nitropack.jimmystage2.com Open in urlscan Pro
101.0.81.226  Public Scan

1 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

13 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
2 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	200	Primary Request / Show response nitropack.jimmystage2.com/	132 KB 36 KB	621ms 255ms	Document text/html	101.0.81.226 HOSTOPIA-AU Hosto...
General Check archive.org Show headers Download Go to Full URL https://nitropack.jimmystage2.com/ Protocol H2 Security TLS 1.2, ECDHE_RSA, AES_128_GCM Server 101.0.81.226 Brisbane, Australia, ASN55803 (HOSTOPIA-AU Hostopia Australia Web Pty Ltd, AU), Reverse DNS jimmy.ivent.com.au Software nginx / Resource Hash e2e2220d97f67fb5552f1edb3a377986d090e40167e4b9aeffe9b57be3c74501 Request headers Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers cache-control no-cache content-encoding gzip content-type text/html; charset=UTF-8 date Fri, 10 Mar 2023 10:46:44 GMT link <https://cdn-fidpm.nitrocdn.com>; rel=preconnect, <https://nitropack.jimmystage2.com/wp-json/>; rel="https://api.w.org/" server nginx vary user-agent x-cache-ctime 1676075067 x-nitro-cache HIT x-nitro-cache-from drop-in x-nitro-rev cd77294
GET H2	200	hotel_price_widget.js Show response www.thehotelsnetwork.com/js/	21 KB 9 KB	650ms 405ms	Script application/javascript	45.60.200.96 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://www.thehotelsnetwork.com/js/hotel_price_widget.js?hotel_id=1077091&property_id=1012028&account_key=7AB2D5D8AAB4254FA243BF251D6F060E Requested by Host: nitropack.jimmystage2.com URL: https://nitropack.jimmystage2.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.200.96 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash fec561d6ef8a5720a786e7c083f50629466901e210c7a88415709d7f70d12441 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-AU,en;q=0.9 Referer https://nitropack.jimmystage2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Fri, 10 Mar 2023 10:46:44 GMT content-encoding gzip via 1.1 bbcf77ea507d925a07ec0cee799872b2.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-cdn Imperva x-amz-cf-pop SYD1-C2 x-cache Miss from cloudfront x-iinfo 6-17872670-17872674 NNNN CT(1 10 0) RT(1678445204154 100) q(0 0 0 0) r(0 3) U5 pragma no-cache last-modified Fri, 10 Mar 2023 10:20:35 GMT vary Accept-Encoding content-type application/javascript; charset=utf-8 access-control-allow-origin https://nitropack.jimmystage2.com cache-control max-age=7200 access-control-allow-credentials true x-amz-cf-id KKAcR0YqM0p0iIGfc8PO04fUcpMN_g1Ko_cTFmxV88CS3nxqctd8Hg==
GET DATA	200 OK	truncated /	95 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 789995f38a746c72ae64ab01b75244a7ad6afa9b16da325ea1f34c19d5371fd8 Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Content-Type image/svg+xml
GET BLOB	200 OK	f38ebbeb-f623-4cbc-94b8-4a7d7d2c9a35 https://nitropack.jimmystage2.com/	824 B 0		Other text/javascript
General Check archive.org Show headers Download Go to Full URL blob:https://nitropack.jimmystage2.com/f38ebbeb-f623-4cbc-94b8-4a7d7d2c9a35 Requested by Host: nitropack.jimmystage2.com URL: https://nitropack.jimmystage2.com/ Protocol BLOB Server -, , ASN (), Reverse DNS Software / Resource Hash 7a0829f65b5378d1b0e2da444ff32f73343984c4e21342f5a7a0f3b9abe5c9c0 Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Content-Length 824 Content-Type text/javascript
GET H2	200	SourceSerif4Variable-Roman.ttf.woff2 cdn-fidpm.nitrocdn.com/qkkVzxKGSIkIzKmIsKQqacACubgJvdBP/assets/static/source/rev-cd77294/wp-content/themes/twentytwentytwo/assets/fonts/	418 KB 419 KB	630ms 426ms	Font font/woff2	104.18.40.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-fidpm.nitrocdn.com/qkkVzxKGSIkIzKmIsKQqacACubgJvdBP/assets/static/source/rev-cd77294/wp-content/themes/twentytwentytwo/assets/fonts/SourceSerif4Variable-Roman.ttf.woff2 Requested by Host: nitropack.jimmystage2.com URL: https://nitropack.jimmystage2.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.40.108 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bb8c4212414ce2a7887636e1c6eb1fd3ab46e4391226fd39653a2c2abbb17697 Request headers Referer https://nitropack.jimmystage2.com/ Origin https://nitropack.jimmystage2.com accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Fri, 10 Mar 2023 10:46:44 GMT cf-cache-status MISS last-modified Thu, 05 Jan 2023 14:54:21 GMT server cloudflare etag "63b6e49d-68a4b" vary Accept-Encoding content-type font/woff2 access-control-allow-origin * cache-control max-age=31536000, public accept-ranges bytes cf-ray 7a5af9bff907a892-SYD link <http://nitropack.jimmystage2.com/wp-content/themes/twentytwentytwo/assets/fonts/SourceSerif4Variable-Roman.ttf.woff2>; rel="canonical" content-length 428448 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	flight-path-on-transparent-d.png cdn-fidpm.nitrocdn.com/qkkVzxKGSIkIzKmIsKQqacACubgJvdBP/assets/images/optimized/rev-cd77294/wp-content/themes/twentytwentytwo/assets/images/	19 KB 19 KB	625ms 426ms	Image image/webp	104.18.40.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Show image Full URL https://cdn-fidpm.nitrocdn.com/qkkVzxKGSIkIzKmIsKQqacACubgJvdBP/assets/images/optimized/rev-cd77294/wp-content/themes/twentytwentytwo/assets/images/flight-path-on-transparent-d.png Requested by Host: nitropack.jimmystage2.com URL: https://nitropack.jimmystage2.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.40.108 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash d7dd141e17966ef58d2a6349dc6c28533492a3c7bc58cc33eb9fe2fff8dbe1e4 Request headers accept-language en-AU,en;q=0.9 Referer https://nitropack.jimmystage2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Fri, 10 Mar 2023 10:46:44 GMT cf-cache-status MISS last-modified Thu, 05 Jan 2023 14:54:18 GMT server cloudflare etag "63b6e49a-4aaa" vary Accept, Accept-Encoding content-type image/webp access-control-allow-origin * cache-control max-age=31536000, public accept-ranges bytes cf-ray 7a5af9bffd58a96d-SYD link <http://nitropack.jimmystage2.com/wp-content/themes/twentytwentytwo/assets/images/flight-path-on-transparent-d.png>; rel="canonical" content-length 18946 alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET DATA	200 OK	truncated /	7 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 4e03be949642d58ff54506feed064bf07bbb2a5747f6b2d4ebf451aff85ce327 Request headers accept-language en-AU,en;q=0.9 Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	200	/ Show response www.thehotelsnetwork.com/widget/core/latest/hub/ Frame F8E5	5 KB 2 KB	509ms 508ms	Document text/html	45.60.200.96 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://www.thehotelsnetwork.com/widget/core/latest/hub/ Requested by Host: www.thehotelsnetwork.com URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?hotel_id=1077091&property_id=1012028&account_key=7AB2D5D8AAB4254FA243BF251D6F060E Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.200.96 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 2f13bfe120bd1d818c4f67f76848c598ee162f868b72ab728b8cf31652a67222 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://nitropack.jimmystage2.com/ Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 accept-language en-AU,en;q=0.9 Response headers cache-control max-age=7200 public content-encoding gzip content-type text/html; charset=utf-8 date Fri, 10 Mar 2023 10:46:45 GMT etag W/"640b046f-11fd" expires Fri, 10 Mar 2023 12:46:45 GMT last-modified Fri, 10 Mar 2023 10:20:31 GMT strict-transport-security max-age=31536000; includeSubDomains vary Accept-Encoding via 1.1 a455b0542ae02d17ddbe081579777502.cloudfront.net (CloudFront) x-amz-cf-id LwjjFICQHgwaRRarvzLVLuQ_t_hx3chYtmq7XhAHT5eAwGXd0L7QDA== x-amz-cf-pop LHR50-P4 x-cache Miss from cloudfront x-cdn Imperva x-iinfo 6-17872670-17869319 3NNN RT(1678445204154 526) q(0 0 0 -1) r(4 4)
GET H2	200	_Incapsula_Resource Show response www.thehotelsnetwork.com/ Frame F8E5	133 KB 19 KB	106ms 106ms	Script application/javascript	45.60.200.96 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://www.thehotelsnetwork.com/_Incapsula_Resource?SWJIYLWA=719d34d31c8e3a6e6fffd425f7e032f3&ns=2&cb=2111158645 Requested by Host: www.thehotelsnetwork.com URL: https://www.thehotelsnetwork.com/widget/core/latest/hub/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.200.96 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 914febf75e1b2c5fbb97d420e9b5ab0b861a447e41b8df8d89bd2211ecf45059 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-AU,en;q=0.9 Referer https://www.thehotelsnetwork.com/widget/core/latest/hub/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control no-cache, no-store content-encoding gzip x-robots-tag noindex content-length 19377 content-type application/javascript
GET H2	200	get_loader_data Show response www.thehotelsnetwork.com/	15 KB 7 KB	409ms 409ms	Fetch application/json	45.60.200.96 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://www.thehotelsnetwork.com/get_loader_data?hotel_id=1077091&property_id=1012028&account_key=7AB2D5D8AAB4254FA243BF251D6F060E Requested by Host: www.thehotelsnetwork.com URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?hotel_id=1077091&property_id=1012028&account_key=7AB2D5D8AAB4254FA243BF251D6F060E Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.200.96 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 8ee32d10018d7a883fa6e827e84c1abd6ca68caed0a4470f88f2b12a5f00d797 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-AU,en;q=0.9 Referer https://nitropack.jimmystage2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Fri, 10 Mar 2023 10:46:45 GMT content-encoding gzip via 1.1 c212c30fb2998022a12f1d7e1d4dd590.cloudfront.net (CloudFront) strict-transport-security max-age=31536000; includeSubDomains x-cdn Imperva x-amz-cf-pop SYD1-C2 x-cache Miss from cloudfront x-iinfo 6-17872670-17872693 NNNN CT(0 27 0) RT(1678445204154 1051) q(0 0 0 -1) r(0 3) U5 pragma no-cache vary Accept-Encoding content-type application/json; charset=utf-8 access-control-allow-origin https://nitropack.jimmystage2.com cache-control no-store, no-cache, must-revalidate access-control-allow-credentials true x-amz-cf-id f_-gpfMrMhfm06zm7LxqEW-lIgmiej9380catRnnWGcUUCUZsFYwRw== expires Thu, 19 Nov 1981 08:52:00 GMT
GET H2	200	_Incapsula_Resource www.thehotelsnetwork.com/ Frame F8E5	1 B 36 B	97ms 97ms	Image text/plain	45.60.200.96 INCAPSULA
General Check archive.org Show headers Download Go to Show image Full URL https://www.thehotelsnetwork.com/_Incapsula_Resource?SWKMTFSR=1&e=0.24122579913302622 Requested by Host: www.thehotelsnetwork.com URL: https://www.thehotelsnetwork.com/widget/core/latest/hub/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.200.96 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers accept-language en-AU,en;q=0.9 Referer https://www.thehotelsnetwork.com/widget/core/latest/hub/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers strict-transport-security max-age=31536000; includeSubDomains cache-control no-cache, no-store x-robots-tag noindex content-length 1 content-type text/plain
POST H2	200	/ to.getnitropack.com/	20 B 457 B	1245ms 579ms	Ping text/html	129.227.9.2 ZEN-ECN
General Check archive.org Show headers Download Go to Full URL https://to.getnitropack.com/ Requested by Host: nitropack.jimmystage2.com URL: https://nitropack.jimmystage2.com/ Protocol H2 Security TLS 1.3, , AES_256_GCM Server 129.227.9.2 Seoul, Korea, Republic Of, ASN21859 (ZEN-ECN, US), Reverse DNS Software BunnyCDN-KR1-956 / PHP/7.3.33 Resource Hash a4d2b5c10747a9a02c401ece039329ec75c8a8f1dc4de0c7fb53a4ebde5555e4 Security Headers Name Value Strict-Transport-Security max-age=15724800; includeSubDomains Request headers Referer https://nitropack.jimmystage2.com/ accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Content-Type multipart/form-data; boundary=----WebKitFormBoundaryxoAoqHLMgUGRXOjw Response headers date Fri, 10 Mar 2023 10:46:46 GMT content-encoding none strict-transport-security max-age=15724800; includeSubDomains cdn-edgestorageid 956 x-powered-by PHP/7.3.33 cdn-cachedat 03/10/2023 10:46:46 cdn-pullzone 234442 content-length 20 server BunnyCDN-KR1-956 cdn-proxyver 1.03 cdn-requestpullcode 200 content-type text/html; charset=UTF-8 access-control-allow-origin * cdn-uid b7e07321-6c82-48dc-b332-ec6b5d5d2a32 cache-control public, max-age=0 cdn-requestid 328d8d0484f509c0e1d1ee6fe4fef73e cdn-requestcountrycode AU cdn-requestpullsuccess True
GET H2	200	index.min.js Show response www.thehotelsnetwork.com/widget/core/4.0/dist/main/	402 KB 101 KB	2520ms 2323ms	Script application/javascript	45.60.200.96 INCAPSULA
General Check archive.org Show headers Download Go to Full URL https://www.thehotelsnetwork.com/widget/core/4.0/dist/main/index.min.js?h=bd70ff73 Requested by Host: www.thehotelsnetwork.com URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?hotel_id=1077091&property_id=1012028&account_key=7AB2D5D8AAB4254FA243BF251D6F060E Protocol H2 Security TLS 1.3, , AES_128_GCM Server 45.60.200.96 , United States, ASN19551 (INCAPSULA, US), Reverse DNS Software / Resource Hash 401e5479428d7a5d8a20f280495273257ac49e1b0d08e8fee3e3d5f95e870019 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://nitropack.jimmystage2.com/ Origin https://nitropack.jimmystage2.com accept-language en-AU,en;q=0.9 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Fri, 10 Mar 2023 10:46:48 GMT content-encoding gzip strict-transport-security max-age=31536000; includeSubDomains last-modified Fri, 10 Mar 2023 10:20:33 GMT x-cdn Imperva etag W/"640b0471-647fe" content-type application/javascript; charset=utf-8 access-control-allow-origin * x-iinfo 12-60074257-60064977 3VNN RT(1678445205714 102) q(0 0 0 0) r(22 22) cache-control max-age=60, public content-length 102995 expires Fri, 10 Mar 2023 10:47:48 GMT
GET H2	200	nitro-min-noimport-d5af085bd0240670563d20c80d8b1699-stylesheet.css cdn-fidpm.nitrocdn.com/qkkVzxKGSIkIzKmIsKQqacACubgJvdBP/assets/static/optimized/rev-cd77294/combinedCss/	15 KB 2 KB	412ms 410ms	Stylesheet text/css	104.18.40.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-fidpm.nitrocdn.com/qkkVzxKGSIkIzKmIsKQqacACubgJvdBP/assets/static/optimized/rev-cd77294/combinedCss/nitro-min-noimport-d5af085bd0240670563d20c80d8b1699-stylesheet.css Requested by Host: nitropack.jimmystage2.com URL: https://nitropack.jimmystage2.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.40.108 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash 2a5abbf20f16e7473ce844d8ffa8b0fa4d1a66e62622c2933b55f8e6ec311bf3 Request headers accept-language en-AU,en;q=0.9 Referer https://nitropack.jimmystage2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Fri, 10 Mar 2023 10:46:46 GMT content-encoding br cf-cache-status HIT last-modified Thu, 05 Jan 2023 14:54:18 GMT server cloudflare etag W/"63b6e49a-3cd4" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control max-age=31536000, public cf-ray 7a5af9ca2f5fa96d-SYD link <http://nitropack.jimmystage2.com/combinedCss/d5af085bd0240670563d20c80d8b1699-stylesheet.css>; rel="canonical" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400
GET H2	200	nitro-min-noimport-496fe949e84c0e6a1bf4c09778453aa7-stylesheet.css cdn-fidpm.nitrocdn.com/qkkVzxKGSIkIzKmIsKQqacACubgJvdBP/assets/static/optimized/rev-cd77294/combinedCss/	2 KB 839 B	403ms 401ms	Stylesheet text/css	104.18.40.108 CLOUDFLARENET
General Check archive.org Show headers Download Go to Full URL https://cdn-fidpm.nitrocdn.com/qkkVzxKGSIkIzKmIsKQqacACubgJvdBP/assets/static/optimized/rev-cd77294/combinedCss/nitro-min-noimport-496fe949e84c0e6a1bf4c09778453aa7-stylesheet.css Requested by Host: nitropack.jimmystage2.com URL: https://nitropack.jimmystage2.com/ Protocol H2 Security TLS 1.3, , AES_128_GCM Server 104.18.40.108 -, , ASN13335 (CLOUDFLARENET, US), Reverse DNS Software cloudflare / Resource Hash bfe1bbd63e4301ef7696c92e624e5b5ebf3c53c99b25ff4d7c620cd3226611e8 Request headers accept-language en-AU,en;q=0.9 Referer https://nitropack.jimmystage2.com/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36 Response headers date Fri, 10 Mar 2023 10:46:46 GMT content-encoding br cf-cache-status HIT last-modified Thu, 05 Jan 2023 14:54:18 GMT server cloudflare etag W/"63b6e49a-a18" vary Accept-Encoding content-type text/css access-control-allow-origin * cache-control max-age=31536000, public cf-ray 7a5af9ca2f61a96d-SYD link <http://nitropack.jimmystage2.com/combinedCss/496fe949e84c0e6a1bf4c09778453aa7-stylesheet.css>; rel="canonical" alt-svc h3=":443"; ma=86400, h3-29=":443"; ma=86400

20 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 boolean| credentialless undefined| href object| NPSH object| NitroScrollHelper object| NPRL object| NitroResourceLoader object| NPh object| NitroPackHelper boolean| IS_NITROPACK string| NITROPACK_STATE object| nitro_lazySizesConfig object| lazySizes function| loadCSS undefined| proxyPurgeOnly undefined| nitroData undefined| xhr object| thn boolean| isPreload object| onStylesLoadEvent

5 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

			Domain/Path	Expires	Name / Value
			nitropack.jimmystage2.com/	1969-12-31 23:59:59	Name: nitroCachedPage Value: 1
			www.thehotelsnetwork.com/	1969-12-31 23:59:59	Name: __thn_ss Value: 64932c726aa77cc2fc992ec2c2d0f0a9
			.thehotelsnetwork.com/	1970-01-20 18:58:21	Name: visid_incap_2454396 Value: TwzxChqZSaCxDxf/Au0/cZQKC2QAAAAAQUIPAAAAAAA3iICTY85DMAVrVUf620q6
			.thehotelsnetwork.com/	1969-12-31 23:59:59	Name: incap_ses_332_2454396 Value: 0i8nE+GHL1imr6c1j4CbBJMKC2QAAAAA8rEYtwT9kJqDuyZxa+Yeog==
			.thehotelsnetwork.com/	1969-12-31 23:59:59	Name: nlbi_2454396 Value: UOdOcryrGxqCXeaP5i1CcAAAAACrTtdiVrEZJ6+ssk4a2IQq

9 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
security	warning	URL: https://www.thehotelsnetwork.com/js/hotel_price_widget.js?hotel_id=1077091&property_id=1012028&account_key=7AB2D5D8AAB4254FA243BF251D6F060E(Line 2) Message: An iframe which has both allow-scripts and allow-same-origin for its sandbox attribute can remove its sandboxing.
worker	info	URL: blob:https://nitropack.jimmystage2.com/f38ebbeb-f623-4cbc-94b8-4a7d7d2c9a35 Message: Preloading https://cdn-fidpm.nitrocdn.com/qkkVzxKGSIkIzKmIsKQqacACubgJvdBP/assets/static/optimized/rev-cd77294/combinedCss/nitro-min-noimport-d5af085bd0240670563d20c80d8b1699-stylesheet.css
worker	info	URL: blob:https://nitropack.jimmystage2.com/f38ebbeb-f623-4cbc-94b8-4a7d7d2c9a35 Message: Preloading https://cdn-fidpm.nitrocdn.com/qkkVzxKGSIkIzKmIsKQqacACubgJvdBP/assets/static/optimized/rev-cd77294/combinedCss/nitro-min-noimport-496fe949e84c0e6a1bf4c09778453aa7-stylesheet.css
worker	info	URL: blob:https://nitropack.jimmystage2.com/f38ebbeb-f623-4cbc-94b8-4a7d7d2c9a35 Message: css-preload DONE: https://cdn-fidpm.nitrocdn.com/qkkVzxKGSIkIzKmIsKQqacACubgJvdBP/assets/static/optimized/rev-cd77294/combinedCss/nitro-min-noimport-496fe949e84c0e6a1bf4c09778453aa7-stylesheet.css
worker	info	URL: blob:https://nitropack.jimmystage2.com/f38ebbeb-f623-4cbc-94b8-4a7d7d2c9a35 Message: css-preload DONE: https://cdn-fidpm.nitrocdn.com/qkkVzxKGSIkIzKmIsKQqacACubgJvdBP/assets/static/optimized/rev-cd77294/combinedCss/nitro-min-noimport-d5af085bd0240670563d20c80d8b1699-stylesheet.css
worker	info	URL: blob:https://nitropack.jimmystage2.com/f38ebbeb-f623-4cbc-94b8-4a7d7d2c9a35 Message: Preloading https://cdn-fidpm.nitrocdn.com/qkkVzxKGSIkIzKmIsKQqacACubgJvdBP/assets/static/optimized/rev-cd77294/wp-includes/blocks/navigation/nitro-min-92fd8146e423d652e73d7285f55484be.view.min.js
worker	info	URL: blob:https://nitropack.jimmystage2.com/f38ebbeb-f623-4cbc-94b8-4a7d7d2c9a35 Message: Preloading https://cdn-fidpm.nitrocdn.com/qkkVzxKGSIkIzKmIsKQqacACubgJvdBP/assets/static/optimized/rev-cd77294/wp-includes/blocks/navigation/nitro-min-cc56b8ea428b823e4258b6ee8a8d984f.view-modal.min.js
worker	info	URL: blob:https://nitropack.jimmystage2.com/f38ebbeb-f623-4cbc-94b8-4a7d7d2c9a35 Message: js-preload DONE: https://cdn-fidpm.nitrocdn.com/qkkVzxKGSIkIzKmIsKQqacACubgJvdBP/assets/static/optimized/rev-cd77294/wp-includes/blocks/navigation/nitro-min-cc56b8ea428b823e4258b6ee8a8d984f.view-modal.min.js
worker	info	URL: blob:https://nitropack.jimmystage2.com/f38ebbeb-f623-4cbc-94b8-4a7d7d2c9a35 Message: js-preload DONE: https://cdn-fidpm.nitrocdn.com/qkkVzxKGSIkIzKmIsKQqacACubgJvdBP/assets/static/optimized/rev-cd77294/wp-includes/blocks/navigation/nitro-min-92fd8146e423d652e73d7285f55484be.view.min.js

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn-fidpm.nitrocdn.com
nitropack.jimmystage2.com
to.getnitropack.com
www.thehotelsnetwork.com
101.0.81.226
104.18.40.108
129.227.9.2
45.60.200.96
2a5abbf20f16e7473ce844d8ffa8b0fa4d1a66e62622c2933b55f8e6ec311bf3
2f13bfe120bd1d818c4f67f76848c598ee162f868b72ab728b8cf31652a67222
401e5479428d7a5d8a20f280495273257ac49e1b0d08e8fee3e3d5f95e870019
4e03be949642d58ff54506feed064bf07bbb2a5747f6b2d4ebf451aff85ce327
789995f38a746c72ae64ab01b75244a7ad6afa9b16da325ea1f34c19d5371fd8
7a0829f65b5378d1b0e2da444ff32f73343984c4e21342f5a7a0f3b9abe5c9c0
8ee32d10018d7a883fa6e827e84c1abd6ca68caed0a4470f88f2b12a5f00d797
914febf75e1b2c5fbb97d420e9b5ab0b861a447e41b8df8d89bd2211ecf45059
a4d2b5c10747a9a02c401ece039329ec75c8a8f1dc4de0c7fb53a4ebde5555e4
bb8c4212414ce2a7887636e1c6eb1fd3ab46e4391226fd39653a2c2abbb17697
bfe1bbd63e4301ef7696c92e624e5b5ebf3c53c99b25ff4d7c620cd3226611e8
d7dd141e17966ef58d2a6349dc6c28533492a3c7bc58cc33eb9fe2fff8dbe1e4
e2e2220d97f67fb5552f1edb3a377986d090e40167e4b9aeffe9b57be3c74501
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
fec561d6ef8a5720a786e7c083f50629466901e210c7a88415709d7f70d12441