com *.cookielaw.org; frame-ancestors 'self' *.istay.io *.dcap.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; form-action 'self' *.dcap.com *.facebook.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; frame-src 'self' intent: *.naver.com *.dcap.com *.samsung.com *.hyundaicard.com *.hanacard.co.kr *.vpay.co.kr *.wooricard.com *.kbcard.com *.nonghyup.com *.lottecard.co.kr *.samsungcard.co.kr *.citibank.co.kr *.kakao.com *.facebook.com *.shift4test.com *.i4go.com *.easypay.co.kr *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; object-src 'none' |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
deny |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
core
Show response
api.locize.io/838d5fce-27b5-4368-8c54-8fcb33577f9a/production/en/
|
109 KB
27 KB
|
245ms
78ms
|
XHR
application/json |
3.161.213.34
AMAZON-02
|
|
|
GET
H2
|
200
|
domain-thesandboxhanaleibay.buy-ondemand.com
Show response
api.locize.io/838d5fce-27b5-4368-8c54-8fcb33577f9a/production/en/
|
3 B
629 B
|
837ms
671ms
|
XHR
application/json |
3.161.213.34
AMAZON-02
|
|
|
OPTIONS
H2
|
200
|
091918_1Hotel_HB_logo_BLACK__07.png
ondemand-cdn-static-asset-prod-westus.rguest.com//api/image/2022/c8bff706-33c4-45fa-9fbd-90f940d0fe86/
|
0
0
|
107ms
105ms
|
Preflight
application/json |
2620:1ec:46::40
MICROSOFT-CORP-MS...
|
|
General
- Full URL
- https://ondemand-cdn-static-asset-prod-westus.rguest.com//api/image/2022/c8bff706-33c4-45fa-9fbd-90f940d0fe86/091918_1Hotel_HB_logo_BLACK__07.png
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2620:1ec:46::40
, United States,
ASN8075
(MICROSOFT-CORP-MSN-AS-BLOCK, US),
- Reverse DNS
- Software
-
/
- Resource Hash
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' *.cardinalcommerce.com *.google.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; font-src 'self' data: *.gstatic.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; img-src 'self' data: *.gstatic.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; script-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.cardinalcommerce.com *.cookielaw.org *.googleapis.com *.freedompay.com *.cardinalcommerce.com *.google-analytics.com *.googletagmanager.com *.google.com *.facebook.net *.stripe.com *.nr-data.net *.fontawesome.com *.pingdom.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; style-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.googleapis.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; connect-src 'self' *.dcap.com *.shift4test.com *.i4go.com *.google.com google.com *.cardinalcommerce.com *.google-analytics.com *.facebook.com *.disneylandparis.com *.disney.com *.locize.io *.nr-data.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.fontawesome.com *.rguest.eu *.pingdom.net *.onetrust.com *.cookielaw.org; frame-ancestors 'self' *.istay.io *.dcap.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; form-action 'self' *.dcap.com *.facebook.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; frame-src 'self' intent: *.naver.com *.dcap.com *.samsung.com *.hyundaicard.com *.hanacard.co.kr *.vpay.co.kr *.wooricard.com *.kbcard.com *.nonghyup.com *.lottecard.co.kr *.samsungcard.co.kr *.citibank.co.kr *.kakao.com *.facebook.com *.shift4test.com *.i4go.com *.easypay.co.kr *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; object-src 'none' |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
deny |
X-Xss-Protection |
1; mode=block |
|
OPTIONS
H2
|
200
|
DESKTOP%20BACKGROUND__08.png
ondemand-cdn-static-asset-prod-westus.rguest.com//api/image/2022/c8bff706-33c4-45fa-9fbd-90f940d0fe86/
|
0
0
|
106ms
104ms
|
Preflight
application/json |
2620:1ec:46::40
MICROSOFT-CORP-MS...
|
|
General
- Full URL
- https://ondemand-cdn-static-asset-prod-westus.rguest.com//api/image/2022/c8bff706-33c4-45fa-9fbd-90f940d0fe86/DESKTOP%20BACKGROUND__08.png
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2620:1ec:46::40
, United States,
ASN8075
(MICROSOFT-CORP-MSN-AS-BLOCK, US),
- Reverse DNS
- Software
-
/
- Resource Hash
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' *.cardinalcommerce.com *.google.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; font-src 'self' data: *.gstatic.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; img-src 'self' data: *.gstatic.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; script-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.cardinalcommerce.com *.cookielaw.org *.googleapis.com *.freedompay.com *.cardinalcommerce.com *.google-analytics.com *.googletagmanager.com *.google.com *.facebook.net *.stripe.com *.nr-data.net *.fontawesome.com *.pingdom.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; style-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.googleapis.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; connect-src 'self' *.dcap.com *.shift4test.com *.i4go.com *.google.com google.com *.cardinalcommerce.com *.google-analytics.com *.facebook.com *.disneylandparis.com *.disney.com *.locize.io *.nr-data.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.fontawesome.com *.rguest.eu *.pingdom.net *.onetrust.com *.cookielaw.org; frame-ancestors 'self' *.istay.io *.dcap.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; form-action 'self' *.dcap.com *.facebook.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; frame-src 'self' intent: *.naver.com *.dcap.com *.samsung.com *.hyundaicard.com *.hanacard.co.kr *.vpay.co.kr *.wooricard.com *.kbcard.com *.nonghyup.com *.lottecard.co.kr *.samsungcard.co.kr *.citibank.co.kr *.kakao.com *.facebook.com *.shift4test.com *.i4go.com *.easypay.co.kr *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; object-src 'none' |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
deny |
X-Xss-Protection |
1; mode=block |
|
GET
DATA
|
200
OK
|
truncated
/
|
15 KB
15 KB
|
|
Font
font/woff2 |
|
|
|
GET
H2
|
200
|
closed_sign.png
thesandboxhanaleibay.buy-ondemand.com/static/assets/
|
2 KB
5 KB
|
96ms
94ms
|
Image
image/png |
23.99.12.114
MICROSOFT-CORP-MS...
|
|
General
- Full URL
- https://thesandboxhanaleibay.buy-ondemand.com/static/assets/closed_sign.png
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
23.99.12.114
San Jose, United States,
ASN8075
(MICROSOFT-CORP-MSN-AS-BLOCK, US),
- Reverse DNS
- Software
-
/
- Resource Hash
- 21a773458b1b75151f667e1afe7e5d9725421293eedc6574cff7e8c47b1fb318
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' *.cardinalcommerce.com *.google.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; font-src 'self' data: *.gstatic.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; img-src 'self' data: *.gstatic.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; script-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.cardinalcommerce.com *.cookielaw.org *.googleapis.com *.freedompay.com *.cardinalcommerce.com *.google-analytics.com *.googletagmanager.com *.google.com *.facebook.net *.stripe.com *.nr-data.net *.fontawesome.com *.pingdom.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; style-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.googleapis.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; connect-src 'self' *.dcap.com *.shift4test.com *.i4go.com *.google.com google.com *.cardinalcommerce.com *.google-analytics.com *.facebook.com *.disneylandparis.com *.disney.com *.locize.io *.nr-data.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.fontawesome.com *.rguest.eu *.pingdom.net *.onetrust.com *.cookielaw.org; frame-ancestors 'self' *.istay.io *.dcap.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; form-action 'self' *.dcap.com *.facebook.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; frame-src 'self' intent: *.naver.com *.dcap.com *.samsung.com *.hyundaicard.com *.hanacard.co.kr *.vpay.co.kr *.wooricard.com *.kbcard.com *.nonghyup.com *.lottecard.co.kr *.samsungcard.co.kr *.citibank.co.kr *.kakao.com *.facebook.com *.shift4test.com *.i4go.com *.easypay.co.kr *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; object-src 'none' |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
deny |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
091918_1Hotel_HB_logo_BLACK__07.png
Show response
ondemand-cdn-static-asset-prod-westus.rguest.com//api/image/2022/c8bff706-33c4-45fa-9fbd-90f940d0fe86/
|
40 KB
42 KB
|
598ms
597ms
|
XHR
application/octet-stream |
2620:1ec:46::40
MICROSOFT-CORP-MS...
|
|
General
- Full URL
- https://ondemand-cdn-static-asset-prod-westus.rguest.com//api/image/2022/c8bff706-33c4-45fa-9fbd-90f940d0fe86/091918_1Hotel_HB_logo_BLACK__07.png
- Requested by
- Host: ondemand-cdn-static-asset-prod-westus.rguest.com
URL: https://ondemand-cdn-static-asset-prod-westus.rguest.com/static/assets/build/app-bundle-59065667c94d1f291d03.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2620:1ec:46::40
, United States,
ASN8075
(MICROSOFT-CORP-MSN-AS-BLOCK, US),
- Reverse DNS
- Software
-
/
- Resource Hash
- 4a74af885c998d4868f9477ac82e8818db768ca299d16b268c1dc2ee698bf80d
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' *.cardinalcommerce.com *.google.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; font-src 'self' data: *.gstatic.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; img-src 'self' data: *.gstatic.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; script-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.cardinalcommerce.com *.cookielaw.org *.googleapis.com *.freedompay.com *.cardinalcommerce.com *.google-analytics.com *.googletagmanager.com *.google.com *.facebook.net *.stripe.com *.nr-data.net *.fontawesome.com *.pingdom.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; style-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.googleapis.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; connect-src 'self' *.dcap.com *.shift4test.com *.i4go.com *.google.com google.com *.cardinalcommerce.com *.google-analytics.com *.facebook.com *.disneylandparis.com *.disney.com *.locize.io *.nr-data.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.fontawesome.com *.rguest.eu *.pingdom.net *.onetrust.com *.cookielaw.org; frame-ancestors 'self' *.istay.io *.dcap.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; form-action 'self' *.dcap.com *.facebook.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; frame-src 'self' intent: *.naver.com *.dcap.com *.samsung.com *.hyundaicard.com *.hanacard.co.kr *.vpay.co.kr *.wooricard.com *.kbcard.com *.nonghyup.com *.lottecard.co.kr *.samsungcard.co.kr *.citibank.co.kr *.kakao.com *.facebook.com *.shift4test.com *.i4go.com *.easypay.co.kr *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; object-src 'none' |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
deny |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
DESKTOP%20BACKGROUND__08.png
Show response
ondemand-cdn-static-asset-prod-westus.rguest.com//api/image/2022/c8bff706-33c4-45fa-9fbd-90f940d0fe86/
|
1 MB
1 MB
|
367ms
365ms
|
XHR
application/octet-stream |
2620:1ec:46::40
MICROSOFT-CORP-MS...
|
|
General
- Full URL
- https://ondemand-cdn-static-asset-prod-westus.rguest.com//api/image/2022/c8bff706-33c4-45fa-9fbd-90f940d0fe86/DESKTOP%20BACKGROUND__08.png
- Requested by
- Host: ondemand-cdn-static-asset-prod-westus.rguest.com
URL: https://ondemand-cdn-static-asset-prod-westus.rguest.com/static/assets/build/app-bundle-59065667c94d1f291d03.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2620:1ec:46::40
, United States,
ASN8075
(MICROSOFT-CORP-MSN-AS-BLOCK, US),
- Reverse DNS
- Software
-
/
- Resource Hash
- 53d9c9c22fad10b1cca4b283b5d026dc897acbd75780cde25925427efa155a60
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' *.cardinalcommerce.com *.google.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; font-src 'self' data: *.gstatic.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; img-src 'self' data: *.gstatic.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; script-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.cardinalcommerce.com *.cookielaw.org *.googleapis.com *.freedompay.com *.cardinalcommerce.com *.google-analytics.com *.googletagmanager.com *.google.com *.facebook.net *.stripe.com *.nr-data.net *.fontawesome.com *.pingdom.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; style-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.googleapis.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; connect-src 'self' *.dcap.com *.shift4test.com *.i4go.com *.google.com google.com *.cardinalcommerce.com *.google-analytics.com *.facebook.com *.disneylandparis.com *.disney.com *.locize.io *.nr-data.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.fontawesome.com *.rguest.eu *.pingdom.net *.onetrust.com *.cookielaw.org; frame-ancestors 'self' *.istay.io *.dcap.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; form-action 'self' *.dcap.com *.facebook.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; frame-src 'self' intent: *.naver.com *.dcap.com *.samsung.com *.hyundaicard.com *.hanacard.co.kr *.vpay.co.kr *.wooricard.com *.kbcard.com *.nonghyup.com *.lottecard.co.kr *.samsungcard.co.kr *.citibank.co.kr *.kakao.com *.facebook.com *.shift4test.com *.i4go.com *.easypay.co.kr *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; object-src 'none' |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
deny |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
2022
Show response
thesandboxhanaleibay.buy-ondemand.com/api/sites/
|
6 KB
4 KB
|
188ms
188ms
|
XHR
application/json |
23.99.12.114
MICROSOFT-CORP-MS...
|
|
General
- Full URL
- https://thesandboxhanaleibay.buy-ondemand.com/api/sites/2022
- Requested by
- Host: ondemand-cdn-static-asset-prod-westus.rguest.com
URL: https://ondemand-cdn-static-asset-prod-westus.rguest.com/static/assets/build/app-bundle-59065667c94d1f291d03.js
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
23.99.12.114
San Jose, United States,
ASN8075
(MICROSOFT-CORP-MSN-AS-BLOCK, US),
- Reverse DNS
- Software
-
/
- Resource Hash
- decd9b7029bbbfaeb1c1274b74f0773940eba4a3b5b21081030b2134cde2a468
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' *.cardinalcommerce.com *.google.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; font-src 'self' data: *.gstatic.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; img-src 'self' data: *.gstatic.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; script-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.cardinalcommerce.com *.cookielaw.org *.googleapis.com *.freedompay.com *.cardinalcommerce.com *.google-analytics.com *.googletagmanager.com *.google.com *.facebook.net *.stripe.com *.nr-data.net *.fontawesome.com *.pingdom.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; style-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.googleapis.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; connect-src 'self' *.dcap.com *.shift4test.com *.i4go.com *.google.com google.com *.cardinalcommerce.com *.google-analytics.com *.facebook.com *.disneylandparis.com *.disney.com *.locize.io *.nr-data.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.fontawesome.com *.rguest.eu *.pingdom.net *.onetrust.com *.cookielaw.org; frame-ancestors 'self' *.istay.io *.dcap.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; form-action 'self' *.dcap.com *.facebook.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; frame-src 'self' intent: *.naver.com *.dcap.com *.samsung.com *.hyundaicard.com *.hanacard.co.kr *.vpay.co.kr *.wooricard.com *.kbcard.com *.nonghyup.com *.lottecard.co.kr *.samsungcard.co.kr *.citibank.co.kr *.kakao.com *.facebook.com *.shift4test.com *.i4go.com *.easypay.co.kr *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; object-src 'none' |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
deny |
X-Xss-Protection |
1; mode=block |
|
POST
H2
|
200
|
getKitchenLeadTimesForHomePage
Show response
thesandboxhanaleibay.buy-ondemand.com/api/sites/2022/
|
289 B
2 KB
|
244ms
243ms
|
XHR
application/json |
23.99.12.114
MICROSOFT-CORP-MS...
|
|
General
- Full URL
- https://thesandboxhanaleibay.buy-ondemand.com/api/sites/2022/getKitchenLeadTimesForHomePage
- Requested by
- Host: ondemand-cdn-static-asset-prod-westus.rguest.com
URL: https://ondemand-cdn-static-asset-prod-westus.rguest.com/static/assets/build/app-bundle-59065667c94d1f291d03.js
- Protocol
- H2
- Security
- TLS 1.2,
ECDHE_RSA, AES_128_GCM
- Server
-
23.99.12.114
San Jose, United States,
ASN8075
(MICROSOFT-CORP-MSN-AS-BLOCK, US),
- Reverse DNS
- Software
-
/
- Resource Hash
- e4d39530c08e37717fa557eae0d35197c43e8eb830421fd386f6dca32eeda96d
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' *.cardinalcommerce.com *.google.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; font-src 'self' data: *.gstatic.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; img-src 'self' data: *.gstatic.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; script-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.cardinalcommerce.com *.cookielaw.org *.googleapis.com *.freedompay.com *.cardinalcommerce.com *.google-analytics.com *.googletagmanager.com *.google.com *.facebook.net *.stripe.com *.nr-data.net *.fontawesome.com *.pingdom.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; style-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.googleapis.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; connect-src 'self' *.dcap.com *.shift4test.com *.i4go.com *.google.com google.com *.cardinalcommerce.com *.google-analytics.com *.facebook.com *.disneylandparis.com *.disney.com *.locize.io *.nr-data.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.fontawesome.com *.rguest.eu *.pingdom.net *.onetrust.com *.cookielaw.org; frame-ancestors 'self' *.istay.io *.dcap.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; form-action 'self' *.dcap.com *.facebook.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; frame-src 'self' intent: *.naver.com *.dcap.com *.samsung.com *.hyundaicard.com *.hanacard.co.kr *.vpay.co.kr *.wooricard.com *.kbcard.com *.nonghyup.com *.lottecard.co.kr *.samsungcard.co.kr *.citibank.co.kr *.kakao.com *.facebook.com *.shift4test.com *.i4go.com *.easypay.co.kr *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; object-src 'none' |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
deny |
X-Xss-Protection |
1; mode=block |
|
OPTIONS
H2
|
200
|
DESKTOP%20BACKGROUND__08.png
ondemand-cdn-static-asset-prod-westus.rguest.com//api/image/2022/c8bff706-33c4-45fa-9fbd-90f940d0fe86/
|
0
0
|
212ms
212ms
|
Preflight
application/json |
2620:1ec:46::40
MICROSOFT-CORP-MS...
|
|
General
- Full URL
- https://ondemand-cdn-static-asset-prod-westus.rguest.com//api/image/2022/c8bff706-33c4-45fa-9fbd-90f940d0fe86/DESKTOP%20BACKGROUND__08.png
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2620:1ec:46::40
, United States,
ASN8075
(MICROSOFT-CORP-MSN-AS-BLOCK, US),
- Reverse DNS
- Software
-
/
- Resource Hash
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' *.cardinalcommerce.com *.google.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; font-src 'self' data: *.gstatic.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; img-src 'self' data: *.gstatic.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; script-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.cardinalcommerce.com *.cookielaw.org *.googleapis.com *.freedompay.com *.cardinalcommerce.com *.google-analytics.com *.googletagmanager.com *.google.com *.facebook.net *.stripe.com *.nr-data.net *.fontawesome.com *.pingdom.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; style-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.googleapis.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; connect-src 'self' *.dcap.com *.shift4test.com *.i4go.com *.google.com google.com *.cardinalcommerce.com *.google-analytics.com *.facebook.com *.disneylandparis.com *.disney.com *.locize.io *.nr-data.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.fontawesome.com *.rguest.eu *.pingdom.net *.onetrust.com *.cookielaw.org; frame-ancestors 'self' *.istay.io *.dcap.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; form-action 'self' *.dcap.com *.facebook.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; frame-src 'self' intent: *.naver.com *.dcap.com *.samsung.com *.hyundaicard.com *.hanacard.co.kr *.vpay.co.kr *.wooricard.com *.kbcard.com *.nonghyup.com *.lottecard.co.kr *.samsungcard.co.kr *.citibank.co.kr *.kakao.com *.facebook.com *.shift4test.com *.i4go.com *.easypay.co.kr *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; object-src 'none' |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
deny |
X-Xss-Protection |
1; mode=block |
|
GET
H2
|
200
|
DESKTOP%20BACKGROUND__08.png
ondemand-cdn-static-asset-prod-westus.rguest.com//api/image/2022/c8bff706-33c4-45fa-9fbd-90f940d0fe86/
|
1 MB
1 MB
|
271ms
270ms
|
XHR
application/octet-stream |
2620:1ec:46::40
MICROSOFT-CORP-MS...
|
|
General
- Full URL
- https://ondemand-cdn-static-asset-prod-westus.rguest.com//api/image/2022/c8bff706-33c4-45fa-9fbd-90f940d0fe86/DESKTOP%20BACKGROUND__08.png
- Requested by
- Host: ondemand-cdn-static-asset-prod-westus.rguest.com
URL: https://ondemand-cdn-static-asset-prod-westus.rguest.com/static/assets/build/app-bundle-59065667c94d1f291d03.js
- Protocol
- H2
- Security
- TLS 1.3,
, AES_256_GCM
- Server
-
2620:1ec:46::40
, United States,
ASN8075
(MICROSOFT-CORP-MSN-AS-BLOCK, US),
- Reverse DNS
- Software
-
/
- Resource Hash
- Security Headers
-
Name |
Value |
Content-Security-Policy |
default-src 'self' *.cardinalcommerce.com *.google.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; font-src 'self' data: *.gstatic.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; img-src 'self' data: *.gstatic.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; script-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.cardinalcommerce.com *.cookielaw.org *.googleapis.com *.freedompay.com *.cardinalcommerce.com *.google-analytics.com *.googletagmanager.com *.google.com *.facebook.net *.stripe.com *.nr-data.net *.fontawesome.com *.pingdom.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.cookielaw.org; style-src 'self' 'unsafe-inline' *.dcap.com *.shift4test.com *.i4go.com *.googleapis.com *.fontawesome.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg; connect-src 'self' *.dcap.com *.shift4test.com *.i4go.com *.google.com google.com *.cardinalcommerce.com *.google-analytics.com *.facebook.com *.disneylandparis.com *.disney.com *.locize.io *.nr-data.net *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.fontawesome.com *.rguest.eu *.pingdom.net *.onetrust.com *.cookielaw.org; frame-ancestors 'self' *.istay.io *.dcap.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; form-action 'self' *.dcap.com *.facebook.com *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; frame-src 'self' intent: *.naver.com *.dcap.com *.samsung.com *.hyundaicard.com *.hanacard.co.kr *.vpay.co.kr *.wooricard.com *.kbcard.com *.nonghyup.com *.lottecard.co.kr *.samsungcard.co.kr *.citibank.co.kr *.kakao.com *.facebook.com *.shift4test.com *.i4go.com *.easypay.co.kr *.cardinalcommerce.com *.alipaydev.com *.alipay.com *.citconpay.com *.hospitalityrevolution.com *.rguest.com *.rguest.eu *.rguest.sg *.google.com *.stripe.com *.windcave.com *.rguest.eu *.alipay.com *.cybersource.com *.freedompay.com; object-src 'none' |
Strict-Transport-Security |
max-age=31536000; includeSubDomains; preload |
X-Content-Type-Options |
nosniff |
X-Frame-Options |
deny |
X-Xss-Protection |
1; mode=block |
|
GET
DATA
|
200
OK
|
truncated
/
|
40 KB
40 KB
|
|
Image
application/octet-stream |
|
|
|