urlscan.io logo urlscan.io
SecurityTrails logo

www.kingfisherspa.com Open in urlscan Pro
2a06:98c1:3121::3  Public Scan

Go To Rescan Add Verdict Report
Submitted URL: https://gbajcfj.r.af.d.sendibt2.com/tr/cl/euuD7F03K-CO3GjenFKkLf5dKx2wmUatfQdDvN7r5kOmsKyZFpDvPOf1ahGgCZpe2vDk_4p4F3QWPmLUfb45Huvwgv...
Effective URL: https://www.kingfisherspa.com/special/
Submission: On May 23 via api from BE — Scanned from FR
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 16 IPs in 4 countries across 14 domains to perform 64 HTTP transactions. The main IP is 2a06:98c1:3121::3, located in United States and belongs to CLOUDFLARENET, US. The main domain is www.kingfisherspa.com.
TLS certificate: Issued by E1 on May 18th 2023. Valid for: 3 months.
This is the only time www.kingfisherspa.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

1    1.179.112.195 (France)

ASN396982 (GOOGLE-CLOUD-PLATFORM, US)
PTR: m1179112195.mailinblue.me
gbajcfj.r.af.d.sendibt2.com
36    2a06:98c1:3121::3 (United States)

ASN13335 (CLOUDFLARENET, US)
www.kingfisherspa.com
2    2a00:1450:4001:829::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.googletagmanager.com
1    2a00:1450:4001:827::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
1    2606:4700::6811:180e (United States)

ASN13335 (CLOUDFLARENET, US)
cdnjs.cloudflare.com
2    142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net
www.googleadservices.com
2    2a03:2880:f084:d:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
connect.facebook.net
2    18.66.112.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-112-79.fra56.r.cloudfront.net
cdn.wishpond.net
5    2a00:1450:4001:828::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.gstatic.com
3    2a00:1450:4001:80e::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
googleads.g.doubleclick.net
2    34.205.151.108 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-34-205-151-108.compute-1.amazonaws.com
www.wishpond.com
1    2001:4860:4802:32::36 (United States)

ASN15169 (GOOGLE, US)
region1.analytics.google.com
1    2a00:1450:400c:c00::9b (Brussels, Belgium)

ASN15169 (GOOGLE, US)
stats.g.doubleclick.net
4    2a00:1450:4001:80b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.fr
3    2a00:1450:4001:80b::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
www.google.com
2    2a03:2880:f177:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)
www.facebook.com
Apex Domain
Subdomains		 Transfer
36 kingfisherspa.com
www.kingfisherspa.com
5 MB
5 gstatic.com
fonts.gstatic.com
128 KB
4 google.fr
www.google.fr — Cisco Umbrella Rank: 16278
778 B
4 google.com
region1.analytics.google.com — Cisco Umbrella Rank: 3686
www.google.com — Cisco Umbrella Rank: 2
2 KB
4 doubleclick.net
googleads.g.doubleclick.net — Cisco Umbrella Rank: 34
stats.g.doubleclick.net — Cisco Umbrella Rank: 76
4 KB
2 facebook.com
www.facebook.com — Cisco Umbrella Rank: 102
238 B
2 wishpond.com
www.wishpond.com — Cisco Umbrella Rank: 77090
1 KB
2 wishpond.net
cdn.wishpond.net — Cisco Umbrella Rank: 75484
42 KB
2 facebook.net
connect.facebook.net — Cisco Umbrella Rank: 157
114 KB
2 googleadservices.com
www.googleadservices.com — Cisco Umbrella Rank: 174
20 KB
2 googletagmanager.com
www.googletagmanager.com — Cisco Umbrella Rank: 40
147 KB
1 cloudflare.com
cdnjs.cloudflare.com — Cisco Umbrella Rank: 199
9 KB
1 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 35
1019 B
1 sendibt2.com
gbajcfj.r.af.d.sendibt2.com
184 B
64 14
Domain Requested by
36 www.kingfisherspa.com 1 redirects www.kingfisherspa.com
5 fonts.gstatic.com fonts.googleapis.com
4 www.google.fr www.kingfisherspa.com
3 www.google.com 1 redirects www.kingfisherspa.com
3 googleads.g.doubleclick.net 1 redirects www.googleadservices.com
www.googletagmanager.com
2 www.facebook.com www.kingfisherspa.com
2 www.wishpond.com cdn.wishpond.net
2 cdn.wishpond.net www.kingfisherspa.com
cdn.wishpond.net
2 connect.facebook.net www.kingfisherspa.com
connect.facebook.net
2 www.googleadservices.com www.kingfisherspa.com
www.googletagmanager.com
2 www.googletagmanager.com www.kingfisherspa.com
1 stats.g.doubleclick.net www.googletagmanager.com
1 region1.analytics.google.com www.googletagmanager.com
1 cdnjs.cloudflare.com www.kingfisherspa.com
1 fonts.googleapis.com www.kingfisherspa.com
1 gbajcfj.r.af.d.sendibt2.com 1 redirects
64 16
Subject Issuer Validity Valid
kingfisherspa.com
E1		 2023-05-18 -
2023-08-16		 3 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
upload.video.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2022-08-03 -
2023-08-02		 a year crt.sh
www.googleadservices.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.facebook.com
DigiCert SHA2 High Assurance Server CA		 2023-03-01 -
2023-05-30		 3 months crt.sh
cdn.wishpond.net
Amazon RSA 2048 M01		 2023-02-22 -
2023-10-17		 8 months crt.sh
*.gstatic.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
wishpond.com
Amazon RSA 2048 M01		 2023-02-07 -
2024-03-07		 a year crt.sh
*.google.fr
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh
www.google.com
GTS CA 1C3		 2023-04-24 -
2023-07-17		 3 months crt.sh

This page contains 4 frames:

Primary Page: https://www.kingfisherspa.com/special/
Frame ID: 75445DA4C976353CE95309DD335C01C3
Requests: 59 HTTP requests in this frame

Frame: https://cdn.wishpond.net/storage.html
Frame ID: 50212037B554A90C35F233B839E34C7A
Requests: 1 HTTP requests in this frame

Frame: https://www.facebook.com/tr/
Frame ID: 75B417F71B2E12DE6B4DEBAFD1DB08D8
Requests: 1 HTTP requests in this frame

Frame: https://www.kingfisherspa.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
Frame ID: E59132B0CA8BD109882164CCCD8AB687
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Packages & Specials - Kingfisher Oceanside Resort and SpaKingfisher Oceanside Resort and Spa

Page URL History Show full URLs

  1. https://gbajcfj.r.af.d.sendibt2.com/tr/cl/euuD7F03K-CO3GjenFKkLf5dKx2wmUatfQdDvN7r5kOmsKyZFpDvPOf1ahGgCZpe2vDk_4... HTTP 302
    https://www.kingfisherspa.com/special/ Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
  • /wp-(?:content|includes)/
Overall confidence: 100%
Detected patterns
  • bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • <!-- This site is optimized with the Yoast (?:WordPress )?SEO plugin v([\d.]+) -
Overall confidence: 100%
Detected patterns
  • //connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
Overall confidence: 100%
Detected patterns
  • googletagmanager\.com/gtag/js
Overall confidence: 100%
Detected patterns
  • moment(?:\.min)?\.js
Overall confidence: 100%
Detected patterns
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

64
Requests

97 %
HTTPS

75 %
IPv6

14
Domains

16
Subdomains

16
IPs

4
Countries

5580 kB
Transfer

6936 kB
Size

7
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. https://gbajcfj.r.af.d.sendibt2.com/tr/cl/euuD7F03K-CO3GjenFKkLf5dKx2wmUatfQdDvN7r5kOmsKyZFpDvPOf1ahGgCZpe2vDk_4p4F3QWPmLUfb45HuvwgvkFiywmJQx73hTKgMH8JWkIewje0pbG5eUKVQeTh-9BJM06j15ZM4kJaF5w45WAccvc0f97m_Wc7hDj-OpfluHEUOBnPovvGv4TIi5OYUxZnlyazlsjACTA9NygEFcBr9itlYzC6_xiRTdfkW8xhN3YFfvpdnDHLQ HTTP 302
    https://www.kingfisherspa.com/special/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 58
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/642704446/?random=924987067&cv=11&fst=1684830015636&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.kingfisherspa.com%2Fspecial%2F&label=PWglCIXIrIEYEL7Iu7IC&hn=www.googleadservices.com&frm=0&tiba=Packages%20%26%20Specials%20-%20Kingfisher%20Oceanside%20Resort%20and%20SpaKingfisher%20Oceanside%20Resort%20and%20Spa&gtm_ee=1&auid=767298932.1684830016&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&ocp_id=P3dsZLDpJ6qikdUPoeG-wAg&sscte=1&crd=&pscrd=EkxDaEFJOE1peG93WVE5cTc4eU9UOHFlVV9FaVVBVWNVTk94SWhrU0Y5ZTNaR0JhSVlSa19zU3c4X0s4SlBQa2hFVmRFVEhEMWF0VkRSGldDaEFJOE1peG93WVE4dmlVbnRHcXdKWnNFaTBBX0U2MWtMMkZDMHpMR1VBakxUZVFYRGUtcHVEWGhxaWszVUhpSGVPbkZWRXB0X1BQbDBMT1REdW10ODQ HTTP 302
  • https://www.google.com/pagead/1p-conversion/642704446/?random=924987067&cv=11&fst=1684830015636&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.kingfisherspa.com%2Fspecial%2F&label=PWglCIXIrIEYEL7Iu7IC&hn=www.googleadservices.com&frm=0&tiba=Packages%20%26%20Specials%20-%20Kingfisher%20Oceanside%20Resort%20and%20SpaKingfisher%20Oceanside%20Resort%20and%20Spa&gtm_ee=1&auid=767298932.1684830016&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOE1peG93WVE5cTc4eU9UOHFlVV9FaVVBVWNVTk94SWhrU0Y5ZTNaR0JhSVlSa19zU3c4X0s4SlBQa2hFVmRFVEhEMWF0VkRSGldDaEFJOE1peG93WVE4dmlVbnRHcXdKWnNFaTBBX0U2MWtMMkZDMHpMR1VBakxUZVFYRGUtcHVEWGhxaWszVUhpSGVPbkZWRXB0X1BQbDBMT1REdW10ODQ&is_vtc=1&ocp_id=P3dsZLDpJ6qikdUPoeG-wAg&cid=CAQSKQBygQiDqzN4Dpa-uarW6j0b0enCsyuTR4PV4DzmimlCSYuKzsFZCJaz&random=2224892952 HTTP 302
  • https://www.google.fr/pagead/1p-conversion/642704446/?random=924987067&cv=11&fst=1684830015636&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.kingfisherspa.com%2Fspecial%2F&label=PWglCIXIrIEYEL7Iu7IC&hn=www.googleadservices.com&frm=0&tiba=Packages%20%26%20Specials%20-%20Kingfisher%20Oceanside%20Resort%20and%20SpaKingfisher%20Oceanside%20Resort%20and%20Spa&gtm_ee=1&auid=767298932.1684830016&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOE1peG93WVE5cTc4eU9UOHFlVV9FaVVBVWNVTk94SWhrU0Y5ZTNaR0JhSVlSa19zU3c4X0s4SlBQa2hFVmRFVEhEMWF0VkRSGldDaEFJOE1peG93WVE4dmlVbnRHcXdKWnNFaTBBX0U2MWtMMkZDMHpMR1VBakxUZVFYRGUtcHVEWGhxaWszVUhpSGVPbkZWRXB0X1BQbDBMT1REdW10ODQ&is_vtc=1&ocp_id=P3dsZLDpJ6qikdUPoeG-wAg&cid=CAQSKQBygQiDqzN4Dpa-uarW6j0b0enCsyuTR4PV4DzmimlCSYuKzsFZCJaz&random=2224892952&ipr=y
Request Chain 60
  • https://www.kingfisherspa.com/cdn-cgi/challenge-platform/scripts/invisible.js HTTP 302
  • https://www.kingfisherspa.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js

64 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
www.kingfisherspa.com/special/
Redirect Chain
  • https://gbajcfj.r.af.d.sendibt2.com/tr/cl/euuD7F03K-CO3GjenFKkLf5dKx2wmUatfQdDvN7r5kOmsKyZFpDvPOf1ahGgCZpe2vDk_4p4F3QWPmLUfb45HuvwgvkFiywmJQx73hTKgMH8JWkIewje0pbG5eUKVQeTh-9BJM06j15ZM4kJaF5w45WAccv...
  • https://www.kingfisherspa.com/special/
86 KB
19 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.kingfisherspa.com/special/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
3dbe4c0cf4691ad8c3ea1f11926accc18290ff1fed8afe443355862c03a158af

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status
DYNAMIC
cf-ray
7cbbe0df6b550151-CDG
content-encoding
br
content-type
text/html; charset=UTF-8
date
Tue, 23 May 2023 08:20:14 GMT
link
<https://www.kingfisherspa.com/wp-json/>; rel="https://api.w.org/" <https://www.kingfisherspa.com/wp-json/wp/v2/pages/1330>; rel="alternate"; type="application/json" <https://www.kingfisherspa.com/?p=1330>; rel=shortlink
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d6YSuEy1yVTkWSLzXgvnI0V0jFiqnWhvuoKDb0Rw2FBfcp4gak7lWdCD73InYSwspR%2FeamKKM%2B1BWHZPAME2t1wEP%2FlGguwGg3UcEZJKSBYoi2QouTkSH%2BfYB5vsgoz25v32d%2Fq%2FQe1MpZsW9vZAqn3QRp0%3D"}],"group":"cf-nel","max_age":604800}
server
cloudflare
vary
Accept-Encoding

Redirect headers

content-length
61
content-type
text/html; charset=utf-8
date
Tue, 23 May 2023 08:20:13 GMT
location
https://www.kingfisherspa.com/special/
x-content-type-options
nosniff
x-sib-server
gke-gke-public-clust-gke-public-clust-6fd6d6e9-ymv4
x-xss-protection
1
classic-themes.min.css
www.kingfisherspa.com/wp-includes/css/ 		291 B
567 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kingfisherspa.com/wp-includes/css/classic-themes.min.css?ver=6.2
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/special/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 May 2023 23:30:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
600
etag
W/"123-645c290f-13d102;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Y4AHnOAUjU7vcftzUKsh4cnLJyhceI3%2B%2FiBquSIrnMOWN44iJCpKbj68LlO0k6lyhQrUsJKTeFRThoj%2B%2BjuD5DFQlAqu3DZr15TRIdFn8W7TfiiZ07rSJ02nfWeDGqOlVYTCs%2BqUjQhxBLuecezYTjX36EY%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7cbbe0e66a430151-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 18 May 2023 00:49:19 GMT
public.css
www.kingfisherspa.com/wp-content/plugins/popups/public/assets/css/ 		5 KB
2 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kingfisherspa.com/wp-content/plugins/popups/public/assets/css/public.css?ver=1.9.3.8
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
37c558263ba695539d83e2b57c33595763d1b7b36e27e4d2b0a654ef00027690

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/special/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 May 2023 23:30:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
600
etag
W/"152d-645c290a-13c4bc;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZpuJWbt1E2Z2yrpFZyQJoJ3YxNekHArPRwG9WCKscocoXtUqwC3YdTnHcSPal6LuMcrjvVhdbXS0Pw9ZtY2oGNTVaagaq4JyOCTFSqs6tuP%2FAElSsmiITHVFdwoVJdAIRxLkp0VK%2BeprqnnhETUp5MmYrEo%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7cbbe0e67a450151-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 18 May 2023 00:49:19 GMT
style.css
www.kingfisherspa.com/wp-content/themes/kf_summer_2018/ 		71 KB
15 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kingfisherspa.com/wp-content/themes/kf_summer_2018/style.css?ver=1683761422
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
57ae3b9f068bb7d7004d02fd698d2d26e4328d88f37ecdc5058bddd25614be1c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/special/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 May 2023 23:30:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
600
etag
W/"11a0e-645c290e-13cf30;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vMK2xajnmb17F4LoTTHIDy7vK7WSqUsqaoef1UhP0jW21n%2BoBxCHQKNMo9DRKkZv5gKgKNOvbj7LmqKSnhqj5Eh25DPM48mh0WMkunFVXH9XHIrGL5YPZHxpX2IdLMHOj2E24Lb%2BVjudbSgwnNWIUoRB80I%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7cbbe0e67a460151-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 18 May 2023 00:49:19 GMT
jquery.min.js
www.kingfisherspa.com/wp-includes/js/jquery/ 		88 KB
32 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kingfisherspa.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/special/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 May 2023 23:30:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
600
etag
W/"15ed7-645c290f-1f8148;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qp0%2BB17xg9swrqsWtiPcTyhPiSoU%2BXqmdpV8X8qiX%2FuQN2XaZDEs9GZ77NhtasFMeT%2FoxKGmgpb5ghcFzbFa3qp2Ciq4IZH9feUn3P9S%2FFYOwXwoY3piVv49VYTH%2BGOjTtD1UwVTBXVf9CEgj0pl9CqLsmQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
7cbbe0e67a480151-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 21 May 2023 15:54:39 GMT
themify.builder.script.min.js
www.kingfisherspa.com/wp-content/plugins/themify-builder/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kingfisherspa.com/wp-content/plugins/themify-builder/js/themify.builder.script.min.js?ver=7.0.9
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
edadfbd00e479e662bcaaac5b3ed262191483a313b777122ae2d215d87915d56

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/special/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 May 2023 23:30:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
601
etag
W/"1c36-645c290b-1f841e;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2TlH83gPR1G8ruYA3Lo4GaLi6mZl9JOjLNnYkpFQJx7A0wNA%2B1umT6roKJZK9p9UvQsEUNnwlrGqhPChssh%2BDgfGmYGadzSmlxoKi6yZFMWO2lJU93FG8dJTQAXWaa9b9gEN%2BrSYjqyIk3HzsYkUEtAn7oU%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
7cbbe0eb5e810066-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 18 May 2023 02:13:32 GMT
logo-white.svg
www.kingfisherspa.com/wp-content/themes/kf_summer_2018/assets/img/ 		9 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kingfisherspa.com/wp-content/themes/kf_summer_2018/assets/img/logo-white.svg
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
8412b4b4e2a1068766bef76d8e471814770db3dfb26585ff0de84ed8d3440168

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/special/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 May 2023 23:30:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
598
etag
W/"255b-645c290e-17a27f;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i4JIDaUrk8VCIh38HtWaYbpKJe9kNzBMXmpRuFHWnMdPG8XRjaRVQNJvAfayUibtwwxPw%2BGayBqkU%2FlPl4AuwfIwMyAC48FSLEwkwD90WpKPwed7BbtEXxyZvufv08p5raLZCmKFbxUyrsxvWuh5ss6j9iI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/svg+xml
cache-control
public, max-age=604800
cf-ray
7cbbe0e67a490151-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Sun, 21 May 2023 15:54:39 GMT
themify-4146593559.min.css
www.kingfisherspa.com/wp-content/uploads/themify-concate/2764044897/ 		107 KB
16 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kingfisherspa.com/wp-content/uploads/themify-concate/2764044897/themify-4146593559.min.css
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
62dd6f0e268ae0b6d20c77cdd386b342a693b6a39baecf9c00410daadf6b0c31

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/special/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:15 GMT
content-encoding
br
cf-cache-status
MISS
last-modified
Thu, 06 Apr 2023 21:55:28 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
W/"1ac5a-642f3fd0-1fb2a9;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZYPolQPA8VZJULUNSiBwQRnYex1diKHwJ5TIcsjqv3kbIKj639rvCCZ5nWzltKpWVigenAD9Q34ttN5WmOGXYslFz1Ayizzax%2BJlYRi%2FEwdC8qQVACPS0I24Am56sbhRTVgw1olnWrgzRFXrwF8hCKJZKfA%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7cbbe0e67a470151-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 30 May 2023 08:20:15 GMT
js
www.googletagmanager.com/gtag/ 		224 KB
79 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=G-PDJ5CB60R0
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
186cec9ee3f8a31ee83f6cc9ed2f1052b45707ccef3409ab0c5073d5783f7605
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
access-control-allow-headers
Cache-Control
content-length
80310
x-xss-protection
0
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires
Tue, 23 May 2023 08:20:15 GMT
js
www.googletagmanager.com/gtag/ 		187 KB
68 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googletagmanager.com/gtag/js?id=AW-642704446
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:829::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Google Tag Manager /
Resource Hash
f2901dded8bf19cebee23485b8c951aaaacb87c686546c928af5b11db30d8963
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:15 GMT
content-encoding
br
strict-transport-security
max-age=31536000; includeSubDomains
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
69543
x-xss-protection
0
last-modified
Tue, 23 May 2023 06:00:00 GMT
server
Google Tag Manager
vary
Accept-Encoding
content-type
application/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=900
access-control-allow-credentials
true
access-control-allow-headers
Cache-Control
expires
Tue, 23 May 2023 08:20:15 GMT
Kingfisher-Insiders-Club-Specials-Packages-1.jpg
www.kingfisherspa.com/wp-content/uploads/2023/03/ 		57 KB
57 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kingfisherspa.com/wp-content/uploads/2023/03/Kingfisher-Insiders-Club-Specials-Packages-1.jpg
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
46aea4eddb1a4427e05400db62a08f534e433aac5c54acbcbe683f7c875c6e70

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/special/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:16 GMT
cf-cache-status
MISS
last-modified
Wed, 08 Mar 2023 20:29:02 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"e30d-6408f00e-c65;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4dbGNEcX0nnHzwUwicWpmyBCIo7HX8eWR4kNJ9V9GoudPp6dRGprawl52M4R%2FiHHmBT%2FoO51ncKrnDZ4FNAMHTj8iEaWgh21bAYDGWeNy7Vs36TLXnfkkly5ydAWsV4cpqN6VyqcbfA54VpPYZ9iKSZ0JZE%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7cbbe0eb6e8d0066-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
58125
expires
Tue, 30 May 2023 08:20:15 GMT
wp-emoji-release.min.js
www.kingfisherspa.com/wp-includes/js/ 		18 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kingfisherspa.com/wp-includes/js/wp-emoji-release.min.js?ver=6.2
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/special/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 May 2023 23:30:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
558877
etag
W/"4904-645c290f-1bacbe;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=W93aKsuS5OyCxncCOSalYLzfQJyw%2FFOU01TJToMs%2Bc0pKUBG1KdibOByxQg1UMjSrB8cKRx5dogM91ivkmEak2CLTlk22JK0QhOaf4cyaD%2BM1MQQFoSrj2YW6V7QUrpOlK7DvHcivipAYlLxEb2UyILRoTQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
7cbbe0eb6e8e0066-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 23 May 2023 21:05:38 GMT
css
fonts.googleapis.com/ 		4 KB
1019 B 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://fonts.googleapis.com/css?family=Great+Vibes|Lato:400,400i,700,700i
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/wp-content/themes/kf_summer_2018/style.css?ver=1683761422
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:827::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
e79eb22b03045e7faf2567cee4f13b9740b8d11d8a3d2aac1c06cb5676b6fa21
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000
date
Tue, 23 May 2023 08:20:14 GMT
content-encoding
gzip
x-content-type-options
nosniff
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection
0
last-modified
Tue, 23 May 2023 08:20:14 GMT
server
ESF
cross-origin-opener-policy
same-origin-allow-popups
x-frame-options
SAMEORIGIN
content-type
text/css; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin
*
link
<https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires
Tue, 23 May 2023 08:20:14 GMT
jquery.cycle2.min.js
www.kingfisherspa.com/wp-content/themes/kf_summer_2018/assets/js/ 		22 KB
8 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kingfisherspa.com/wp-content/themes/kf_summer_2018/assets/js/jquery.cycle2.min.js
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
737ba2ba9cf1d8733c8865f99edd983f1918c3aeb3cccf30300b17b397351409

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/special/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 May 2023 23:30:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
599
etag
W/"59a1-645c290e-17a28d;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=LgM2zDMFbtO9bH1phzBmmMDDkhdE6rBxKvvTMGpN7%2FmmoTmntCKXI9n4aOMJOFuoZKvyqnUXf%2FoGFu0qeZKCgfxmqgO2uJnvpqBuAknuccRHpDIxjiWF%2BUMq3CxV5Ax231KZBnlOzbG9XVMbyuBkPZSsm3I%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
7cbbe0e74abf0066-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 18 May 2023 02:13:32 GMT
moment.min.js
cdnjs.cloudflare.com/ajax/libs/moment.js/2.5.1/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.5.1/moment.min.js
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2606:4700::6811:180e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
fd4801631ecd42c3f5b571b88c10aa428968ec95ebef8856fa720a45201f6cb0
Security Headers
Name Value
Strict-Transport-Security max-age=15780000
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:14 GMT
content-encoding
br
x-content-type-options
nosniff
cf-cache-status
HIT
nel
{"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security
max-age=15780000
age
13698411
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
8537
last-modified
Mon, 04 May 2020 16:13:26 GMT
server
cloudflare
cf-cdnjs-via
cfworker/kv
etag
"5eb03f26-65c1"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2s6aL0JJafgbiTMW69KHGS8M05YRvVujP84aRN9Vvqn5lNG5%2Fewxsg0uLyuIW1Xr4DJSDw3JYAlNmojodP9pj0iWJrr0I6oV%2F1q1b8AD82cBP9a8oLqkAeY8M63lF6DQn5NVf6099Q1CazvhpQwYaZk%2B"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=30672000
accept-ranges
bytes
timing-allow-origin
*
cf-ray
7cbbe0e7c8020076-CDG
expires
Sun, 12 May 2024 08:20:14 GMT
pikaday.js
www.kingfisherspa.com/wp-content/themes/kf_summer_2018/assets/js/ 		27 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kingfisherspa.com/wp-content/themes/kf_summer_2018/assets/js/pikaday.js
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
ecc12e0b2cf94ee5a23f3163274ccf84b07f345bf395cefaa66d25265e3b398a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/special/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 May 2023 23:30:22 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
598
etag
W/"6c8b-645c290e-17a293;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Rd%2FxSTe1TUv5Yoie%2FesjnunBRxjwZVJoqzM6TjIx8lgLllvU48QcLRT%2BEtQEw1Lm7bk3gvqY9G4R1rNgoA4Ap0VjE8vHDjV5TlhdyNqPqDshURyfBN%2BB1JmR3fL7Jo7Tk7oXIQK6AyiHnjRFH2crcpZ058E%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
7cbbe0e7fb5b0066-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 18 May 2023 02:13:32 GMT
dashicons.min.css
www.kingfisherspa.com/wp-includes/css/ 		58 KB
35 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kingfisherspa.com/wp-includes/css/dashicons.min.css?ver=6.2
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/special/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 May 2023 23:30:23 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
598
etag
W/"e688-645c290f-13d10e;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=DvXy0uAfY8Jcibb5FHfxAo3LIUVvvOQfXZmFRM7cxzqwVGimCxeogAJzv6Zy90K2Jnf1IMa9ldeBLbllEPiM1NlP4BGuyAQ0jRuTIyzMdUxy8DHIkteSV%2BmFbVFRq0TX%2FMBiZ1CVUPXpq%2FU9Hcv64TlLRZQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7cbbe0e82b860066-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 18 May 2023 02:13:32 GMT
gdpr-cookie-consent-public.min.css
www.kingfisherspa.com/wp-content/plugins/gdpr-cookie-consent/public/css/ 		44 KB
6 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://www.kingfisherspa.com/wp-content/plugins/gdpr-cookie-consent/public/css/gdpr-cookie-consent-public.min.css?ver=2.2.5
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
85d000411859b6ee0de12ade81c0e38e7f448997edf95916c83e6f93cecc26ca

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/special/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 May 2023 23:30:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
598
etag
W/"b132-645c2909-23aac0;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QVfHnP1h6ldRpj8jvGyUBLmdmwlkKhPeSkAtifxkDxB3dN%2FsBYkckzOjAcetduDX0sfVP%2F%2BlZgs0pzEBLLUHKC%2FrvSV7AmgV7fK%2F9Y2J2cCUJ3CJ%2FRFaWV8wKeNVltGLZQk%2Bbe5FN1N6Q0RR2QT7X8kGkOw%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/css
cache-control
public, max-age=604800
cf-ray
7cbbe0e8cc0e0066-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 18 May 2023 02:13:32 GMT
main.min.js
www.kingfisherspa.com/wp-content/plugins/themify-builder/themify/js/ 		25 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kingfisherspa.com/wp-content/plugins/themify-builder/themify/js/main.min.js?ver=7.0.9
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
09480ced42b18927829deec475d22c8cc85deb760a7e1eec65574765e5f7b158

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/special/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 May 2023 23:30:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
598
etag
W/"628b-645c290b-1f85d0;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2BqKHEE0CuORQrWgdHGtnJ%2BW5Xx5izE9vLtvRBMFq5MaNHsFTUemN5JhC263UJNRx43j7VoPKnO7Q6E0QarpwVUEoAq86%2FyHypJupWL6QDzX6Wy1Wez%2BPcYUUCXZrGhZZIrLUxIW%2B089rBiJM1vc6p26V%2BE%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
7cbbe0eb6e8f0066-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 18 May 2023 02:13:32 GMT
public.js
www.kingfisherspa.com/wp-content/plugins/popups/public/assets/js/ 		29 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kingfisherspa.com/wp-content/plugins/popups/public/assets/js/public.js?ver=1.9.3.8
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5881b4f2ae1a4f45ae43f7b68d1fde8de01885d0c05ba9e35d135bf21c6d3e8a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/special/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 May 2023 23:30:18 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
599
etag
W/"7526-645c290a-13c4c2;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U0vFqGJyLSfNhl2mGS2EAdXKnee79X%2BwsJRLykJCD%2FwoBGmUpwX8GWflKABx5XJaE0d09xjG7rG3fgAjXPN%2FfYpARCqFzcz%2FQ%2Bm%2FZyMfAJCsoEFrXTvhL9fOA3%2BVD00TZPrhR8h7K5W%2B7icjRmYNEAYpOaA%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
7cbbe0e8fc2a0066-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 18 May 2023 02:13:32 GMT
bootstrap.bundle.js
www.kingfisherspa.com/wp-content/plugins/gdpr-cookie-consent/public/js/bootstrap/ 		223 KB
49 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kingfisherspa.com/wp-content/plugins/gdpr-cookie-consent/public/js/bootstrap/bootstrap.bundle.js?ver=2.2.5
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
5dcb7767499a23281e3ffc82f81f58ad88d573c4d53b4f5315ae0f63eff79e9a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/special/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:14 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 May 2023 23:30:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
598
etag
W/"37b1a-645c2909-23aac5;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ox6Dj2PsWWc0bKv5scBUeVgu2F7cIAnwIw39SPSYflGzbddLAFxDb1ckbgO28xvmtYVkgD7v%2FGpzGbR5onSV4O38faNv9CnrhwVZIX0WP%2FYPCvRlMGSuhDIzjU7y%2Bp4ipuA9p4E6srq2gzSWIH0YDl5DOHg%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
7cbbe0e94c7a0066-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 18 May 2023 02:13:32 GMT
gdpr-cookie-consent-public.min.js
www.kingfisherspa.com/wp-content/plugins/gdpr-cookie-consent/public/js/ 		35 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kingfisherspa.com/wp-content/plugins/gdpr-cookie-consent/public/js/gdpr-cookie-consent-public.min.js?ver=2.2.5
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
badb7071cf5de1f45a6ccc948f175ff4f824a4357c284700cce366d9898a8ec2

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/special/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:15 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 May 2023 23:30:17 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
598
etag
W/"8c34-645c2909-23aac4;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ucPp6forb7kNdgEYodxjcDtpUFCpAye%2B8qUwgupFyHhgCuFDasJY8PhM83vcNhDUdV4Ww6zWKws%2Bt2yylVpxqvNZmmi3ExvrudXpZOft0R60DV7ucihmfuJMZkh%2BbYUY5aAsO56MsPun2Z06IaUFiqhTzzo%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
7cbbe0eb6e900066-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Thu, 18 May 2023 02:13:32 GMT
conversion.js
www.googleadservices.com/pagead/ 		48 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion.js
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
74e3d02421a7753c30f52691f521b82ed2485c5b98bf53d62ed6ceef38e73da0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:15 GMT
content-encoding
br
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
18124
x-xss-protection
0
server
cafe
etag
1252024406824803242
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 23 May 2023 08:20:15 GMT
fbevents.js
connect.facebook.net/en_US/ 		106 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/en_US/fbevents.js
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
f8fbf7e16e3604db25ab37c4a496865033167bb550e3b2e92f1070424f48723a
Security Headers
Name Value
Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 23 May 2023 08:20:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
27497
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
NWRa4mO8oNs48hBRCjEErfeYels/K30049FmmzVZ1WMdF60aQ78MroK7SLTOLBUCbSzk1pbhN28WD7uIYqlHmw==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
connect.js
cdn.wishpond.net/ 		157 KB
41 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://cdn.wishpond.net/connect.js
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-79.fra56.r.cloudfront.net
Software
nginx/1.17.5 /
Resource Hash
bf579cb84b439353504b7b929c27cc4105786d5ec6a1d59706802d2cd1c819e8

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Thu, 18 May 2023 10:42:10 GMT
content-encoding
gzip
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
last-modified
Mon, 15 May 2023 18:37:40 GMT
server
nginx/1.17.5
x-amz-cf-pop
FRA56-P5
age
423485
etag
W/"64627bf4-2749e"
vary
Accept-Encoding
x-cache
Hit from cloudfront
content-type
application/javascript
cache-control
public, stale-if-error, max-age=3600, s-max-age=172800
x-amz-cf-id
Uiz2r0Pui-1OmgxlhfNokFSKsV9O9UJl8NQFi0qdxks7UQUtk1c2aQ==
truncated
/ 		627 B
0 		Script
General
Check archive.org
Download Go to
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
429d0b9c231869b8cee39e91d697af3f76608bcd97c95280ecc3b05e58219da4

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

Content-Type
text/javascript
page-blue-background-2k.jpg
www.kingfisherspa.com/wp-content/themes/kf_summer_2018/assets/img/ 		97 KB
97 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kingfisherspa.com/wp-content/themes/kf_summer_2018/assets/img/page-blue-background-2k.jpg
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/wp-content/themes/kf_summer_2018/style.css?ver=1683761422
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d9c998ef29f4e1023efe9cb27ff2582325ffde7ac6fe22aea112ee404ede7a80

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/wp-content/themes/kf_summer_2018/style.css?ver=1683761422
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
599
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
98993
last-modified
Wed, 10 May 2023 23:30:22 GMT
server
cloudflare
etag
"182b1-645c290e-17a280;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Qel6%2BlY3aNWZ8prqMGQdI6Fx5cDyqQdS3ZeKExoa0Ja%2B2Fs%2Fui1iMcvjDVgcGWEkglNgcI2X%2FRjftbdcR2DMMR52aMebWAoTb9An2EmaDKbl7L4lDtFAd8%2B8ZjapkJ0IVPAYoU4GfreX%2F8oc6lyCNCqiDgg%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7cbbe0eb7ea80066-CDG
expires
Tue, 30 May 2023 08:10:16 GMT
bg-stars.png
www.kingfisherspa.com/wp-content/themes/kf_summer_2018/assets/img/ 		2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kingfisherspa.com/wp-content/themes/kf_summer_2018/assets/img/bg-stars.png
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/wp-content/themes/kf_summer_2018/style.css?ver=1683761422
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
dceebf4743064a37a804e2a05589987337cd30bc63b8938b9e65d924bfcf4fb7

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/wp-content/themes/kf_summer_2018/style.css?ver=1683761422
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
597
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
1980
last-modified
Wed, 10 May 2023 23:30:22 GMT
server
cloudflare
etag
"7bc-645c290e-17a270;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=pZXI4ocQQHlCT0GhR1CDo%2BqE7zvagiCFYqLQz6cSh7Od0V5PWqXXxFCTCoI8%2BvNaTEJNy2PSOwtDC0d8vPz%2BKFrOoa1BnOonPi3HGcjX8Fvcf4PKvuS24JpDZKx2glhgOgzyB67En5w9sLPfefl2toivo4o%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/png
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7cbbe0eb7ead0066-CDG
expires
Thu, 18 May 2023 09:47:07 GMT
Spring-into-Summer-Mid-Week-Getaway-Kingfisher-Resort-Spa-Ocean7-Restaurant--600x400.jpg
www.kingfisherspa.com/wp-content/uploads/2023/03/ 		48 KB
49 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kingfisherspa.com/wp-content/uploads/2023/03/Spring-into-Summer-Mid-Week-Getaway-Kingfisher-Resort-Spa-Ocean7-Restaurant--600x400.jpg
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0fb4edade42a37a656ace0835091e99637f4bc73805428ea01ba5f1c73809cb1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/special/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:16 GMT
cf-cache-status
MISS
last-modified
Mon, 13 Mar 2023 18:02:15 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"c1ea-640f6527-2815e9;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=0OK%2Fa383MZWKeFVFpy4Sl8MRwFNiS%2FH9VT3w%2FjmGhyo9IYYknRN5T%2F6SL2eKUAufh9mTGYQFgbZScWaj%2FCFFRPOiXHEJMvWCJanOZyIbzfLamsO%2BNWKRfM1Z463pu3H61%2BcyNBmh3n792icC1exhdUi049A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7cbbe0eb7eae0066-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
49642
expires
Tue, 30 May 2023 08:20:15 GMT
monthly-serenity-package-pacific-mist-spa-kingfisher-resort-march-april-600x400.jpg
www.kingfisherspa.com/wp-content/uploads/2021/02/ 		42 KB
42 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kingfisherspa.com/wp-content/uploads/2021/02/monthly-serenity-package-pacific-mist-spa-kingfisher-resort-march-april-600x400.jpg
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c407698d6b17a7a2f3880244f95bbfe780aa8e81ed1c04cc893882dd4112ef19

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/special/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
597
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
42860
last-modified
Tue, 21 Feb 2023 21:59:15 GMT
server
cloudflare
etag
"a76c-63f53eb3-1bcc96;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=wJ6ydJFQte3kGWuPg1mAylpJlhwP2EcpLXe8s5ugc6HFMM8IEE2kKwd%2BL%2F4VLAU%2BUmTbel4m3tZvvInB055IvgYQSwiJNlSQTewzL49JqzNl7eKW3W4z8M6ebrIfHsktWuc1S%2B0agMvYRG9%2FsKeEh1wrUaQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7cbbe0eb7eaf0066-CDG
expires
Fri, 28 Apr 2023 13:31:29 GMT
S4A0483-600x400.jpg
www.kingfisherspa.com/wp-content/uploads/2021/11/ 		31 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kingfisherspa.com/wp-content/uploads/2021/11/S4A0483-600x400.jpg
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2d95369aff9043b0e352920be5cc35ef0ae516499361080553488585c65e87aa

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/special/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
597
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31597
last-modified
Mon, 15 Nov 2021 18:53:25 GMT
server
cloudflare
etag
"7b6d-6192aca5-1b988d;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=HtLfA9zZZyD0yE38W66OgDk%2FuyweZ6UUtX97JhOmuOYtQA4Yzm9Kkl1jiDT6FnTEEEsjUQNGDWdYXeFKCE5gRxdU0Fi5HtoP4WhdRVfX4Kki8EVoPowFRNofsENFNzoBAWNct1VYU3lJX0mcC4nhdfHIxbA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7cbbe0eb7eb10066-CDG
expires
Tue, 30 May 2023 08:10:18 GMT
Hydropath-couple-sm-600x400.jpg
www.kingfisherspa.com/wp-content/uploads/2014/07/ 		57 KB
58 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kingfisherspa.com/wp-content/uploads/2014/07/Hydropath-couple-sm-600x400.jpg
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e2c08b914d04fbdc9769c7cf5e87582e2d86d520e9b78207f0a5e39691d2c64c

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/special/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
597
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
58397
last-modified
Fri, 23 Mar 2018 20:46:04 GMT
server
cloudflare
etag
"e41d-5ab5678c-17ac8c;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U0qqJYr6vTEPo0szFPd%2FcvhkDHORl8ai4Ke0o2f7PmK5gHxuL3PjLtb1oZeDFubCC9gNqiNdFYf27VjrMwHRVRsAlFqFjuCv91HpBcsCSfEjpk0xAEBAqpQ%2BYz0M8vvBA5KAPX0JNS0u%2BbbQHUw3EBE6PB8%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7cbbe0eb7eb20066-CDG
expires
Wed, 19 Apr 2023 15:44:00 GMT
Hydropath-Riverwalk-600x400.jpg
www.kingfisherspa.com/wp-content/uploads/2018/03/ 		44 KB
45 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kingfisherspa.com/wp-content/uploads/2018/03/Hydropath-Riverwalk-600x400.jpg
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
c1b5a30f7f0c7d1f5563a13bed30d40107c24f7197aa2d019e6343bca555dbd9

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/special/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
597
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
45485
last-modified
Tue, 27 Mar 2018 16:14:54 GMT
server
cloudflare
etag
"b1ad-5aba6dfe-17b7c1;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ZnoDuJG0qODtxFK5R%2F9c5LuHu3YkRrIBohknpeFQJnmzR0NUeh4HdYhN5esgQb2NmAmGtecs4EOLcgRdWR8rLDSdgPlGzZaaMTeIqI36P29lMmqg4ewoEuwOUWL3%2Fa9BVbk2FDl0sHBrHhCsJVEeZaHaDZA%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7cbbe0eb7eb40066-CDG
expires
Fri, 28 Apr 2023 13:31:29 GMT
PacificMistSpaMassage_cropped-600x400.jpg
www.kingfisherspa.com/wp-content/uploads/2021/11/ 		30 KB
31 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kingfisherspa.com/wp-content/uploads/2021/11/PacificMistSpaMassage_cropped-600x400.jpg
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6d58ef2a87006f24559cb65d82e71b9caf224e3ccbfed27802145a06028de02a

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/special/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
597
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
31087
last-modified
Mon, 15 Nov 2021 22:02:41 GMT
server
cloudflare
etag
"796f-6192d901-1b981e;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=U4aq7KLeZPlMhU7086Uqb3JF9gTRvCixkjMhFQKP3s7pEC7v%2FvjdlJCN3IoCu0NHNx1bd4Fhmurr7rSMW9%2BtgxdygtRec0I7ceFAh61UYh0pgr9uVYAjXg9OhS8bkuxQFMxK5%2Fbbu8fEJN%2FAi1TzZlL8AJQ%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7cbbe0eb7eb60066-CDG
expires
Tue, 30 May 2023 08:10:18 GMT
Facial_Zoom.jpg
www.kingfisherspa.com/wp-content/uploads/2021/11/ 		4 MB
4 MB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kingfisherspa.com/wp-content/uploads/2021/11/Facial_Zoom.jpg
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2086044ecb58dca0c4180c50032b166de21823bbc8f5fc6785bc31043c8d0bbf

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/special/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
597
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
4185321
last-modified
Mon, 15 Nov 2021 23:16:39 GMT
server
cloudflare
etag
"3fdce9-6192ea57-1b97f2;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E3j4Ol6MbKcdrTSt4mdadG75vK1MbOxA7MVsqk%2Bcjn9gg6odcWHh9Cvj8Mv8hOAcf584WO8Xb4f7qt1pTYXtQy7n7tLJITShBA7pQolH9vxrlbDtWT8cTOEY6HOOgGfbbNhKKY0fAkTnNlpyxMnmxYz2j6A%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7cbbe0eb7eb70066-CDG
expires
Fri, 28 Apr 2023 13:31:29 GMT
pregnant-600x400.jpg
www.kingfisherspa.com/wp-content/uploads/2016/01/ 		27 KB
27 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kingfisherspa.com/wp-content/uploads/2016/01/pregnant-600x400.jpg
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
6c328b456cf5cdf10f4eddccc66e873a7ac640541ee0b75828936efd426d8974

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/special/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
596
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
27289
last-modified
Mon, 04 Jan 2016 21:21:18 GMT
server
cloudflare
etag
"6a99-568ae24e-17b22a;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=FIx2ogdOUaeTmDy6QIh2D1fP5MH66vDuN9mq1wmezpRKZ2fTwL3Z28tafve9AX99272EwVwW1sLpdAup4hDGQGE3dJSbiVLiAeVwJnwL58ikXkEaJOEYX0QKTXyNNkWeaHEgAgX7ZQoSJ0jkXvDTMBOscZU%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7cbbe0eb7eba0066-CDG
expires
Fri, 28 Apr 2023 13:31:29 GMT
fontawesome-webfont.woff2
www.kingfisherspa.com/wp-content/themes/kf_summer_2018/fonts/ 		55 KB
56 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://www.kingfisherspa.com/wp-content/themes/kf_summer_2018/fonts/fontawesome-webfont.woff2?v=4.3.0
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/wp-content/themes/kf_summer_2018/style.css?ver=1683761422
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c

Request headers

Referer
https://www.kingfisherspa.com/wp-content/themes/kf_summer_2018/style.css?ver=1683761422
Origin
https://www.kingfisherspa.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:15 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
599
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
56780
last-modified
Wed, 10 May 2023 23:30:22 GMT
server
cloudflare
etag
"ddcc-645c290e-17a2b0;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=99zOJ2Z2qnxMMuZ%2BWusEOi8skiC0tEu3yPVmZJUmBkp70yo7%2BiTOPwSU%2Br7ExB9kLiNgd3%2F9diQWlqHsXQ2KzEfXap%2F7SXxVFoWJkcCQApwdia6tOZa2Yz4nA7zlfAI9L5zVZ%2FBxTLtXS2MCQkWNIVJmZDo%3D"}],"group":"cf-nel","max_age":604800}
content-type
font/woff2
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7cbbe0eb7ebb0066-CDG
expires
Thu, 18 May 2023 02:13:32 GMT
RWmMoKWR9v4ksMfaWd_JN9XFiaQ.woff2
fonts.gstatic.com/s/greatvibes/v15/ 		34 KB
34 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/greatvibes/v15/RWmMoKWR9v4ksMfaWd_JN9XFiaQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Great+Vibes|Lato:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
4828fd073a3b3ae17675d358262414d34cee95b4b94a4ab41a8e335a2015eb0c
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.kingfisherspa.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Wed, 17 May 2023 19:40:34 GMT
x-content-type-options
nosniff
age
477581
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
34860
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:43:21 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 16 May 2024 19:40:34 GMT
S6uyw4BMUTPHjx4wXg.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6uyw4BMUTPHjx4wXg.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Great+Vibes|Lato:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.kingfisherspa.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 00:06:44 GMT
x-content-type-options
nosniff
age
288811
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23580
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:17:22 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 00:06:44 GMT
S6u_w4BMUTPHjxsI5wq_Gwft.woff2
fonts.gstatic.com/s/lato/v24/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u_w4BMUTPHjxsI5wq_Gwft.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Great+Vibes|Lato:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.kingfisherspa.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 04:00:51 GMT
x-content-type-options
nosniff
age
15564
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24448
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:30:00 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 22 May 2024 04:00:51 GMT
S6u9w4BMUTPHh6UVSwiPGQ.woff2
fonts.gstatic.com/s/lato/v24/ 		23 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u9w4BMUTPHh6UVSwiPGQ.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Great+Vibes|Lato:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.kingfisherspa.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:05:17 GMT
x-content-type-options
nosniff
age
249298
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
23040
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:07:25 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 11:05:17 GMT
S6u8w4BMUTPHjxsAXC-q.woff2
fonts.gstatic.com/s/lato/v24/ 		24 KB
24 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://fonts.gstatic.com/s/lato/v24/S6u8w4BMUTPHjxsAXC-q.woff2
Requested by
Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Great+Vibes|Lato:400,400i,700,700i
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:828::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://fonts.googleapis.com/
Origin
https://www.kingfisherspa.com
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Sat, 20 May 2023 11:58:03 GMT
x-content-type-options
nosniff
age
246132
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
24408
x-xss-protection
0
last-modified
Tue, 02 May 2023 15:14:26 GMT
server
sffe
cross-origin-opener-policy
same-origin; report-to="apps-themes"
report-to
{"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type
font/woff2
access-control-allow-origin
*
cache-control
public, max-age=31536000
accept-ranges
bytes
timing-allow-origin
*
expires
Sun, 19 May 2024 11:58:03 GMT
6.jpg
www.kingfisherspa.com/wp-content/uploads/2022/11/ 		280 KB
280 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.kingfisherspa.com/wp-content/uploads/2022/11/6.jpg
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2a21e34add6e6c351b66ffedeec72b21c61c489e6fb9e06bc2bbb88297e1e8f1

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/special/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:16 GMT
cf-cache-status
MISS
last-modified
Wed, 02 Nov 2022 19:19:04 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
etag
"45e95-6362c2a8-d16;;;"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Gw5wKygw9pCi0vH2qMpczwZFtb1EhfLivaMOCrRzsGoTgK2l3Pa7YLyU8Pi1ote4FAazOvVtzZq7J3NiCNavG4%2F3It3Ho5XMWE7HCD%2FVIIUbmsUzCAN0jqiK1Qj4Oe2no%2F%2Fm9wnNmWFrp34fzXGgq2oZzTI%3D"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
cache-control
public, max-age=604800
accept-ranges
bytes
cf-ray
7cbbe0ebcf140066-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length
286357
expires
Tue, 30 May 2023 08:20:15 GMT
/
www.kingfisherspa.com/ 		0
435 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.kingfisherspa.com/?spu_action=spu_load
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/wp-includes/js/jquery/jquery.min.js?ver=3.6.3
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept
text/html, */*; q=0.01
Referer
https://www.kingfisherspa.com/special/
X-Requested-With
XMLHttpRequest
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/x-www-form-urlencoded; charset=UTF-8

Response headers

date
Tue, 23 May 2023 08:20:15 GMT
content-encoding
br
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=680CsdBj2mGGa%2FMdncmpzuCZA0O%2FgGoYNRXcl4lsUhoJgoFSf4PczP6mXQXar4WaHYuI6AYGFv9YFGcMEMDHbt6o8cI00j918MczRCtblOz0VhYKzpRTCHvcC33kdwuaQXVW1sDXrsjSeDGgQ6dC9PTRG2I%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/html; charset=UTF-8
cf-ray
7cbbe0ebdf240066-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/925340723/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/925340723/?random=1684830015338&cv=9&fst=1684830015338&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fwww.kingfisherspa.com%2Fspecial%2F&tiba=Packages%20%26%20Specials%20-%20Kingfisher%20Oceanside%20Resort%20and%20SpaKingfisher%20Oceanside%20Resort%20and%20Spa&hn=www.googleadservices.com&rfmt=3&fmt=4
Requested by
Host: www.googleadservices.com
URL: https://www.googleadservices.com/pagead/conversion.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
49fc723ec4acd2ee96b2838d19d8f1dfac069ddcced3526524c6c85649bc0db6
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 08:20:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1421
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
storage.html
cdn.wishpond.net/ Frame 5021 		3 KB
2 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://cdn.wishpond.net/storage.html
Requested by
Host: cdn.wishpond.net
URL: https://cdn.wishpond.net/connect.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
18.66.112.79 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
server-18-66-112-79.fra56.r.cloudfront.net
Software
nginx/1.17.5 /
Resource Hash
0a1ee1037effea6008ee6ec97ef36c0783edeb9e7a9c0fd469737b2b306f352b

Request headers

Referer
https://www.kingfisherspa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-origin
*
age
538386
cache-control
public, must-revalidate, proxy-revalidate, max-age=0, s-max-age=172800
content-encoding
gzip
content-type
text/html; charset=UTF-8
date
Sat, 20 May 2023 01:48:40 GMT
etag
W/"645becda-c7d"
last-modified
Wed, 10 May 2023 19:13:30 GMT
server
nginx/1.17.5
vary
Accept-Encoding
via
1.1 98652de9f742fc1df9de714d921e14c2.cloudfront.net (CloudFront)
x-amz-cf-id
-J28-aXdo2LHhP0g3LspEau18xZuBAhQ2fg3FeP5iBT5D6ZxeBZYzw==
x-amz-cf-pop
FRA56-P5
x-cache
Hit from cloudfront
popups.json
www.wishpond.com/ Frame 		0
0 		Preflight
General
Check archive.org
Download Go to
Full URL
https://www.wishpond.com/popups.json?merchant_id=1365757&url=https%3A%2F%2Fwww.kingfisherspa.com%2Fspecial%2F
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.151.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-151-108.compute-1.amazonaws.com
Software
nginx/1.17.5 /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=300

Request headers

Accept
*/*
Access-Control-Request-Headers
x-requested-with
Access-Control-Request-Method
GET
Origin
https://www.kingfisherspa.com
Sec-Fetch-Mode
cors
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

access-control-allow-credentials
true
access-control-allow-headers
x-requested-with
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
access-control-allow-origin
https://www.kingfisherspa.com
access-control-expose-headers
access-control-max-age
600
content-encoding
gzip
content-type
text/plain
date
Tue, 23 May 2023 08:20:15 GMT
server
nginx/1.17.5
strict-transport-security
max-age=300
vary
Accept-Encoding
x-download-options
noopen
x-request-id
595f9964-b26d-43b9-86ba-2e0f3b4a424a
x-runtime
0.001434
popups.json
www.wishpond.com/ 		13 B
1 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.wishpond.com/popups.json?merchant_id=1365757&url=https%3A%2F%2Fwww.kingfisherspa.com%2Fspecial%2F
Requested by
Host: cdn.wishpond.net
URL: https://cdn.wishpond.net/connect.js
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
34.205.151.108 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS
ec2-34-205-151-108.compute-1.amazonaws.com
Software
nginx/1.17.5 /
Resource Hash
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
Security Headers
Name Value
Content-Security-Policy default-src 'self'; base-uri 'self'; child-src 'self'; connect-src wss: *.wishpond.com; font-src 'self' data: https:; frame-ancestors 'self'; frame-src 'self' cdn.wishpond.net evergenius-webframes.wishpond.com; img-src 'self' blob: data: https:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: d30itml3t0pwpf.cloudfront.net cdn.wishpond.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' https:; worker-src 'self'
Strict-Transport-Security max-age=300
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Referer
https://www.kingfisherspa.com/
X-Requested-With
XMLHttpRequest
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:16 GMT
strict-transport-security
max-age=300
x-content-type-options
nosniff
content-security-policy
default-src 'self'; base-uri 'self'; child-src 'self'; connect-src wss: *.wishpond.com; font-src 'self' data: https:; frame-ancestors 'self'; frame-src 'self' cdn.wishpond.net evergenius-webframes.wishpond.com; img-src 'self' blob: data: https:; object-src 'none'; script-src 'unsafe-inline' 'unsafe-eval' 'strict-dynamic' https: d30itml3t0pwpf.cloudfront.net cdn.wishpond.net ajax.googleapis.com; style-src 'self' 'unsafe-inline' https:; worker-src 'self'
content-encoding
gzip
p3p
CP="NON"
x-xss-protection
1; mode=block
x-request-id
76cf90b2-358a-4812-992a-f72dfbe30dbb
x-runtime
0.014240
server
nginx/1.17.5
x-download-options
noopen
vary
Accept-Encoding, Origin
access-control-allow-methods
GET, POST, PATCH, PUT, DELETE, OPTIONS
content-language
fr-FR
access-control-allow-origin
https://www.kingfisherspa.com
access-control-expose-headers
access-control-max-age
600
access-control-allow-credentials
true
content-type
application/json; charset=utf-8
x-frame-options
DENY
831176157910557
connect.facebook.net/signals/config/ 		300 KB
86 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://connect.facebook.net/signals/config/831176157910557?v=2.9.104&r=stable
Requested by
Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f084:d:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
/
Resource Hash
c8ae96914609667e4050ad0aa04e1e53c36f6cf10908d127f63683eba016fe92
Security Headers
Name Value
Content-Security-Policy default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security max-age=31536000; preload; includeSubDomains
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

content-security-policy
default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
content-encoding
gzip
x-content-type-options
nosniff
strict-transport-security
max-age=31536000; preload; includeSubDomains
date
Tue, 23 May 2023 08:20:15 GMT
document-policy
force-load-at-top
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
87958
x-fb-rlafr
0
x-xss-protection
0
pragma
public
x-fb-debug
P4+3t5wi7wo+EKjQhVXZrabZSOyTNUnMmqMk/9r6wzBDglBIc6FxfLkFV1JzAclkpe0ZezBeDd/jk3CG00apyA==
cross-origin-embedder-policy-report-only
require-corp;report-to="coep_report"
x-fb-trip-id
1679558926
cross-origin-opener-policy
same-origin-allow-popups
vary
Accept-Encoding
report-to
{"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-type
application/x-javascript; charset=utf-8
x-frame-options
DENY
cache-control
public, max-age=1200
permissions-policy
accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires
Sat, 01 Jan 2000 00:00:00 GMT
/
googleads.g.doubleclick.net/pagead/viewthroughconversion/642704446/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/viewthroughconversion/642704446/?random=1684830015615&cv=11&fst=1684830015615&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.kingfisherspa.com%2Fspecial%2F&hn=www.googleadservices.com&frm=0&tiba=Packages%20%26%20Specials%20-%20Kingfisher%20Oceanside%20Resort%20and%20SpaKingfisher%20Oceanside%20Resort%20and%20Spa&auid=767298932.1684830016&uamb=0&uaw=0&data=event%3Dgtag.config&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-642704446
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80e::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
b1b3553abbf4d3c2e1ff047a2dd80bb6192cc2aaa675b37be942466946a779ee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 08:20:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1360
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.googleadservices.com/pagead/conversion/642704446/ 		3 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.googleadservices.com/pagead/conversion/642704446/?random=1684830015636&cv=11&fst=1684830015636&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.kingfisherspa.com%2Fspecial%2F&label=PWglCIXIrIEYEL7Iu7IC&hn=www.googleadservices.com&frm=0&tiba=Packages%20%26%20Specials%20-%20Kingfisher%20Oceanside%20Resort%20and%20SpaKingfisher%20Oceanside%20Resort%20and%20Spa&gtm_ee=1&auid=767298932.1684830016&uamb=0&uaw=0&data=event%3Dconversion&rfmt=3&fmt=4
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=AW-642704446
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.34 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s04-in-f2.1e100.net
Software
cafe /
Resource Hash
3efcb71070af60dfeab0fb9f44dc2533688e4052c52cf19fc2762a8666c8a927
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 08:20:15 GMT
content-encoding
br
x-content-type-options
nosniff
server
cafe
content-type
text/javascript; charset=UTF-8
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
1568
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
region1.analytics.google.com/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://region1.analytics.google.com/g/collect?v=2&tid=G-PDJ5CB60R0&gtm=45je35h0&_p=1059491170&_gaz=1&cid=598591925.1684830016&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1684830015&sct=1&seg=0&dl=https%3A%2F%2Fwww.kingfisherspa.com%2Fspecial%2F&dt=Packages%20%26%20Specials%20-%20Kingfisher%20Oceanside%20Resort%20and%20SpaKingfisher%20Oceanside%20Resort%20and%20Spa&en=page_view&_fv=1&_nsi=1&_ss=1&_ee=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PDJ5CB60R0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2001:4860:4802:32::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 08:20:15 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kingfisherspa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
collect
stats.g.doubleclick.net/g/ 		0
258 B 		Ping
General
Check archive.org
Download Go to
Full URL
https://stats.g.doubleclick.net/g/collect?v=2&tid=G-PDJ5CB60R0&cid=598591925.1684830016&gtm=45je35h0&aip=1
Requested by
Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-PDJ5CB60R0
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:400c:c00::9b Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 08:20:16 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://www.kingfisherspa.com
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
ga-audiences
www.google.fr/ads/ 		42 B
107 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-PDJ5CB60R0&cid=598591925.1684830016&gtm=45je35h0&aip=1&z=1612019193
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 08:20:16 GMT
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.com/pagead/1p-user-list/925340723/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/925340723/?random=1684830015338&cv=9&fst=1684828800000&num=1&guid=ON&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.kingfisherspa.com%2Fspecial%2F&tiba=Packages%20%26%20Specials%20-%20Kingfisher%20Oceanside%20Resort%20and%20SpaKingfisher%20Oceanside%20Resort%20and%20Spa&fmt=3&is_vtc=1&random=3830285031&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 08:20:16 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.fr/pagead/1p-user-list/925340723/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/pagead/1p-user-list/925340723/?random=1684830015338&cv=9&fst=1684828800000&num=1&guid=ON&eid=375603261%2C466465925%2C512247839&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=0&u_java=false&u_nplug=3&u_nmime=4&sendb=1&frm=0&url=https%3A%2F%2Fwww.kingfisherspa.com%2Fspecial%2F&tiba=Packages%20%26%20Specials%20-%20Kingfisher%20Oceanside%20Resort%20and%20SpaKingfisher%20Oceanside%20Resort%20and%20Spa&fmt=3&is_vtc=1&random=3830285031&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 08:20:16 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ 		0
185 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.facebook.com/tr/?id=831176157910557&ev=PageView&dl=https%3A%2F%2Fwww.kingfisherspa.com%2Fspecial%2F&rl=&if=false&ts=1684830015789&sw=1600&sh=1200&v=2.9.104&r=stable&ec=0&o=30&fbp=fb.1.1684830015787.294676881&it=1684830015484&coo=false&rqm=GET
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains
date
Tue, 23 May 2023 08:20:16 GMT
server
proxygen-bolt
content-type
text/plain
access-control-allow-origin
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=86400
content-length
0
/
www.google.com/pagead/1p-user-list/642704446/ 		42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.com/pagead/1p-user-list/642704446/?random=1684830015615&cv=11&fst=1684828800000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.kingfisherspa.com%2Fspecial%2F&frm=0&tiba=Packages%20%26%20Specials%20-%20Kingfisher%20Oceanside%20Resort%20and%20SpaKingfisher%20Oceanside%20Resort%20and%20Spa&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1093756981&rmt_tld=0&ipr=y
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 08:20:16 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.fr/pagead/1p-user-list/642704446/ 		42 B
455 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/pagead/1p-user-list/642704446/?random=1684830015615&cv=11&fst=1684828800000&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.kingfisherspa.com%2Fspecial%2F&frm=0&tiba=Packages%20%26%20Specials%20-%20Kingfisher%20Oceanside%20Resort%20and%20SpaKingfisher%20Oceanside%20Resort%20and%20Spa&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=1093756981&rmt_tld=1&ipr=y
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 08:20:16 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.google.fr/pagead/1p-conversion/642704446/
Redirect Chain
  • https://googleads.g.doubleclick.net/pagead/viewthroughconversion/642704446/?random=924987067&cv=11&fst=1684830015636&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.k...
  • https://www.google.com/pagead/1p-conversion/642704446/?random=924987067&cv=11&fst=1684830015636&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.kingfisherspa.com%2Fsp...
  • https://www.google.fr/pagead/1p-conversion/642704446/?random=924987067&cv=11&fst=1684830015636&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.kingfisherspa.com%2Fspe...
42 B
108 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://www.google.fr/pagead/1p-conversion/642704446/?random=924987067&cv=11&fst=1684830015636&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.kingfisherspa.com%2Fspecial%2F&label=PWglCIXIrIEYEL7Iu7IC&hn=www.googleadservices.com&frm=0&tiba=Packages%20%26%20Specials%20-%20Kingfisher%20Oceanside%20Resort%20and%20SpaKingfisher%20Oceanside%20Resort%20and%20Spa&gtm_ee=1&auid=767298932.1684830016&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOE1peG93WVE5cTc4eU9UOHFlVV9FaVVBVWNVTk94SWhrU0Y5ZTNaR0JhSVlSa19zU3c4X0s4SlBQa2hFVmRFVEhEMWF0VkRSGldDaEFJOE1peG93WVE4dmlVbnRHcXdKWnNFaTBBX0U2MWtMMkZDMHpMR1VBakxUZVFYRGUtcHVEWGhxaWszVUhpSGVPbkZWRXB0X1BQbDBMT1REdW10ODQ&is_vtc=1&ocp_id=P3dsZLDpJ6qikdUPoeG-wAg&cid=CAQSKQBygQiDqzN4Dpa-uarW6j0b0enCsyuTR4PV4DzmimlCSYuKzsFZCJaz&random=2224892952&ipr=y
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H2
Server
2a00:1450:4001:80b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
Content-Security-Policy script-src 'none'; object-src 'none'
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 23 May 2023 08:20:16 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
content-type
image/gif
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 23 May 2023 08:20:16 GMT
content-security-policy
script-src 'none'; object-src 'none'
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location
https://www.google.fr/pagead/1p-conversion/642704446/?random=924987067&cv=11&fst=1684830015636&bg=ffffff&guid=ON&async=1&gtm=45be35h0&u_w=1600&u_h=1200&url=https%3A%2F%2Fwww.kingfisherspa.com%2Fspecial%2F&label=PWglCIXIrIEYEL7Iu7IC&hn=www.googleadservices.com&frm=0&tiba=Packages%20%26%20Specials%20-%20Kingfisher%20Oceanside%20Resort%20and%20SpaKingfisher%20Oceanside%20Resort%20and%20Spa&gtm_ee=1&auid=767298932.1684830016&uamb=0&uaw=0&data=event%3Dconversion&fmt=3&ctc_id=CAIVAgAAAB0CAAAA&ct_cookie_present=false&sscte=1&crd=&pscrd=EkxDaEFJOE1peG93WVE5cTc4eU9UOHFlVV9FaVVBVWNVTk94SWhrU0Y5ZTNaR0JhSVlSa19zU3c4X0s4SlBQa2hFVmRFVEhEMWF0VkRSGldDaEFJOE1peG93WVE4dmlVbnRHcXdKWnNFaTBBX0U2MWtMMkZDMHpMR1VBakxUZVFYRGUtcHVEWGhxaWszVUhpSGVPbkZWRXB0X1BQbDBMT1REdW10ODQ&is_vtc=1&ocp_id=P3dsZLDpJ6qikdUPoeG-wAg&cid=CAQSKQBygQiDqzN4Dpa-uarW6j0b0enCsyuTR4PV4DzmimlCSYuKzsFZCJaz&random=2224892952&ipr=y
content-type
image/gif
cache-control
no-cache, no-store, must-revalidate
cross-origin-resource-policy
cross-origin
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
/
www.facebook.com/tr/ Frame 75B4 		0
53 B 		Document
General
Check archive.org
Download Go to
Full URL
https://www.facebook.com/tr/
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/special/
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a03:2880:f177:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software
proxygen-bolt /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains

Request headers

Content-Type
application/x-www-form-urlencoded
Origin
https://www.kingfisherspa.com
Referer
https://www.kingfisherspa.com/
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
accept-language
fr-FR,fr;q=0.9

Response headers

access-control-allow-credentials
true
access-control-allow-origin
https://www.kingfisherspa.com
alt-svc
h3=":443"; ma=86400
content-length
0
content-type
text/plain
cross-origin-resource-policy
cross-origin
date
Tue, 23 May 2023 08:20:16 GMT
server
proxygen-bolt
strict-transport-security
max-age=31536000; includeSubDomains
invisible.js
www.kingfisherspa.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/ Frame E591
Redirect Chain
  • https://www.kingfisherspa.com/cdn-cgi/challenge-platform/scripts/invisible.js
  • https://www.kingfisherspa.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
26 KB
12 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kingfisherspa.com/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
Protocol
H3
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
0c9f7a0bd215cebecb123e554d52edf16e5d449ea676f7ef480b67647d800d45
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:17 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=xbx5PDrvXF%2BUeVHkkrlqeNnN5fdtNyn5dXgbBoC6OsEe7seVzofLmIceVEWGTxRgi9yipjimolKysXAtWwMHBial5wL%2FUT2Tcip35i3ORrPHPIW2N5kiQg7t8KaOT1xzuW7IQ%2B9SisBhPD%2Bi9AeB7hCqYvM%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7cbbe0f96c190066-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400

Redirect headers

date
Tue, 23 May 2023 08:20:16 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WUdAs%2BQb1k1Ts2Zfi8f86V5cOXVoqHpVhmMca59EA66%2FiWatu8cRQwf48nOJrO2k14xH4CpaqPA3KAdpW5YiByBPIvrhx8OJOAay9s2YvuBkdsf83zLLCMj6fI84vKnE%2BPcKxa68JNe9BYme%2Fmo3vXKRUpI%3D"}],"group":"cf-nel","max_age":604800}
location
/cdn-cgi/challenge-platform/h/g/scripts/jsd/7fe8adc8/invisible.js
access-control-allow-origin
*
cache-control
max-age=300, public
cf-ray
7cbbe0f46f1a0066-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
pica.js
www.kingfisherspa.com/cdn-cgi/challenge-platform/h/g/scripts/ Frame E591 		6 KB
3 KB 		Other
General
Check archive.org
Download Go to
Full URL
https://www.kingfisherspa.com/cdn-cgi/challenge-platform/h/g/scripts/pica.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
51e6782b8e348369c4c87a6fd8a6b7aa1206da071dfdf69c9db1a1c2b5b44bb0
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:17 GMT
content-encoding
br
x-content-type-options
nosniff
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
vary
accept-encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=H8OeYwdG4iWV2VA0SqXe5p2PbMoQaOM39Y4RnJ%2BWhXDAmb5duNamxed5drcIGodMDT7r5bFYqMo60ytXf2HSZenfPqVIEDEoimisVinQpxLH%2B%2B0cTAWJO9abE14sQJP2FhJPrXUMUqp6lDjQn6G6t1Vf93s%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/javascript; charset=UTF-8
cache-control
max-age=14400, public
cf-ray
7cbbe0f9ac5f0066-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
7cbbe0df6b550151
www.kingfisherspa.com/cdn-cgi/challenge-platform/h/g/cv/result/ Frame E591 		2 B
650 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.kingfisherspa.com/cdn-cgi/challenge-platform/h/g/cv/result/7cbbe0df6b550151
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/cdn-cgi/challenge-platform/scripts/invisible.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df

Request headers

Referer
accept-language
fr-FR,fr;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36
Content-Type
application/json

Response headers

date
Tue, 23 May 2023 08:20:18 GMT
content-encoding
br
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jXJkhYorVqvgvQFljm8HgeOKnI772cSFL5Gc8VLLSc31fD3v7hJ%2Fn0LrQ4kb1LnWM8EJCxN0N04krY4Li55QxEFqoamdTTFttMKdQROGpokMV7y%2By%2FiZQInoMGdbE7mfackT%2FBz%2FcxAZhKfyR%2FY6DZunoXs%3D"}],"group":"cf-nel","max_age":604800}
content-type
text/plain; charset=UTF-8
cf-ray
7cbbe0fdbfc30066-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
edge.Menu.min.js
www.kingfisherspa.com/wp-content/plugins/themify-builder/themify/js/modules/ 		532 B
891 B 		Script
General
Check archive.org
Download Go to
Full URL
https://www.kingfisherspa.com/wp-content/plugins/themify-builder/themify/js/modules/edge.Menu.min.js?ver=7.0.9
Requested by
Host: www.kingfisherspa.com
URL: https://www.kingfisherspa.com/wp-content/plugins/themify-builder/themify/js/main.min.js?ver=7.0.9
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
2a06:98c1:3121::3 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
2074fb7d5768d5beeed7dcd82e9495b58bd0b899202dc9dc823197a73245a6bc

Request headers

accept-language
fr-FR,fr;q=0.9
Referer
https://www.kingfisherspa.com/special/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/113.0.5672.126 Safari/537.36

Response headers

date
Tue, 23 May 2023 08:20:18 GMT
content-encoding
br
cf-cache-status
HIT
last-modified
Wed, 10 May 2023 23:30:19 GMT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
age
19671
etag
W/"214-645c290b-1f85e6;gz"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=d2h5FQ3DjxzhtRj9uLwk0t6uKyCoFHSherN0pkIyA9qcYATxca9WCNyP8MDRt4MB9zgjyqt%2FDO3sJiXLPdyM1VDJ1dwpIJJCGWBQduMLrzq30edTYcith%2B3vZt1a6c4JZTbo3k0vN3yq%2BxiMuHC3wZcQJNI%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/x-javascript
cache-control
public, max-age=604800
cf-ray
7cbbe0fe788b0066-CDG
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires
Tue, 30 May 2023 02:52:27 GMT

Verdicts & Comments Add Verdict or Comment

95 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 boolean| credentialless object| _wpemojiSettings undefined| $ function| jQuery function| gtag object| dataLayer function| fbq function| _fbq object| Wishpond function| moment function| Pikaday object| picker object| spuvar object| spuvar_social function| EventEmitter object| eventie function| imagesLoaded object| bootstrap object| log_obj object| background_obj object| gdpr_cookies_obj object| google_conversion_id object| google_custom_params object| google_remarketing_only object| google_tag_data function| GooglemKTybQhCsO object| google_conversion_date object| google_conversion_time number| google_conversion_snippets number| google_conversion_first_time object| google_conversion_js_version object| google_conversion_format object| google_enable_display_cookie_match object| google_conversion_type object| google_conversion_order_id object| google_conversion_language object| google_conversion_value object| google_conversion_currency object| google_conversion_domain object| google_conversion_label object| google_conversion_color object| google_disable_viewthrough object| google_gtag_event_data object| google_conversion_linker object| google_tag_for_child_directed_treatment object| google_tag_for_under_age_of_consent object| google_allow_ad_personalization_signals object| google_restricted_data_processing object| google_conversion_items object| google_conversion_merchant_id object| google_user_id object| onload_callback object| opt_image_generator object| google_gtm_url_processor object| google_conversion_page_url object| google_conversion_referrer_url object| google_gtm object| google_gcl_cookie_prefix object| google_gcl_cookie_path object| google_gcl_cookie_flags object| google_gcl_cookie_domain object| google_gcl_cookie_max_age_seconds object| google_read_gcl_cookie_opt_out object| google_basket_feed_country object| google_basket_feed_language object| google_basket_discount object| google_basket_transaction_type object| google_additional_conversion_params object| google_additional_params object| google_transport_url object| google_gtm_experiments object| tbLocalScript object| themify_vars object| twemoji object| wp object| Base64 object| XD object| fastdom function| CrossStorageClient object| google_tag_manager object| GooglebQhCsO function| onYouTubeIframeAPIReady object| gaGlobal object| Themify string| GDPR_ACCEPT_COOKIE_NAME string| GDPR_CCPA_COOKIE_NAME string| US_PRIVACY_COOKIE_NAME string| GDPR_ACCEPT_COOKIE_EXPIRE number| GDPR_CCPA_COOKIE_EXPIRE object| SPU boolean| loaded function| tfOn function| tfOff

7 Cookies

Domain/Path Name / Value
.kingfisherspa.com/ Name: _gcl_au
Value: 1.1.767298932.1684830016
.doubleclick.net/ Name: IDE
Value: AHWqTUmwOMaeGIgY_o6IZJClCOgxnmroekWIvyLDKzZyp4GZPmht8q-1YeKnbaRG
.kingfisherspa.com/ Name: _ga_PDJ5CB60R0
Value: GS1.1.1684830015.1.0.1684830015.60.0.0
.kingfisherspa.com/ Name: _ga
Value: GA1.1.598591925.1684830016
.kingfisherspa.com/ Name: _fbp
Value: fb.1.1684830015787.294676881
www.kingfisherspa.com/ Name: wpl_user_preference
Value: %7B%22necessary%22%3A%22yes%22%2C%22marketing%22%3A%22yes%22%2C%22analytics%22%3A%22yes%22%2C%22preferences%22%3A%22yes%22%2C%22unclassified%22%3A%22yes%22%7D
.kingfisherspa.com/ Name: __cf_bm
Value: BGsrBHJlcoTPxIkuCrwWypfzMm44Sj4ov.KDDfI8DlU-1684830018-0-AehJBGNFuZq06RCw3l6XPY/9g+A3n6tJinn5v6m/56UyGoM7EXP6ThsiZxp3uaJyBiESnYAYC+M/cc1eOrtRMmYQctFxDam4rUiHsj9WJNdB

1 Console Messages

Source Level URL
Text
rendering warning URL: https://www.kingfisherspa.com/special/(Line 13)
Message:
Error parsing a meta element's content: ';' is not a valid key-value pair separator. Please use ',' instead.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

cdn.wishpond.net
cdnjs.cloudflare.com
connect.facebook.net
fonts.googleapis.com
fonts.gstatic.com
gbajcfj.r.af.d.sendibt2.com
googleads.g.doubleclick.net
region1.analytics.google.com
stats.g.doubleclick.net
www.facebook.com
www.google.com
www.google.fr
www.googleadservices.com
www.googletagmanager.com
www.kingfisherspa.com
www.wishpond.com
1.179.112.195
142.250.186.34
18.66.112.79
2001:4860:4802:32::36
2606:4700::6811:180e
2a00:1450:4001:80b::2003
2a00:1450:4001:80b::2004
2a00:1450:4001:80e::2002
2a00:1450:4001:827::200a
2a00:1450:4001:828::2003
2a00:1450:4001:829::2008
2a00:1450:400c:c00::9b
2a03:2880:f084:d:face:b00c:0:3
2a03:2880:f177:83:face:b00c:0:25de
2a06:98c1:3121::3
34.205.151.108
09480ced42b18927829deec475d22c8cc85deb760a7e1eec65574765e5f7b158
0a1ee1037effea6008ee6ec97ef36c0783edeb9e7a9c0fd469737b2b306f352b
0c9f7a0bd215cebecb123e554d52edf16e5d449ea676f7ef480b67647d800d45
0fb4edade42a37a656ace0835091e99637f4bc73805428ea01ba5f1c73809cb1
186cec9ee3f8a31ee83f6cc9ed2f1052b45707ccef3409ab0c5073d5783f7605
2074fb7d5768d5beeed7dcd82e9495b58bd0b899202dc9dc823197a73245a6bc
2086044ecb58dca0c4180c50032b166de21823bbc8f5fc6785bc31043c8d0bbf
2689367b205c16ce32ed4200942b8b8b1e262dfc70d9bc9fbc77c49699a4f1df
2a21e34add6e6c351b66ffedeec72b21c61c489e6fb9e06bc2bbb88297e1e8f1
2d95369aff9043b0e352920be5cc35ef0ae516499361080553488585c65e87aa
37c558263ba695539d83e2b57c33595763d1b7b36e27e4d2b0a654ef00027690
3dbe4c0cf4691ad8c3ea1f11926accc18290ff1fed8afe443355862c03a158af
3efcb71070af60dfeab0fb9f44dc2533688e4052c52cf19fc2762a8666c8a927
429d0b9c231869b8cee39e91d697af3f76608bcd97c95280ecc3b05e58219da4
46aea4eddb1a4427e05400db62a08f534e433aac5c54acbcbe683f7c875c6e70
4828fd073a3b3ae17675d358262414d34cee95b4b94a4ab41a8e335a2015eb0c
49fc723ec4acd2ee96b2838d19d8f1dfac069ddcced3526524c6c85649bc0db6
4f79a89d16a5f717110fe080c0bf90b7e05ff95a4c4983f64d33110bf5f9c230
51e6782b8e348369c4c87a6fd8a6b7aa1206da071dfdf69c9db1a1c2b5b44bb0
57ae3b9f068bb7d7004d02fd698d2d26e4328d88f37ecdc5058bddd25614be1c
5881b4f2ae1a4f45ae43f7b68d1fde8de01885d0c05ba9e35d135bf21c6d3e8a
5dcb7767499a23281e3ffc82f81f58ad88d573c4d53b4f5315ae0f63eff79e9a
62dd6f0e268ae0b6d20c77cdd386b342a693b6a39baecf9c00410daadf6b0c31
6c328b456cf5cdf10f4eddccc66e873a7ac640541ee0b75828936efd426d8974
6c84348296ebe2e2a0830c3962eb02156419d9bc76371c2eadaf7329d827d550
6d58ef2a87006f24559cb65d82e71b9caf224e3ccbfed27802145a06028de02a
737ba2ba9cf1d8733c8865f99edd983f1918c3aeb3cccf30300b17b397351409
74e3d02421a7753c30f52691f521b82ed2485c5b98bf53d62ed6ceef38e73da0
8412b4b4e2a1068766bef76d8e471814770db3dfb26585ff0de84ed8d3440168
85d000411859b6ee0de12ade81c0e38e7f448997edf95916c83e6f93cecc26ca
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
96ddd38efe76ec82a9f2b4ecb8c151aa7b202d792823131a8936fc9bd616b22a
aadc3580d2b64ff5a7e6f1425587db4e8b033efcbf8f5c332ca52a5ed580c87c
afacce23cb4feaaaef37997f8439819d8f827df4951f3ff02704c9f16fb7f53a
b1b3553abbf4d3c2e1ff047a2dd80bb6192cc2aaa675b37be942466946a779ee
badb7071cf5de1f45a6ccc948f175ff4f824a4357c284700cce366d9898a8ec2
bca1d88ada544d9c80872d4da27133fab6d347361fa26e932b47ec9559088fd0
bf579cb84b439353504b7b929c27cc4105786d5ec6a1d59706802d2cd1c819e8
c1b5a30f7f0c7d1f5563a13bed30d40107c24f7197aa2d019e6343bca555dbd9
c21e5a2b32c47bc5f9d9efc97bc0e29fd081946d1d3ebffc5621cfafb1d3960e
c407698d6b17a7a2f3880244f95bbfe780aa8e81ed1c04cc893882dd4112ef19
c447dd7677b419db7b21dbdfc6277c7816a913ffda76fd2e52702df538de0e49
c8ae96914609667e4050ad0aa04e1e53c36f6cf10908d127f63683eba016fe92
d9c998ef29f4e1023efe9cb27ff2582325ffde7ac6fe22aea112ee404ede7a80
dcd9f488bd62ba0ee403b07a97e40b9ffd63a0eff61091588c913b16d5153d48
dceebf4743064a37a804e2a05589987337cd30bc63b8938b9e65d924bfcf4fb7
e2c08b914d04fbdc9769c7cf5e87582e2d86d520e9b78207f0a5e39691d2c64c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e79eb22b03045e7faf2567cee4f13b9740b8d11d8a3d2aac1c06cb5676b6fa21
ecc12e0b2cf94ee5a23f3163274ccf84b07f345bf395cefaa66d25265e3b398a
edadfbd00e479e662bcaaac5b3ed262191483a313b777122ae2d215d87915d56
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2901dded8bf19cebee23485b8c951aaaacb87c686546c928af5b11db30d8963
f8fbf7e16e3604db25ab37c4a496865033167bb550e3b2e92f1070424f48723a
fd4801631ecd42c3f5b571b88c10aa428968ec95ebef8856fa720a45201f6cb0