www.orionhotel.com.au/
301 Moved Permanently 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: www.orionhotel.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Age: 6
Content-Length: 0
Date: Sun, 29 Jan 2023 23:21:31 GMT
Location: https://www.orionhotel.com.au/
Server: Squarespace
Set-Cookie: crumb=BUSwgfL7vfZfYWI1ZWM4ZjUxMjczZjNmNjc3MTIwYjNmMTQzMjJj;Path=/
X-Contextid: Rx3ClwUj/tOtHc886
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash a2104f935c638b4767ca5ae0d738ef23
85c6af15af749be0ceeae6de17c36925b750f166
5d4789a3696bd7faa9916768cb627bbc89bf70a756d80e53860cbac13c2bc8b1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "5D4789A3696BD7FAA9916768CB627BBC89BF70A756D80E53860CBAC13C2BC8B1"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9501
Expires: Mon, 30 Jan 2023 01:59:59 GMT
Date: Sun, 29 Jan 2023 23:21:38 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3eb88dea4fe00db1182370e72683c3ab
ca520abf1e91bfd2aef40c6a1270a911071e8922
d8083ee567c7b3023111dc30f32c94237df7db30d4d2daaea0a569e8a3069ad7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D8083EE567C7B3023111DC30F32C94237DF7DB30D4D2DAAEA0A569E8A3069AD7"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9210
Expires: Mon, 30 Jan 2023 01:55:08 GMT
Date: Sun, 29 Jan 2023 23:21:38 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 29 Jan 2023 22:43:10 GMT
content-type: application/json
age: 2308
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 302c7548412192add063ad6c8b99cf3b
e5d178931a27db036ce8daae302594d3ff7050b8
fc2bd9091006189e67e8074093805ee5492ce16e1dbfba32e083abeeae34969d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FC2BD9091006189E67E8074093805EE5492CE16E1DBFBA32E083ABEEAE34969D"
Last-Modified: Sat, 28 Jan 2023 16:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4219
Expires: Mon, 30 Jan 2023 00:31:57 GMT
Date: Sun, 29 Jan 2023 23:21:38 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: qXKlRzQQu30z7VOGFcsB/l4f42zlk0vKAfUnmlC3u2jtmxTmrhn70lPF2V0t4MFOUGaxVZSXNO0=
x-amz-request-id: S20MN501MB75N2QG
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 29 Jan 2023 22:50:30 GMT
age: 1868
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 29 Jan 2023 23:21:38 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
www.orionhotel.com.au/
200 OK 14 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (14218), with CRLF, LF line terminators
Hash 864087e6fa05fefe5d2c1aab8156b1ac
2fd76509056c901a87d2d7b322dabc9a2262dba1
444058e7adc8b647e31a93db373fc87a3f0169037ca8eb3ce30f3268b2a73b99
GET / HTTP/1.1
Host: www.orionhotel.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
accept-ranges: bytes
age: 7
content-encoding: gzip
content-type: text/html;charset=utf-8
date: Sun, 29 Jan 2023 23:21:31 GMT
etag: W/"6b2fdbc65e89dc957d93ff1d07bdbe65--gzip"
expires: Thu, 01 Jan 1970 00:00:00 GMT
server: Squarespace
set-cookie: crumb=BSjoTnbh0WPnMTkyZDE5NmIyOGZhZjE1YTEzN2JlNzQ0MTI3OTEy;Path=/
strict-transport-security: max-age=0
vary: Accept-Encoding
x-content-type-options: nosniff
x-contextid: Ul01W1gX/6xYmjyVi
content-length: 14119
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:21:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:21:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js
200 OK 33 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js
IP
File type ASCII text, with very long lines (32086)
Hash 430e927c980ad4079de727fa59dd93f2
891aaada9a55a91292999f6d50fd300439905982
e8728df8617340bd8c10bc8d27d3a725a48871a269c850e8598689938ec6e2ed
GET /ajax/libs/jquery/1/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33434
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 18:53:25 GMT
expires: Sun, 28 Jan 2024 18:53:25 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 102494
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
assets.squarespace.com/@sqs/polyfiller/1.6/modern.js
200 OK 42 kB URL HTTP/1.1 assets.squarespace.com/@sqs/polyfiller/1.6/modern.js
IP
File type Unicode text, UTF-8 text, with very long lines (43878), with NEL line terminators
Hash fe0d53a94823df972dbf107bf190771a
0ae461e408323c0dd10c6ccfb0a673c6d0a173bf
8cb58343dcef08e359f0abd73b1218780ca7ea4eab16f2d9d43ffc272ad91206
GET /@sqs/polyfiller/1.6/modern.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.orionhotel.com.au
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Mon, 31 Oct 2022 21:19:57 GMT
ETag: "fe0d53a94823df972dbf107bf190771a"
Content-Type: text/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
Content-Length: 42447
Server: UploadServer
Cache-Control: public, max-age=3600
Expires: Mon, 30 Jan 2023 00:21:39 GMT
Date: Sun, 29 Jan 2023 23:21:39 GMT
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-5b018debf7976019a67bf-min.en-US.js
200 OK 19 kB URL HTTP/1.1 assets.squarespace.com/universal/scripts-compressed/extract-css-runtime-5b018debf7976019a67bf-min.en-US.js
IP
File type ASCII text, with very long lines (45105)
Hash 931f7c2c99416e9ee0ec23b0998b4385
427659387172b8d4cbacc2aebcc0ae86a2b6ac7d
9ad201613c64671e4bbe5c222b197cd18d39df94dc640bd586b4624af7450017
GET /universal/scripts-compressed/extract-css-runtime-5b018debf7976019a67bf-min.en-US.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.orionhotel.com.au
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Accept-Ranges: bytes
Content-Length: 18910
Server: UploadServer
Last-Modified: Fri, 27 Jan 2023 22:46:07 GMT
ETag: "931f7c2c99416e9ee0ec23b0998b4385"
Content-Type: text/javascript
Cache-Control: public, max-age=3600
Expires: Mon, 30 Jan 2023 00:21:39 GMT
Date: Sun, 29 Jan 2023 23:21:39 GMT
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
assets.squarespace.com/universal/scripts-compressed/cldr-resource-pack-c6a38111aec507149cb3d-min.en-US.js
200 OK 24 kB URL HTTP/1.1 assets.squarespace.com/universal/scripts-compressed/cldr-resource-pack-c6a38111aec507149cb3d-min.en-US.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash ed50d686d52e72628c6a3bead3317fef
3f92303562b81a10265770d4e03bbb025389395b
3e3d52e4084223b62d01144a3cb828c47df819da2d2dd704bde4673be0abb6dc
GET /universal/scripts-compressed/cldr-resource-pack-c6a38111aec507149cb3d-min.en-US.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.orionhotel.com.au
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Wed, 18 Jan 2023 14:53:02 GMT
ETag: "ed50d686d52e72628c6a3bead3317fef"
Content-Type: text/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
Content-Length: 24388
Server: UploadServer
Cache-Control: public, max-age=3600
Expires: Mon, 30 Jan 2023 00:21:39 GMT
Date: Sun, 29 Jan 2023 23:21:39 GMT
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:21:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-fd2acc815706e38fcfdf0-min.en-US.js
200 OK 82 kB URL HTTP/1.1 assets.squarespace.com/universal/scripts-compressed/common-vendors-stable-fd2acc815706e38fcfdf0-min.en-US.js
IP
File type ASCII text, with very long lines (65202)
Hash c7db15035020752c23874ffad6594fb7
6b9a1745bf7dada475358d4cbdb9dfa4f6d5393f
524bac3cd54e26cd73c0fa3a4fbece0198ab0180defc7a4ad93e287a080defa2
GET /universal/scripts-compressed/common-vendors-stable-fd2acc815706e38fcfdf0-min.en-US.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.orionhotel.com.au
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Accept-Ranges: bytes
Content-Length: 81885
Server: UploadServer
Last-Modified: Wed, 18 Jan 2023 14:51:49 GMT
ETag: "c7db15035020752c23874ffad6594fb7"
Content-Type: text/javascript
Cache-Control: public, max-age=3600
Expires: Mon, 30 Jan 2023 00:21:39 GMT
Date: Sun, 29 Jan 2023 23:21:39 GMT
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
assets.squarespace.com/universal/scripts-compressed/extract-css-moment-js-vendor-5082e2dab696b020ac83a-min.en-US.js
200 OK 113 kB URL HTTP/1.1 assets.squarespace.com/universal/scripts-compressed/extract-css-moment-js-vendor-5082e2dab696b020ac83a-min.en-US.js
IP
File type Unicode text, UTF-8 text, with very long lines (6671)
Size 113 kB (113227 bytes)
Hash 77a546c78e5335ac223ce347591cf662
dbf4dc8e3debd50a31bb421ffa4be6d896f7cb9e
5335b19cd617f89ec5b884650ebf24955fb5655c77866ab4d31694af05903df3
GET /universal/scripts-compressed/extract-css-moment-js-vendor-5082e2dab696b020ac83a-min.en-US.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.orionhotel.com.au
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Mon, 21 Nov 2022 16:43:30 GMT
ETag: "77a546c78e5335ac223ce347591cf662"
Content-Type: text/javascript
Content-Encoding: gzip
Accept-Ranges: bytes
Content-Length: 113227
Server: UploadServer
Cache-Control: public, max-age=3600
Expires: Mon, 30 Jan 2023 00:21:39 GMT
Date: Sun, 29 Jan 2023 23:21:39 GMT
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
assets.squarespace.com/universal/scripts-compressed/common-vendors-232ea070335df80d4cbe6-min.en-US.js
200 OK 208 kB URL HTTP/1.1 assets.squarespace.com/universal/scripts-compressed/common-vendors-232ea070335df80d4cbe6-min.en-US.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Size 208 kB (208529 bytes)
Hash 37bb360943cd7fcc23830497b6687337
c34d9260516e9e93a23220fb6271f23ec287a1d8
6cc0096deaf29ccc12dc7e8bdf86775ab758d9f1566a5c86bca92719b5568924
GET /universal/scripts-compressed/common-vendors-232ea070335df80d4cbe6-min.en-US.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.orionhotel.com.au
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
X-GUploader-Response-Body-Transformations: gunzipped
Warning: 214 UploadServer gunzipped
Server: UploadServer
Last-Modified: Fri, 27 Jan 2023 18:16:51 GMT
ETag: W/"672b98ce7a18a6cb652a1e5f2c6d4e26"
Content-Type: text/javascript
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: public, max-age=3600
Expires: Mon, 30 Jan 2023 00:21:39 GMT
Date: Sun, 29 Jan 2023 23:21:39 GMT
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:21:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtag/js?id=AW-10996577101
200 OK 65 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=AW-10996577101
IP
File type ASCII text, with very long lines (2919)
Hash bedb1e3b64039baebb64da31595dfa61
4dc3732d7cb223f2f02597f5e6c1467fc2d5acf7
ceffa28e3e66b3683787f3303767d9ac5b66095df92a5d73d8e3c7fd701a0538
GET /gtag/js?id=AW-10996577101 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 23:21:39 GMT
expires: Sun, 29 Jan 2023 23:21:39 GMT
cache-control: private, max-age=900
last-modified: Sun, 29 Jan 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 64760
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-151711567-1
200 OK 44 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-151711567-1
IP
File type ASCII text, with very long lines (1759)
Hash f568915b38e231f1d042006b20637493
c1d7da6439eab3c8e42098abfa9e6cfef4bb62fb
adf45918eaece3c27d6ba113d28237e04ca179ec56e15bf1885225c66f351c66
GET /gtag/js?id=UA-151711567-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 23:21:39 GMT
expires: Sun, 29 Jan 2023 23:21:39 GMT
cache-control: private, max-age=900
last-modified: Sun, 29 Jan 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44095
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=$GA_TRACKING_ID$
200 OK 38 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=$GA_TRACKING_ID$
IP
File type ASCII text, with very long lines (1759)
Hash 5f3a934fdfd9571698dd533f26fd7408
2c665e4abc47c8f33d70cf6c41b39dd9ef6e212c
cb2ed6396c32a2f882ba835881a04a77e5b9d2895656312934356c9e77cb30e9
GET /gtag/js?id=$GA_TRACKING_ID$ HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 29 Jan 2023 23:21:39 GMT
expires: Sun, 29 Jan 2023 23:21:39 GMT
cache-control: private, max-age=900
last-modified: Sun, 29 Jan 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 37914
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 16a7b6a7128312e2f985d30df18c4487
6017bff79ffb525d9c7f9f32b999b74b5dc69602
663fd12209627f08e759c2ed1c76278a5da79dae1e0b46082dd1bb44775f7a16
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "663FD12209627F08E759C2ED1C76278A5DA79DAE1E0B46082DD1BB44775F7A16"
Last-Modified: Fri, 27 Jan 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7727
Expires: Mon, 30 Jan 2023 01:30:26 GMT
Date: Sun, 29 Jan 2023 23:21:39 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:21:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 75bf326700e29b1b06e57fb96ee2b064
4f979f28905b65637a058cd44be6c25bb51a42e4
385f7a9c4112c4d674264d02229719e7f82e7039e681db8aaa6685ebab2be0c1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:21:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ba2ca6af7b23ce2e11aa4f9d86e66269
212aef55d64b6add292dcf6241b16e7c93d1bae2
f163a94d190f5aeeb05b2e344bc8e1544d9701772b08585e9c92b529c8652b3d
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:21:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
images.squarespace-cdn.com/content/v1/5d5dfe215312950001765af9/1566441331136-HXYBPVWTNV7BYV5AQWQA/Orion-horizontal-logo-reverse.png?format=1500w
200 OK 12 kB URL HTTP/2 images.squarespace-cdn.com/content/v1/5d5dfe215312950001765af9/1566441331136-HXYBPVWTNV7BYV5AQWQA/Orion-horizontal-logo-reverse.png?format=1500w
IP
File type PNG image data, 595 x 283, 8-bit/color RGBA, non-interlaced\012- data
Hash ae65e461eb95c03db9d283ff3a32ae2f
0650118ccbed0402f7be884a77b7ae418af709ac
b76e594fcaf405edab3f98729c618ddf01228e05633c9d5ad45c5ce6ee8616ab
GET /content/v1/5d5dfe215312950001765af9/1566441331136-HXYBPVWTNV7BYV5AQWQA/Orion-horizontal-logo-reverse.png?format=1500w HTTP/1.1
Host: images.squarespace-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
timing-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
content-type: image/png
access-control-allow-origin: *
etag: CLLhpbqCwusCEAE=
cache-control: max-age=604800
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 29 Jan 2023 23:21:39 GMT
age: 119263
x-served-by: cache-iad-kjyo7100130-IAD, cache-bma1627-BMA
x-cache: HIT, MISS
x-cache-hits: 10, 0
x-timer: S1675034500.612903,VS0,VE92
vary: Accept-Encoding
tracepoint: Fastly
content-length: 11942
X-Firefox-Spdy: h2
static1.squarespace.com/static/sitecss/5d5dfe215312950001765af9/66/52e96934e4b0ea14d0f64568/5f028b006683a039593afe4f/1128/site.css
200 OK 62 kB URL HTTP/2 static1.squarespace.com/static/sitecss/5d5dfe215312950001765af9/66/52e96934e4b0ea14d0f64568/5f028b006683a039593afe4f/1128/site.css
IP
File type Unicode text, UTF-8 text, with very long lines (31968)
Hash a52a21f48e81ed1f7cd8e66a5b72b9ec
3c5de8d56a7d6bc2b5a3749a3d5ecc92805e1c2e
d2b04e1c7841975031e18e08c3c59d530247a0c69bdf4cbaa48bed2657a33a51
GET /static/sitecss/5d5dfe215312950001765af9/66/52e96934e4b0ea14d0f64568/5f028b006683a039593afe4f/1128/site.css HTTP/1.1
Host: static1.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: gzip
content-type: text/css; charset=UTF-8
pragma: cache
server: Squarespace
strict-transport-security: max-age=0
timing-allow-origin: *
x-content-type-options: nosniff
x-contextid: ULlnFhWR/UsYxO5rQ
content-length: 61562
cache-control: public, max-age=94608000
date: Sun, 29 Jan 2023 23:21:39 GMT
vary: Accept-Encoding, "Accept-Encoding"
tracepoint: "Akamai"
X-Firefox-Spdy: h2
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 12tqfuZ8BpIgieZdEjd5Hg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: QOX1VNIjpvgaJvPgrvXhRXvUCHg=
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:21:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:21:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:21:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:21:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
200 OK 25 kB URL HTTP/2 fonts.gstatic.com/s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 25372, version 1.0\012- data
Hash fe424f96cb627d8b835cb001af17f56e
c5b4368fed99812a99036fba86d01367b5549505
35c92598a5f32c018dc630f57b183b0284c211ce9c222e5b36840a62115262f1
GET /s/oswald/v49/TK3iWkUHHAIjg752GT8G.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.orionhotel.com.au
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 25372
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 28 Jan 2023 10:20:26 GMT
expires: Sun, 28 Jan 2024 10:20:26 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 18 Jul 2022 19:24:05 GMT
content-type: font/woff2
age: 133274
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
200 OK 45 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 44856, version 1.0\012- data
Hash 565ce506190ad3af920b40baf1794cec
ad3cba5d06100e09449a864d3b5e58403b478b3d
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
GET /s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.orionhotel.com.au
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 44856
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 23 Jan 2023 18:52:41 GMT
expires: Tue, 23 Jan 2024 18:52:41 GMT
cache-control: public, max-age=31536000
age: 534539
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
200 OK 46 kB URL HTTP/2 fonts.gstatic.com/s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 46524, version 1.0\012- data
Hash c1fd378f54921c75e4ae1821e7b8fff6
2ce96e97783b2f154d07f4464ca6f8eb2469f2c1
405ceee1c2f5c31f1cb94ebc63d49a43fddd1471c2c7401a01c7c11bb1d93826
GET /s/raleway/v28/1Ptug8zYS_SKggPNyC0ITw.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.orionhotel.com.au
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 46524
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 25 Jan 2023 03:37:22 GMT
expires: Thu, 25 Jan 2024 03:37:22 GMT
cache-control: public, max-age=31536000
age: 416658
last-modified: Mon, 18 Jul 2022 19:58:01 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:21:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
assets.squarespace.com/universal/styles-compressed/popup-overlay-948192219c3257f767ec5-min.en-US.css
200 OK 1.9 kB URL HTTP/2 assets.squarespace.com/universal/styles-compressed/popup-overlay-948192219c3257f767ec5-min.en-US.css
IP
File type ASCII text, with very long lines (8389), with no line terminators
Hash b9368f9860b350dd1f8f81629c565a30
3a33b83e77a565807ae6e6a6305345c4105ecea9
198bf5d62762d8c3afa6dc85415ddab129f1000a5aca2a4daad9465ce03825be
GET /universal/styles-compressed/popup-overlay-948192219c3257f767ec5-min.en-US.css HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Fri, 16 Sep 2022 18:47:48 GMT
etag: "b9368f9860b350dd1f8f81629c565a30"
content-type: text/css
content-encoding: gzip
accept-ranges: bytes
content-length: 1862
server: UploadServer
cache-control: public, max-age=3600
expires: Mon, 30 Jan 2023 00:21:40 GMT
date: Sun, 29 Jan 2023 23:21:40 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash db3290a85d0ba4da27406ae9636aa618
4c69da45eddd66a1e26fce5562fc45eda7005309
19db4d0cc84bff9586883a5fa69c426af0b5fc1c2760ee7c259b0307c8afa6b2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:21:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
assets.squarespace.com/universal/scripts-compressed/popup-overlay-34c26d7410c3343d62e5f-min.en-US.js
200 OK 317 kB URL HTTP/2 assets.squarespace.com/universal/scripts-compressed/popup-overlay-34c26d7410c3343d62e5f-min.en-US.js
IP
File type HTML document, ASCII text, with very long lines (65536), with no line terminators
Size 317 kB (317127 bytes)
Hash ebcaf8b5040cb453076f85d3eec0125c
fefb2541dc2987bdfcdfa2e7c8c7cbfd56ca8503
aa0070695c22d741bee1b7a4f83d7da852bd981547afc8dd4c78985f043a1ea8
GET /universal/scripts-compressed/popup-overlay-34c26d7410c3343d62e5f-min.en-US.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-encoding: gzip
accept-ranges: bytes
content-length: 317127
server: UploadServer
last-modified: Wed, 25 Jan 2023 19:04:45 GMT
etag: "ebcaf8b5040cb453076f85d3eec0125c"
content-type: text/javascript
cache-control: public, max-age=3600
expires: Mon, 30 Jan 2023 00:21:40 GMT
date: Sun, 29 Jan 2023 23:21:40 GMT
vary: Accept-Encoding
access-control-allow-methods: GET, OPTIONS
access-control-allow-origin: *
X-Firefox-Spdy: h2
images.squarespace-cdn.com/content/v1/5d5dfe215312950001765af9/1661904934823-Z1RSS9M4YFS1VV1OHRZH/ORION%2BHOTEL-15.jpg?format=1500w
200 OK 304 kB URL HTTP/2 images.squarespace-cdn.com/content/v1/5d5dfe215312950001765af9/1661904934823-Z1RSS9M4YFS1VV1OHRZH/ORION%2BHOTEL-15.jpg?format=1500w
IP
File type JPEG image data, progressive, precision 8, 1500x1000, components 3\012- data
Size 304 kB (303617 bytes)
Hash 6482e2877209f01d2d40c3b57c32d04b
532f691dd832c3d508b3b7ffd1709016f75a2b1e
ebc6aef42baddc3dcd0ef4133e6f0d4b7f8e41b525b22e93104afd6afbbbfebe
GET /content/v1/5d5dfe215312950001765af9/1661904934823-Z1RSS9M4YFS1VV1OHRZH/ORION%2BHOTEL-15.jpg?format=1500w HTTP/1.1
Host: images.squarespace-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
content-type: image/jpeg
access-control-allow-origin: *
etag: CObN6qrm7/kCEAE=
cache-control: max-age=604800
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 29 Jan 2023 23:21:40 GMT
age: 256388
x-served-by: cache-iad-kcgs7200021-IAD, cache-bma1627-BMA
x-cache: HIT, MISS
x-cache-hits: 9, 0
x-timer: S1675034500.105538,VS0,VE96
vary: Accept-Encoding
tracepoint: Fastly
content-length: 303617
X-Firefox-Spdy: h2
images.squarespace-cdn.com/content/v1/5d5dfe215312950001765af9/1594005097111-5T7M5IB72OS8C7OQL1I0/82048016_2649107428539033_1662508645448941568_o.jpg?format=1500w
200 OK 346 kB URL HTTP/2 images.squarespace-cdn.com/content/v1/5d5dfe215312950001765af9/1594005097111-5T7M5IB72OS8C7OQL1I0/82048016_2649107428539033_1662508645448941568_o.jpg?format=1500w
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 1500x1084, components 3\012- data
Size 346 kB (345681 bytes)
Hash 141d2804206ebe95853c466b64691f17
613ac72a96b7d13ebc4f074d3e04d1545e784fbd
6c38e4abdfd3f0a3459a20d03449076d9802687d9b1e221092808eeee8a83d18
GET /content/v1/5d5dfe215312950001765af9/1594005097111-5T7M5IB72OS8C7OQL1I0/82048016_2649107428539033_1662508645448941568_o.jpg?format=1500w HTTP/1.1
Host: images.squarespace-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
content-type: image/jpeg
access-control-allow-origin: *
etag: CNvcovDOwOsCEAE=
cache-control: max-age=604800
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 29 Jan 2023 23:21:40 GMT
age: 149090
x-served-by: cache-iad-kjyo7100054-IAD, cache-bma1627-BMA
x-cache: HIT, MISS
x-cache-hits: 9, 0
x-timer: S1675034500.107952,VS0,VE94
vary: Accept-Encoding
tracepoint: Fastly
content-length: 345681
X-Firefox-Spdy: h2
images.squarespace-cdn.com/content/v1/5d5dfe215312950001765af9/1655958451697-CSRPZBNCGWKUTH77KVZN/ORION+MENU+090622-243.jpg?format=1500w
200 OK 318 kB URL HTTP/2 images.squarespace-cdn.com/content/v1/5d5dfe215312950001765af9/1655958451697-CSRPZBNCGWKUTH77KVZN/ORION+MENU+090622-243.jpg?format=1500w
IP
File type JPEG image data, progressive, precision 8, 1500x1000, components 3\012- data
Size 318 kB (318048 bytes)
Hash b5699e814befab317f780b4edff22def
83f81efc7cfad8eb488bfc092be5b364a30650f2
56409f72d52915e5c8252ecdd4ed8918ae35b7d2b7c228dfa8e103d29be19520
GET /content/v1/5d5dfe215312950001765af9/1655958451697-CSRPZBNCGWKUTH77KVZN/ORION+MENU+090622-243.jpg?format=1500w HTTP/1.1
Host: images.squarespace-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
content-type: image/jpeg
access-control-allow-origin: *
etag: CPyV+vvdwvgCEAE=
cache-control: max-age=604800
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 29 Jan 2023 23:21:40 GMT
age: 149090
x-served-by: cache-iad-kiad7000068-IAD, cache-bma1627-BMA
x-cache: HIT, MISS
x-cache-hits: 8, 0
x-timer: S1675034500.120721,VS0,VE94
vary: Accept-Encoding
tracepoint: Fastly
content-length: 318048
X-Firefox-Spdy: h2
www.orionhotel.com.au/api/census/RecordHit
200 OK 17 B URL HTTP/2 www.orionhotel.com.au/api/census/RecordHit
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 5b64e8b89092b2e3dfd448b10700627f
484b3032619fa1acd135d114565b0a5166281c22
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
POST /api/census/RecordHit HTTP/1.1
Host: www.orionhotel.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded; charset=utf-8
X-CSRF-Token: BSjoTnbh0WPnMTkyZDE5NmIyOGZhZjE1YTEzN2JlNzQ0MTI3OTEy
Content-Length: 787
Origin: https://www.orionhotel.com.au
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Cookie: crumb=BSjoTnbh0WPnMTkyZDE5NmIyOGZhZjE1YTEzN2JlNzQ0MTI3OTEy; ss_cvr=4a8b3e3c-3dc1-442e-af63-1cfee90d28bf|1675034509547|1675034509547|1675034509547|1; ss_cvt=1675034509547
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: application/json;charset=utf-8
date: Sun, 29 Jan 2023 23:21:40 GMT
server: Squarespace
strict-transport-security: max-age=0
x-content-type-options: nosniff
x-contextid: Ul01W1gX/XKJ99KEG
content-length: 17
X-Firefox-Spdy: h2
www.orionhotel.com.au/api/census/button-render
200 OK 17 B URL HTTP/2 www.orionhotel.com.au/api/census/button-render
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 5b64e8b89092b2e3dfd448b10700627f
484b3032619fa1acd135d114565b0a5166281c22
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
POST /api/census/button-render HTTP/1.1
Host: www.orionhotel.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-CSRF-Token: BSjoTnbh0WPnMTkyZDE5NmIyOGZhZjE1YTEzN2JlNzQ0MTI3OTEy
Content-Length: 411
Origin: https://www.orionhotel.com.au
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Cookie: crumb=BSjoTnbh0WPnMTkyZDE5NmIyOGZhZjE1YTEzN2JlNzQ0MTI3OTEy; ss_cvr=4a8b3e3c-3dc1-442e-af63-1cfee90d28bf|1675034509547|1675034509547|1675034509547|1; ss_cvt=1675034509547
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: application/json;charset=utf-8
date: Sun, 29 Jan 2023 23:21:40 GMT
server: Squarespace
strict-transport-security: max-age=0
x-content-type-options: nosniff
x-contextid: Ul01W1gX/Pt7MRD6y
content-length: 17
X-Firefox-Spdy: h2
fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,600;0,700;1,400;1,700&family=Oswald:wght@300;400;700&family=Raleway:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,700
200 OK 1.4 kB URL HTTP/2 fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,400;0,600;0,700;1,400;1,700&family=Oswald:wght@300;400;700&family=Raleway:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,700
IP
Hash f43c488a88ee1d6b6418c556e7158198
9b2dae3b96ecc6f963e65c2f1a68989e0ffd6811
ad2a4d7c29bfce5567e1adcf34b0b5deb60bc5cb2d04bcc47cddfc8097e99cfe
GET /css2?family=Open+Sans:ital,wght@0,400;0,600;0,700;1,400;1,700&family=Oswald:wght@300;400;700&family=Raleway:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;1,300;1,700 HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 29 Jan 2023 23:21:39 GMT
date: Sun, 29 Jan 2023 23:21:39 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.orionhotel.com.au/api/census/button-render
200 OK 17 B URL HTTP/2 www.orionhotel.com.au/api/census/button-render
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 5b64e8b89092b2e3dfd448b10700627f
484b3032619fa1acd135d114565b0a5166281c22
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
POST /api/census/button-render HTTP/1.1
Host: www.orionhotel.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-CSRF-Token: BSjoTnbh0WPnMTkyZDE5NmIyOGZhZjE1YTEzN2JlNzQ0MTI3OTEy
Content-Length: 415
Origin: https://www.orionhotel.com.au
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Cookie: crumb=BSjoTnbh0WPnMTkyZDE5NmIyOGZhZjE1YTEzN2JlNzQ0MTI3OTEy; ss_cvr=4a8b3e3c-3dc1-442e-af63-1cfee90d28bf|1675034509547|1675034509547|1675034509547|1; ss_cvt=1675034509547
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: application/json;charset=utf-8
date: Sun, 29 Jan 2023 23:21:40 GMT
server: Squarespace
strict-transport-security: max-age=0
x-content-type-options: nosniff
x-contextid: Ul01W1gX/dS0AykoG
content-length: 17
X-Firefox-Spdy: h2
www.orionhotel.com.au/api/census/button-render
200 OK 17 B URL HTTP/2 www.orionhotel.com.au/api/census/button-render
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 5b64e8b89092b2e3dfd448b10700627f
484b3032619fa1acd135d114565b0a5166281c22
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
POST /api/census/button-render HTTP/1.1
Host: www.orionhotel.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-CSRF-Token: BSjoTnbh0WPnMTkyZDE5NmIyOGZhZjE1YTEzN2JlNzQ0MTI3OTEy
Content-Length: 401
Origin: https://www.orionhotel.com.au
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Cookie: crumb=BSjoTnbh0WPnMTkyZDE5NmIyOGZhZjE1YTEzN2JlNzQ0MTI3OTEy; ss_cvr=4a8b3e3c-3dc1-442e-af63-1cfee90d28bf|1675034509547|1675034509547|1675034509547|1; ss_cvt=1675034509547
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: application/json;charset=utf-8
date: Sun, 29 Jan 2023 23:21:40 GMT
server: Squarespace
strict-transport-security: max-age=0
x-content-type-options: nosniff
x-contextid: Ul01W1gX/5sfPGryM
content-length: 17
X-Firefox-Spdy: h2
www.orionhotel.com.au/api/1/performance/settings
200 OK 53 B URL HTTP/2 www.orionhotel.com.au/api/1/performance/settings
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 4554d72b308539abb07b46bd1a709c72
a1346045bcd799d78aa8faa3d3c723ba05982dac
8106ac7b046cffb221f171ff1a745a800ed05e913e8f04f3bf79d1489faba2ec
GET /api/1/performance/settings HTTP/1.1
Host: www.orionhotel.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Cookie: crumb=BSjoTnbh0WPnMTkyZDE5NmIyOGZhZjE1YTEzN2JlNzQ0MTI3OTEy; ss_cvr=4a8b3e3c-3dc1-442e-af63-1cfee90d28bf|1675034509547|1675034509547|1675034509547|1; ss_cvt=1675034509547
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json
date: Sun, 29 Jan 2023 23:21:40 GMT
server: Squarespace
vary: Accept-Encoding, User-Agent
x-contextid: Ul01W1gX/gUULJ2dJ
content-length: 53
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 14681339fc16ac120967600c85c37d96
589ed56dc45067e35e26a667ad3d9a12d0f61884
c7a020eb97f372e9325a03c89aa4d97d023f8583ea94af56ae1ffc2363ab8547
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2887
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:21:40 GMT
Last-Modified: Sun, 29 Jan 2023 22:33:33 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
connect.facebook.net/en_US/fbevents.js
200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 541db4f3f0ba067bfb58cdac34cb86f4
20e6883f068568888ce37c6b9ef8f5d12be257c0
83898f3b2da2a11996d2eb3a5115ef301255030fdf231b8bf7971916769bc7be
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: LiupVWk9CcxAJlPXu4XQQX+HiOQqzBSVspjmJxIrD7ldvkGZGJKhouFSYB9dGYqjse/hUmMug2humljfGrhMgg==
priority: u=3,i
content-length: 27815
x-fb-trip-id: 1904183273
date: Sun, 29 Jan 2023 23:21:40 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 14681339fc16ac120967600c85c37d96
589ed56dc45067e35e26a667ad3d9a12d0f61884
c7a020eb97f372e9325a03c89aa4d97d023f8583ea94af56ae1ffc2363ab8547
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2887
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:21:40 GMT
Last-Modified: Sun, 29 Jan 2023 22:33:33 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471
images.squarespace-cdn.com/content/v1/5d5dfe215312950001765af9/1566441749233-7ILJAFYHZWSJG5VFJMFE/favicon.ico?format=100w
200 OK 7.9 kB URL HTTP/2 images.squarespace-cdn.com/content/v1/5d5dfe215312950001765af9/1566441749233-7ILJAFYHZWSJG5VFJMFE/favicon.ico?format=100w
IP
File type PNG image data, 100 x 88, 8-bit/color RGB, non-interlaced\012- data
Hash c2471e58d47496c3cdbfd7bf7d58561c
1cadaf5dd2ffddaaa2390315e9244a4c762b2f6e
37f24ac6f7e0b685a1413bc43ec5b15083fb5e1f404b697aede948baa65a8b4a
GET /content/v1/5d5dfe215312950001765af9/1566441749233-7ILJAFYHZWSJG5VFJMFE/favicon.ico?format=100w HTTP/1.1
Host: images.squarespace-cdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
timing-allow-origin: *
access-control-expose-headers: Content-Length, Timing-Allow-Origin
content-type: image/png
access-control-allow-origin: *
etag: CLya2byCwusCEAE=
cache-control: max-age=604800
via: 1.1 google, 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Sun, 29 Jan 2023 23:21:40 GMT
age: 168726
x-served-by: cache-iad-kjyo7100179-IAD, cache-bma1627-BMA
x-cache: HIT, MISS
x-cache-hits: 15, 0
x-timer: S1675034500.408785,VS0,VE92
vary: Accept-Encoding
tracepoint: Fastly
content-length: 7878
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sun, 29 Jan 2023 21:45:20 GMT
expires: Sun, 29 Jan 2023 23:45:20 GMT
cache-control: public, max-age=7200
age: 5780
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:21:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/10996577101/?random=1675034509978&cv=11&fst=1675034509978&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.orionhotel.com.au%2F&tiba=Orion%20Hotel%20-%20Springfield%20Restaurant%2C%20Bar%2C%20Functions%20%26%20Gaming&auid=1941633085.1675034510&data=event%3Dgtag.config&rfmt=3&fmt=4
200 OK 922 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/10996577101/?random=1675034509978&cv=11&fst=1675034509978&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.orionhotel.com.au%2F&tiba=Orion%20Hotel%20-%20Springfield%20Restaurant%2C%20Bar%2C%20Functions%20%26%20Gaming&auid=1941633085.1675034510&data=event%3Dgtag.config&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (1981), with no line terminators
Hash a9eecb150da791040639378a3c8b7813
774638dafca1ede84533eea9169e1c1b9ad78a11
d3fe9904712935c29140971da4bb34cbcb2cf8afed11ade03fb52b58a873c989
GET /pagead/viewthroughconversion/10996577101/?random=1675034509978&cv=11&fst=1675034509978&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.orionhotel.com.au%2F&tiba=Orion%20Hotel%20-%20Springfield%20Restaurant%2C%20Bar%2C%20Functions%20%26%20Gaming&auid=1941633085.1675034510&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 23:21:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 922
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 29-Jan-2023 23:36:40 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash e9eba61fbe87bc53d60d0fdd1ba6adb4
8dbb3dfacfaad4ce0fd3a355790cb9b245e01e07
9c0233792f873315e75ce5396d1a210f2df665db23ab858a0724f66bbb4528e7
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:21:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b67335a8e235eacf68e4b7f98cc5dc40
887a9b34cf2ba9371bbe8c93e362c174668cf812
1ad2f6328af6d819acd85f4e4646afcafd945e17e555d5eeb54244db83cd48fa
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:21:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.orionhotel.com.au/api/popup-overlay/render?currentUrl=%2F
200 OK 20 kB URL HTTP/2 www.orionhotel.com.au/api/popup-overlay/render?currentUrl=%2F
IP
Hash 6a2c3602688b58292e5c32d765a0cf1f
0801e74a5fbd1c8fead3f97401995a1e8b0766e7
0574f17651a59d86f5ce5c749769cfe3085142799533463c3265fe9fdda636fd
GET /api/popup-overlay/render?currentUrl=%2F HTTP/1.1
Host: www.orionhotel.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Cookie: crumb=BSjoTnbh0WPnMTkyZDE5NmIyOGZhZjE1YTEzN2JlNzQ0MTI3OTEy; ss_cvr=4a8b3e3c-3dc1-442e-af63-1cfee90d28bf|1675034509547|1675034509547|1675034509547|1; ss_cvt=1675034509547
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-type: application/json;charset=utf-8
date: Sun, 29 Jan 2023 23:21:40 GMT
server: Squarespace
strict-transport-security: max-age=0
vary: Accept-Encoding, User-Agent
x-content-type-options: nosniff
x-contextid: Ul01W1gX/wGzOpQoL
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/10996577101/?random=1675034509978&cv=11&fst=1675033200000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.orionhotel.com.au%2F&tiba=Orion%20Hotel%20-%20Springfield%20Restaurant%2C%20Bar%2C%20Functions%20%26%20Gaming&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3364721989&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/10996577101/?random=1675034509978&cv=11&fst=1675033200000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.orionhotel.com.au%2F&tiba=Orion%20Hotel%20-%20Springfield%20Restaurant%2C%20Bar%2C%20Functions%20%26%20Gaming&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3364721989&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10996577101/?random=1675034509978&cv=11&fst=1675033200000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.orionhotel.com.au%2F&tiba=Orion%20Hotel%20-%20Springfield%20Restaurant%2C%20Bar%2C%20Functions%20%26%20Gaming&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3364721989&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 23:21:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/10996577101/?random=1675034509978&cv=11&fst=1675033200000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.orionhotel.com.au%2F&tiba=Orion%20Hotel%20-%20Springfield%20Restaurant%2C%20Bar%2C%20Functions%20%26%20Gaming&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3364721989&rmt_tld=0&ipr=y
200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/10996577101/?random=1675034509978&cv=11&fst=1675033200000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.orionhotel.com.au%2F&tiba=Orion%20Hotel%20-%20Springfield%20Restaurant%2C%20Bar%2C%20Functions%20%26%20Gaming&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3364721989&rmt_tld=0&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/10996577101/?random=1675034509978&cv=11&fst=1675033200000&bg=ffffff&guid=ON&async=1>m=2oa1p0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.orionhotel.com.au%2F&tiba=Orion%20Hotel%20-%20Springfield%20Restaurant%2C%20Bar%2C%20Functions%20%26%20Gaming&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=3364721989&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 29 Jan 2023 23:21:40 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash a369a4445d1fccf2ce045c3c4c3f3d67
d6f618e6150a4f9ac6eb5df4a503141a635605a2
d62c7913686c10d4c4b8d691d533256534da77cecc9fcf3f8aa885380dcc148b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:21:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1141ae65ad448fb3438690d5042af728
aa8b236bb1099c9440bfe3e98530939623250c03
e55eeaf5cd454042706c3e2d7d2b0211e91087b430cb5bae6b9e030392f57b4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:21:40 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.facebook.com/tr/?id=259285776359487&ev=PageView&dl=https%3A%2F%2Fwww.orionhotel.com.au%2F&rl=&if=false&ts=1675034510348&sw=1280&sh=1024&v=2.9.92&r=stable&a=plsquarespace&ec=0&o=30&fbp=fb.2.1675034510346.1040366298&it=1675034509922&coo=false&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=259285776359487&ev=PageView&dl=https%3A%2F%2Fwww.orionhotel.com.au%2F&rl=&if=false&ts=1675034510348&sw=1280&sh=1024&v=2.9.92&r=stable&a=plsquarespace&ec=0&o=30&fbp=fb.2.1675034510346.1040366298&it=1675034509922&coo=false&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=259285776359487&ev=PageView&dl=https%3A%2F%2Fwww.orionhotel.com.au%2F&rl=&if=false&ts=1675034510348&sw=1280&sh=1024&v=2.9.92&r=stable&a=plsquarespace&ec=0&o=30&fbp=fb.2.1675034510346.1040366298&it=1675034509922&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 29 Jan 2023 23:21:40 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3855
Expires: Mon, 30 Jan 2023 00:25:56 GMT
Date: Sun, 29 Jan 2023 23:21:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3855
Expires: Mon, 30 Jan 2023 00:25:56 GMT
Date: Sun, 29 Jan 2023 23:21:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3855
Expires: Mon, 30 Jan 2023 00:25:56 GMT
Date: Sun, 29 Jan 2023 23:21:41 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2a0c2c0f25bdd19baf87cbb3a87dcdb
bc78ca6206ee8cc1cc05ab7778df71c7e6d1182a
c57f26c0c2e439dc2f69181e1b2f6ae371bff9d299af739e0047eabc8bfb5a69
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C57F26C0C2E439DC2F69181E1B2F6AE371BFF9D299AF739E0047EABC8BFB5A69"
Last-Modified: Fri, 27 Jan 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3855
Expires: Mon, 30 Jan 2023 00:25:56 GMT
Date: Sun, 29 Jan 2023 23:21:41 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 51aa950d5eed7b90cab6632107092edc
e4388ced02e5576867e77547496dec1ac2338ef7
588830e5f725e8e56270565e40f817f2658b0ee7c0425d138e5f65a17ff40483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df754eb-70f9-4576-ac48-68a6ae719511.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9457
x-amzn-requestid: 7c48e5ca-2128-43da-ba83-fd91568af1ef
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkBOGHVoAMFQtw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6d4-1b850ffd543f51f92dec3894;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:20 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: soTFEnYjNcti77h3FpnztwzR7ypv68NbyoI6DxS0NhU412ykFsWAgA==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 be082a2326b7d49643607b097f1e7180.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:00:38 GMT
age: 4863
etag: "e4388ced02e5576867e77547496dec1ac2338ef7"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e1c93b4-807b-47ea-82fe-50d8216b163c.jpeg
200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e1c93b4-807b-47ea-82fe-50d8216b163c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f49153c1aade8aa30bc6c84db4fa09d7
5cce4e085c87e7fbe82907694a36a91cc1bc9bfc
3285916959352e77cdbea34515dad3b3a0315b74bca7f45a8e5a2de4661203e2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F2e1c93b4-807b-47ea-82fe-50d8216b163c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6646
x-amzn-requestid: c8a7d4b9-1a13-41c1-8391-853f03f3150c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fbvRsHiaIAMF4Yw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d49271-634529cc6844e70829b5750f;Sampled=0
x-amzn-remapped-date: Sat, 28 Jan 2023 03:11:45 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PXMbaFBZrgdsIRduRmCb8ALPII3zv7dTT4Ikn2B_Waxz3wLcp2giKQ==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 03:49:27 GMT
age: 70334
etag: "5cce4e085c87e7fbe82907694a36a91cc1bc9bfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa29141be-cb17-4a1d-a64f-9b3d296461f2.jpeg
200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa29141be-cb17-4a1d-a64f-9b3d296461f2.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 546f1cb9f94ea553ae884a6f50c6bd3d
fd08d9841bcd8864aaf2e5d93ca61b31246b6db5
5aba48ac6c65e371c6c1aeee43f97670f196d3a3933b9f5812a67be90b7dbdfa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fa29141be-cb17-4a1d-a64f-9b3d296461f2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5764
x-amzn-requestid: 33ebf979-ba40-451e-bbdb-3ee4a9dc07ae
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhksyGRVoAMF5UQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e7eb-55fcbb4d6d88dbf758409801;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:40:59 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: X3lzViVGoynSgoeenp6EIU2E3FMSRlKNGOy73pIOAASV11hOk2B4UA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 981753271eb5b6d11bc29d52f173a5da.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:11:27 GMT
age: 4214
etag: "fd08d9841bcd8864aaf2e5d93ca61b31246b6db5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F281d3bcc-ce90-407c-89ce-33d8423b4048.jpeg
200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F281d3bcc-ce90-407c-89ce-33d8423b4048.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a60c45fc1156fadfbe47afe4e9e282da
e8db47e0aa028a846fd631cf2f2d5a979ee51e08
9a91bd22d5174fc3adbc6b24de6197be4f694bc46e8cc32124212a17a5af3f5a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F281d3bcc-ce90-407c-89ce-33d8423b4048.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5462
x-amzn-requestid: 4ec670d9-7dfd-45a9-93bc-935dfd991c20
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhkF8HWWIAMFpnA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e6f2-3bda5c87690a91851b2de9e6;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:36:50 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: IktxPIqbHTkANUYO5E64t0-RHGBrPlJt-MhuQoBxKWSxhbz1wzVDEA==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 21:53:08 GMT
age: 5313
etag: "e8db47e0aa028a846fd631cf2f2d5a979ee51e08"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 3be81f83687ddb6c93d3ff3c09a9dba2
50a48e737310d3f31840db4301b25927fbcc12c5
e78c909e2381898e7f546183784a05dff47c31734c95358aaada8c2777ad47be
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd9a423a9-16ee-4e3f-b9b4-34f6a469aba9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9167
x-amzn-requestid: f644ca78-a07a-43d1-96e4-95bcdecff7fb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fPGLfFtOIAMFp7w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cf83e2-202ca7160544acd24259bd5d;Sampled=0
x-amzn-remapped-date: Tue, 24 Jan 2023 07:08:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: xRwqrWS66l4qJfg2HnGphN1dbrIUod9XKW3zTk_-Km9AQRPyV2UqWg==
via: 1.1 2dc111aa3ead15d061e41a423155a53a.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 20:46:17 GMT
age: 9324
etag: "50a48e737310d3f31840db4301b25927fbcc12c5"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57d55e9c-b793-48b6-9641-536d9d4b8a49.jpeg
200 OK 9.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57d55e9c-b793-48b6-9641-536d9d4b8a49.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7ce4f845d4cdd467b4c82d8fbeb9ae0b
68257cdadb6e13a8f7f5e2354aca225286107a79
243b58df1616fd8b78c11302dbf90c97ecb6a3b289abe5f3439252cdbf304892
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F57d55e9c-b793-48b6-9641-536d9d4b8a49.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9150
x-amzn-requestid: 2b8949c8-5c97-49f5-8784-85daa42adff1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fhj4NF1moAMFQ9A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d6e69a-2ab06022306835b013c1e46f;Sampled=0
x-amzn-remapped-date: Sun, 29 Jan 2023 21:35:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NEYfOHRSbqSqgj9m4A-z6jFKKbaiYC9DKmggHLFvSAK88FMnfXMn1Q==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 591683988172c7980c4ebb318cbf18a8.cloudfront.net (CloudFront), 1.1 google
date: Sun, 29 Jan 2023 22:23:20 GMT
age: 3501
etag: "68257cdadb6e13a8f7f5e2354aca225286107a79"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.orionhotel.com.au/api/census/overlay
200 OK 17 B URL HTTP/2 www.orionhotel.com.au/api/census/overlay
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 5b64e8b89092b2e3dfd448b10700627f
484b3032619fa1acd135d114565b0a5166281c22
f1ea07a1e51a389c8de07120ae5c2e432e9dd8f4fbd6f92489f185b0523a3fd4
POST /api/census/overlay HTTP/1.1
Host: www.orionhotel.com.au
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json;charset=utf-8
X-CSRF-Token: BSjoTnbh0WPnMTkyZDE5NmIyOGZhZjE1YTEzN2JlNzQ0MTI3OTEy
Content-Length: 392
Origin: https://www.orionhotel.com.au
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Cookie: crumb=BSjoTnbh0WPnMTkyZDE5NmIyOGZhZjE1YTEzN2JlNzQ0MTI3OTEy; ss_cvr=4a8b3e3c-3dc1-442e-af63-1cfee90d28bf|1675034509547|1675034509547|1675034509547|1; ss_cvt=1675034509547; _gcl_au=1.1.1941633085.1675034510; _ga=GA1.3.1095966277.1675034510; _gid=GA1.3.732959323.1675034510; _gat_gtag_UA_151711567_1=1; _fbp=fb.2.1675034510346.1040366298
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: application/json;charset=utf-8
date: Sun, 29 Jan 2023 23:21:41 GMT
server: Squarespace
strict-transport-security: max-age=0
x-content-type-options: nosniff
x-contextid: Ul01W1gX/ehkvz1vU
content-length: 17
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1141ae65ad448fb3438690d5042af728
aa8b236bb1099c9440bfe3e98530939623250c03
e55eeaf5cd454042706c3e2d7d2b0211e91087b430cb5bae6b9e030392f57b4b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:21:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.youtube.com/iframe_api
200 OK 63 kB URL HTTP/2 www.youtube.com/iframe_api
IP
File type ASCII text, with very long lines (509)
Hash 3db421d9ca6e2c94825ac130838287fc
0ea34ce06af84cd00b63464a5c1ba5ce06745c8f
bd5f1b53e99edc33d0b0459533ef6d1a8edf9119c0e64d6acc29414ff2dc70ab
GET /iframe_api HTTP/1.1
Host: www.youtube.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
x-content-type-options: nosniff
expires: Sun, 29 Jan 2023 23:21:41 GMT
date: Sun, 29 Jan 2023 23:21:41 GMT
cache-control: private, max-age=0
strict-transport-security: max-age=31536000
x-frame-options: SAMEORIGIN
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-wow64=*, ch-ua-platform=*, ch-ua-platform-version=*
cross-origin-resource-policy: cross-origin
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=en for more info."
content-encoding: br
server: ESF
x-xss-protection: 0
set-cookie: YSC=hC-Q3KHkvpc; Domain=.youtube.com; Path=/; Secure; HttpOnly; SameSite=none
DEVICE_INFO=ChxOekU1TkRJeE9EUXdNek00T0RNME9EWXhNUT09EIX/254GGIX/254G; Domain=.youtube.com; Expires=Fri, 28-Jul-2023 23:21:41 GMT; Path=/; Secure; HttpOnly; SameSite=none
VISITOR_INFO1_LIVE=iGVERkLAReU; Domain=.youtube.com; Expires=Fri, 28-Jul-2023 23:21:41 GMT; Path=/; Secure; HttpOnly; SameSite=none
CONSENT=PENDING+206; expires=Tue, 28-Jan-2025 23:21:41 GMT; path=/; domain=.youtube.com; Secure
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
200 OK 15 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15344, version 1.0\012- data
Hash 5d4aeb4e5f5ef754e307d7ffaef688bd
06db651cdf354c64a7383ea9c77024ef4fb4cef8
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
GET /s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15344
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 21:48:03 GMT
expires: Fri, 26 Jan 2024 21:48:03 GMT
cache-control: public, max-age=31536000
age: 264818
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
200 OK 16 kB URL HTTP/2 fonts.gstatic.com/s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 15552, version 1.0\012- data
Hash 285467176f7fe6bb6a9c6873b3dad2cc
ea04e4ff5142ddd69307c183def721a160e0a64e
5a8c1e7681318caa29e9f44e8a6e271f6a4067a2703e9916dfd4fe9099241db7
GET /s/roboto/v18/KFOlCnqEu92Fr1MmEU9fBBc4.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 15552
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 26 Jan 2023 16:40:43 GMT
expires: Fri, 26 Jan 2024 16:40:43 GMT
cache-control: public, max-age=31536000
age: 283258
last-modified: Mon, 16 Oct 2017 17:33:02 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d12e9ff2f182d3ce52d59d589ab5a61d
1d39c5eed0a766cbee2fe1f0729eab7472f56d7f
e675272e9b74782eb09ee52be90da7a92ba0cbe71fccba9bd8c4416e4817b13b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:21:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
static.doubleclick.net/instream/ad_status.js
200 OK 29 B URL HTTP/2 static.doubleclick.net/instream/ad_status.js
IP
Hash 1fa71744db23d0f8df9cce6719defcb7
e4be9b7136697942a036f97cf26ebaf703ad2067
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
GET /instream/ad_status.js HTTP/1.1
Host: static.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 29
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 29 Jan 2023 23:12:52 GMT
expires: Sun, 29 Jan 2023 23:27:52 GMT
cache-control: public, max-age=900
age: 530
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
redirector.googlevideo.com/initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&pxtags=Cg4KAnR4EggyNDQxNjQzOQ&rxtags=Cg4KAnR4EggyNDQxNjQzNg%2CCg4KAnR4EggyNDQxNjQzNw%2CCg4KAnR4EggyNDQxNjQzOA%2CCg4KAnR4EggyNDQxNjQzOQ%2CCg4KAnR4EggyNDQxNjQ0MA%2CCg4KAnR4EggyNDQxNjQ0MQ%2CCg4KAnR4EggyNDQxNjQ0Mg&alr=yes&id=92902
200 OK 291 B URL HTTP/2 redirector.googlevideo.com/initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&pxtags=Cg4KAnR4EggyNDQxNjQzOQ&rxtags=Cg4KAnR4EggyNDQxNjQzNg%2CCg4KAnR4EggyNDQxNjQzNw%2CCg4KAnR4EggyNDQxNjQzOA%2CCg4KAnR4EggyNDQxNjQzOQ%2CCg4KAnR4EggyNDQxNjQ0MA%2CCg4KAnR4EggyNDQxNjQ0MQ%2CCg4KAnR4EggyNDQxNjQ0Mg&alr=yes&id=92902
IP
File type ASCII text, with very long lines (507), with no line terminators
Hash 93d931a04f91545de5f9e009884aed8d
f10d2167d62e008dc9e36f8be2152ac00175c42c
df9640fdb8773396c17c3706d4986e7d0b05306ba13cd47e14e5e419a8e3598a
GET /initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=3200&ovd=3200&oaad=3200&oavd=3200&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&pxtags=Cg4KAnR4EggyNDQxNjQzOQ&rxtags=Cg4KAnR4EggyNDQxNjQzNg%2CCg4KAnR4EggyNDQxNjQzNw%2CCg4KAnR4EggyNDQxNjQzOA%2CCg4KAnR4EggyNDQxNjQzOQ%2CCg4KAnR4EggyNDQxNjQ0MA%2CCg4KAnR4EggyNDQxNjQ0MQ%2CCg4KAnR4EggyNDQxNjQ0Mg&alr=yes&id=92902 HTTP/1.1
Host: redirector.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 29 Jan 2023 23:21:42 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
timing-allow-origin: https://www.youtube.com
access-control-expose-headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
content-type: text/plain; charset=UTF-8
content-encoding: gzip
server: ClientMapServer
content-length: 291
x-xss-protection: 0
x-frame-options: SAMEORIGIN
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 29 Jan 2023 23:21:42 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash d12e9ff2f182d3ce52d59d589ab5a61d
1d39c5eed0a766cbee2fe1f0729eab7472f56d7f
e675272e9b74782eb09ee52be90da7a92ba0cbe71fccba9bd8c4416e4817b13b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:21:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
200 OK 31 kB URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create
IP
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash aa4694aba12e91e9963cf00088b6f239
657d90f95bc99ee48bb022ecfb83c218ac515a6e
75913a7270717351009541f28a20e3354511331ca7068ee9e8e9441a0a0a7ce3
POST /$rpc/google.internal.waa.v1.Waa/Create HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 24
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 29 Jan 2023 23:21:42 GMT
server: ESF
cache-control: private
content-length: 30804
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ce1fd91d2179b7bf172f2a7a06e90350
35531bf84512254dd147f3299a95f037b6d8f751
5b160d0d93fb0033edd3970f69dad2ae46e0f93a61977020450927a7deac40f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:21:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6c754739b42f49d4f916eeddf5e0ad0b
dbd00615dd46df6aebbf184c5a674500fca79409
8cc3bb1dc1272a7db571c09fcd67fce2b6cc1e1c23daaa725c40ba5b66b204d6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:21:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 396adb11852bf0c95309fe796b6b6030
cc1fd1dbf17d167ea6a6b917bc9a843508a4c1ce
76807c74093cff97273accde56193ed2bf3312fa6357369f02eabf863af53c01
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:21:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.ytimg.com/vi/vrHZ7DC1pY8/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGH8gPCgXMA8=&rs=AOn4CLD8eSoq89RMp1OwhmJ4JqdB72uMyA
200 OK 37 kB URL HTTP/2 i.ytimg.com/vi/vrHZ7DC1pY8/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGH8gPCgXMA8=&rs=AOn4CLD8eSoq89RMp1OwhmJ4JqdB72uMyA
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 640x480, components 3\012- data
Hash a56fc27665e4fe7bef1e435d326ef9b5
d39473a7441fa324967dfe18a17ee2b8fed40c70
00c1307418cb22a1193aa931a993c7fad143eacd9eb1dab2a372a91f5238dd62
GET /vi/vrHZ7DC1pY8/sddefault.jpg?sqp=-oaymwEmCIAFEOAD8quKqQMa8AEB-AH-CYAC0AWKAgwIABABGH8gPCgXMA8=&rs=AOn4CLD8eSoq89RMp1OwhmJ4JqdB72uMyA HTTP/1.1
Host: i.ytimg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: image/jpeg
vary: Origin
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
timing-allow-origin: *
content-length: 37181
date: Sun, 29 Jan 2023 23:21:42 GMT
expires: Mon, 30 Jan 2023 01:21:42 GMT
cache-control: public, max-age=7200
etag: "0"
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 396adb11852bf0c95309fe796b6b6030
cc1fd1dbf17d167ea6a6b917bc9a843508a4c1ce
76807c74093cff97273accde56193ed2bf3312fa6357369f02eabf863af53c01
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:21:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
yt3.ggpht.com/ytc/AL5GRJXLcnydcyVgv6SEwpc3fHxgKEqiNku8VD79Rms=s68-c-k-c0x00ffffff-no-rj
200 OK 1.6 kB URL HTTP/2 yt3.ggpht.com/ytc/AL5GRJXLcnydcyVgv6SEwpc3fHxgKEqiNku8VD79Rms=s68-c-k-c0x00ffffff-no-rj
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, Exif Standard: [TIFF image data, little-endian, direntries=2, software=Google], baseline, precision 8, 68x68, components 3\012- data
Hash fdca30d3fccbeeff4ffc0c487ab6f076
1b575f12c45ebf4df046b0c84ec039b4d4d5d414
f441b71f3c69b230c05115aac23b77714b5bc5e1db2c84eef892c8be0978f497
GET /ytc/AL5GRJXLcnydcyVgv6SEwpc3fHxgKEqiNku8VD79Rms=s68-c-k-c0x00ffffff-no-rj HTTP/1.1
Host: yt3.ggpht.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-expose-headers: Content-Length
etag: "v42"
expires: Mon, 30 Jan 2023 23:21:42 GMT
cache-control: public, max-age=86400, no-transform
content-disposition: inline;filename="unnamed.jpg"
content-type: image/jpeg
vary: Origin
access-control-allow-origin: *
timing-allow-origin: *
x-content-type-options: nosniff
date: Sun, 29 Jan 2023 23:21:42 GMT
server: fife
content-length: 1583
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash ce1fd91d2179b7bf172f2a7a06e90350
35531bf84512254dd147f3299a95f037b6d8f751
5b160d0d93fb0033edd3970f69dad2ae46e0f93a61977020450927a7deac40f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:21:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 0 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Referer: https://www.youtube.com/
Origin: https://www.youtube.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://www.youtube.com
vary: origin, referer, x-origin
access-control-allow-credentials: true
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-max-age: 3600
date: Sun, 29 Jan 2023 23:21:42 GMT
content-type: text/html
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
200 OK 110 B URL HTTP/2 jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash c7867cb5e4c416c38b810e2e0e9a21a4
5b48933174d8f602fe1d8c455582e6ceb9d31962
cc3047bd6adc260dbc3ffc54a0d4be676346b151bbcdbbba9a0e160121e2a60f
POST /$rpc/google.internal.waa.v1.Waa/GenerateIT HTTP/1.1
Host: jnn-pa.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
Content-Type: application/json+protobuf
X-User-Agent: grpc-web-javascript/0.1
Content-Length: 1204
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json+protobuf; charset=UTF-8
vary: Origin, X-Origin, Referer
content-encoding: gzip
date: Sun, 29 Jan 2023 23:21:42 GMT
server: ESF
cache-control: private
content-length: 110
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
access-control-allow-credentials: true
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6c754739b42f49d4f916eeddf5e0ad0b
dbd00615dd46df6aebbf184c5a674500fca79409
8cc3bb1dc1272a7db571c09fcd67fce2b6cc1e1c23daaa725c40ba5b66b204d6
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:21:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r1---sn-capm-vnae.googlevideo.com/initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=0&ovd=0&oaad=0&oavd=0&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&pxtags=Cg4KAnR4EggyNDQxNjQzOQ&rxtags=Cg4KAnR4EggyNDQxNjQzNg%2CCg4KAnR4EggyNDQxNjQzNw%2CCg4KAnR4EggyNDQxNjQzOA%2CCg4KAnR4EggyNDQxNjQzOQ%2CCg4KAnR4EggyNDQxNjQ0MA%2CCg4KAnR4EggyNDQxNjQ0MQ%2CCg4KAnR4EggyNDQxNjQ0Mg&ms=au&id=beb1d9ec30b5a58f&cpn=9IS7dIkzadWlFLKH&opr=1&por=1&rn=1
200 OK 10 kB URL HTTP/1.1 r1---sn-capm-vnae.googlevideo.com/initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=0&ovd=0&oaad=0&oavd=0&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&pxtags=Cg4KAnR4EggyNDQxNjQzOQ&rxtags=Cg4KAnR4EggyNDQxNjQzNg%2CCg4KAnR4EggyNDQxNjQzNw%2CCg4KAnR4EggyNDQxNjQzOA%2CCg4KAnR4EggyNDQxNjQzOQ%2CCg4KAnR4EggyNDQxNjQ0MA%2CCg4KAnR4EggyNDQxNjQ0MQ%2CCg4KAnR4EggyNDQxNjQ0Mg&ms=au&id=beb1d9ec30b5a58f&cpn=9IS7dIkzadWlFLKH&opr=1&por=1&rn=1
IP
ASN #50304 Blix Solutions AS
Hash c44120726c1aa669c798f2a4cb9c00b2
60573dca14ed96f6a35d848801e5a5252511bd7d
fa07c0488cb29d089bb07e756528a2eba08f8b71b88ef15e09267f5dffe9b086
POST /initplayback?source=youtube&oeis=1&ip=91.90.42.154&c=WEB_EMBEDDED_PLAYER&oad=0&ovd=0&oaad=0&oavd=0&ocs=700&oewis=1&oputc=1&ofpcc=1&msp=1&odepv=1&pxtags=Cg4KAnR4EggyNDQxNjQzOQ&rxtags=Cg4KAnR4EggyNDQxNjQzNg%2CCg4KAnR4EggyNDQxNjQzNw%2CCg4KAnR4EggyNDQxNjQzOA%2CCg4KAnR4EggyNDQxNjQzOQ%2CCg4KAnR4EggyNDQxNjQ0MA%2CCg4KAnR4EggyNDQxNjQ0MQ%2CCg4KAnR4EggyNDQxNjQ0Mg&ms=au&id=beb1d9ec30b5a58f&cpn=9IS7dIkzadWlFLKH&opr=1&por=1&rn=1 HTTP/1.1
Host: r1---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 3602
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 29 Jan 2023 23:21:42 GMT
Expires: Mon, 30 Jan 2023 23:21:42 GMT
Cache-Control: public, max-age=86400
Content-Type: application/vnd.yt-ump
Transfer-Encoding: chunked
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1675056102&ei=hv_WY-yOG9eQv_IP0JKe6AQ&ip=91.90.42.154&id=o-ACHIGdbWiZrC0j84Wmh3B0XUqKPxTzZVudPYodfiN4HK&itag=251&source=youtube&requiressl=yes&mh=T2&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2477500&spc=H3gIhqDdMIsbbiBMT0YXlDf61ZtiLJo&vprv=1&mime=audio%2Fwebm&ns=aTmcTba83CKBwW-wbUDZrS8L&gir=yes&clen=1557113&dur=94.021&lmt=1662192582665335&mt=1675034222&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=5r9aWNECZ19nNw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgKh5et8zC8NgRTrC5YU2jpm5QXbdazLGT139R1eDwDTsCIQCLdfK-S1gUM13M0SADJl5LWEHtXrUKjmpUB-2bV_a-Ag%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgE_9CQXLHg8XvEAF_o-BMEALFCB4zvHKxURDi-3vrXn0CIGwO54ahOxVBQNy8MqpFsLy7i7K3Fd6fWe5iRS6DoVGt&alr=yes&cpn=9IS7dIkzadWlFLKH&cver=1.20230111.01.00&range=0-65968&rn=3&rbuf=0&pot=DzvwHDCMj-J5O8hwN5MfVH1rTNcki-QjSg73_JBM2WWwtiiy47JAka5DB2KAyyZWFag906-RrNxKrt-l4BfmgVRU-r6uxC_sNrPfgBl_pBJt6m0Wl76Udh0zrBEMxW1NTMa8N-U=
200 OK 1.2 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1675056102&ei=hv_WY-yOG9eQv_IP0JKe6AQ&ip=91.90.42.154&id=o-ACHIGdbWiZrC0j84Wmh3B0XUqKPxTzZVudPYodfiN4HK&itag=251&source=youtube&requiressl=yes&mh=T2&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2477500&spc=H3gIhqDdMIsbbiBMT0YXlDf61ZtiLJo&vprv=1&mime=audio%2Fwebm&ns=aTmcTba83CKBwW-wbUDZrS8L&gir=yes&clen=1557113&dur=94.021&lmt=1662192582665335&mt=1675034222&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=5r9aWNECZ19nNw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgKh5et8zC8NgRTrC5YU2jpm5QXbdazLGT139R1eDwDTsCIQCLdfK-S1gUM13M0SADJl5LWEHtXrUKjmpUB-2bV_a-Ag%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgE_9CQXLHg8XvEAF_o-BMEALFCB4zvHKxURDi-3vrXn0CIGwO54ahOxVBQNy8MqpFsLy7i7K3Fd6fWe5iRS6DoVGt&alr=yes&cpn=9IS7dIkzadWlFLKH&cver=1.20230111.01.00&range=0-65968&rn=3&rbuf=0&pot=DzvwHDCMj-J5O8hwN5MfVH1rTNcki-QjSg73_JBM2WWwtiiy47JAka5DB2KAyyZWFag906-RrNxKrt-l4BfmgVRU-r6uxC_sNrPfgBl_pBJt6m0Wl76Udh0zrBEMxW1NTMa8N-U=
IP
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1164), with no line terminators
Hash 2923e57a2969270253b97320cb27c95e
9fdfb210e09cb4e5d60696a3f82404ffcf075ff3
d4b72c57f0562932e158d14170327afda2b9251fd1ee9403f404f8ae9be814c7
POST /videoplayback?expire=1675056102&ei=hv_WY-yOG9eQv_IP0JKe6AQ&ip=91.90.42.154&id=o-ACHIGdbWiZrC0j84Wmh3B0XUqKPxTzZVudPYodfiN4HK&itag=251&source=youtube&requiressl=yes&mh=T2&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2477500&spc=H3gIhqDdMIsbbiBMT0YXlDf61ZtiLJo&vprv=1&mime=audio%2Fwebm&ns=aTmcTba83CKBwW-wbUDZrS8L&gir=yes&clen=1557113&dur=94.021&lmt=1662192582665335&mt=1675034222&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=5r9aWNECZ19nNw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgKh5et8zC8NgRTrC5YU2jpm5QXbdazLGT139R1eDwDTsCIQCLdfK-S1gUM13M0SADJl5LWEHtXrUKjmpUB-2bV_a-Ag%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgE_9CQXLHg8XvEAF_o-BMEALFCB4zvHKxURDi-3vrXn0CIGwO54ahOxVBQNy8MqpFsLy7i7K3Fd6fWe5iRS6DoVGt&alr=yes&cpn=9IS7dIkzadWlFLKH&cver=1.20230111.01.00&range=0-65968&rn=3&rbuf=0&pot=DzvwHDCMj-J5O8hwN5MfVH1rTNcki-QjSg73_JBM2WWwtiiy47JAka5DB2KAyyZWFag906-RrNxKrt-l4BfmgVRU-r6uxC_sNrPfgBl_pBJt6m0Wl76Udh0zrBEMxW1NTMa8N-U= HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Sun, 29 Jan 2023 23:21:42 GMT
Expires: Sun, 29 Jan 2023 23:21:42 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1164
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1675056102&ei=hv_WY-yOG9eQv_IP0JKe6AQ&ip=91.90.42.154&id=o-ACHIGdbWiZrC0j84Wmh3B0XUqKPxTzZVudPYodfiN4HK&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313&source=youtube&requiressl=yes&mh=T2&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2477500&spc=H3gIhqDdMIsbbiBMT0YXlDf61ZtiLJo&vprv=1&mime=video%2Fwebm&ns=aTmcTba83CKBwW-wbUDZrS8L&gir=yes&clen=4401205&dur=94.000&lmt=1662192564562965&mt=1675034222&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=5r9aWNECZ19nNw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgA-A9TRUL2JTFlnUrrXWjJ8GWue6qz_6i9x4HVu3QnlgCIQC02OnXOdF-PXFLUHoebvrgs9tPADWGxIKRHMmT-bLodg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgE_9CQXLHg8XvEAF_o-BMEALFCB4zvHKxURDi-3vrXn0CIGwO54ahOxVBQNy8MqpFsLy7i7K3Fd6fWe5iRS6DoVGt&alr=yes&cpn=9IS7dIkzadWlFLKH&cver=1.20230111.01.00&range=0-112858&rn=2&rbuf=0&pot=DzvwHDCMj-J5O8hwN5MfVH1rTNcki-QjSg73_JBM2WWwtiiy47JAka5DB2KAyyZWFag906-RrNxKrt-l4BfmgVRU-r6uxC_sNrPfgBl_pBJt6m0Wl76Udh0zrBEMxW1NTMa8N-U=
200 OK 1.3 kB URL HTTP/1.1 rr2---sn-capm-vnae.googlevideo.com/videoplayback?expire=1675056102&ei=hv_WY-yOG9eQv_IP0JKe6AQ&ip=91.90.42.154&id=o-ACHIGdbWiZrC0j84Wmh3B0XUqKPxTzZVudPYodfiN4HK&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313&source=youtube&requiressl=yes&mh=T2&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2477500&spc=H3gIhqDdMIsbbiBMT0YXlDf61ZtiLJo&vprv=1&mime=video%2Fwebm&ns=aTmcTba83CKBwW-wbUDZrS8L&gir=yes&clen=4401205&dur=94.000&lmt=1662192564562965&mt=1675034222&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=5r9aWNECZ19nNw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgA-A9TRUL2JTFlnUrrXWjJ8GWue6qz_6i9x4HVu3QnlgCIQC02OnXOdF-PXFLUHoebvrgs9tPADWGxIKRHMmT-bLodg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgE_9CQXLHg8XvEAF_o-BMEALFCB4zvHKxURDi-3vrXn0CIGwO54ahOxVBQNy8MqpFsLy7i7K3Fd6fWe5iRS6DoVGt&alr=yes&cpn=9IS7dIkzadWlFLKH&cver=1.20230111.01.00&range=0-112858&rn=2&rbuf=0&pot=DzvwHDCMj-J5O8hwN5MfVH1rTNcki-QjSg73_JBM2WWwtiiy47JAka5DB2KAyyZWFag906-RrNxKrt-l4BfmgVRU-r6uxC_sNrPfgBl_pBJt6m0Wl76Udh0zrBEMxW1NTMa8N-U=
IP
ASN #50304 Blix Solutions AS
File type ASCII text, with very long lines (1256), with no line terminators
Hash 1bc3f389518e399cca848cff1d38da0d
0d819d01fa21cc82f952256d655a4c1092f5f98c
2509629f6bfb4db98cbd37b31811f57d8062590c87b8f4ce296680de61de5cce
POST /videoplayback?expire=1675056102&ei=hv_WY-yOG9eQv_IP0JKe6AQ&ip=91.90.42.154&id=o-ACHIGdbWiZrC0j84Wmh3B0XUqKPxTzZVudPYodfiN4HK&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313&source=youtube&requiressl=yes&mh=T2&mm=31%2C29&mn=sn-capm-vnae%2Csn-5goeenez&ms=au%2Crdu&mv=m&mvi=2&pl=21&initcwndbps=2477500&spc=H3gIhqDdMIsbbiBMT0YXlDf61ZtiLJo&vprv=1&mime=video%2Fwebm&ns=aTmcTba83CKBwW-wbUDZrS8L&gir=yes&clen=4401205&dur=94.000&lmt=1662192564562965&mt=1675034222&fvip=3&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=5r9aWNECZ19nNw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgA-A9TRUL2JTFlnUrrXWjJ8GWue6qz_6i9x4HVu3QnlgCIQC02OnXOdF-PXFLUHoebvrgs9tPADWGxIKRHMmT-bLodg%3D%3D&lsparams=mh%2Cmm%2Cmn%2Cms%2Cmv%2Cmvi%2Cpl%2Cinitcwndbps&lsig=AG3C_xAwRAIgE_9CQXLHg8XvEAF_o-BMEALFCB4zvHKxURDi-3vrXn0CIGwO54ahOxVBQNy8MqpFsLy7i7K3Fd6fWe5iRS6DoVGt&alr=yes&cpn=9IS7dIkzadWlFLKH&cver=1.20230111.01.00&range=0-112858&rn=2&rbuf=0&pot=DzvwHDCMj-J5O8hwN5MfVH1rTNcki-QjSg73_JBM2WWwtiiy47JAka5DB2KAyyZWFag906-RrNxKrt-l4BfmgVRU-r6uxC_sNrPfgBl_pBJt6m0Wl76Udh0zrBEMxW1NTMa8N-U= HTTP/1.1
Host: rr2---sn-capm-vnae.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/plain
Last-Modified: Wed, 02 May 2007 10:26:10 GMT
Date: Sun, 29 Jan 2023 23:21:42 GMT
Expires: Sun, 29 Jan 2023 23:21:42 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 1256
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f46cb65637deb5974c35a7ea841e05ae
f408f24b842bcdc96b053cdd99bed7072f0eb5bf
fde02da6b3d5378de8b5845e30b5ed5002fc6f721743e6492f458f4d168bddf2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:21:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f46cb65637deb5974c35a7ea841e05ae
f408f24b842bcdc96b053cdd99bed7072f0eb5bf
fde02da6b3d5378de8b5845e30b5ed5002fc6f721743e6492f458f4d168bddf2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:21:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr4---sn-5go7ynld.googlevideo.com/videoplayback?expire=1675056102&ei=hv_WY-yOG9eQv_IP0JKe6AQ&ip=91.90.42.154&id=o-ACHIGdbWiZrC0j84Wmh3B0XUqKPxTzZVudPYodfiN4HK&itag=251&source=youtube&requiressl=yes&spc=H3gIhqDdMIsbbiBMT0YXlDf61ZtiLJo&vprv=1&mime=audio%2Fwebm&ns=aTmcTba83CKBwW-wbUDZrS8L&gir=yes&clen=1557113&dur=94.021&lmt=1662192582665335&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=5r9aWNECZ19nNw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgKh5et8zC8NgRTrC5YU2jpm5QXbdazLGT139R1eDwDTsCIQCLdfK-S1gUM13M0SADJl5LWEHtXrUKjmpUB-2bV_a-Ag%3D%3D&alr=yes&cpn=9IS7dIkzadWlFLKH&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=T2&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1675034468&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgY-Y_hi7EDNynfdMd9xkD8AqQGcDUx6WL_jfxYiE22gICIQCMLjJy3dKTk-lnyV5QoDSNZ7IKP6KCm69UbS4nkwfOTw%3D%3D&range=0-65968&rn=4&rbuf=0&pot=DzvwHDCMj-J5O8hwN5MfVH1rTNcki-QjSg73_JBM2WWwtiiy47JAka5DB2KAyyZWFag906-RrNxKrt-l4BfmgVRU-r6uxC_sNrPfgBl_pBJt6m0Wl76Udh0zrBEMxW1NTMa8N-U=
200 OK 66 kB URL HTTP/1.1 rr4---sn-5go7ynld.googlevideo.com/videoplayback?expire=1675056102&ei=hv_WY-yOG9eQv_IP0JKe6AQ&ip=91.90.42.154&id=o-ACHIGdbWiZrC0j84Wmh3B0XUqKPxTzZVudPYodfiN4HK&itag=251&source=youtube&requiressl=yes&spc=H3gIhqDdMIsbbiBMT0YXlDf61ZtiLJo&vprv=1&mime=audio%2Fwebm&ns=aTmcTba83CKBwW-wbUDZrS8L&gir=yes&clen=1557113&dur=94.021&lmt=1662192582665335&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=5r9aWNECZ19nNw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgKh5et8zC8NgRTrC5YU2jpm5QXbdazLGT139R1eDwDTsCIQCLdfK-S1gUM13M0SADJl5LWEHtXrUKjmpUB-2bV_a-Ag%3D%3D&alr=yes&cpn=9IS7dIkzadWlFLKH&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=T2&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1675034468&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgY-Y_hi7EDNynfdMd9xkD8AqQGcDUx6WL_jfxYiE22gICIQCMLjJy3dKTk-lnyV5QoDSNZ7IKP6KCm69UbS4nkwfOTw%3D%3D&range=0-65968&rn=4&rbuf=0&pot=DzvwHDCMj-J5O8hwN5MfVH1rTNcki-QjSg73_JBM2WWwtiiy47JAka5DB2KAyyZWFag906-RrNxKrt-l4BfmgVRU-r6uxC_sNrPfgBl_pBJt6m0Wl76Udh0zrBEMxW1NTMa8N-U=
IP
File type WebM\012- EBML file, creator webmB\20\012- data
Hash d4006f0038253d4af994a0796a479f0f
ff51a556d4fe3f709d033e76e8516e266516f503
83e3f37e60bcbc01ccffbe73d24d5fca99bbf6dfdd440475671650f392660db0
POST /videoplayback?expire=1675056102&ei=hv_WY-yOG9eQv_IP0JKe6AQ&ip=91.90.42.154&id=o-ACHIGdbWiZrC0j84Wmh3B0XUqKPxTzZVudPYodfiN4HK&itag=251&source=youtube&requiressl=yes&spc=H3gIhqDdMIsbbiBMT0YXlDf61ZtiLJo&vprv=1&mime=audio%2Fwebm&ns=aTmcTba83CKBwW-wbUDZrS8L&gir=yes&clen=1557113&dur=94.021&lmt=1662192582665335&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5318224&n=5r9aWNECZ19nNw&sparams=expire%2Cei%2Cip%2Cid%2Citag%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgKh5et8zC8NgRTrC5YU2jpm5QXbdazLGT139R1eDwDTsCIQCLdfK-S1gUM13M0SADJl5LWEHtXrUKjmpUB-2bV_a-Ag%3D%3D&alr=yes&cpn=9IS7dIkzadWlFLKH&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=T2&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1675034468&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIgY-Y_hi7EDNynfdMd9xkD8AqQGcDUx6WL_jfxYiE22gICIQCMLjJy3dKTk-lnyV5QoDSNZ7IKP6KCm69UbS4nkwfOTw%3D%3D&range=0-65968&rn=4&rbuf=0&pot=DzvwHDCMj-J5O8hwN5MfVH1rTNcki-QjSg73_JBM2WWwtiiy47JAka5DB2KAyyZWFag906-RrNxKrt-l4BfmgVRU-r6uxC_sNrPfgBl_pBJt6m0Wl76Udh0zrBEMxW1NTMa8N-U= HTTP/1.1
Host: rr4---sn-5go7ynld.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 03 Sep 2022 08:09:42 GMT
Content-Type: audio/webm
Date: Sun, 29 Jan 2023 23:21:42 GMT
Expires: Sun, 29 Jan 2023 23:21:42 GMT
Cache-Control: private, max-age=21300
Accept-Ranges: bytes
Content-Length: 65969
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Content-Type-Options: nosniff
Server: gvs 1.0
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash f46cb65637deb5974c35a7ea841e05ae
f408f24b842bcdc96b053cdd99bed7072f0eb5bf
fde02da6b3d5378de8b5845e30b5ed5002fc6f721743e6492f458f4d168bddf2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 29 Jan 2023 23:21:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
rr4---sn-5go7ynld.googlevideo.com/videoplayback?expire=1675056102&ei=hv_WY-yOG9eQv_IP0JKe6AQ&ip=91.90.42.154&id=o-ACHIGdbWiZrC0j84Wmh3B0XUqKPxTzZVudPYodfiN4HK&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313&source=youtube&requiressl=yes&spc=H3gIhqDdMIsbbiBMT0YXlDf61ZtiLJo&vprv=1&mime=video%2Fwebm&ns=aTmcTba83CKBwW-wbUDZrS8L&gir=yes&clen=4401205&dur=94.000&lmt=1662192564562965&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=5r9aWNECZ19nNw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgA-A9TRUL2JTFlnUrrXWjJ8GWue6qz_6i9x4HVu3QnlgCIQC02OnXOdF-PXFLUHoebvrgs9tPADWGxIKRHMmT-bLodg%3D%3D&alr=yes&cpn=9IS7dIkzadWlFLKH&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=T2&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1675034468&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAJpTEf0oLMub0MVhIG3yz62UTLRwsYQv8RaBTMlZlREGAiA_tEaALEOU8N3fCOz86D8kXEDyiZxnARxsJP0KRuBlLw%3D%3D&range=0-112858&rn=5&rbuf=0&pot=DzvwHDCMj-J5O8hwN5MfVH1rTNcki-QjSg73_JBM2WWwtiiy47JAka5DB2KAyyZWFag906-RrNxKrt-l4BfmgVRU-r6uxC_sNrPfgBl_pBJt6m0Wl76Udh0zrBEMxW1NTMa8N-U=
200 OK 113 kB URL HTTP/1.1 rr4---sn-5go7ynld.googlevideo.com/videoplayback?expire=1675056102&ei=hv_WY-yOG9eQv_IP0JKe6AQ&ip=91.90.42.154&id=o-ACHIGdbWiZrC0j84Wmh3B0XUqKPxTzZVudPYodfiN4HK&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313&source=youtube&requiressl=yes&spc=H3gIhqDdMIsbbiBMT0YXlDf61ZtiLJo&vprv=1&mime=video%2Fwebm&ns=aTmcTba83CKBwW-wbUDZrS8L&gir=yes&clen=4401205&dur=94.000&lmt=1662192564562965&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=5r9aWNECZ19nNw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgA-A9TRUL2JTFlnUrrXWjJ8GWue6qz_6i9x4HVu3QnlgCIQC02OnXOdF-PXFLUHoebvrgs9tPADWGxIKRHMmT-bLodg%3D%3D&alr=yes&cpn=9IS7dIkzadWlFLKH&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=T2&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1675034468&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAJpTEf0oLMub0MVhIG3yz62UTLRwsYQv8RaBTMlZlREGAiA_tEaALEOU8N3fCOz86D8kXEDyiZxnARxsJP0KRuBlLw%3D%3D&range=0-112858&rn=5&rbuf=0&pot=DzvwHDCMj-J5O8hwN5MfVH1rTNcki-QjSg73_JBM2WWwtiiy47JAka5DB2KAyyZWFag906-RrNxKrt-l4BfmgVRU-r6uxC_sNrPfgBl_pBJt6m0Wl76Udh0zrBEMxW1NTMa8N-U=
IP
File type WebM\012- EBML file, creator webmB\20\012- data
Size 113 kB (112859 bytes)
Hash 2c8a960209814cfca7cc98bb16c5501f
22c52d4992f4a4ade04e6b69cadf2c944808ef29
97ee8f91c54a691e29e0f840ec52cccc04ef1dc2e88c74ef2a0dec6bcdf777a9
POST /videoplayback?expire=1675056102&ei=hv_WY-yOG9eQv_IP0JKe6AQ&ip=91.90.42.154&id=o-ACHIGdbWiZrC0j84Wmh3B0XUqKPxTzZVudPYodfiN4HK&itag=243&aitags=133%2C134%2C135%2C136%2C137%2C160%2C242%2C243%2C244%2C247%2C248%2C271%2C278%2C313&source=youtube&requiressl=yes&spc=H3gIhqDdMIsbbiBMT0YXlDf61ZtiLJo&vprv=1&mime=video%2Fwebm&ns=aTmcTba83CKBwW-wbUDZrS8L&gir=yes&clen=4401205&dur=94.000&lmt=1662192564562965&keepalive=yes&fexp=24007246&c=WEB_EMBEDDED_PLAYER&txp=5319224&n=5r9aWNECZ19nNw&sparams=expire%2Cei%2Cip%2Cid%2Caitags%2Csource%2Crequiressl%2Cspc%2Cvprv%2Cmime%2Cns%2Cgir%2Cclen%2Cdur%2Clmt&sig=AOq0QJ8wRQIgA-A9TRUL2JTFlnUrrXWjJ8GWue6qz_6i9x4HVu3QnlgCIQC02OnXOdF-PXFLUHoebvrgs9tPADWGxIKRHMmT-bLodg%3D%3D&alr=yes&cpn=9IS7dIkzadWlFLKH&cver=1.20230111.01.00&redirect_counter=1&cm2rm=sn-capm-vnae7l&cms_redirect=yes&cmsv=e&mh=T2&mm=29&mn=sn-5go7ynld&ms=rdu&mt=1675034468&mv=m&mvi=4&pl=21&lsparams=mh,mm,mn,ms,mv,mvi,pl&lsig=AG3C_xAwRQIhAJpTEf0oLMub0MVhIG3yz62UTLRwsYQv8RaBTMlZlREGAiA_tEaALEOU8N3fCOz86D8kXEDyiZxnARxsJP0KRuBlLw%3D%3D&range=0-112858&rn=5&rbuf=0&pot=DzvwHDCMj-J5O8hwN5MfVH1rTNcki-QjSg73_JBM2WWwtiiy47JAka5DB2KAyyZWFag906-RrNxKrt-l4BfmgVRU-r6uxC_sNrPfgBl_pBJt6m0Wl76Udh0zrBEMxW1NTMa8N-U= HTTP/1.1
Host: rr4---sn-5go7ynld.googlevideo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 2
Origin: https://www.youtube.com
Connection: keep-alive
Referer: https://www.youtube.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Last-Modified: Sat, 03 Sep 2022 08:09:24 GMT
Content-Type: video/webm
Date: Sun, 29 Jan 2023 23:21:43 GMT
Expires: Sun, 29 Jan 2023 23:21:43 GMT
Cache-Control: private, max-age=21299
Accept-Ranges: bytes
Content-Length: 112859
Connection: keep-alive
Alt-Svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
Access-Control-Allow-Origin: https://www.youtube.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: https://www.youtube.com
Access-Control-Expose-Headers: Client-Protocol, Content-Length, Content-Type, X-Bandwidth-Est, X-Bandwidth-Est2, X-Bandwidth-Est3, X-Bandwidth-App-Limited, X-Bandwidth-Est-App-Limited, X-Bandwidth-Est-Comp, X-Bandwidth-Avg, X-Head-Time-Millis, X-Head-Time-Sec, X-Head-Seqnum, X-Response-Itag, X-Restrict-Formats-Hint, X-Sequence-Num, X-Segment-Lmt, X-Walltime-Ms
Vary: Origin
Cross-Origin-Resource-Policy: cross-origin
X-Restrict-Formats-Hint: None
X-Content-Type-Options: nosniff
Server: gvs 1.0
assets.squarespace.com/universal/scripts-compressed/common-aa081490e226e362278bd-min.en-US.js
200 OK 0 B URL HTTP/1.1 assets.squarespace.com/universal/scripts-compressed/common-aa081490e226e362278bd-min.en-US.js
IP
GET /universal/scripts-compressed/common-aa081490e226e362278bd-min.en-US.js HTTP/1.1
Host: assets.squarespace.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.orionhotel.com.au
Connection: keep-alive
Referer: https://www.orionhotel.com.au/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Accept-Ranges: bytes
Content-Length: 364741
Server: UploadServer
Last-Modified: Fri, 27 Jan 2023 18:44:33 GMT
ETag: "4c737dbb263e16f1ae2c73d359b6f430"
Content-Type: text/javascript
Cache-Control: public, max-age=3600
Expires: Mon, 30 Jan 2023 00:21:39 GMT
Date: Sun, 29 Jan 2023 23:21:39 GMT
Connection: keep-alive
Vary: Accept-Encoding
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
198.49.23.144
104.88.26.232
23.36.77.32
93.184.220.29
0.0.0.0