www.rwgenting.com Open in urlscan Pro
151.101.195.10 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://erwg.my/RhcWo
Effective URL:
https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?lan...
Submission: On December 29 via manual (December 29th 2022, 7:28:05 am UTC) from SG — Scanned from DE

Summary HTTP 112 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 32 IPs in 8 countries across 29 domains to perform 112 HTTP transactions. The main IP is 151.101.195.10, located in United States and belongs to FASTLY, US. The main domain is www.rwgenting.com. The Cisco Umbrella rank of the primary domain is 766943.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on April 29th 2022. Valid for: a year.

This is the only time www.rwgenting.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	47.254.192.82 47.254.192.82	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1 1	136.147.129.35 136.147.129.35	22606 (EXACT-7) (EXACT-7)
1 1	136.147.129.3 136.147.129.3	22606 (EXACT-7) (EXACT-7)
33	151.101.195.10 151.101.195.10	54113 (FASTLY) (FASTLY)
2	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 4	2606:4700::68... 2606:4700::6810:7eaf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2001:4de0:ac1... 2001:4de0:ac18::1:a:1a	20446 (STACKPATH...) (STACKPATH-CDN)
3	2a00:1450:400... 2a00:1450:4001:80b::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400d:80c::200a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:801::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::200e	15169 (GOOGLE) (GOOGLE)
9	2a03:2880:f01... 2a03:2880:f01c:8012:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
2	2620:116:800d... 2620:116:800d:21:b314:a0ef:ab7c:d546	16509 (AMAZON-02) (AMAZON-02)
3	13.225.78.21 13.225.78.21	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:20e... 2600:9000:20eb:8e00:6:44e3:f8c0:93a1	16509 (AMAZON-02) (AMAZON-02)
6	2a00:1450:400... 2a00:1450:4001:803::200e	15169 (GOOGLE) (GOOGLE)
1	2001:4860:480... 2001:4860:4802:32::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c07::9a	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:400d:806::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
18	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2a00:1450:400... 2a00:1450:400d:80a::2004	15169 (GOOGLE) (GOOGLE)
1	2a03:2880:f01... 2a03:2880:f01c:800e:face:b00c:0:2	32934 (FACEBOOK) (FACEBOOK)
1 3	54.151.237.152 54.151.237.152	16509 (AMAZON-02) (AMAZON-02)
1 2	142.250.186.38 142.250.186.38	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1 1	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
5 9	34.111.151.213 34.111.151.213	396982 (GOOGLE-CL...) (GOOGLE-CLOUD-PLATFORM)
1 1	72.246.169.24 72.246.169.24	16625 (AKAMAI-AS) (AKAMAI-AS)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2 2	35.157.140.187 35.157.140.187	16509 (AMAZON-02) (AMAZON-02)
2 2	52.6.131.58 52.6.131.58	14618 (AMAZON-AES) (AMAZON-AES)
1	2600:1f18:ed:... 2600:1f18:ed:550e:8a5c:b0cf:9d7c:272c	14618 (AMAZON-AES) (AMAZON-AES)
1	141.226.228.48 141.226.228.48	200478 (TABOOLA-AS) (TABOOLA-AS)
1 2	37.252.171.52 37.252.171.52	29990 (ASN-APPNEX) (ASN-APPNEX)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 2	35.227.248.159 35.227.248.159	15169 (GOOGLE) (GOOGLE)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
112	32

1 47.254.192.82 (Kuala Lumpur, Malaysia) 1 redirects

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

erwg.my	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.147.129.35 (United States) 1 redirects

ASN22606 (EXACT-7, US)
PTR: ck35.mta.exacttarget.com

pub.s7.exacttarget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 136.147.129.3 (United States) 1 redirects

ASN22606 (EXACT-7, US)

mcsqjpvz392sd02cs6vv33b0kfhq.pub.sfmc-content.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

33 151.101.195.10 (United States)

ASN54113 (FASTLY, US)

www.rwgenting.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2606:4700::6810:7eaf (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

unpkg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4de0:ac18::1:a:1a (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:80b::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80c::200a (Ireland)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:801::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googleoptimize.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a03:2880:f01c:8012:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2620:116:800d:21:b314:a0ef:ab7c:d546 (United States)

ASN16509 (AMAZON-02, US)

secure.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
pixel.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 13.225.78.21 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-21.fra2.r.cloudfront.net

cdn.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:20eb:8e00:6:44e3:f8c0:93a1 (United States)

ASN16509 (AMAZON-02, US)

rules.quantcount.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:803::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c07::9a (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:400d:806::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

18 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400d:80a::2004 (Ireland)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a03:2880:f01c:800e:face:b00c:0:2 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

socialplugin.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 54.151.237.152 (Singapore) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-151-237-152.ap-southeast-1.compute.amazonaws.com

tr.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.186.38 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f6.1e100.net

8661995.fls.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.185.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 34.111.151.213 (Kansas City, United States) 5 redirects

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: 213.151.111.34.bc.googleusercontent.com

dmp.brand-display.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 72.246.169.24 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a72-246-169-24.deploy.static.akamaitechnologies.com

tags.bluekai.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.157.140.187 (Frankfurt am Main, Germany) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-35-157-140-187.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.6.131.58 (Ashburn, United States) 2 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-52-6-131-58.compute-1.amazonaws.com

i.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:1f18:ed:550e:8a5c:b0cf:9d7c:272c (Ashburn, United States)

ASN14618 (AMAZON-AES, US)

i6.liadm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 141.226.228.48 (Netherlands)

ASN200478 (TABOOLA-AS, IL)

sync.taboola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 37.252.171.52 (Frankfurt am Main, Germany) 1 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.227.248.159 (Kansas City, United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: 159.248.227.35.bc.googleusercontent.com

pixel.tapad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
33	rwgenting.com www.rwgenting.com — Cisco Umbrella Rank: 766943	2 MB
18	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	937 B
15	brand-display.com 6 redirects cdn.brand-display.com — Cisco Umbrella Rank: 63737 tr.brand-display.com — Cisco Umbrella Rank: 65064 dmp.brand-display.com — Cisco Umbrella Rank: 2698	43 KB
10	facebook.net connect.facebook.net — Cisco Umbrella Rank: 173 socialplugin.facebook.net — Cisco Umbrella Rank: 10091	641 KB
6	doubleclick.net 2 redirects stats.g.doubleclick.net — Cisco Umbrella Rank: 179 googleads.g.doubleclick.net — Cisco Umbrella Rank: 64 8661995.fls.doubleclick.net cm.g.doubleclick.net — Cisco Umbrella Rank: 321	4 KB
6	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 103	20 KB
4	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4057 www.google.com — Cisco Umbrella Rank: 16 adservice.google.com — Cisco Umbrella Rank: 142	1 KB
4	unpkg.com 2 redirects unpkg.com — Cisco Umbrella Rank: 1163	45 KB
3	liadm.com 2 redirects i.liadm.com — Cisco Umbrella Rank: 881 i6.liadm.com — Cisco Umbrella Rank: 2220	1 KB
3	google.de www.google.de — Cisco Umbrella Rank: 3658	628 B
3	gstatic.com fonts.gstatic.com	51 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 123	222 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 843	2 KB
2	tapad.com 1 redirects pixel.tapad.com — Cisco Umbrella Rank: 674	757 B
2	adnxs.com 1 redirects ib.adnxs.com — Cisco Umbrella Rank: 318	2 KB
2	bidswitch.net 2 redirects x.bidswitch.net — Cisco Umbrella Rank: 411	879 B
2	quantserve.com secure.quantserve.com — Cisco Umbrella Rank: 1458 pixel.quantserve.com — Cisco Umbrella Rank: 985	10 KB
2	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 127	2 KB
2	jquery.com code.jquery.com — Cisco Umbrella Rank: 943	114 KB
2	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 356	12 KB
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 525	98 B
1	taboola.com sync.taboola.com — Cisco Umbrella Rank: 1388	99 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 698	273 B
1	bluekai.com 1 redirects tags.bluekai.com — Cisco Umbrella Rank: 807	558 B
1	quantcount.com rules.quantcount.com — Cisco Umbrella Rank: 1277	1 KB
1	googleoptimize.com www.googleoptimize.com — Cisco Umbrella Rank: 1311	46 KB
1	sfmc-content.com 1 redirects mcsqjpvz392sd02cs6vv33b0kfhq.pub.sfmc-content.com	429 B
1	exacttarget.com 1 redirects pub.s7.exacttarget.com — Cisco Umbrella Rank: 391278	723 B
1	erwg.my 1 redirects erwg.my	931 B
112	29

	Domain	Requested by
33	www.rwgenting.com	www.rwgenting.com
18	www.facebook.com	www.rwgenting.com connect.facebook.net
9	dmp.brand-display.com	5 redirects
9	connect.facebook.net	www.googletagmanager.com www.rwgenting.com connect.facebook.net
6	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
4	unpkg.com	2 redirects www.rwgenting.com
3	tr.brand-display.com	1 redirects cdn.brand-display.com
3	www.google.de	www.rwgenting.com
3	cdn.brand-display.com	www.rwgenting.com cdn.brand-display.com
3	fonts.gstatic.com	fonts.googleapis.com
3	www.googletagmanager.com	www.rwgenting.com www.googletagmanager.com
2	dsum-sec.casalemedia.com	1 redirects
2	pixel.tapad.com	1 redirects
2	ib.adnxs.com	1 redirects
2	i.liadm.com	2 redirects
2	x.bidswitch.net	2 redirects
2	8661995.fls.doubleclick.net	1 redirects www.rwgenting.com
2	www.google.com	www.rwgenting.com
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	fonts.googleapis.com	www.rwgenting.com
2	code.jquery.com	www.rwgenting.com
2	cdnjs.cloudflare.com	www.rwgenting.com
1	idsync.rlcdn.com
1	sync.taboola.com
1	i6.liadm.com
1	us-u.openx.net
1	tags.bluekai.com	1 redirects
1	cm.g.doubleclick.net	1 redirects
1	adservice.google.com	8661995.fls.doubleclick.net
1	socialplugin.facebook.net	connect.facebook.net
1	pixel.quantserve.com	www.rwgenting.com
1	googleads.g.doubleclick.net	www.googletagmanager.com
1	region1.analytics.google.com	www.googletagmanager.com
1	rules.quantcount.com	secure.quantserve.com
1	secure.quantserve.com	www.googletagmanager.com
1	www.googleoptimize.com	www.googletagmanager.com
1	mcsqjpvz392sd02cs6vv33b0kfhq.pub.sfmc-content.com	1 redirects
1	pub.s7.exacttarget.com	1 redirects
1	erwg.my	1 redirects
112	39

This site contains links to these domains. Also see Links.

Domain
streetview.my
www.rwkijal.com
www.rwlangkawi.com
www.gentingskyworlds.com
www.owg.com.my
book.rwgenting.com
play.google.com
www.gentingmalaysia.com
www.resortsworldtours.com
www.chinswee.org
www.premiumoutlets.com.my
wolfgangssteakhouse.net
zoukgroup.com
www.facebook.com
www.instagram.com
twitter.com
www.youtube.com
www.tiktok.com

Subject Issuer	Validity	Valid
www.rwgenting.com DigiCert TLS RSA SHA256 2020 CA1	`2022-04-29` - `2023-05-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-08-03` - `2023-08-02`	a year	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-10-07` - `2023-01-05`	3 months	crt.sh
*.quantserve.com DigiCert TLS RSA SHA256 2020 CA1	`2022-08-09` - `2023-09-09`	a year	crt.sh
brand-display.com Amazon	`2022-05-14` - `2023-06-12`	a year	crt.sh
quantserve.com R3	`2022-11-11` - `2023-02-09`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
www.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.socialplugin.facebook.net DigiCert SHA2 High Assurance Server CA	`2022-12-02` - `2023-01-05`	a month	crt.sh
*.knorex.com Amazon	`2022-11-10` - `2023-12-09`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-11-28` - `2023-02-20`	3 months	crt.sh
*.openx.net GeoTrust RSA CA 2018	`2022-07-21` - `2023-08-21`	a year	crt.sh
*.brand-display.com GeoTrust RSA CA 2018	`2022-06-03` - `2023-07-04`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
Frame ID: 44FDB8183DA72F25F6EC36FD09FA3158
Requests: 111 HTTP requests in this frame

Frame: https://cdn.brand-display.com/tr/tag/cfix.html?key=b90894f9b1582df507297d968da7fecece37d93
Frame ID: 343EC14B457BF8B1D600162667146F3F
Requests: 1 HTTP requests in this frame

Frame: https://8661995.fls.doubleclick.net/activityi;dc_pre=CJv5p-WmnvwCFatKkQUdCikKtQ;src=8661995;type=remar0;cat=rwg_g0;u1=;u2=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=187644956267.26108
Frame ID: B815B323FFF8A8CDB7E0447B7279F4F1
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Redeeming Your Complimentary Room | Resorts World Genting

Page URL History Show full URLs

http://erwg.my/RhcWo HTTP 302
https://pub.s7.exacttarget.com/0yfvdoqv0wv?custid=0BFEB2ADD0308EEFDFC5F37296BAFE6C&msgid=1e2323d7-131a-46d5... HTTP 301
https://mcsqjpvz392sd02cs6vv33b0kfhq.pub.sfmc-content.com/0yfvdoqv0wv?custid=0BFEB2ADD0308EEFDFC5F37296BAFE6C&msgid=1e2323d7-131a-46d5... HTTP 302
https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complime... Page URL

Detected technologies

Adobe Experience Manager (CMS) Expand

Overall confidence: 100%
Detected patterns

<div class="[^"]*aem-Grid
/etc\.clientlibs/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

FingerprintJS (JavaScript libraries) Expand

Overall confidence: 100%
Detected patterns

fingerprint(\d)?(?:\.min)?\.js

Font Awesome (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
(?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Optimize (A/B Testing) Expand

Overall confidence: 100%
Detected patterns

googleoptimize\.com/optimize\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

Quantcast Measure (Analytics) Expand

Overall confidence: 100%
Detected patterns

\.quantserve\.com/quant\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jQuery UI (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)/jquery-ui(?:\.min)?\.js
jquery-ui.*\.js

Page Statistics

112
Requests

91 %
HTTPS

53 %
IPv6

29
Domains

39
Subdomains

32
IPs

8
Countries

3415 kB
Transfer

9721 kB
Size

29
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://streetview.my/resortsworldgenting/gicc/
Title: 360° Virtual Tour

Search URL Search Domain Scan URL

URL: https://www.rwkijal.com/
Title: Resorts World Kijal

Search URL Search Domain Scan URL

URL: https://www.rwlangkawi.com/
Title: Resorts World Langkawi

Search URL Search Domain Scan URL

URL: https://www.gentingskyworlds.com/
Title: Genting SkyWorlds Theme Park

Search URL Search Domain Scan URL

URL: https://www.owg.com.my/ripleys-believe-not/
Title: Ripley's Adventureland

Search URL Search Domain Scan URL

URL: https://book.rwgenting.com/
Title: Book Now

Search URL Search Domain Scan URL

URL: https://play.google.com/store/apps/details?id=com.rwgenting.graviton
Title: RWG mobile app

Search URL Search Domain Scan URL

URL: http://www.gentingmalaysia.com/corporate_profile/
Title: About Us

Search URL Search Domain Scan URL

URL: http://www.gentingmalaysia.com/investor_relations/
Title: Investor Relations

Search URL Search Domain Scan URL

URL: https://book.rwgenting.com/Agent/V1/eb2b.App/UI/Common/Login.aspx
Title: Tour Agents

Search URL Search Domain Scan URL

URL: https://www.resortsworldtours.com/
Title: Resorts World Tours

Search URL Search Domain Scan URL

URL: https://www.chinswee.org/
Title: Chin Swee

Search URL Search Domain Scan URL

URL: https://www.premiumoutlets.com.my/
Title: Genting Highlands Premium Outlets

Search URL Search Domain Scan URL

URL: https://wolfgangssteakhouse.net/
Title: Wolfgang's Steakhouse

Search URL Search Domain Scan URL

URL: https://zoukgroup.com/zouk-malaysia/
Title: Zouk Genting

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ayuawana
Title: Ayu Awana

Search URL Search Domain Scan URL

URL: https://www.facebook.com/ResortsWorldGenting/

Search URL Search Domain Scan URL

URL: https://www.instagram.com/resortsworldgenting/

Search URL Search Domain Scan URL

URL: https://twitter.com/rw_genting

Search URL Search Domain Scan URL

URL: https://www.youtube.com/resortsworldgenting

Search URL Search Domain Scan URL

URL: https://www.tiktok.com/@rwgenting

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://erwg.my/RhcWo HTTP 302
https://pub.s7.exacttarget.com/0yfvdoqv0wv?custid=0BFEB2ADD0308EEFDFC5F37296BAFE6C&msgid=1e2323d7-131a-46d5-8e1c-d83c871bc77d&campcode=RELAS3Q1R3A_RELAS3Q1R3B&mobile=Z1dWNTZ4SU40NDk4aXRyRDBwclB4UT09&senddate=Dec%2029,%202022%2015:25:44.719&remoteurl=https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free&expAfter=6 HTTP 301
https://mcsqjpvz392sd02cs6vv33b0kfhq.pub.sfmc-content.com/0yfvdoqv0wv?custid=0BFEB2ADD0308EEFDFC5F37296BAFE6C&msgid=1e2323d7-131a-46d5-8e1c-d83c871bc77d&campcode=RELAS3Q1R3A_RELAS3Q1R3B&mobile=Z1dWNTZ4SU40NDk4aXRyRDBwclB4UT09&senddate=Dec%2029,%202022%2015:25:44.719&remoteurl=https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free&expAfter=6 HTTP 302
https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://unpkg.com/swiper/swiper-bundle.min.css HTTP 302
https://unpkg.com/swiper@8.4.5/swiper-bundle.min.css

Request Chain 3

https://unpkg.com/swiper/swiper-bundle.min.js HTTP 302
https://unpkg.com/swiper@8.4.5/swiper-bundle.min.js

Request Chain 91

https://8661995.fls.doubleclick.net/activityi;src=8661995;type=remar0;cat=rwg_g0;u1=;u2=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=187644956267.26108 HTTP 302
https://8661995.fls.doubleclick.net/activityi;dc_pre=CJv5p-WmnvwCFatKkQUdCikKtQ;src=8661995;type=remar0;cat=rwg_g0;u1=;u2=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=187644956267.26108

Request Chain 98

https://tr.brand-display.com/tracking/api/r?r0=1&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dknorex%26google_hm%3D%25%25KNXQ_B64_ENC%25%25%26google_cm&bf=31650e89f006669064fb068007e3be31 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=knorex&google_hm=ZjgzMDUyNjQxMTQzNWNkNmEzZTU5MjEx&google_cm&kcid=82906586878648352052744180618008367643 HTTP 302
https://dmp.brand-display.com/adx/cm/pixel?google_gid=CAESED3WdPfrOskJgNc3OEW0YCQ&kcid=82906586878648352052744180618008367643&google_cver=1

Request Chain 99

https://tags.bluekai.com/site/46117?id=31650e89f006669064fb068007e3be31&limit=1&redir=https%3A%2F%2Fdmp.brand-display.com%2Fcm2%2Fapi%2Fpixel%3Fpartner%3D0004%26pid%3D%24_BK_UUID%26bf%3D31650e89f006669064fb068007e3be31&_t1672298879802 HTTP 302
https://dmp.brand-display.com/cm2/api/pixel?partner=0004&pid=$_BK_UUID&bf=31650e89f006669064fb068007e3be31

Request Chain 101

https://x.bidswitch.net/sync?dsp_id=316&user_id=31650e89f006669064fb068007e3be31&expires=30 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=316&user_id=31650e89f006669064fb068007e3be31&expires=30 HTTP 302
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=aeb548a6-9790-48b7-8f46-53444e3470c5 HTTP 303
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=aeb548a6-9790-48b7-8f46-53444e3470c5&_li_chk=true&previous_uuid=82013c686f5e4e4d8d8b327c2826a2a0 HTTP 303
https://i6.liadm.com/s/52164?licd=&bidder_id=5298&bidder_uuid=aeb548a6-9790-48b7-8f46-53444e3470c5

Request Chain 102

https://dmp.brand-display.com/cm/api/taboola?_t=1672298879802&bf=31650e89f006669064fb068007e3be31 HTTP 302
https://sync.taboola.com/sg/knorex-network/1/rtb-h/?taboola_hm=f8305264-1143-5cd6-a3e59211

Request Chain 103

https://dmp.brand-display.com/cm/api/appnexus?_t=1672298879803&bf=31650e89f006669064fb068007e3be31 HTTP 302
https://ib.adnxs.com/setuid?entity=442&code=f8305264-1143-5cd6-a3e59211 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D442%26code%3Df8305264-1143-5cd6-a3e59211

Request Chain 104

https://dmp.brand-display.com/cm/api/liveramp?_t={CACHEBUSTER}&bf=31650e89f006669064fb068007e3be31 HTTP 302
https://idsync.rlcdn.com/708804.gif?partner_uid=f8305264-1143-5cd6-a3e59211

Request Chain 105

https://dmp.brand-display.com/cm/api/tapad?_t=1672298879803&bf=31650e89f006669064fb068007e3be31 HTTP 302
https://pixel.tapad.com/idsync/ex/receive?partner_id=3021&partner_device_id=f8305264-1143-5cd6-a3e59211 HTTP 302
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3021&partner_device_id=f8305264-1143-5cd6-a3e59211

Request Chain 108

https://dmp.brand-display.com/cm/api/index?cm_callback_url=%2F%2Fdsum-sec.casalemedia.com%2Frum&cm_dsp_id=191&bf=31650e89f006669064fb068007e3be31 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=f8305264-1143-5cd6-a3e59211 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=f8305264-1143-5cd6-a3e59211&C=1

112 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/
Redirect Chain

http://erwg.my/RhcWo
https://pub.s7.exacttarget.com/0yfvdoqv0wv?custid=0BFEB2ADD0308EEFDFC5F37296BAFE6C&msgid=1e2323d7-131a-46d5-8e1c-d83c871bc77d&campcode=RELAS3Q1R3A_RELAS3Q1R3B&mobile=Z1dWNTZ4SU40NDk4aXRyRDBwclB4UT0...
https://mcsqjpvz392sd02cs6vv33b0kfhq.pub.sfmc-content.com/0yfvdoqv0wv?custid=0BFEB2ADD0308EEFDFC5F37296BAFE6C&msgid=1e2323d7-131a-46d5-8e1c-d83c871bc77d&campcode=RELAS3Q1R3A_RELAS3Q1R3B&mobile=Z1dW...
https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaig...

58 KB
9 KB

1307ms
756ms

Document
text/html

151.101.195.10
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d7c4f729e6d4cd9a2093d5a1d168f57dc6520a9c31b9202b1c0b2b5c0872bd10

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ranges: bytes
content-encoding: gzip
content-length: 8746
content-type: text/html;charset=utf-8
date: Thu, 29 Dec 2022 07:27:56 GMT
strict-transport-security: max-age=63072000; includeSubdomains;
vary: Accept-Encoding
x-cache: MISS
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-served-by: cache-hhn-etou8220092-HHN
x-timer: S1672298876.133277,VS0,VS0,VE749
x-vhost: publish

Redirect headers

Cache-Control: private
Connection: close
Content-Length: 391
Content-Type: text/html; charset=utf-8
Date: Thu, 29 Dec 2022 07:27:54 GMT
Location: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free

GET
H2 200 all.min.css
cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/ 58 KB
11 KB 34ms
14ms Stylesheet
text/css 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/font-awesome/5.15.4/css/all.min.css

Requested by

Host: www.rwgenting.com
URL: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:27:56 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 2381869
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 10462
last-modified: Mon, 13 Sep 2021 19:10:03 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "613fa20b-28de"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nnjFhS8ro7zG0gekO%2FS9EXeSB6I2FORgzPweHdeRwJ6g0%2Bp3Dy%2BJKU3NGI1TGzJMgaKRLUWYcQ6zUfOz1Jz2EYDZzZW73SrSpyVpGW%2Byy%2Fruei5cF4Z7yI1tmgbw4umCzATIJuGZNzF1Q0xfsiijjkCl"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7810d0ecba40916e-FRA
expires: Tue, 19 Dec 2023 07:27:56 GMT

GET
H2

200

swiper-bundle.min.css
unpkg.com/swiper@8.4.5/
Redirect Chain

https://unpkg.com/swiper/swiper-bundle.min.css
https://unpkg.com/swiper@8.4.5/swiper-bundle.min.css

16 KB
5 KB

15ms
15ms

Stylesheet
text/css

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@8.4.5/swiper-bundle.min.css

Requested by

Protocol

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

82ef200ece01e84b0387a394dd784b93e1a677f8b2efed9d6b79f61d3084121a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:27:56 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3265398
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GJD2BGFHD1D1E0PJGT63ZYWW-fra
server: cloudflare
etag: W/"4056-knQFLPhd7qTFS8igAGqEi45G1Ug"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7810d0ed2f408fdc-FRA

Redirect headers

date: Thu, 29 Dec 2022 07:27:56 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GNEC32Y8YVTVNTS5KN2BVYGK-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 410
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /swiper@8.4.5/swiper-bundle.min.css
cache-control: public, s-maxage=600, max-age=60
cf-ray: 7810d0ecce5f8fdc-FRA

GET
H2 200 jquery-ui.css
code.jquery.com/ui/1.12.1/themes/base/ 35 KB
9 KB 343ms
313ms Stylesheet
text/css 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.12.1/themes/base/jquery-ui.css
Requested by: Host: www.rwgenting.com
URL: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:27:56 GMT
content-encoding: gzip
x-sp-metadata: HS256.CIyftZ0GEo4BCiQyNDdhNmMyZi01OTMwLTRmOWEtOTNjZC1lNzM2NzZmOWQ4ZDEQ+OiCoKvU+wIaBgj8grWdBiITMjAwMTphYzg6MjA6MjcyOjoyZSiQkgMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRorCAESJDkyZjdmNjllLTlhYjYtNGZjMS04MzYxLWRhNTU2ZDc4M2M4NRiDQSIYCAISFGNkczM0MC5mcjguaHdjZG4ubmV0.2yi/fARNTgZeWwk3Nr8k2Nj2yH5MtOVmfvZBCgnozyg=
last-modified: Sun, 04 Dec 2022 10:56:54 GMT
server: nginx
etag: W/"638c7cf6-8c85"
vary: Accept-Encoding
x-hw: 1672298876.dop216.fr8.t,1672298876.cds328.fr8.hn,1672298876.cds340.fr8.c
content-type: text/css
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 8323

GET
H2

200

swiper-bundle.min.js Show response
unpkg.com/swiper@8.4.5/
Redirect Chain

https://unpkg.com/swiper/swiper-bundle.min.js
https://unpkg.com/swiper@8.4.5/swiper-bundle.min.js

140 KB
40 KB

18ms
17ms

Script
application/javascript

2606:4700::6810:7eaf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://unpkg.com/swiper@8.4.5/swiper-bundle.min.js

Requested by

Protocol

Server

2606:4700::6810:7eaf , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b08cc9bd79f873cbf3a9468010074bd1c2ede4524d993a1f42edb1778fa3657a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:27:57 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 3265361
last-modified: Sat, 26 Oct 1985 08:15:00 GMT
fly-request-id: 01GJD2CJQW5G4HJYEW0CAMCPM0-fra
server: cloudflare
etag: W/"2315b-t5sVkS+OMbzdHrTZGoTsEiXqNM4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=31536000
cf-ray: 7810d0ed3f428fdc-FRA

Redirect headers

date: Thu, 29 Dec 2022 07:27:56 GMT
via: 1.1 fly.io
x-content-type-options: nosniff
cf-cache-status: HIT
fly-request-id: 01GNECE4CFYWT2Y4EXYPC8SKPT-fra
server: cloudflare
strict-transport-security: max-age=31536000; includeSubDomains; preload
age: 48
vary: Accept, Accept-Encoding
content-type: text/plain; charset=utf-8
access-control-allow-origin: *
location: /swiper@8.4.5/swiper-bundle.min.js
cache-control: public, s-maxage=600, max-age=60
cf-ray: 7810d0ecce618fdc-FRA

GET
H2 200 clientlib-base.lc-70267407c54bfd3d524dbb8e5bf56862-lc.min.css
www.rwgenting.com/etc.clientlibs/gentingmalaysiaprogram/clientlibs/ 106 KB
8 KB 9ms
7ms Stylesheet
text/css 151.101.195.10
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rwgenting.com/etc.clientlibs/gentingmalaysiaprogram/clientlibs/clientlib-base.lc-70267407c54bfd3d524dbb8e5bf56862-lc.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6b07cae77ceefe3552b97c44bd9a144f4b23202c775b32604c0b8ec26471a6f9

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Dec 2022 07:27:56 GMT
age: 268364
x-vhost: publish
x-cache: HIT
content-length: 7739
x-served-by: cache-hhn-etou8220092-HHN
last-modified: Mon, 26 Dec 2022 04:55:13 GMT
x-timer: S1672298877.897465,VS0,VS0,VE1
etag: W/"1a7e2-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
accept-ranges: bytes

GET
H2 200 clientlib-dependencies.lc-bc0f7602465a882f4e39ed87ecbfb9d5-lc.min.css
www.rwgenting.com/etc.clientlibs/gentingmalaysiaprogram/clientlibs/ 943 KB
127 KB 11ms
10ms Stylesheet
text/css 151.101.195.10
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rwgenting.com/etc.clientlibs/gentingmalaysiaprogram/clientlibs/clientlib-dependencies.lc-bc0f7602465a882f4e39ed87ecbfb9d5-lc.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

37fbdb6abcc8c42b79a0ed4ad98ca8b5d6f26fb6159626405488c77fbc7710e2

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Dec 2022 07:27:56 GMT
age: 1193679
x-vhost: publish
x-cache: HIT
content-length: 129402
x-served-by: cache-hhn-etou8220092-HHN
last-modified: Thu, 15 Dec 2022 11:53:18 GMT
x-timer: S1672298877.897488,VS0,VS0,VE1
etag: W/"ebd4d-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
accept-ranges: bytes

GET
H2 200 clientlib-common.lc-13b604ac2e8f2a11777ebff41d3ef77b-lc.min.css
www.rwgenting.com/etc.clientlibs/gentingmalaysiaprogram/clientlibs/clientlib-site/ 21 KB
4 KB 9ms
8ms Stylesheet
text/css 151.101.195.10
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rwgenting.com/etc.clientlibs/gentingmalaysiaprogram/clientlibs/clientlib-site/clientlib-common.lc-13b604ac2e8f2a11777ebff41d3ef77b-lc.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d5b77693f65be39975a95979f121a5e2a81f08325f151e387c7b9fc2272f0893

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Dec 2022 07:27:56 GMT
age: 1564843
x-vhost: publish
x-cache: HIT
content-length: 4158
x-served-by: cache-hhn-etou8220092-HHN
last-modified: Sun, 11 Dec 2022 04:47:13 GMT
x-timer: S1672298877.897740,VS0,VS0,VE1
etag: W/"5282-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
accept-ranges: bytes

GET
H2 200 clientlib-rwgenting-dependencies.lc-4b27d11e7550c8d156918e33dc705537-lc.min.css
www.rwgenting.com/etc.clientlibs/gentingmalaysiaprogram/clientlibs/ 40 KB
10 KB 10ms
9ms Stylesheet
text/css 151.101.195.10
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rwgenting.com/etc.clientlibs/gentingmalaysiaprogram/clientlibs/clientlib-rwgenting-dependencies.lc-4b27d11e7550c8d156918e33dc705537-lc.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

5b5418cbe3c48dcf77022a601f7891eecd551c476ad472ad2acfdbf5c5b23002

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Dec 2022 07:27:56 GMT
age: 365416
x-vhost: publish
x-cache: HIT
content-length: 9958
x-served-by: cache-hhn-etou8220092-HHN
last-modified: Sun, 25 Dec 2022 01:57:41 GMT
x-timer: S1672298877.897722,VS0,VS0,VE1
etag: W/"a159-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
accept-ranges: bytes

GET
H2 200 clientlib-rwgenting.lc-799d851ee27b5eb87f7fb15c63738eb7-lc.min.css
www.rwgenting.com/etc.clientlibs/gentingmalaysiaprogram/clientlibs/clientlib-site/ 223 KB
42 KB 20ms
19ms Stylesheet
text/css 151.101.195.10
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rwgenting.com/etc.clientlibs/gentingmalaysiaprogram/clientlibs/clientlib-site/clientlib-rwgenting.lc-799d851ee27b5eb87f7fb15c63738eb7-lc.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e56fabdfb37f3827e60a73ee1506c36feddbd83d7b95bb5f0831926f78d448dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Dec 2022 07:27:56 GMT
age: 13676
x-vhost: publish
x-cache: HIT
content-length: 43073
x-served-by: cache-hhn-etou8220092-HHN
last-modified: Thu, 29 Dec 2022 03:40:00 GMT
x-timer: S1672298877.897695,VS0,VS0,VE1
etag: W/"37b3f-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
accept-ranges: bytes

GET
H2 200 ico-search.svg
www.rwgenting.com/content/dam/approved/common/icon/ 1 KB
984 B 15ms
4ms Image
image/svg+xml 151.101.195.10
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rwgenting.com/content/dam/approved/common/icon/ico-search.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3e15e3b54f25c8243b3288ca369a71b409f22cbadf2043112e7df67d3a9964c3

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Dec 2022 07:27:57 GMT
age: 2284
x-vhost: publish
x-cache: HIT
content-disposition: attachment; filename="ico-search.svg"
content-length: 640
x-served-by: cache-hhn-etou8220092-HHN
last-modified: Sun, 13 Mar 2022 20:38:05 GMT
x-timer: S1672298877.283001,VS0,VS0,VE1
etag: "5ae-5da1f8a702540-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=7200,s-maxage=14400,stale-while-revalidate=86400,stale-if-error=86400
accept-ranges: bytes

GET
H2 200 ico-home.png
www.rwgenting.com/content/dam/approved/rw-genting/web/navigation/ 373 B
478 B 33ms
21ms Image
image/png 151.101.195.10
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rwgenting.com/content/dam/approved/rw-genting/web/navigation/ico-home.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

7a74944f0d2330f186317ecff18084eb7af1bff89b638d1996c6a3ef61bcc766

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains;
date: Thu, 29 Dec 2022 07:27:57 GMT
x-content-type-options: nosniff
age: 2284
x-vhost: publish
x-cache: HIT
content-disposition: attachment
content-length: 373
x-served-by: cache-hhn-etou8220092-HHN
last-modified: Sun, 13 Mar 2022 20:37:27 GMT
x-timer: S1672298877.283697,VS0,VS0,VE2
etag: "175-5da1f882c4fc0"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=7200,s-maxage=14400,stale-while-revalidate=86400,stale-if-error=86400
accept-ranges: bytes

GET
H2 200 ico-location.png
www.rwgenting.com/content/dam/approved/rw-genting/web/navigation/ 482 B
607 B 20ms
8ms Image
image/png 151.101.195.10
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rwgenting.com/content/dam/approved/rw-genting/web/navigation/ico-location.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0c78fc4ee08501ae4fcb3f476142bb89a52bcb39a30ec798ee051126483f88df

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains;
date: Thu, 29 Dec 2022 07:27:57 GMT
x-content-type-options: nosniff
age: 2283
x-vhost: publish
x-cache: HIT
content-disposition: attachment
content-length: 482
x-served-by: cache-hhn-etou8220092-HHN
last-modified: Sun, 13 Mar 2022 20:37:27 GMT
x-timer: S1672298877.283334,VS0,VS0,VE1
etag: "1e2-5da1f882c4fc0"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=7200,s-maxage=14400,stale-while-revalidate=86400,stale-if-error=86400
accept-ranges: bytes

GET
H2 200 ico-fire-2.png
www.rwgenting.com/content/dam/approved/rw-genting/web/navigation/ 485 B
665 B 26ms
15ms Image
image/png 151.101.195.10
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rwgenting.com/content/dam/approved/rw-genting/web/navigation/ico-fire-2.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

43ffc02765e9adeba7117eb3c3abd838f83b59a86195d1e15d51fe835fa39e30

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains;
date: Thu, 29 Dec 2022 07:27:57 GMT
x-content-type-options: nosniff
age: 2284
x-vhost: publish
x-cache: HIT
content-disposition: attachment
content-length: 485
x-served-by: cache-hhn-etou8220092-HHN
last-modified: Sun, 13 Mar 2022 20:37:27 GMT
x-timer: S1672298877.283320,VS0,VS0,VE1
etag: "1e5-5da1f882c4fc0"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=7200,s-maxage=14400,stale-while-revalidate=86400,stale-if-error=86400
accept-ranges: bytes

GET
H2 200 menu-casino.png
www.rwgenting.com/content/dam/approved/rw-genting/web/navigation/ 31 KB
31 KB 30ms
19ms Image
image/png 151.101.195.10
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rwgenting.com/content/dam/approved/rw-genting/web/navigation/menu-casino.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2c4ee33912994630a20f6fe123d4090c2ec3aa2e4ba171d222eaae5ab7994883

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:27:57 GMT
strict-transport-security: max-age=31557600
x-content-type-options: nosniff
content-md5: HMXQV1u0oj1YNd0ZgSoOrw==
age: 1904
x-cache: HIT
content-disposition: attachment; filename="menu-casino.png"; filename*=UTF-8''menu-casino.png
content-length: 31717
x-served-by: cache-hhn-etou8220092-HHN
last-modified: Sun, 13 Mar 2022 20:42:06 GMT
x-timer: S1672298877.283303,VS0,VS0,VE1
etag: "0x8DA0531F014F6DA"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7200,s-maxage=14400,stale-while-revalidate=86400,stale-if-error=86400
accept-ranges: bytes

GET
H2 200 menu-exp.png
www.rwgenting.com/content/dam/approved/rw-genting/web/navigation/ 23 KB
24 KB 20ms
10ms Image
image/png 151.101.195.10
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rwgenting.com/content/dam/approved/rw-genting/web/navigation/menu-exp.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b0592d3b5250510e9a839e62893c9fca8eb0e015b3f2f96cd0c12aadf2b0d2d8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:27:57 GMT
strict-transport-security: max-age=31557600
x-content-type-options: nosniff
content-md5: QwtwEdsPciYJSKzy0qtArw==
age: 1902
x-cache: HIT
content-disposition: attachment; filename="menu-exp.png"; filename*=UTF-8''menu-exp.png
content-length: 23930
x-served-by: cache-hhn-etou8220092-HHN
last-modified: Sun, 13 Mar 2022 20:42:06 GMT
x-timer: S1672298877.283300,VS0,VS0,VE1
etag: "0x8DA0531F03F5C0A"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7200,s-maxage=14400,stale-while-revalidate=86400,stale-if-error=86400
accept-ranges: bytes

GET
H2 200 menu-hotels.png
www.rwgenting.com/content/dam/approved/rw-genting/web/navigation/ 31 KB
31 KB 21ms
10ms Image
image/png 151.101.195.10
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rwgenting.com/content/dam/approved/rw-genting/web/navigation/menu-hotels.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

2ac18d95396498051dd64c68f78b272cd73b7e7189bdc3e0594adae21e4da7af

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:27:57 GMT
strict-transport-security: max-age=31557600
x-content-type-options: nosniff
content-md5: P7+3+x+Akz3EdZGytNwmDw==
age: 1901
x-cache: HIT
content-disposition: attachment; filename="menu-hotels.png"; filename*=UTF-8''menu-hotels.png
content-length: 31732
x-served-by: cache-hhn-etou8220092-HHN
last-modified: Sun, 13 Mar 2022 20:42:07 GMT
x-timer: S1672298877.283290,VS0,VS0,VE1
etag: "0x8DA0531F059BE06"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7200,s-maxage=14400,stale-while-revalidate=86400,stale-if-error=86400
accept-ranges: bytes

GET
H2 200 menu-show-events-movie.png
www.rwgenting.com/content/dam/approved/rw-genting/web/navigation/ 16 KB
16 KB 30ms
19ms Image
image/png 151.101.195.10
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rwgenting.com/content/dam/approved/rw-genting/web/navigation/menu-show-events-movie.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

9e0158631d7e8d2ad122f7886ddfd16175f7330f1e6253ac00caa7fa77412abb

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains;
date: Thu, 29 Dec 2022 07:27:57 GMT
x-content-type-options: nosniff
age: 2283
x-vhost: publish
x-cache: HIT
content-disposition: attachment
content-length: 15972
x-served-by: cache-hhn-etou8220092-HHN
last-modified: Sun, 13 Mar 2022 20:37:28 GMT
x-timer: S1672298877.283291,VS0,VS0,VE1
etag: "3e64-5da1f883b9200"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=7200,s-maxage=14400,stale-while-revalidate=86400,stale-if-error=86400
accept-ranges: bytes

GET
H2 200 menu-theme-park.png
www.rwgenting.com/content/dam/approved/rw-genting/web/navigation/ 25 KB
25 KB 36ms
26ms Image
image/png 151.101.195.10
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rwgenting.com/content/dam/approved/rw-genting/web/navigation/menu-theme-park.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

3a343e9dd7584d15f7ea675d7289ed94505a850bc2ea4737fa71b165eba116f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:27:57 GMT
strict-transport-security: max-age=31557600
x-content-type-options: nosniff
content-md5: hO6yXgIBJvvQkJz0O8httQ==
age: 1900
x-cache: HIT
content-disposition: attachment; filename="menu-theme-park.png"; filename*=UTF-8''menu-theme-park.png
content-length: 25655
x-served-by: cache-hhn-etou8220092-HHN
last-modified: Sun, 13 Mar 2022 20:42:07 GMT
x-timer: S1672298877.289556,VS0,VS0,VE1
etag: "0x8DA0531F0978149"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7200,s-maxage=14400,stale-while-revalidate=86400,stale-if-error=86400
accept-ranges: bytes

GET
H2 200 things-to-do.png
www.rwgenting.com/content/dam/approved/rw-genting/web/navigation/ 18 KB
18 KB 38ms
28ms Image
image/png 151.101.195.10
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rwgenting.com/content/dam/approved/rw-genting/web/navigation/things-to-do.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

4de3909235e0a1a710f55815750ef0b2fbdf5bc87db92f2d5e80d2854ea087ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:27:57 GMT
strict-transport-security: max-age=31557600
x-content-type-options: nosniff
content-md5: vMaX5aA6Qi9TBdD6DAXWoA==
age: 1899
x-cache: HIT
content-disposition: attachment; filename="things-to-do.png"; filename*=UTF-8''things-to-do.png
content-length: 18693
x-served-by: cache-hhn-etou8220092-HHN
last-modified: Sun, 13 Mar 2022 20:42:07 GMT
x-timer: S1672298877.289405,VS0,VS0,VE1
etag: "0x8DA0531F0BE1675"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7200,s-maxage=14400,stale-while-revalidate=86400,stale-if-error=86400
accept-ranges: bytes

GET
H2 200 rwg-logo.png
www.rwgenting.com/content/dam/approved/rw-genting/web/header/ 2 KB
2 KB 33ms
23ms Image
image/png 151.101.195.10
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rwgenting.com/content/dam/approved/rw-genting/web/header/rwg-logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

313ee10702d4bbfc57535e0c863271b893ae4eac35cf54c16aafcadb8636eade

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains;
date: Thu, 29 Dec 2022 07:27:57 GMT
x-content-type-options: nosniff
age: 2283
x-vhost: publish
x-cache: HIT
content-disposition: attachment
content-length: 1974
x-served-by: cache-hhn-etou8220092-HHN
last-modified: Sun, 13 Mar 2022 20:37:13 GMT
x-timer: S1672298877.289460,VS0,VS0,VE1
etag: "7b6-5da1f8756b040"
x-frame-options: SAMEORIGIN
content-type: image/png
cache-control: max-age=7200,s-maxage=14400,stale-while-revalidate=86400,stale-if-error=86400
accept-ranges: bytes

GET
H2 200 mobilelogov1.png
www.rwgenting.com/content/dam/approved/rw-genting/web/header/ 1 KB
1 KB 34ms
24ms Image
image/png 151.101.195.10
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rwgenting.com/content/dam/approved/rw-genting/web/header/mobilelogov1.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

da8e93e26423dab0c7c93b9e98545c40a98daa8520c59b88038c918c3c0f023c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:27:57 GMT
strict-transport-security: max-age=31557600
x-content-type-options: nosniff
last-modified: Thu, 03 Nov 2022 05:17:22 GMT
age: 1899
x-timer: S1672298877.289447,VS0,VS0,VE1
etag: "0x8DABD5AAFDEA8B2"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7200,s-maxage=14400,stale-while-revalidate=86400,stale-if-error=86400
content-disposition: attachment; filename="mobilelogov1.png"; filename*=UTF-8''mobilelogov1.png
accept-ranges: bytes
content-length: 1219
x-served-by: cache-hhn-etou8220092-HHN

GET
H2 200 Genting-reward_logo2x.png
www.rwgenting.com/content/dam/approved/rw-genting/web/header/ 13 KB
13 KB 108ms
99ms Image
image/png 151.101.195.10
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rwgenting.com/content/dam/approved/rw-genting/web/header/Genting-reward_logo2x.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e9f149e2d584b9aff2c1175a8475dcd9d245450dcae6ddd6e7e1acf7e7facd4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:27:57 GMT
strict-transport-security: max-age=31557600
x-content-type-options: nosniff
last-modified: Mon, 14 Mar 2022 04:13:13 GMT
age: 1899
x-timer: S1672298877.289035,VS0,VS0,VE2
etag: "0x8DA0570F5435A16"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7200,s-maxage=14400,stale-while-revalidate=86400,stale-if-error=86400
content-disposition: attachment; filename="Genting-reward_logo2x.png"; filename*=UTF-8''Genting-reward_logo2x.png
accept-ranges: bytes
content-length: 12943
x-served-by: cache-hhn-etou8220092-HHN

GET
H2 200 ico-ppl.svg
www.rwgenting.com/content/dam/approved/common/icon/ 2 KB
1 KB 31ms
22ms Image
image/svg+xml 151.101.195.10
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rwgenting.com/content/dam/approved/common/icon/ico-ppl.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e8386cc19e7ab27ce95b3ccc9d62ae847ceed411bb104be0b208e0a66e278753

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Dec 2022 07:27:57 GMT
age: 2283
x-vhost: publish
x-cache: HIT
content-disposition: attachment; filename="ico-ppl.svg"
content-length: 889
x-served-by: cache-hhn-etou8220092-HHN
last-modified: Sun, 13 Mar 2022 20:38:05 GMT
x-timer: S1672298877.289022,VS0,VS0,VE1
etag: "788-5da1f8a702540-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=7200,s-maxage=14400,stale-while-revalidate=86400,stale-if-error=86400
accept-ranges: bytes

GET
H2 200 /
www.rwgenting.com/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/ 58 KB
58 KB 806ms
797ms Image
text/html 151.101.195.10
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rwgenting.com/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Dec 2022 07:27:58 GMT
x-timer: S1672298877.289008,VS0,VS0,VE787
x-vhost: publish
x-frame-options: SAMEORIGIN
x-cache: MISS
content-type: text/html;charset=utf-8
vary: Accept-Encoding
accept-ranges: bytes
content-length: 8746
x-served-by: cache-hhn-etou8220092-HHN

GET
H2 200 2340x480-Redeeming-Your-Complimentary-Room.png
www.rwgenting.com/content/dam/approved/rw-genting/web/genting-rewards/promotions/redeeming-your-complimentary-room/ 431 KB
431 KB 31ms
22ms Image
image/png 151.101.195.10
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rwgenting.com/content/dam/approved/rw-genting/web/genting-rewards/promotions/redeeming-your-complimentary-room/2340x480-Redeeming-Your-Complimentary-Room.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

485e49ab7f80378ef2b4bec6615fba5c80bb581929020bf5088f221400d83c0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:27:57 GMT
strict-transport-security: max-age=31557600
x-content-type-options: nosniff
last-modified: Wed, 29 Jun 2022 08:33:30 GMT
age: 84549
x-timer: S1672298877.288997,VS0,VS0,VE1
etag: "0x8DA59AA0C13F477"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7200,s-maxage=14400,stale-while-revalidate=86400,stale-if-error=86400
content-disposition: attachment; filename="2340x480-Redeeming-Your-Complimentary-Room.png"; filename*=UTF-8''2340x480-Redeeming-Your-Complimentary-Room.png
accept-ranges: bytes
content-length: 441141
x-served-by: cache-hhn-etou8220092-HHN

GET
H2 200 tiktok-logo.png
www.rwgenting.com/content/dam/approved/rw-genting/web/home-page-(zeplin)/footer/ 3 KB
3 KB 110ms
101ms Image
image/png 151.101.195.10
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rwgenting.com/content/dam/approved/rw-genting/web/home-page-(zeplin)/footer/tiktok-logo.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

0117119d9eb641ede11092e4373f0556b7b2ab6ccdce7187a7e5f4f51f2413b3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:27:57 GMT
strict-transport-security: max-age=31557600
x-content-type-options: nosniff
last-modified: Wed, 21 Sep 2022 02:30:59 GMT
age: 1903
x-timer: S1672298877.288976,VS0,VS0,VE3
etag: "0x8DA9B7952157CD4"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7200,s-maxage=14400,stale-while-revalidate=86400,stale-if-error=86400
content-disposition: attachment; filename="tiktok-logo.png"; filename*=UTF-8''tiktok-logo.png
accept-ranges: bytes
content-length: 2799
x-served-by: cache-hhn-etou8220092-HHN

GET
H2 200 logo_footer.png
www.rwgenting.com/content/dam/approved/genting-skyworlds/web/footer/ 19 KB
20 KB 38ms
30ms Image
image/png 151.101.195.10
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.rwgenting.com/content/dam/approved/genting-skyworlds/web/footer/logo_footer.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

db30aeb0ad06e8c5f6759cfa9feff66bebdfeb42780765685d6c7e323c93f4e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:27:57 GMT
strict-transport-security: max-age=31557600
x-content-type-options: nosniff
content-md5: fLuenp/Zw+QA84euuN1wOA==
age: 1903
x-cache: HIT
content-disposition: attachment; filename="logo_footer.png"; filename*=UTF-8''logo_footer.png
content-length: 19722
x-served-by: cache-hhn-etou8220092-HHN
last-modified: Sun, 13 Mar 2022 18:36:51 GMT
x-timer: S1672298877.288966,VS0,VS0,VE2
etag: "0x8DA0520707E333D"
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7200,s-maxage=14400,stale-while-revalidate=86400,stale-if-error=86400
accept-ranges: bytes

GET
H2 200 clientlib-dependencies.lc-cf515533f7a82e5277fdddca7437a2f6-lc.min.js Show response
www.rwgenting.com/etc.clientlibs/gentingmalaysiaprogram/clientlibs/ 2 MB
565 KB 9ms
8ms Script
application/javascript 151.101.195.10
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rwgenting.com/etc.clientlibs/gentingmalaysiaprogram/clientlibs/clientlib-dependencies.lc-cf515533f7a82e5277fdddca7437a2f6-lc.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

a33795254e89bff14337b5a2beffa50cbfc796d5dad2d0ce6894eca2bf0ad0b6

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Dec 2022 07:27:57 GMT
age: 1817386
x-vhost: publish
x-cache: HIT
content-length: 578065
x-served-by: cache-hhn-etou8220092-HHN
last-modified: Thu, 08 Dec 2022 06:38:10 GMT
x-timer: S1672298877.021022,VS0,VS0,VE2
etag: W/"23b048-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
accept-ranges: bytes

GET
H2 200 clientlib-common.lc-ca09f0d80271d7ed7c6de826fecffff0-lc.min.js Show response
www.rwgenting.com/etc.clientlibs/gentingmalaysiaprogram/clientlibs/clientlib-site/ 9 KB
3 KB 13ms
13ms Script
application/javascript 151.101.195.10
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rwgenting.com/etc.clientlibs/gentingmalaysiaprogram/clientlibs/clientlib-site/clientlib-common.lc-ca09f0d80271d7ed7c6de826fecffff0-lc.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

b33f3d12ab8b508be440d75198e9b501fc84661546e0e6b743ba6ec508c434bd

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Dec 2022 07:27:57 GMT
age: 1817387
x-vhost: publish
x-cache: HIT
content-length: 3361
x-served-by: cache-hhn-etou8220092-HHN
last-modified: Thu, 08 Dec 2022 06:38:10 GMT
x-timer: S1672298877.150508,VS0,VS0,VE2
etag: W/"2438-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
accept-ranges: bytes

GET
H2 200 clientlib-rwgenting-dependencies.lc-615a82365cdc5bf38cdd502540732f5e-lc.min.js Show response
www.rwgenting.com/etc.clientlibs/gentingmalaysiaprogram/clientlibs/ 705 KB
141 KB 8ms
8ms Script
application/javascript 151.101.195.10
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rwgenting.com/etc.clientlibs/gentingmalaysiaprogram/clientlibs/clientlib-rwgenting-dependencies.lc-615a82365cdc5bf38cdd502540732f5e-lc.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

6d191fbb37a93ac827acdcd8efa8d7d4e101da41f909e446cb1f101d5bf80005

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Dec 2022 07:27:57 GMT
age: 1054174
x-vhost: publish
x-cache: HIT
content-length: 144668
x-served-by: cache-hhn-etou8220092-HHN
last-modified: Sat, 17 Dec 2022 02:38:23 GMT
x-timer: S1672298877.235951,VS0,VS0,VE1
etag: W/"b0464-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
accept-ranges: bytes

GET
H2 200 clientlib-rwgenting.lc-afb00e21ec8b97171370be156f27cbe5-lc.min.js Show response
www.rwgenting.com/etc.clientlibs/gentingmalaysiaprogram/clientlibs/clientlib-site/ 136 KB
29 KB 9ms
9ms Script
application/javascript 151.101.195.10
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rwgenting.com/etc.clientlibs/gentingmalaysiaprogram/clientlibs/clientlib-site/clientlib-rwgenting.lc-afb00e21ec8b97171370be156f27cbe5-lc.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e8053490bc30e66a466e46a664f4a25de8d7dd963ffbfdbe8db0f08b879498de

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Dec 2022 07:27:57 GMT
age: 106065
x-vhost: publish
x-cache: HIT
content-length: 29075
x-served-by: cache-hhn-etou8220092-HHN
last-modified: Wed, 28 Dec 2022 02:00:11 GMT
x-timer: S1672298877.240724,VS0,VS0,VE1
etag: W/"21fa6-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
accept-ranges: bytes

GET
H2 200 jquery.cookie.min.js Show response
cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/ 1 KB
1004 B 27ms
20ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/jquery-cookie/1.4.1/jquery.cookie.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:27:57 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
age: 4188429
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 591
last-modified: Mon, 04 May 2020 16:11:45 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03ec1-514"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=F1lMOT2tGJ5Qc%2BdC6ioau%2Beg46F0Nj4zwPNaNSYczr8CsZGkTqEzvDH30BVTPzJqkRKRNTyq4KzH79XKQAA%2BgcIPaPN4q%2B5H8eXrDnZurSobuHLB1kq9ZROTrrTbuaNDJ0gTv3Tuhok2phni4UteKoqS"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7810d0ef0e96916e-FRA
expires: Tue, 19 Dec 2023 07:27:57 GMT

GET
H2 200 jquery-ui.js Show response
code.jquery.com/ui/1.10.4/ 426 KB
106 KB 39ms
26ms Script
application/javascript 2001:4de0:ac18::1:a:1a
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/ui/1.10.4/jquery-ui.js
Requested by: Host: www.rwgenting.com
URL: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: b69f1567863d760ef4dabec3eb29f349abca4b007dce36ab8926784a7babbe6c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:27:57 GMT
content-encoding: gzip
x-sp-metadata: HS256.CI2ftZ0GEo4BCiRhOGIwYWRlZS0wOGZlLTRiMDMtOTdlZi1iNTM5M2ZiOTE1NDcQ+OiCoKvU+wIaBgj9grWdBiITMjAwMTphYzg6MjA6MjcyOjoyZSiQkgMwAzgEQhZUTFNfQUVTXzEyOF9HQ01fU0hBMjU2WiAzZTliMjA2MTAwOThiNmM5YmZmOTUzODU2ZTU4MDE2YRosCAESJGRiMDIxZWJmLTlhMTEtNDIxNS05NjhmLWI0MjM5ZGY1YjcyOBj7xwYiGAgCEhRjZHMzMzguZnI4Lmh3Y2RuLm5ldA==.OQpXgDAYKwn6NSCgyvH26B6VsuFDcpEhkGgBCReSi9I=
last-modified: Sun, 04 Dec 2022 10:56:54 GMT
server: nginx
etag: W/"638c7cf6-6a9eb"
vary: Accept-Encoding
x-hw: 1672298877.dop216.fr8.t,1672298877.cds328.fr8.hn,1672298877.cds338.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 107515

GET
H2 200 container.lc-0a6aff292f5cc42142779cde92054524-lc.min.js Show response
www.rwgenting.com/etc.clientlibs/core/wcm/components/commons/site/clientlibs/ 1 KB
610 B 19ms
7ms Script
application/javascript 151.101.195.10
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rwgenting.com/etc.clientlibs/core/wcm/components/commons/site/clientlibs/container.lc-0a6aff292f5cc42142779cde92054524-lc.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

c250924012fdc9ea9516b30650895201cd167dbd49c9d148924f30881abfa393

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Dec 2022 07:27:57 GMT
age: 536369
x-vhost: publish
x-cache: HIT
content-length: 491
x-served-by: cache-hhn-etou8220092-HHN
last-modified: Fri, 23 Dec 2022 02:28:28 GMT
x-timer: S1672298877.282878,VS0,VS0,VE1
etag: W/"4f7-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
accept-ranges: bytes

GET
H2 200 clientlib-base.lc-12b8720c5ae214f9cecd41c78fd0bbd6-lc.min.js Show response
www.rwgenting.com/etc.clientlibs/gentingmalaysiaprogram/clientlibs/ 71 KB
20 KB 17ms
5ms Script
application/javascript 151.101.195.10
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rwgenting.com/etc.clientlibs/gentingmalaysiaprogram/clientlibs/clientlib-base.lc-12b8720c5ae214f9cecd41c78fd0bbd6-lc.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

bcca5f3081cba74e0b8cd477834e4f153abdcd7a4de8b6407f12d8c9ab6d7066

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Dec 2022 07:27:57 GMT
age: 526949
x-vhost: publish
x-cache: HIT
content-length: 20507
x-served-by: cache-hhn-etou8220092-HHN
last-modified: Fri, 23 Dec 2022 05:05:27 GMT
x-timer: S1672298877.283005,VS0,VS0,VE1
etag: W/"11b7e-2386f26fb1bdc0-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
accept-ranges: bytes

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 285 KB
94 KB 77ms
35ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K3SJ4N2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

6fd819b639e7cf73efa746222f3ad3d469907bdc14772519d51059756df9dd1a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:27:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95293
x-xss-protection: 0
last-modified: Thu, 29 Dec 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Dec 2022 07:27:57 GMT

GET
H2 200 css2
fonts.googleapis.com/ 24 KB
1 KB 114ms
44ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: www.rwgenting.com
URL: https://www.rwgenting.com/etc.clientlibs/gentingmalaysiaprogram/clientlibs/clientlib-site/clientlib-rwgenting.lc-799d851ee27b5eb87f7fb15c63738eb7-lc.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7a6d3ea3228a2dc96f3eb9ee37a17d83c31e404e16bb85e64e793b7bb4689237

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Dec 2022 07:27:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Dec 2022 07:26:26 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Dec 2022 07:27:57 GMT

GET
H2 200 icon
fonts.googleapis.com/ 569 B
869 B 111ms
43ms Stylesheet
text/css 2a00:1450:400d:80c::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/icon?family=Material+Icons

Requested by

Host: www.rwgenting.com
URL: https://www.rwgenting.com/etc.clientlibs/gentingmalaysiaprogram/clientlibs/clientlib-site/clientlib-rwgenting.lc-799d851ee27b5eb87f7fb15c63738eb7-lc.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80c::200a , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Thu, 29 Dec 2022 07:27:57 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 29 Dec 2022 07:27:57 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 29 Dec 2022 07:27:57 GMT

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rwgenting.com/content/dam/approved/rw-genting/web/genting-rewards/promotions/redeeming-your-complimentary-room/2340x480-Redeeming-Your-Complimentary-Room.png

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

485e49ab7f80378ef2b4bec6615fba5c80bb581929020bf5088f221400d83c0d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31557600
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:27:57 GMT
strict-transport-security: max-age=31557600
x-content-type-options: nosniff
last-modified: Wed, 29 Jun 2022 08:33:30 GMT
age: 84549
x-timer: S1672298877.398650,VS0,VS0,VE0
etag: "0x8DA59AA0C13F477"
x-cache: HIT
content-type: image/png
access-control-allow-origin: *
cache-control: max-age=7200,s-maxage=14400,stale-while-revalidate=86400,stale-if-error=86400
content-disposition: attachment; filename="2340x480-Redeeming-Your-Complimentary-Room.png"; filename*=UTF-8''2340x480-Redeeming-Your-Complimentary-Room.png
accept-ranges: bytes
content-length: 441141
x-served-by: cache-hhn-etou8220092-HHN

GET
H2 200 /
www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/ 58 KB
58 KB 745ms
745ms Image
text/html 151.101.195.10
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Dec 2022 07:27:58 GMT
x-timer: S1672298878.572916,VS0,VS0,VE739
x-vhost: publish
x-frame-options: SAMEORIGIN
x-cache: MISS
content-type: text/html;charset=utf-8
vary: Accept-Encoding
accept-ranges: bytes
content-length: 8746
x-served-by: cache-hhn-etou8220092-HHN

GET
H2 200 pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 34ms
8ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe03MImSLYBIv1o4X1M8cc8GBs5tU1E.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rwgenting.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 15:04:57 GMT
x-content-type-options: nosniff
age: 231780
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17116
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:31:19 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Dec 2023 15:04:57 GMT

GET
H2 200 pe0qMImSLYBIv1o4X1M8cce9I9s.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 41ms
16ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe0qMImSLYBIv1o4X1M8cce9I9s.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rwgenting.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Sun, 25 Dec 2022 17:06:11 GMT
x-content-type-options: nosniff
age: 310906
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 16980
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:33:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Mon, 25 Dec 2023 17:06:11 GMT

GET
H2 200 pe0oMImSLYBIv1o4X1M8cce4E9lKdg.woff2
fonts.gstatic.com/s/nunitosans/v12/ 17 KB
17 KB 35ms
10ms Font
font/woff2 2a00:1450:4001:801::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/nunitosans/v12/pe0oMImSLYBIv1o4X1M8cce4E9lKdg.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Nunito+Sans:ital,wght@0,200;0,300;0,400;0,600;0,700;0,800;0,900;1,200;1,300;1,400;1,600;1,700;1,800;1,900&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6637ea3139ffb01e240829717a4f8c195d7be6b81780ed643000b49833d8d6d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://www.rwgenting.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Mon, 26 Dec 2022 20:21:59 GMT
x-content-type-options: nosniff
age: 212758
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17684
x-xss-protection: 0
last-modified: Mon, 09 May 2022 18:32:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 26 Dec 2023 20:21:59 GMT

GET
H2 200 fa-brands-400.woff2
www.rwgenting.com/etc.clientlibs/gentingmalaysiaprogram/clientlibs/clientlib-site/clientlib-common/resources/fonts/ 75 KB
75 KB 8ms
7ms Font
application/octet-stream 151.101.195.10
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://www.rwgenting.com/etc.clientlibs/gentingmalaysiaprogram/clientlibs/clientlib-site/clientlib-common/resources/fonts/fa-brands-400.woff2

Requested by

Host: www.rwgenting.com
URL: https://www.rwgenting.com/etc.clientlibs/gentingmalaysiaprogram/clientlibs/clientlib-dependencies.lc-bc0f7602465a882f4e39ed87ecbfb9d5-lc.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

151.101.195.10 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://www.rwgenting.com/etc.clientlibs/gentingmalaysiaprogram/clientlibs/clientlib-dependencies.lc-bc0f7602465a882f4e39ed87ecbfb9d5-lc.min.css
Origin: https://www.rwgenting.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=63072000; includeSubdomains;
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Dec 2022 07:27:57 GMT
age: 279077
x-vhost: publish
x-cache: HIT
content-length: 76764
x-served-by: cache-hhn-etou8220092-HHN
last-modified: Thu, 15 Dec 2022 09:05:08 GMT
x-timer: S1672298878.579346,VS0,VS0,VE1
etag: "12bc0-5efda264c5900-gzip"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/octet-stream
cache-control: max-age=2592000,stale-while-revalidate=43200,stale-if-error=43200,public,immutable
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 278 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1157ebc0b5063e252982117f2747fbfea748195b35990728aea6c5185eee5df2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
DATA 200
OK truncated
/ 280 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 81af48f62543f2d429e1fcfe6bd329ff8c78c1d441e4910d26814275b7e6a858

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Content-Type: image/svg+xml;charset=utf-8

GET
H2 200 optimize.js Show response
www.googleoptimize.com/ 117 KB
46 KB 69ms
23ms Script
application/javascript 2a00:1450:4001:811::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googleoptimize.com/optimize.js?id=GTM-M89PTDB

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3SJ4N2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

294d475c2122abc4ef04f697f23b0ae37f07bcd29d9b6e91355e3909c1b265bc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:27:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 46178
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 29 Dec 2022 07:27:57 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 103 KB
27 KB 28ms
12ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3SJ4N2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 29 Dec 2022 07:27:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27298
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: R1zwiDPupVAlu7b7syF5lMhMLoFHMr4MrzGIbazHFnx8kN1jeox/JblUNAcnUv/Aejq9OB1h10aGLVF2IctRcQ==
x-fb-trip-id: 686109401
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 quant.js Show response
secure.quantserve.com/ 25 KB
10 KB 55ms
10ms Script
application/javascript 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://secure.quantserve.com/quant.js
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3SJ4N2
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: /
Resource Hash: d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:27:57 GMT
content-encoding: gzip
etag: "StHfV9prSwQMxjKWocWEFw=="
vary: Accept-Encoding
content-type: application/javascript
cache-control: private, max-age=604800
accept-ranges: bytes
expires: Thu, 05 Jan 2023 07:27:57 GMT

GET
H2 200 b90894f9b1582df507297d968da7fecece37d93.js Show response
cdn.brand-display.com/tr/knx15814/ 23 KB
8 KB 68ms
15ms Script
text/javascript 13.225.78.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brand-display.com/tr/knx15814/b90894f9b1582df507297d968da7fecece37d93.js?v1=%%PAGE_CATEGORY%%&v2=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree&_t=1672298877795
Requested by: Host: www.rwgenting.com
URL: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-21.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: c08e671967a1e37c99c6644d9ce66597c324639607a4df7df671d4d6b4229268

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

x-amz-version-id: tOXJK.mG6DRpfvXzPon70dkZrK06OlQH
content-encoding: br
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
date: Thu, 29 Dec 2022 07:27:57 GMT
last-modified: Mon, 30 Nov 2020 18:06:07 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 7842
etag: W/"8309c31a6749ee17ee6655d88ca91426"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: no-cache, must-revalidate, proxy-revalidate, public, max-age=0
x-amz-cf-id: u-fA7Yb5UjwrCrW2KKl36-KHjL153jNififAr5mcla8u5J5YiI1Onw==

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 135 KB
52 KB 65ms
38ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=AW-941664267

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3SJ4N2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

792b7d4eee98b0bbbbc561f8b1e313cf81bee47d6ab6ffed6a08c328f2617663

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:27:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 53011
x-xss-protection: 0
last-modified: Thu, 29 Dec 2022 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Thu, 29 Dec 2022 07:27:57 GMT

GET
H2 200 xfbml.customerchat.js Show response
connect.facebook.net/en_GB/sdk/ 315 KB
89 KB 25ms
19ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_GB/sdk/xfbml.customerchat.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e02bc9edb3cf63d8517292161956b783a961b0ef3c06ffdf55a00a09c745f6f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; preload; includeSubDomains
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Dec 2022 07:27:57 GMT
content-md5: f86RCEwX+gVAkdWBLl47DQ==
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 91054
x-fb-rlafr: 0
x-fb-debug: ayv+o8wXIdHi2TMgBAOljZjsvy5nus7CfgDAVpoSpJLFhbyw0TNKQmZWQ/yrrW42SQicKdspaj7ge9C8G9vxfw==
x-fb-trip-id: 686109401
x-fb-content-md5: 7e325cae468a8e89e6308053f3e5494e
cross-origin-opener-policy: same-origin-allow-popups
etag: "9abbeafe31db46bd27e0d3d7f915c92d"
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: X-FB-Content-MD5
cache-control: public,max-age=1200,stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 29 Dec 2022 07:31:43 GMT

GET
H3 200 js Show response
www.googletagmanager.com/gtag/ 221 KB
77 KB 54ms
30ms Script
application/javascript 2a00:1450:4001:80b::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-2QCFNCZ841&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3SJ4N2

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

4871240fa4e31f18a64093fda5f0b7e5721f11a8d2f0c04f4d7a132a668dbe9e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:27:57 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 78359
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 29 Dec 2022 07:27:57 GMT

GET
H2 200 rules-p-ju4brbPEmhN_U.js Show response
rules.quantcount.com/ 2 KB
1 KB 39ms
10ms Script
application/javascript 2600:9000:20eb:8e00:6:44e3:f8c0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://rules.quantcount.com/rules-p-ju4brbPEmhN_U.js
Requested by: Host: secure.quantserve.com
URL: https://secure.quantserve.com/quant.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:8e00:6:44e3:f8c0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: ff38b1c64a5f3d77d81380510c64379e04642833d759ae99eb11f9f628675ce1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:27:57 GMT
content-encoding: gzip
via: 1.1 3bf3e75bcb9a86b3eb343a1d4392a6de.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C1
age: 1821
x-amz-server-side-encryption: AES256
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
last-modified: Thu, 13 Oct 2022 15:36:32 GMT
server: AmazonS3
etag: W/"070215860c6755823eb7947c9020562a"
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
x-amz-cf-id: qnfdNIhiAumZ-r9MumWjUcBtuwj5Go24JqNvH9sbnmH-ehIMbutHPA==

GET
H3 200 identity.js Show response
connect.facebook.net/signals/plugins/ 64 KB
20 KB 18ms
9ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/identity.js?v=2.9.90

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 29 Dec 2022 07:27:57 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20722
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: pWaoc3LWqT6mv7dTDK+lpCwPT1ny4mUwkIvb0fJHPLPSAlNeI3HoNoXJmvDovNFGcuK37yDH2C3jifAhxSsCvw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 498877868265126 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 138ms
130ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/498877868265126?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e6d29df162121c1af6d0549fd378d757f6a25186b850437a6176762792318f34

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 29 Dec 2022 07:27:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: pQbj1NEQ8mMlgMgwax92N93due+VTAEiuTCL+kp5C8SGe6TwA6lGNZSC+jswZ29DznhhOq1DczyFGjQ3pp7C6g==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K3SJ4N2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Thu, 29 Dec 2022 05:50:44 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 5833
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Thu, 29 Dec 2022 07:50:44 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
349 B 54ms
13ms Ping
text/plain 2001:4860:4802:32::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-2QCFNCZ841&gtm=2oebu0&_p=1177325896&_gaz=1&cid=488197109.1672298878&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1672298877&sct=1&seg=0&dl=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree&dt=Redeeming%20Your%20Complimentary%20Room%20%7C%20Resorts%20World%20Genting&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2QCFNCZ841&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 07:27:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rwgenting.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
349 B 64ms
21ms Ping
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-2QCFNCZ841&cid=488197109.1672298878&gtm=2oebu0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-2QCFNCZ841&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 07:27:57 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rwgenting.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
501 B 109ms
46ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-2QCFNCZ841&cid=488197109.1672298878&gtm=2oebu0&aip=1&z=831342293

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 07:27:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 fingerprint2.min.js Show response
cdn.brand-display.com/sv/js/ 29 KB
29 KB 8ms
7ms Script
application/javascript 13.225.78.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brand-display.com/sv/js/fingerprint2.min.js
Requested by: Host: cdn.brand-display.com
URL: https://cdn.brand-display.com/tr/knx15814/b90894f9b1582df507297d968da7fecece37d93.js?v1=%%PAGE_CATEGORY%%&v2=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree&_t=1672298877795
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-21.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: ba50544bc52682e3884d79402fa65bbc8149866ff097223c48d9da54bb02e280

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Wed, 28 Dec 2022 23:02:24 GMT
x-amz-version-id: FMv4TnIx_EkiUylzRiS37tBQkjLZO1jg
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
last-modified: Fri, 10 Apr 2020 12:22:17 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C2
age: 30334
etag: "3b1a8d0a55f588f5675fa2ecd2abc5c2"
x-cache: Hit from cloudfront
content-type: application/javascript
accept-ranges: bytes
content-length: 29420
x-amz-cf-id: iCO6GYuZQzbep8Fsgq1YP3hl6I-htqpYrkGIKdTKE_8FyD5OzwXeuw==

GET
H2 200 / Show response
googleads.g.doubleclick.net/pagead/viewthroughconversion/941664267/ 2 KB
2 KB 147ms
80ms Script
text/javascript 2a00:1450:400d:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/941664267/?random=1672298877955&cv=11&fst=1672298877955&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree&tiba=Redeeming%20Your%20Complimentary%20Room%20%7C%20Resorts%20World%20Genting&auid=837240757.1672298878&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-941664267

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:802::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5da1c499508c15114a5e440b8bdf88cd26474beef5154ed2a9226a268a9f2bc8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 07:27:58 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
content-type: text/javascript; charset=UTF-8
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1048
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 pixel;r=1713716093;event=refresh;labels=_fp.event.Default%2C_fp.event.Genting%20rewards;source=gtm;rf=0;a=p-ju4brbPEmhN_U;url=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgen...
pixel.quantserve.com/ 35 B
372 B 18ms
9ms Image
image/gif 2620:116:800d:21:b314:a0ef:ab7c:d546
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.quantserve.com/pixel;r=1713716093;event=refresh;labels=_fp.event.Default%2C_fp.event.Genting%20rewards;source=gtm;rf=0;a=p-ju4brbPEmhN_U;url=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree;uht=2;fpan=1;fpa=P0-1756781428-1672298877872;pbc=;ns=0;ce=1;qjs=1;qv=bf501fc4-20221215111636;cm=;gdpr=0;ref=;d=rwgenting.com;dst=0;et=1672298877981;tzo=0;ogl=;ses=7bdc998a-3efd-4e38-8e83-f63c471d306c

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2620:116:800d:21:b314:a0ef:ab7c:d546 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 07:27:57 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
content-type: image/gif
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 35
expires: Fri, 04 Aug 1978 12:00:00 GMT

POST
H3 200 collect Show response
www.google-analytics.com/j/ 2 B
22 B 31ms
17ms XHR
text/plain 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=1177325896&t=pageview&_s=1&dl=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree&ul=en-us&de=UTF-8&dt=Redeeming%20Your%20Complimentary%20Room%20%7C%20Resorts%20World%20Genting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YCDACEABRAAAACAAI~&jid=579357449&gjid=514623914&cid=488197109.1672298878&tid=UA-3398302-45&_gid=1713066387.1672298878&_r=1&gtm=2wgbu0K3SJ4N2&z=1552338279

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rwgenting.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 07:27:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rwgenting.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H3 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
25 B 65ms
22ms XHR
text/plain 2a00:1450:400c:c07::9a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-3398302-45&cid=488197109.1672298878&jid=579357449&gjid=514623914&_gid=1713066387.1672298878&_u=YCDACEAARAAAACAAI~&z=1196349686

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400c:c07::9a Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.rwgenting.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 29 Dec 2022 07:27:58 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://www.rwgenting.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1408760949555385 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 125ms
125ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1408760949555385?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

242d4bbbc9f85f09714cd64ceebd1b9211d027453ad3864c524a8122e0575ee5

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 29 Dec 2022 07:27:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: gQo9DRMO/MKvYRKU6bhV+MFGemuny7vjsBBU4maoQj5sx/abIexDt43o5jNB5A2TL4KMbmqYX//iJXQQnYF5kQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 /
www.facebook.com/tr/ 0
185 B 28ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=498877868265126&ev=PageView&dl=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree&rl=&if=false&ts=1672298878065&sw=1600&sh=1200&v=2.9.90&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1672298878064.1235258517&it=1672298877889&coo=false&tm=1&rqm=GET

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Dec 2022 07:27:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
501 B 109ms
46ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-3398302-45&cid=488197109.1672298878&jid=579357449&_u=YCDACEAARAAAACAAI~&z=1142325563

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 07:27:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 ga-audiences
www.google.de/ads/ 42 B
63 B 95ms
49ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-3398302-45&cid=488197109.1672298878&jid=579357449&_u=YCDACEAARAAAACAAI~&z=1142325563

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 07:27:58 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 /
www.google.com/pagead/1p-user-list/941664267/ 42 B
154 B 79ms
48ms Image
image/gif 2a00:1450:400d:80a::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/pagead/1p-user-list/941664267/?random=1672298877955&cv=11&fst=1672297200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree&tiba=Redeeming%20Your%20Complimentary%20Room%20%7C%20Resorts%20World%20Genting&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1266901875&rmt_tld=0&ipr=y

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400d:80a::2004 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 07:27:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.google.de/pagead/1p-user-list/941664267/ 42 B
64 B 62ms
49ms Image
image/gif 2a00:1450:400d:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/941664267/?random=1672298877955&cv=11&fst=1672297200000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1600&u_h=1200&frm=0&url=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree&tiba=Redeeming%20Your%20Complimentary%20Room%20%7C%20Resorts%20World%20Genting&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1266901875&rmt_tld=1&ipr=y

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400d:806::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 07:27:58 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 1205397636948969 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 136ms
135ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1205397636948969?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

59dc2d19117a0f83c1a4fd29fbd16242f91a02fc6144a3870844da87ab0147bb

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 29 Dec 2022 07:27:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: Rkh6rMzv4M6+0d4WpGamwjDijA3iLUKXONZjTq463GpPfgEfxL8HBzOfrak53K6nnlmuuhiDHF8c8xpAbTJaDQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
18 B 16ms
7ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1408760949555385&ev=PageView&dl=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree&rl=&if=false&ts=1672298878222&sw=1600&sh=1200&v=2.9.90&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1672298878064.1235258517&it=1672298877889&coo=false&tm=1&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Dec 2022 07:27:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 408482393299012 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 130ms
130ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/408482393299012?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

8ad91da6b4c0c46f6251ea7532bced2821ed71a91dcc8974c23ddfedf80df535

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 29 Dec 2022 07:27:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: afjCUwd7lZ8f5I33WOeuLDwDVjB4//AjE1psfOdeQtIOVF8Ko2oQQHl7p6RsfxxdYyrzwZQkZDLSqu2oQ5j2Iw==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
6ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1205397636948969&ev=PageView&dl=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree&rl=&if=false&ts=1672298878382&sw=1600&sh=1200&v=2.9.90&r=stable&a=tmSimo-GTM-WebTemplate&ec=0&o=30&fbp=fb.1.1672298878064.1235258517&it=1672298877889&coo=false&tm=1&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Dec 2022 07:27:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 537857393380708 Show response
connect.facebook.net/signals/config/ 293 KB
84 KB 127ms
126ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/537857393380708?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

57eee82a59ffee9bed503e092ef0ca81b8610b29ede584b3850b84ab435325d1

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 29 Dec 2022 07:27:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 36SXiwzLt3lhq30Ab5FMQ2nkkuTWqK2DDPnWtE6GDCU4Ss/5CiZJ1HgDN5BNNZ22cnM4UTQnfmQ0p6U5TL22gQ==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=498877868265126&ev=PageView&dl=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree&rl=&if=false&ts=1672298878573&sw=1600&sh=1200&v=2.9.90&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1672298878064.1235258517&it=1672298877889&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Dec 2022 07:27:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1408760949555385&ev=PageView&dl=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree&rl=&if=false&ts=1672298878573&sw=1600&sh=1200&v=2.9.90&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1672298878064.1235258517&it=1672298877889&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Dec 2022 07:27:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 10ms
9ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1205397636948969&ev=PageView&dl=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree&rl=&if=false&ts=1672298878574&sw=1600&sh=1200&v=2.9.90&r=stable&a=tmSimo-GTM-WebTemplate&ec=1&o=30&fbp=fb.1.1672298878064.1235258517&it=1672298877889&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Dec 2022 07:27:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 10ms
9ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=408482393299012&ev=PageView&dl=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree&rl=&if=false&ts=1672298878575&sw=1600&sh=1200&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=0&o=30&fbp=fb.1.1672298878064.1235258517&it=1672298877889&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Dec 2022 07:27:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=537857393380708&ev=PageView&dl=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree&rl=&if=false&ts=1672298878718&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672298878064.1235258517&it=1672298877889&coo=false&rqm=GET

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Dec 2022 07:27:58 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 / Show response
socialplugin.facebook.net/new_domain_gating/ 40 B
880 B 123ms
106ms XHR
application/json 2a03:2880:f01c:800e:face:b00c:0:2
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://socialplugin.facebook.net/new_domain_gating/?endpoint=customerchat&page_id=180512280998&suppress_http_code=1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk/xfbml.customerchat.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f01c:800e:face:b00c:0:2 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

cdaab024c0121953419a4a1094ffe2ee9a902df55ee79d792e411bac835b9134

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.rwgenting.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
date: Thu, 29 Dec 2022 07:27:58 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: 7wm7+5jGIq4GBQBi//XSPcW+NcChsMdsOzo5VSkyTLsTcodALA1KHnCXKFatKHbAr3U7dN3r1Qr1qaGWcc5kDA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.rwgenting.com
cache-control: private, no-cache, no-store, must-revalidate
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 8ms
6ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1177325896&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree&ul=en-us&de=UTF-8&dt=Redeeming%20Your%20Complimentary%20Room%20%7C%20Resorts%20World%20Genting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scrolling&ea=10&el=percent&_u=aCDACEABRAAAACAAI~&jid=&gjid=&cid=488197109.1672298878&tid=UA-3398302-45&_gid=1713066387.1672298878&gtm=2wgbu0K3SJ4N2&z=772753375

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 04:12:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11720
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
7ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1177325896&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree&ul=en-us&de=UTF-8&dt=Redeeming%20Your%20Complimentary%20Room%20%7C%20Resorts%20World%20Genting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scrolling&ea=25&el=percent&_u=aCDACEABRAAAACAAI~&jid=&gjid=&cid=488197109.1672298878&tid=UA-3398302-45&_gid=1713066387.1672298878&gtm=2wgbu0K3SJ4N2&z=1399223465

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 04:12:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11720
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 9ms
8ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1177325896&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree&ul=en-us&de=UTF-8&dt=Redeeming%20Your%20Complimentary%20Room%20%7C%20Resorts%20World%20Genting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scrolling&ea=50&el=percent&_u=aCDACEABRAAAACAAI~&jid=&gjid=&cid=488197109.1672298878&tid=UA-3398302-45&_gid=1713066387.1672298878&gtm=2wgbu0K3SJ4N2&z=829438657

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 04:12:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11720
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 collect
www.google-analytics.com/ 35 B
55 B 10ms
8ms Image
image/gif 2a00:1450:4001:803::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google-analytics.com/collect?v=1&_v=j98&a=1177325896&t=event&ni=1&_s=1&dl=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree&ul=en-us&de=UTF-8&dt=Redeeming%20Your%20Complimentary%20Room%20%7C%20Resorts%20World%20Genting&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&ec=Scrolling&ea=75&el=percent&_u=aCDACEABRAAAACAAI~&jid=&gjid=&cid=488197109.1672298878&tid=UA-3398302-45&_gid=1713066387.1672298878&gtm=2wgbu0K3SJ4N2&z=967870783

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 04:12:38 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
age: 11720
content-type: image/gif
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 35
expires: Mon, 01 Jan 1990 00:00:00 GMT

GET
H3 200 / Show response
www.facebook.com/plugins/customer_chat/SDK/ 0
28 B 119ms
108ms XHR
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfad7fb18c4e6d%26domain%3Dwww.rwgenting.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.rwgenting.com%252Ff11d553a6cac67c%26relation%3Dparent.parent&current_url=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree&event_name=chat_plugin_sdk_facade_create&is_loaded_by_facade=true&loading_time=0&locale=en_GB&log_id=cdf30c8e-16c2-428e-b5d9-4720138e0360&page_id=180512280998&request_time=1672298878859&sdk=joey&should_use_new_domain=false&suppress_http_code=1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk/xfbml.customerchat.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.rwgenting.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
date: Thu, 29 Dec 2022 07:27:58 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: Mx4nxa9xNzi2UMdv0YPJzAuAG38gDVkgLsmbUg2xe86Y4AykZaA9iN7GyPn0flZdbnfQyapSIr4CHKUt+ty2ww==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.rwgenting.com
cache-control: private, no-cache, no-store, must-revalidate
priority: u=1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
www.facebook.com/plugins/customer_chat/facade/ 718 B
486 B 158ms
149ms XHR
application/json 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/customer_chat/facade/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfad7fb18c4e6d%26domain%3Dwww.rwgenting.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.rwgenting.com%252Ff11d553a6cac67c%26relation%3Dparent.parent&current_url=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree&is_loaded_by_facade=true&locale=en_GB&log_id=cdf30c8e-16c2-428e-b5d9-4720138e0360&page_id=180512280998&request_time=1672298878859&sdk=joey&should_use_new_domain=false&suppress_http_code=1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk/xfbml.customerchat.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6b074595152322833e9795937ef71c1840b08a479cc456daa327e77229db88e0

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.rwgenting.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
date: Thu, 29 Dec 2022 07:27:58 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: NygHktvRDOhs+fM3mI9WE2auzrws0wj4DTmhl1NDADUM4tkjXKdLP0Wy6d3CjTL4MFkmZT1AzhVcaf8lNXMaew==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.rwgenting.com
cache-control: private, no-cache, no-store, must-revalidate
x-frame-options: DENY
priority: u=1
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 / Show response
www.facebook.com/plugins/customer_chat/SDK/ 0
25 B 111ms
111ms XHR
text/html 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/customer_chat/SDK/?app_id=&attribution=biz_inbox&channel=https%3A%2F%2Fstaticxx.facebook.com%2Fx%2Fconnect%2Fxd_arbiter%2F%3Fversion%3D46%23cb%3Dfad7fb18c4e6d%26domain%3Dwww.rwgenting.com%26is_canvas%3Dfalse%26origin%3Dhttps%253A%252F%252Fwww.rwgenting.com%252Ff11d553a6cac67c%26relation%3Dparent.parent&current_url=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree&event_name=chat_plugin_sdk_facade_load&is_loaded_by_facade=true&loading_time=237&locale=en_GB&log_id=cdf30c8e-16c2-428e-b5d9-4720138e0360&page_id=180512280998&request_time=1672298879096&sdk=joey&should_use_new_domain=false&suppress_http_code=1

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_GB/sdk/xfbml.customerchat.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	default-src data: blob: 'self' https://.fbsbx.com 'unsafe-inline' .facebook.com 'unsafe-eval' .fbcdn.net;script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com .fbcdn.net data: .facebook.com 'unsafe-inline';connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com:* wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: .cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net .fbsbx.com .fb.com;font-src data: .gstatic.com .facebook.com .fbcdn.net .fbsbx.com;img-src .fbcdn.net .facebook.com data: https://.fbsbx.com .tenor.co media.tenor.com facebook.com .cdninstagram.com fbsbx.com fbcdn.net .giphy.com connect.facebook.net .carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com .whatsapp.net .fb.com .oculuscdn.com;media-src .cdninstagram.com blob: .fbcdn.net .fbsbx.com www.facebook.com .facebook.com https://.giphy.com data:;frame-src .doubleclick.net .google.com .facebook.com www.googleadservices.com .fbsbx.com fbsbx.com data: www.instagram.com .fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: .facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.rwgenting.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

content-security-policy: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;block-all-mixed-content;upgrade-insecure-requests;
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
date: Thu, 29 Dec 2022 07:27:59 GMT
document-policy: force-load-at-top
content-security-policy-report-only: default-src data: blob: 'self' https://*.fbsbx.com 'unsafe-inline' *.facebook.com 'unsafe-eval' *.fbcdn.net;script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self' connect.facebook.net;style-src fonts.googleapis.com *.fbcdn.net data: *.facebook.com 'unsafe-inline';connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' http://localhost:3103 wss://gateway.facebook.com wss://edge-chat.facebook.com wss://snaptu-d.facebook.com wss://kaios-d.facebook.com/ v.whatsapp.net *.fbsbx.com *.fb.com;font-src data: *.gstatic.com *.facebook.com *.fbcdn.net *.fbsbx.com;img-src *.fbcdn.net *.facebook.com data: https://*.fbsbx.com *.tenor.co media.tenor.com facebook.com *.cdninstagram.com fbsbx.com fbcdn.net *.giphy.com connect.facebook.net *.carriersignal.info blob: android-webview-video-poster: googleads.g.doubleclick.net www.googleadservices.com *.whatsapp.net *.fb.com *.oculuscdn.com;media-src *.cdninstagram.com blob: *.fbcdn.net *.fbsbx.com www.facebook.com *.facebook.com https://*.giphy.com data:;frame-src *.doubleclick.net *.google.com *.facebook.com www.googleadservices.com *.fbsbx.com fbsbx.com data: www.instagram.com *.fbcdn.net https://paywithmybank.com https://sandbox.paywithmybank.com;worker-src blob: *.facebook.com data:;report-uri https://www.facebook.com/csp/reporting/?minimize=0;
alt-svc: h3=":443"; ma=86400
content-length: 0
x-fb-rlafr: 0
x-xss-protection: 0
pragma: no-cache
x-fb-debug: wpM4kFXflLLEh+OnlX/cxyyCkcP/lyDPWl6GjBAEp5N7zuX27JG8HYXbtow5HsbcMFELGiGHMhY1DeHpuzcd3g==
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: DENY
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: text/html; charset="utf-8"
access-control-allow-origin: https://www.rwgenting.com
cache-control: private, no-cache, no-store, must-revalidate
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 cfix.html Show response
cdn.brand-display.com/tr/tag/ Frame 343E 2 KB
1 KB 12ms
12ms Document
text/html 13.225.78.21
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.brand-display.com/tr/tag/cfix.html?key=b90894f9b1582df507297d968da7fecece37d93
Requested by: Host: cdn.brand-display.com
URL: https://cdn.brand-display.com/tr/knx15814/b90894f9b1582df507297d968da7fecece37d93.js?v1=%%PAGE_CATEGORY%%&v2=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree&_t=1672298877795
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 13.225.78.21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-13-225-78-21.fra2.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 27988668fad87e9782d62f51b22f6feda6fdb2ef16a315b968728f164be1c6f7

Request headers

Referer: https://www.rwgenting.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 7095
cache-control: no-cache, must-revalidate, proxy-revalidate, public, max-age=0
content-encoding: gzip
content-type: text/html
date: Thu, 29 Dec 2022 05:29:51 GMT
etag: W/"073b35c69744014f5d2406710e188e97"
last-modified: Mon, 18 Mar 2019 15:45:52 GMT
server: AmazonS3
vary: Accept-Encoding
via: 1.1 2f194b62c8c43859cbf5af8e53a8d2a6.cloudfront.net (CloudFront)
x-amz-cf-id: P93mmszE0YfkeRaDo3_4DlY5ovFL-TvsTdNFOoPy6wFaPnlPGEhymg==
x-amz-cf-pop: FRA2-C2
x-amz-version-id: wdA6oWpnBvGweZ2olIlUbqk0DcpmZdej
x-cache: Hit from cloudfront

GET
H2 200 remarketing Show response
tr.brand-display.com/tracking/api/ 3 KB
3 KB 506ms
163ms Script
application/javascript 54.151.237.152
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://tr.brand-display.com/tracking/api/remarketing?_t=1672298879238&advertiserId=knx15814&id=b90894f9b1582df507297d968da7fecece37d93&v1=&v2=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree&_t=1672298877795&url=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree&referer=&aurl=&areferer=&required=0&extra=%7B%22id%22%3A%22all%22%7D&d=1&r=0
Requested by: Host: cdn.brand-display.com
URL: https://cdn.brand-display.com/tr/knx15814/b90894f9b1582df507297d968da7fecece37d93.js?v1=%%PAGE_CATEGORY%%&v2=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree&_t=1672298877795
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.151.237.152 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-151-237-152.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.23.2 /
Resource Hash: d2456f608bf5b450b311351388bd022200471fc5a682641f59acd30732d53039

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:27:59 GMT
cache-control: max-age=3600
user-region: EU
server: nginx/1.23.2
content-length: 3095
content-type: application/javascript

GET
H3

200

activityi;dc_pre=CJv5p-WmnvwCFatKkQUdCikKtQ;src=8661995;type=remar0;cat=rwg_g0;u1=;u2=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-yo... Show response
8661995.fls.doubleclick.net/ Frame B815
Redirect Chain

https://8661995.fls.doubleclick.net/activityi;src=8661995;type=remar0;cat=rwg_g0;u1=;u2=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-...
https://8661995.fls.doubleclick.net/activityi;dc_pre=CJv5p-WmnvwCFatKkQUdCikKtQ;src=8661995;type=remar0;cat=rwg_g0;u1=;u2=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting...

707 B
417 B

70ms
55ms

Document
text/html

142.250.186.38
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://8661995.fls.doubleclick.net/activityi;dc_pre=CJv5p-WmnvwCFatKkQUdCikKtQ;src=8661995;type=remar0;cat=rwg_g0;u1=;u2=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=187644956267.26108?

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.186.38 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f6.1e100.net

Software

cafe /

Resource Hash

8255a83ee3d0cb376a6f1b30fe44f6c84fd0542c3dcd139ac7ad3401b10bf9c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=21600
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.rwgenting.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: private, max-age=0
content-encoding: br
content-length: 392
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Dec 2022 07:27:59 GMT
expires: Thu, 29 Dec 2022 07:27:59 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

Redirect headers

alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, must-revalidate
content-length: 0
content-type: text/html; charset=UTF-8
cross-origin-resource-policy: cross-origin
date: Thu, 29 Dec 2022 07:27:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
follow-only-when-prerender-shown: 1
location: https://8661995.fls.doubleclick.net/activityi;dc_pre=CJv5p-WmnvwCFatKkQUdCikKtQ;src=8661995;type=remar0;cat=rwg_g0;u1=;u2=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=187644956267.26108?
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
pragma: no-cache
server: cafe
strict-transport-security: max-age=21600
timing-allow-origin: *
x-content-type-options: nosniff
x-xss-protection: 0

GET
H3 200 1994258390890728 Show response
connect.facebook.net/signals/config/ 292 KB
84 KB 126ms
126ms Script
application/x-javascript 2a03:2880:f01c:8012:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/1994258390890728?v=2.9.90&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f01c:8012:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

4cc7b536cd36ac154e2691af10533509a929c1f28abd9e57c2905619e5d0ecdb

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .google.com 127.0.0.1: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net wss://.facebook.com: wss://.whatsapp.com: wss://.fbcdn.net attachment.fbsbx.com ws://localhost: blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Thu, 29 Dec 2022 07:27:59 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
x-xss-protection: 0
pragma: public
x-fb-debug: 2mfOxsd/ls88x3eicOyOuhHc+uwIzOMFZH21gbVy/oqmuIgrS6cmBs0NCgzwCI+33lPVdhOMlFlEniLRvQ1XFA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1994258390890728&ev=PageView&dl=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree&rl=&if=false&ts=1672298879451&sw=1600&sh=1200&v=2.9.90&r=stable&ec=0&o=30&fbp=fb.1.1672298878064.1235258517&it=1672298877889&coo=false&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Dec 2022 07:27:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 dc_pre=CJv5p-WmnvwCFatKkQUdCikKtQ;src=8661995;type=remar0;cat=rwg_g0;u1=;u2=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complim...
adservice.google.com/ddm/fls/z/ Frame B815 42 B
494 B 93ms
44ms Image
image/gif 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://adservice.google.com/ddm/fls/z/dc_pre=CJv5p-WmnvwCFatKkQUdCikKtQ;src=8661995;type=remar0;cat=rwg_g0;u1=;u2=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=187644956267.26108

Requested by

Host: 8661995.fls.doubleclick.net
URL: https://8661995.fls.doubleclick.net/activityi;dc_pre=CJv5p-WmnvwCFatKkQUdCikKtQ;src=8661995;type=remar0;cat=rwg_g0;u1=;u2=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;tfua=;npa=;ord=187644956267.26108?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://8661995.fls.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 07:27:59 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=498877868265126&ev=Microdata&dl=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree&rl=&if=false&ts=1672298879569&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Redeeming%20Your%20Complimentary%20Room%20%7C%20Resorts%20World%20Genting%22%2C%22meta%3Akeywords%22%3A%22Redeeming%20Your%20Complimentary%20Room%22%2C%22meta%3Adescription%22%3A%22Redeeming%20Your%20Complimentary%20Room%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=30&fbp=fb.1.1672298878064.1235258517&it=1672298877889&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Dec 2022 07:27:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
7ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1408760949555385&ev=Microdata&dl=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree&rl=&if=false&ts=1672298879725&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Redeeming%20Your%20Complimentary%20Room%20%7C%20Resorts%20World%20Genting%22%2C%22meta%3Akeywords%22%3A%22Redeeming%20Your%20Complimentary%20Room%22%2C%22meta%3Adescription%22%3A%22Redeeming%20Your%20Complimentary%20Room%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=30&fbp=fb.1.1672298878064.1235258517&it=1672298877889&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Dec 2022 07:27:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H2 200 remarketing
tr.brand-display.com/tracking/api/ 0
439 B 164ms
164ms Image
image/gif 54.151.237.152
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://tr.brand-display.com/tracking/api/remarketing?_t=1672298879238&advertiserId=knx15814&id=b90894f9b1582df507297d968da7fecece37d93&v1=&v2=https%253A%252F%252Fwww.rwgenting.com%252Fcontent%252Frw-genting%252Fweb%252Fen%252Fgenting-rewards%252Fpromotions%252Fredeeming-your-complimentary-room.html%252F%253Flangtype%253D1033%2526utm_source%253Dsms_monthlyoffer%2526utm_medium%253Daccommodation%2526utm_campaign%253Dparent012023_monthlyoffer%2526utm_term%253Dpmp%2526utm_content%253Dfree&_t=1672298877795&url=https%253A%252F%252Fwww.rwgenting.com%252Fcontent%252Frw-genting%252Fweb%252Fen%252Fgenting-rewards%252Fpromotions%252Fredeeming-your-complimentary-room.html%252F%253Flangtype%253D1033%2526utm_source%253Dsms_monthlyoffer%2526utm_medium%253Daccommodation%2526utm_campaign%253Dparent012023_monthlyoffer%2526utm_term%253Dpmp%2526utm_content%253Dfree&referer=&aurl=&areferer=&required=0&extra=%257B%2522id%2522%253A%2522all%2522%257D&d=1&r=0&bf=31650e89f006669064fb068007e3be31&itp=false
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.151.237.152 , Singapore, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-151-237-152.ap-southeast-1.compute.amazonaws.com
Software: nginx/1.23.3 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

content-type: image/gif
date: Thu, 29 Dec 2022 07:27:59 GMT
cache-control: max-age=3600
user-region: EU
server: nginx/1.23.3
content-length: 0
p3p: CP='This is not a P3P policy!'

GET
H3

200

pixel
dmp.brand-display.com/adx/cm/
Redirect Chain

https://tr.brand-display.com/tracking/api/r?r0=1&rurl=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dknorex%26google_hm%3D%25%25KNXQ_B64_ENC%25%25%26google_cm&bf=31650e89f006669064fb0680...
https://cm.g.doubleclick.net/pixel?google_nid=knorex&google_hm=ZjgzMDUyNjQxMTQzNWNkNmEzZTU5MjEx&google_cm&kcid=82906586878648352052744180618008367643
https://dmp.brand-display.com/adx/cm/pixel?google_gid=CAESED3WdPfrOskJgNc3OEW0YCQ&kcid=82906586878648352052744180618008367643&google_cver=1

0
16 B

185ms
184ms

Image
image/gif

34.111.151.213
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/adx/cm/pixel?google_gid=CAESED3WdPfrOskJgNc3OEW0YCQ&kcid=82906586878648352052744180618008367643&google_cver=1
Protocol: H3
Server: 34.111.151.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 213.151.111.34.bc.googleusercontent.com
Software: nginx/1.22.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 07:28:00 GMT
via: 1.1 google
server: nginx/1.22.1
p3p: CP='This is not a P3P policy!'
access-control-allow-origin: *
content-type: image/gif
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

pragma: no-cache
date: Thu, 29 Dec 2022 07:28:00 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dmp.brand-display.com/adx/cm/pixel?google_gid=CAESED3WdPfrOskJgNc3OEW0YCQ&kcid=82906586878648352052744180618008367643&google_cver=1
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 344
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3

200

pixel
dmp.brand-display.com/cm2/api/
Redirect Chain

https://tags.bluekai.com/site/46117?id=31650e89f006669064fb068007e3be31&limit=1&redir=https%3A%2F%2Fdmp.brand-display.com%2Fcm2%2Fapi%2Fpixel%3Fpartner%3D0004%26pid%3D%24_BK_UUID%26bf%3D31650e89f00...
https://dmp.brand-display.com/cm2/api/pixel?partner=0004&pid=$_BK_UUID&bf=31650e89f006669064fb068007e3be31

0
16 B

139ms
124ms

Image
image/gif

34.111.151.213
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm2/api/pixel?partner=0004&pid=$_BK_UUID&bf=31650e89f006669064fb068007e3be31
Protocol: H3
Server: 34.111.151.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 213.151.111.34.bc.googleusercontent.com
Software: nginx/1.22.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 07:28:00 GMT
via: 1.1 google
server: nginx/1.22.1
p3p: CP='This is not a P3P policy!'
access-control-allow-origin: *
content-type: image/gif
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

location: https://dmp.brand-display.com/cm2/api/pixel?partner=0004&pid=$_BK_UUID&bf=31650e89f006669064fb068007e3be31
date: Thu, 29 Dec 2022 07:28:00 GMT
content-length: 0
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"

GET
H2 200 sd
us-u.openx.net/w/1.0/ 43 B
273 B 38ms
16ms Image
image/gif 35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=539237773&val=31650e89f006669064fb068007e3be31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 07:27:59 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H/1.1

200
OK

52164
i6.liadm.com/s/
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=316&user_id=31650e89f006669064fb068007e3be31&expires=30
https://x.bidswitch.net/ul_cb/sync?dsp_id=316&user_id=31650e89f006669064fb068007e3be31&expires=30
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=aeb548a6-9790-48b7-8f46-53444e3470c5
https://i.liadm.com/s/52164?bidder_id=5298&licd=&bidder_uuid=aeb548a6-9790-48b7-8f46-53444e3470c5&_li_chk=true&previous_uuid=82013c686f5e4e4d8d8b327c2826a2a0
https://i6.liadm.com/s/52164?licd=&bidder_id=5298&bidder_uuid=aeb548a6-9790-48b7-8f46-53444e3470c5

43 B
436 B

315ms
101ms

Image
image/gif

2600:1f18:ed:550e:8a5c:b0cf:9d7c:272c
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i6.liadm.com/s/52164?licd=&bidder_id=5298&bidder_uuid=aeb548a6-9790-48b7-8f46-53444e3470c5

Protocol

HTTP/1.1

Server

2600:1f18:ed:550e:8a5c:b0cf:9d7c:272c Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

Software

Resource Hash

caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Date: Thu, 29 Dec 2022 07:28:00 GMT
Cache-Control: no-store
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 43
Request-Time: 1
Content-Type: image/gif

Redirect headers

Location: https://i6.liadm.com/s/52164?licd=&bidder_id=5298&bidder_uuid=aeb548a6-9790-48b7-8f46-53444e3470c5
Date: Thu, 29 Dec 2022 07:28:00 GMT
Strict-Transport-Security: max-age=31536000; includeSubDomains
Connection: keep-alive
Content-Length: 0
Request-Time: 1

GET
H2

200

/
sync.taboola.com/sg/knorex-network/1/rtb-h/
Redirect Chain

https://dmp.brand-display.com/cm/api/taboola?_t=1672298879802&bf=31650e89f006669064fb068007e3be31
https://sync.taboola.com/sg/knorex-network/1/rtb-h/?taboola_hm=f8305264-1143-5cd6-a3e59211

0
99 B

74ms
20ms

Image
text/plain

141.226.228.48
TABOOLA-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.taboola.com/sg/knorex-network/1/rtb-h/?taboola_hm=f8305264-1143-5cd6-a3e59211
Protocol: H2
Server: 141.226.228.48 , Netherlands, ASN200478 (TABOOLA-AS, IL),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:28:00 GMT
access-control-allow-credentials: true
server: nginx
x-fastly-to-nlb-rtt: 12806

Redirect headers

date: Thu, 29 Dec 2022 07:27:59 GMT
via: 1.1 google
server: nginx/1.22.1
p3p: CP='This is not a P3P policy!'
access-control-allow-origin: *
location: https://sync.taboola.com/sg/knorex-network/1/rtb-h/?taboola_hm=f8305264-1143-5cd6-a3e59211
content-type: text/html; charset=utf-8
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 113

GET
H/1.1

200
OK

bounce
ib.adnxs.com/
Redirect Chain

https://dmp.brand-display.com/cm/api/appnexus?_t=1672298879803&bf=31650e89f006669064fb068007e3be31
https://ib.adnxs.com/setuid?entity=442&code=f8305264-1143-5cd6-a3e59211
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D442%26code%3Df8305264-1143-5cd6-a3e59211

43 B
1 KB

8ms
7ms

Image
image/gif

37.252.171.52
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D442%26code%3Df8305264-1143-5cd6-a3e59211

Protocol

HTTP/1.1

Server

37.252.171.52 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Dec 2022 07:27:59 GMT
AN-X-Request-Uuid: 955c4df3-819d-40f1-8555-cf3d086fadd6
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
X-Proxy-Origin: 146.70.117.101; 146.70.117.101; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Thu, 29 Dec 2022 07:27:59 GMT
AN-X-Request-Uuid: 50885e16-97b8-4d7f-8a47-73e5fc5fd8a6
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D442%26code%3Df8305264-1143-5cd6-a3e59211
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 146.70.117.101; 146.70.117.101; 1005.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2

451

708804.gif
idsync.rlcdn.com/
Redirect Chain

https://dmp.brand-display.com/cm/api/liveramp?_t={CACHEBUSTER}&bf=31650e89f006669064fb068007e3be31
https://idsync.rlcdn.com/708804.gif?partner_uid=f8305264-1143-5cd6-a3e59211

0
98 B

41ms
15ms

Image
text/plain

35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/708804.gif?partner_uid=f8305264-1143-5cd6-a3e59211
Protocol: H2
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:27:59 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

Redirect headers

date: Thu, 29 Dec 2022 07:27:59 GMT
via: 1.1 google
server: nginx/1.22.1
p3p: CP='This is not a P3P policy!'
access-control-allow-origin: *
location: https://idsync.rlcdn.com/708804.gif?partner_uid=f8305264-1143-5cd6-a3e59211
content-type: text/html; charset=utf-8
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 98

GET
H3

200

check
pixel.tapad.com/idsync/ex/receive/
Redirect Chain

https://dmp.brand-display.com/cm/api/tapad?_t=1672298879803&bf=31650e89f006669064fb068007e3be31
https://pixel.tapad.com/idsync/ex/receive?partner_id=3021&partner_device_id=f8305264-1143-5cd6-a3e59211
https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3021&partner_device_id=f8305264-1143-5cd6-a3e59211

95 B
122 B

35ms
25ms

Image
image/png

35.227.248.159
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3021&partner_device_id=f8305264-1143-5cd6-a3e59211

Protocol

Server

35.227.248.159 Kansas City, United States, ASN15169 (GOOGLE, US),

Reverse DNS

159.248.227.35.bc.googleusercontent.com

Software

Resource Hash

3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

date: Thu, 29 Dec 2022 07:28:00 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
content-type: image/png
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 95

Redirect headers

date: Thu, 29 Dec 2022 07:27:59 GMT
strict-transport-security: max-age=31536000
via: 1.1 google
accept-ch: Sec-CH-UA, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-WoW64
p3p: policyref="http://tapad-taptags.s3.amazonaws.com/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
location: https://pixel.tapad.com/idsync/ex/receive/check?partner_id=3021&partner_device_id=f8305264-1143-5cd6-a3e59211
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 roqad
dmp.brand-display.com/cm/api/ 0
65 B 141ms
119ms Image
image/gif 34.111.151.213
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/roqad?_t=1672298879803&bf=31650e89f006669064fb068007e3be31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.151.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 213.151.111.34.bc.googleusercontent.com
Software: nginx/1.22.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 07:27:59 GMT
via: 1.1 google
server: nginx/1.22.1
content-type: image/gif
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 smaato
dmp.brand-display.com/cm/api/ 0
42 B 142ms
119ms Image
image/gif 34.111.151.213
GOOGLE-CLOUD-PLAT...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dmp.brand-display.com/cm/api/smaato?bf=31650e89f006669064fb068007e3be31
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 34.111.151.213 Kansas City, United States, ASN396982 (GOOGLE-CLOUD-PLATFORM, US),
Reverse DNS: 213.151.111.34.bc.googleusercontent.com
Software: nginx/1.22.1 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 29 Dec 2022 07:27:59 GMT
via: 1.1 google
server: nginx/1.22.1
content-type: image/gif
cache-control: max-age=3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/
Redirect Chain

https://dmp.brand-display.com/cm/api/index?cm_callback_url=%2F%2Fdsum-sec.casalemedia.com%2Frum&cm_dsp_id=191&bf=31650e89f006669064fb068007e3be31
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=f8305264-1143-5cd6-a3e59211
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=f8305264-1143-5cd6-a3e59211&C=1

43 B
766 B

11ms
10ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=191&expiration=63072000&external_user_id=f8305264-1143-5cd6-a3e59211&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

Pragma: no-cache
Date: Thu, 29 Dec 2022 07:28:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Thu, 29 Dec 2022 07:28:00 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=191&expiration=63072000&external_user_id=f8305264-1143-5cd6-a3e59211&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 7ms
6ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1205397636948969&ev=Microdata&dl=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree&rl=&if=false&ts=1672298879883&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Redeeming%20Your%20Complimentary%20Room%20%7C%20Resorts%20World%20Genting%22%2C%22meta%3Akeywords%22%3A%22Redeeming%20Your%20Complimentary%20Room%22%2C%22meta%3Adescription%22%3A%22Redeeming%20Your%20Complimentary%20Room%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&a=tmSimo-GTM-WebTemplate&ec=2&o=30&fbp=fb.1.1672298878064.1235258517&it=1672298877889&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Dec 2022 07:27:59 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
9ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=408482393299012&ev=Microdata&dl=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree&rl=&if=false&ts=1672298880101&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Redeeming%20Your%20Complimentary%20Room%20%7C%20Resorts%20World%20Genting%22%2C%22meta%3Akeywords%22%3A%22Redeeming%20Your%20Complimentary%20Room%22%2C%22meta%3Adescription%22%3A%22Redeeming%20Your%20Complimentary%20Room%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&a=tmgoogletagmanager&ec=1&o=30&fbp=fb.1.1672298878064.1235258517&it=1672298877889&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Dec 2022 07:28:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 8ms
7ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=537857393380708&ev=Microdata&dl=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree&rl=&if=false&ts=1672298880259&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Redeeming%20Your%20Complimentary%20Room%20%7C%20Resorts%20World%20Genting%22%2C%22meta%3Akeywords%22%3A%22Redeeming%20Your%20Complimentary%20Room%22%2C%22meta%3Adescription%22%3A%22Redeeming%20Your%20Complimentary%20Room%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1672298878064.1235258517&it=1672298877889&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Dec 2022 07:28:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

GET
H3 200 /
www.facebook.com/tr/ 0
15 B 9ms
9ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=1994258390890728&ev=Microdata&dl=https%3A%2F%2Fwww.rwgenting.com%2Fcontent%2Frw-genting%2Fweb%2Fen%2Fgenting-rewards%2Fpromotions%2Fredeeming-your-complimentary-room.html%2F%3Flangtype%3D1033%26utm_source%3Dsms_monthlyoffer%26utm_medium%3Daccommodation%26utm_campaign%3Dparent012023_monthlyoffer%26utm_term%3Dpmp%26utm_content%3Dfree&rl=&if=false&ts=1672298880953&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22Redeeming%20Your%20Complimentary%20Room%20%7C%20Resorts%20World%20Genting%22%2C%22meta%3Akeywords%22%3A%22Redeeming%20Your%20Complimentary%20Room%22%2C%22meta%3Adescription%22%3A%22Redeeming%20Your%20Complimentary%20Room%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.90&r=stable&ec=1&o=30&fbp=fb.1.1672298878064.1235258517&it=1672298877889&coo=false&es=automatic&tm=3&rqm=GET

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.rwgenting.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.5359.124 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Thu, 29 Dec 2022 07:28:00 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0
priority: u=3,i

Verdicts & Comments Add Verdict or Comment

59 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

29 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
i.liadm.com/s	1970-01-20 09:14:50	Name: _li_ss Value: MgkI_____wcQiRQ
www.rwgenting.com/	1969-12-31 23:59:59	Name: affinity Value: "58a52c474aa833b2"
.rwgenting.com/	1970-01-20 10:41:14	Name: _gcl_au Value: 1.1.837240757.1672298878
.rwgenting.com/	1970-01-20 18:07:38	Name: _ga_2QCFNCZ841 Value: GS1.1.1672298877.1.0.1672298877.60.0.0
.rwgenting.com/	1970-01-20 18:07:38	Name: _ga Value: GA1.2.488197109.1672298878
.rwgenting.com/	1970-01-20 08:33:05	Name: _gid Value: GA1.2.1713066387.1672298878
.quantserve.com/	1970-01-20 18:01:53	Name: mc Value: 63ad417d-f399d-3713c-d11fc
.rwgenting.com/	1970-01-20 08:31:38	Name: _gat_UA-3398302-45 Value: 1
.rwgenting.com/	1970-01-20 17:56:07	Name: __qca Value: P0-1756781428-1672298877872
.rwgenting.com/	1970-01-20 10:41:14	Name: _fbp Value: fb.1.1672298878064.1235258517
.doubleclick.net/	1970-01-20 17:53:14	Name: IDE Value: AHWqTUlHrKQelDvuHPeDbvFnK68qFX0eOUKq7cQAtFsPuw7m6SM3LU1gy6vI-Xgi4es
www.rwgenting.com/	1970-01-20 09:14:50	Name: _knxcm_ Value: googleT1672298879.0004T1672298879.0005T1672298879.0006T1672298879.0008T1672298879.0010T1672298879.0011T1672298879.0013T1672298879.0015T1672298879.0016T1672298879.0011T1672298879
.bidswitch.net/	1970-01-20 17:17:14	Name: tuuid Value: aeb548a6-9790-48b7-8f46-53444e3470c5
.bidswitch.net/	1970-01-20 17:17:14	Name: c Value: 1672298879
.bidswitch.net/	1970-01-20 17:17:14	Name: tuuid_lu Value: 1672298879
.brand-display.com/	1970-01-20 18:07:38	Name: _knxcv_ Value:
.brand-display.com/	1970-01-20 18:07:38	Name: _knxp_ Value: 7f1b6c58
.adnxs.com/	1970-01-20 10:41:14	Name: uuid2 Value: 5955031750913974948
.adnxs.com/	1970-01-20 10:41:14	Name: anj Value: dTM7k!M41.D>6NRF']wIg2ImVu!p_=!@wnfH8K8EOm^4+=34B:k^L#]g]G*3i+=(@4heRO5uoZ<jG+Jg>zLnTk#$X3%nugO%v4VB%nm77)S4Z@
.tapad.com/	1970-01-20 09:58:02	Name: TapAd_TS Value: 1672298879983
.tapad.com/	1970-01-20 09:58:02	Name: TapAd_DID Value: d06c4e5f-adf8-4d53-8353-ed0bb0b3be11
.bluekai.com/	1970-01-20 12:53:43	Name: bku Value: Jqx99c2OgVw1ovW0
.bluekai.com/	1970-01-20 12:53:43	Name: bkpa Value: KJ0WpLamhY9x9BYFZqt8mXpDvHySG0WAhFmKsNCG7vHDxM7GldLJIy4F5rGG+6Z1Z5X6ntpAaR+Nsbv/mJHou0QVzubzYoFngkUcRib2jmln2hM+OcTcYA9CNljBwHf8JKFj2FCl44hDGwYGOOHiDbex2n4LyvcawGfuQE6iEAeuB9BfGs72IagF26XwJsAe2A2Jbp90WpkgjtKHdQz9HZ/fKx==
.tapad.com/	1970-01-20 09:58:02	Name: TapAd_3WAY_SYNCS Value:
.casalemedia.com/	1970-01-20 17:17:14	Name: CMID Value: Y61BgATHF59Yt1T2vV4ZjgAA
.casalemedia.com/	1970-01-20 10:41:14	Name: CMPS Value: 2235
.casalemedia.com/	1970-01-20 10:41:14	Name: CMPRO Value: 2235
.brand-display.com/	1970-01-20 18:07:38	Name: _knxq_ Value: f8305264-1143-5cd6-a3e59211.1672298879.2.1672298880.1672298879
.liadm.com/	1970-01-20 18:07:38	Name: lidid Value: 82013c68-6f5e-4e4d-8d8b-327c2826a2a0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
rendering	warning	URL: https://www.rwgenting.com/content/rw-genting/web/en/genting-rewards/promotions/redeeming-your-complimentary-room.html/?langtype=1033&utm_source=sms_monthlyoffer&utm_medium=accommodation&utm_campaign=parent012023_monthlyoffer&utm_term=pmp&utm_content=free Message: [.WebGL-0x21b802f88e00]GL Driver Message (OpenGL, Performance, GL_CLOSE_PATH_NV, High): GPU stall due to ReadPixels
network	error	URL: https://idsync.rlcdn.com/708804.gif?partner_uid=f8305264-1143-5cd6-a3e59211 Message: Failed to load resource: the server responded with a status of 451 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=63072000; includeSubdomains;
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

8661995.fls.doubleclick.net
adservice.google.com
cdn.brand-display.com
cdnjs.cloudflare.com
cm.g.doubleclick.net
code.jquery.com
connect.facebook.net
dmp.brand-display.com
dsum-sec.casalemedia.com
erwg.my
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.liadm.com
i6.liadm.com
ib.adnxs.com
idsync.rlcdn.com
mcsqjpvz392sd02cs6vv33b0kfhq.pub.sfmc-content.com
pixel.quantserve.com
pixel.tapad.com
pub.s7.exacttarget.com
region1.analytics.google.com
rules.quantcount.com
secure.quantserve.com
socialplugin.facebook.net
stats.g.doubleclick.net
sync.taboola.com
tags.bluekai.com
tr.brand-display.com
unpkg.com
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.com
www.google.de
www.googleoptimize.com
www.googletagmanager.com
www.rwgenting.com
x.bidswitch.net
13.225.78.21
136.147.129.3
136.147.129.35
141.226.228.48
142.250.185.194
142.250.186.38
151.101.195.10
185.80.39.216
2001:4860:4802:32::36
2001:4de0:ac18::1:a:1a
2600:1f18:ed:550e:8a5c:b0cf:9d7c:272c
2600:9000:20eb:8e00:6:44e3:f8c0:93a1
2606:4700::6810:7eaf
2606:4700::6811:190e
2620:116:800d:21:b314:a0ef:ab7c:d546
2a00:1450:4001:801::2003
2a00:1450:4001:803::200e
2a00:1450:4001:80b::2008
2a00:1450:4001:811::200e
2a00:1450:4001:828::2002
2a00:1450:400c:c07::9a
2a00:1450:400d:802::2002
2a00:1450:400d:806::2003
2a00:1450:400d:80a::2004
2a00:1450:400d:80c::200a
2a03:2880:f01c:800e:face:b00c:0:2
2a03:2880:f01c:8012:face:b00c:0:3
2a03:2880:f11c:8183:face:b00c:0:25de
34.111.151.213
35.157.140.187
35.227.248.159
35.244.159.8
35.244.174.68
37.252.171.52
47.254.192.82
52.6.131.58
54.151.237.152
72.246.169.24
0117119d9eb641ede11092e4373f0556b7b2ab6ccdce7187a7e5f4f51f2413b3
0c78fc4ee08501ae4fcb3f476142bb89a52bcb39a30ec798ee051126483f88df
1157ebc0b5063e252982117f2747fbfea748195b35990728aea6c5185eee5df2
242d4bbbc9f85f09714cd64ceebd1b9211d027453ad3864c524a8122e0575ee5
27988668fad87e9782d62f51b22f6feda6fdb2ef16a315b968728f164be1c6f7
280aaa8929329764ac3213ca093c63505cfcc665347939c79905c426d33867c5
294d475c2122abc4ef04f697f23b0ae37f07bcd29d9b6e91355e3909c1b265bc
2ac18d95396498051dd64c68f78b272cd73b7e7189bdc3e0594adae21e4da7af
2c4ee33912994630a20f6fe123d4090c2ec3aa2e4ba171d222eaae5ab7994883
313ee10702d4bbfc57535e0c863271b893ae4eac35cf54c16aafcadb8636eade
37fbdb6abcc8c42b79a0ed4ad98ca8b5d6f26fb6159626405488c77fbc7710e2
3a343e9dd7584d15f7ea675d7289ed94505a850bc2ea4737fa71b165eba116f2
3e15e3b54f25c8243b3288ca369a71b409f22cbadf2043112e7df67d3a9964c3
3eb10792d1f0c7e07e7248273540f1952d9a5a2996f4b5df70ab026cd9f05517
43ffc02765e9adeba7117eb3c3abd838f83b59a86195d1e15d51fe835fa39e30
44f8a56d427917b5fa0dd7933ba545679be5e6b3b93099e64a4e29c2159f57c0
485e49ab7f80378ef2b4bec6615fba5c80bb581929020bf5088f221400d83c0d
4871240fa4e31f18a64093fda5f0b7e5721f11a8d2f0c04f4d7a132a668dbe9e
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4cc7b536cd36ac154e2691af10533509a929c1f28abd9e57c2905619e5d0ecdb
4de3909235e0a1a710f55815750ef0b2fbdf5bc87db92f2d5e80d2854ea087ce
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
55c4e9ba07b641e64caa17bfcbdc63b1721a58554bd449401e600db3f6b95cf9
57eee82a59ffee9bed503e092ef0ca81b8610b29ede584b3850b84ab435325d1
59dc2d19117a0f83c1a4fd29fbd16242f91a02fc6144a3870844da87ab0147bb
5b5418cbe3c48dcf77022a601f7891eecd551c476ad472ad2acfdbf5c5b23002
5da1c499508c15114a5e440b8bdf88cd26474beef5154ed2a9226a268a9f2bc8
6637ea3139ffb01e240829717a4f8c195d7be6b81780ed643000b49833d8d6d1
6b074595152322833e9795937ef71c1840b08a479cc456daa327e77229db88e0
6b07cae77ceefe3552b97c44bd9a144f4b23202c775b32604c0b8ec26471a6f9
6d191fbb37a93ac827acdcd8efa8d7d4e101da41f909e446cb1f101d5bf80005
6fd819b639e7cf73efa746222f3ad3d469907bdc14772519d51059756df9dd1a
792b7d4eee98b0bbbbc561f8b1e313cf81bee47d6ab6ffed6a08c328f2617663
7a6d3ea3228a2dc96f3eb9ee37a17d83c31e404e16bb85e64e793b7bb4689237
7a74944f0d2330f186317ecff18084eb7af1bff89b638d1996c6a3ef61bcc766
7e86f52cb0d423805ec541a4bccae5156a01fbe36355e6d798a450593212651f
81af48f62543f2d429e1fcfe6bd329ff8c78c1d441e4910d26814275b7e6a858
8255a83ee3d0cb376a6f1b30fe44f6c84fd0542c3dcd139ac7ad3401b10bf9c5
82ef200ece01e84b0387a394dd784b93e1a677f8b2efed9d6b79f61d3084121a
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
8ad91da6b4c0c46f6251ea7532bced2821ed71a91dcc8974c23ddfedf80df535
8ea8791754915a898a3100e63e32978a6d1763be6df8e73a39d3a90d691cdeef
97d5a594e7f76c7e50045b67667fd6b74b268515efe6425097be1b2647079787
99464ceb71bc9bbdcc72275faefe44f98eb5cbb6b5d8ee665b87b35376f1a96e
9e0158631d7e8d2ad122f7886ddfd16175f7330f1e6253ac00caa7fa77412abb
a0d3a0aff7dc3bf32d2176fc3dcda6e7aba2867c4f4d1f7af6355d2cfc6c44f8
a33795254e89bff14337b5a2beffa50cbfc796d5dad2d0ce6894eca2bf0ad0b6
b0592d3b5250510e9a839e62893c9fca8eb0e015b3f2f96cd0c12aadf2b0d2d8
b08cc9bd79f873cbf3a9468010074bd1c2ede4524d993a1f42edb1778fa3657a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b33f3d12ab8b508be440d75198e9b501fc84661546e0e6b743ba6ec508c434bd
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b69f1567863d760ef4dabec3eb29f349abca4b007dce36ab8926784a7babbe6c
ba50544bc52682e3884d79402fa65bbc8149866ff097223c48d9da54bb02e280
bcca5f3081cba74e0b8cd477834e4f153abdcd7a4de8b6407f12d8c9ab6d7066
c08e671967a1e37c99c6644d9ce66597c324639607a4df7df671d4d6b4229268
c250924012fdc9ea9516b30650895201cd167dbd49c9d148924f30881abfa393
caa849b179befa2645a8e2c474d2e82a76777a3305315ece911013e8ee9a916c
cdaab024c0121953419a4a1094ffe2ee9a902df55ee79d792e411bac835b9134
d2456f608bf5b450b311351388bd022200471fc5a682641f59acd30732d53039
d40efcac911d8964f3728eaa767de281306ff55ba9377435a3364d4d1e1613f6
d5b77693f65be39975a95979f121a5e2a81f08325f151e387c7b9fc2272f0893
d7c4f729e6d4cd9a2093d5a1d168f57dc6520a9c31b9202b1c0b2b5c0872bd10
d854082be0173c977aad8f65cdb9b88fd005f3dd3f34f894ab9fdba5a283780f
da8e93e26423dab0c7c93b9e98545c40a98daa8520c59b88038c918c3c0f023c
db30aeb0ad06e8c5f6759cfa9feff66bebdfeb42780765685d6c7e323c93f4e4
de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af
e02bc9edb3cf63d8517292161956b783a961b0ef3c06ffdf55a00a09c745f6f7
e2f2597386660b972fe84faa90af129a353e7e8f9990df6f3b14d0165468350f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e56fabdfb37f3827e60a73ee1506c36feddbd83d7b95bb5f0831926f78d448dc
e6d29df162121c1af6d0549fd378d757f6a25186b850437a6176762792318f34
e8053490bc30e66a466e46a664f4a25de8d7dd963ffbfdbe8db0f08b879498de
e8386cc19e7ab27ce95b3ccc9d62ae847ceed411bb104be0b208e0a66e278753
e9f149e2d584b9aff2c1175a8475dcd9d245450dcae6ddd6e7e1acf7e7facd4a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ff38b1c64a5f3d77d81380510c64379e04642833d759ae99eb11f9f628675ce1

www.rwgenting.com Open in urlscan Pro 151.101.195.10 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

112 Requests

91 %HTTPS

53 %IPv6

29 Domains

39 Subdomains

32 IPs

8 Countries

3415 kBTransfer

9721 kBSize

29 Cookies

21 Outgoing links

Page URL History

Redirected requests

112 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

www.rwgenting.com Open in urlscan Pro
151.101.195.10 Public Scan

Screenshot
Live screenshot

Full Image

112
Requests

91 %
HTTPS

53 %
IPv6

29
Domains

39
Subdomains

32
IPs

8
Countries

3415 kB
Transfer

9721 kB
Size

29
Cookies

112 HTTP transactions
2 data transactions