r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 9fbe85f42e8ae8ae41cc12df5f98b141
949fa36ff0f22f72565fd584bef094dd4de23037
184d3e4df4bce559b4d7c4836372f5fd2de9782a96b04d364230b7d695d737d8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "184D3E4DF4BCE559B4D7C4836372F5FD2DE9782A96B04D364230B7D695D737D8"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12250
Expires: Fri, 27 Jan 2023 03:04:47 GMT
Date: Thu, 26 Jan 2023 23:40:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14147
Expires: Fri, 27 Jan 2023 03:36:24 GMT
Date: Thu, 26 Jan 2023 23:40:37 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bf0c602d32b3c14606f22a86183b5e3c
6eabd8d83475eba731968abe1a05a8bfd272f160
6c6a7c519a9e950c2445ed874a25211a94dd4d3cf3afb0103af9dcd1dbd5ff9e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Backoff, Content-Length, Retry-After, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 26 Jan 2023 22:42:56 GMT
content-type: application/json
age: 3461
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
hoteldel.com/events/thanksgiving/
141.193.213.10301 Moved Permanently 162 B URL HTTP/1.1 hoteldel.com/events/thanksgiving/
IP 141.193.213.10:0
ASN #209242 Cloudflare London, LLC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /events/thanksgiving/ HTTP/1.1
Host: hoteldel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 26 Jan 2023 23:40:37 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://hoteldel.com/events/thanksgiving/
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=aG1wl3D7f5hcLiatnNny8Ph%2FaXoDHhtmsnuZI2kvywoJmoy64HNDUQs%2Fn3AMGk2pR0wGHPFnI%2BiU0jBOH9XM7MuAIftpx3yOBrU16g1FKq0pOpCGU%2BV%2F8lrnHbD%2BRw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78fd183eaf21b515-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6940
Expires: Fri, 27 Jan 2023 01:36:17 GMT
Date: Thu, 26 Jan 2023 23:40:37 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: YVAebA26QudJFqdCZACDh2s3pD2XPX7UkYIh23beFchF5e61+S9xb4C8xGC2l2m9W3f9kPMfHVQ=
x-amz-request-id: QKWMF6W82FQR3XZM
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 26 Jan 2023 22:49:10 GMT
age: 3087
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 23:40:37 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Pragma, ETag, Retry-After, Content-Type, Content-Length, Expires, Cache-Control, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 26 Jan 2023 22:49:01 GMT
age: 3097
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash c398b6b39d11d25b8ae9bc5cd94a1c98
640aa8c399ced71d0c2a9f5a90fbaf091b01d642
a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8582
Expires: Fri, 27 Jan 2023 02:03:40 GMT
Date: Thu, 26 Jan 2023 23:40:38 GMT
Connection: keep-alive
push.services.mozilla.com/
52.43.251.236101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.251.236:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: FC4zgDl9iseR4samlWSQHg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: +MQPte8D1BWpETu+HCLRqi/V+30=
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 111 kB IP 142.250.74.131:0
Size 111 kB (111060 bytes)
Hash f6ea9c236c3a56b829aaaf1e071b9bb9
50355ba0e99018ab00a5d54649311664a4833035
35a58f316072d361b25356a37b08719c7de3f2670f5e458baf7163ab525164ab
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:40:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
assets.adobedtm.com/launch-EN02272261e0b845508227acf3ca0c37de.min.js
2.18.172.233200 OK 122 kB URL HTTP/2 assets.adobedtm.com/launch-EN02272261e0b845508227acf3ca0c37de.min.js
IP 2.18.172.233:0
File type ASCII text, with very long lines (32721)
Size 122 kB (122485 bytes)
Hash eedaa5df8121366de6d39a880135c6fc
82ae255f31d5486364f100d5f8f0f81954bab533
8ff30fe320b5b245f0d54752700a4b63a6a6551a3988492fb0a8bb167c876f3b
GET /launch-EN02272261e0b845508227acf3ca0c37de.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "54f2b9be201a96aaccf86a7e6e036793:1674168970.402456"
last-modified: Thu, 19 Jan 2023 22:56:10 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Fri, 27 Jan 2023 00:40:39 GMT
date: Thu, 26 Jan 2023 23:40:39 GMT
content-length: 122485
access-control-allow-origin: https://hoteldel.com
timing-allow-origin: *
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-THXPFB6
142.250.74.168200 OK 128 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-THXPFB6
IP 142.250.74.168:0
File type ASCII text, with very long lines (47826)
Size 128 kB (127474 bytes)
Hash bc540ac3e27df82ef8f4a64603997c89
dfaa13765c2e676b1b15255ddda7f784669ec644
b48082d97bd56f502635e0ebfd872234dac41f8aae92cffff8ae7b4eab34fc64
GET /gtm.js?id=GTM-THXPFB6 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 26 Jan 2023 23:40:39 GMT
expires: Thu, 26 Jan 2023 23:40:39 GMT
cache-control: private, max-age=900
last-modified: Thu, 26 Jan 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 55550
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 82e3abc4a7b17efedca67cf215f4bb60
e20e55d87591af7db3a4bcfc429048f85e389b85
df8901d4d87686fb11e17986f5d53cf513f675b4dd71f0a2e35c7ffbefa7fb9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:40:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 5.9 kB IP 142.250.74.131:0
Hash 9ceb7d6cc8791428121bf7e1903e0921
8f7193e9cc89f2d911ffcddfe593501516ae45a2
d755efc64058b349fee4e53fb2d06049984a62fc38f39419cefbfc4dc1ebeaa2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:40:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2013561.fls.doubleclick.net/activityi;src=2013561;type=micro372;cat=delma0;u1=SANQQQQ;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4265426481846.2505?
142.250.74.134200 OK 32 kB URL HTTP/2 2013561.fls.doubleclick.net/activityi;src=2013561;type=micro372;cat=delma0;u1=SANQQQQ;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4265426481846.2505?
IP 142.250.74.134:0
File type ASCII text, with very long lines (65447)
Hash c2ef1034eee001948ec01c18f9a50ad9
4ae3d356494c669bd35a51666c01f609a099ae33
6f0181fd47e6a7f5180b23c3ac0bf93ef752a4a626479cb5be4640995bda0308
GET /activityi;src=2013561;type=micro372;cat=delma0;u1=SANQQQQ;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4265426481846.2505? HTTP/1.1
Host: 2013561.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 23:40:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 231
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 26-Jan-2023 23:55:39 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash a74494062e6a7972fc90481d1e630c64
ffe981a21eb348523070407acd3cdd38e3d2246c
d203fd0d814143acff3b5ffbe352337fb0e5d4c283b945ff74f9085b22d42840
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:40:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_AudienceManagement.min.js
2.18.172.233200 OK 8.8 kB URL HTTP/2 assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_AudienceManagement.min.js
IP 2.18.172.233:0
File type exported SGML document, ASCII text, with very long lines (24999)
Hash 753f93d291c48425bacf2eb9b49af1b8
57addc900449e93b1ffdb17b801924ef04882423
ba0b01787fff115c87c40274a96f4df218c04625dbd64887e44c34ba4552882c
GET /extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_AudienceManagement.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "d220d501715e0484d0dddeac614f902c:1663863410.217006"
last-modified: Thu, 22 Sep 2022 16:16:50 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 8755
expires: Fri, 27 Jan 2023 00:40:39 GMT
date: Thu, 26 Jan 2023 23:40:39 GMT
cache-control: no-cache
access-control-allow-origin: https://hoteldel.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/5e68f1ab8856/6f5249f15557/000ff25a67a5/EX9d85f19b2bb9438d88e8200a247afa89-libraryCode_source.min.js
2.18.172.233200 OK 14 kB URL HTTP/2 assets.adobedtm.com/5e68f1ab8856/6f5249f15557/000ff25a67a5/EX9d85f19b2bb9438d88e8200a247afa89-libraryCode_source.min.js
IP 2.18.172.233:0
File type ASCII text, with very long lines (32747)
Hash 4f8958f27327b8441e17666376e63edb
846745ec17359f9e8c859d013397fda166a606e5
3803d247dc18741584676feb73add914e3fe034a9b82bb03bc245ed7216f5d46
GET /5e68f1ab8856/6f5249f15557/000ff25a67a5/EX9d85f19b2bb9438d88e8200a247afa89-libraryCode_source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "27b5941ea36dee80992801b7d8b8efaf:1674168971.208224"
last-modified: Thu, 19 Jan 2023 22:56:11 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Fri, 27 Jan 2023 00:40:39 GMT
date: Thu, 26 Jan 2023 23:40:39 GMT
content-length: 14051
access-control-allow-origin: https://hoteldel.com
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 3.9 kB URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 1dc29dc05526a06ba5d83bc1f63e9ad4
14257a3618ce498472ef1f04ad3f406ed6746a6f
f33f073ececb6add0c54d37905a8b91444160433ee590588529ba817bdd4eafd
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=104017
Date: Thu, 26 Jan 2023 23:40:39 GMT
Etag: "63d1fdbe-1d7"
Expires: Sat, 28 Jan 2023 04:34:16 GMT
Last-Modified: Thu, 26 Jan 2023 04:12:46 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Wws2j1-y2Z3YcEl7IShGniDZf3fIbLhot-FSlWm3GSkt1xAXHEXP3w==
Age: 1290
consent.trustarc.com/notice?domain=hiltongdpr.com&c=teconsent>m=1&text=true&pcookie&js=nj¬iceType=bb&oc=1
54.230.111.76200 OK 4.2 kB URL HTTP/2 consent.trustarc.com/notice?domain=hiltongdpr.com&c=teconsent>m=1&text=true&pcookie&js=nj¬iceType=bb&oc=1
IP 54.230.111.76:0
File type ASCII text, with very long lines (2892)
Hash 77ef05883ae47b13c8cb628c05ea0239
be5945c4c0287aa5bf5c210e8ab41c410a9d7f67
3f4f0a0784b9b65676e79740931812193a6708e6894825284358a2b7f1b1ed14
GET /notice?domain=hiltongdpr.com&c=teconsent>m=1&text=true&pcookie&js=nj¬iceType=bb&oc=1 HTTP/1.1
Host: consent.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 4164
date: Thu, 26 Jan 2023 23:40:39 GMT
content-encoding: gzip
expires: Fri, 27 Jan 2023 00:40:39 GMT
cache-control: max-age=3600
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cloudfront-viewer-country: NO
timing-allow-origin: *
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PhroKKal18FYRHJHhMqNzGcujhL_C7KauKVEpcbse2kmEPZFXTNwig==
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash dfa9dc702504acce47cb04d6a8baca2c
1f929541d4bd86c02ab87572391767192b098c7e
d11455044effe3f1093b7655fb5ac5ef7f36bd8c71f989217d8de54066ca1b79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5542
Cache-Control: max-age=115125
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:40:39 GMT
Etag: "63d21886-1d7"
Expires: Sat, 28 Jan 2023 07:39:24 GMT
Last-Modified: Thu, 26 Jan 2023 06:07:02 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 97ccaa279f6ade845b71b57615d40388
5186089108dca0136feab418da66a9e027c7e427
515128c713e98c9a0546c35d9a1e0719057136509b5b2312e4af56a9acc80ec2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:40:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
js.adsrvr.org/up_loader.1.1.0.js
54.230.241.118200 OK 1.9 kB URL HTTP/1.1 js.adsrvr.org/up_loader.1.1.0.js
IP 54.230.241.118:0
File type ASCII text, with very long lines (4593), with no line terminators
Hash 8dc722d27824e60548fd25752623cd07
33d66ad1a4a162e2d6c9ed732d6c9af79635fc4d
14ce9119fe06fb2d363ba3c824e9f5b3f212f1f39dfab38c836fa13a20daec1b
GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Thu, 26 Jan 2023 06:03:08 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 9BDoQhsiiigVDHCj3jQOrz9lSVAWOpMn5vFHryMwhX09ltOJnjlwGw==
Age: 63453
dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1674776439389
34.251.134.200302 Found 0 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1674776439389
IP 34.251.134.200:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1674776439389 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hoteldel.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-0f45dc272.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1674776439389
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=79351333194971403520906713570976091839; Max-Age=15552000; Expires=Tue, 25 Jul 2023 23:40:39 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: u+uEQxAURoU=
Content-Length: 0
Connection: keep-alive
adservice.google.com/ddm/fls/i/src=2013561;type=micro372;cat=delma0;u1=SANQQQQ;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4265426481846.2505;~oref=https://hoteldel.com/
142.250.74.34200 OK 231 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=2013561;type=micro372;cat=delma0;u1=SANQQQQ;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4265426481846.2505;~oref=https://hoteldel.com/
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (463), with no line terminators
Hash 2c965bc60d9304665c5cdd2f05d4f29a
43b2aac65c5d5401a1527c551d9d69ef1555e953
247be492dfeb36165f675a2e3844d8f07b332a8e5e09b609ac79410bce4b158a
GET /ddm/fls/i/src=2013561;type=micro372;cat=delma0;u1=SANQQQQ;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4265426481846.2505;~oref=https://hoteldel.com/ HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2013561.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 23:40:39 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 231
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
consent.trustarc.com/log?domain=hiltongdpr.com&country=no&state=&behavior=expressed&c=c7ec
54.230.111.76200 OK 43 B URL HTTP/2 consent.trustarc.com/log?domain=hiltongdpr.com&country=no&state=&behavior=expressed&c=c7ec
IP 54.230.111.76:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /log?domain=hiltongdpr.com&country=no&state=&behavior=expressed&c=c7ec HTTP/1.1
Host: consent.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 43
date: Thu, 26 Jan 2023 23:40:39 GMT
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PkyMekZyoBpsXQXx2YXNezEcQUAlmWOo-X2tVvSK1ENEHBXqieAAcw==
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
X-Firefox-Spdy: h2
dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1674776439389
34.251.134.200200 OK 124 B URL HTTP/1.1 dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1674776439389
IP 34.251.134.200:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1f6783349ac4177ec3b3845fd520dca6
d84e7a43a8c8ff6f1a568ad6cb4162767f5b32b7
64bc30aa6a9d9e5396bb67c6af32c31f5ca6610641f0bdea10d759281df6adca
GET /id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1674776439389 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hoteldel.com
Content-Type: application/x-www-form-urlencoded
Referer: https://hoteldel.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hoteldel.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-085e2ce89.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-Error: 172
X-TID: kbnpyhurRJ0=
Content-Length: 124
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 97ccaa279f6ade845b71b57615d40388
5186089108dca0136feab418da66a9e027c7e427
515128c713e98c9a0546c35d9a1e0719057136509b5b2312e4af56a9acc80ec2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:40:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
consent.trustarc.com/noticemsg?action=consent&domain=hiltongdpr.com&behavior=expressed&country=no&language=en&rand=0.22840981699990615
54.230.111.76200 OK 43 B URL HTTP/2 consent.trustarc.com/noticemsg?action=consent&domain=hiltongdpr.com&behavior=expressed&country=no&language=en&rand=0.22840981699990615
IP 54.230.111.76:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /noticemsg?action=consent&domain=hiltongdpr.com&behavior=expressed&country=no&language=en&rand=0.22840981699990615 HTTP/1.1
Host: consent.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 43
date: Thu, 26 Jan 2023 23:40:39 GMT
cache-control: max-age=3600
pragma: no-cache
expires: Fri, 27 Jan 2023 00:40:39 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cloudfront-viewer-country: NO
timing-allow-origin: *
x-cache: Miss from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5akW4ciBKtZ4hpZtk0gliXNU7_n5gPeZMOl61LF3QWpR06_WSQPrsQ==
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c8a0d6bc80301700d6fb1d520beb8b49
f33a1a1e491fcd6ca31360b28b092457a2d48f23
ef0535b52ccb717c1200d5974ea8841b92f655234d67ace0e71c1ec7f5fbb3f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:40:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
assets.adobedtm.com/5e68f1ab8856/6f5249f15557/000ff25a67a5/RCe267924711084c2ea517049a0a0b2543-source.min.js
2.18.172.233200 OK 787 B URL HTTP/2 assets.adobedtm.com/5e68f1ab8856/6f5249f15557/000ff25a67a5/RCe267924711084c2ea517049a0a0b2543-source.min.js
IP 2.18.172.233:0
File type ASCII text, with very long lines (1191)
Hash 7b1e7179f2af29ef28ec111675a45082
f030dcee2703fbcbeca5717f5491a76edd385d7c
690f6632691bda326958dd810af10ccd2f765ef6a1e00250dff773cb4f21e83f
GET /5e68f1ab8856/6f5249f15557/000ff25a67a5/RCe267924711084c2ea517049a0a0b2543-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "27b5941ea36dee80992801b7d8b8efaf:1674168971.208224"
last-modified: Thu, 19 Jan 2023 22:56:11 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Fri, 27 Jan 2023 00:40:39 GMT
date: Thu, 26 Jan 2023 23:40:39 GMT
content-length: 787
access-control-allow-origin: https://hoteldel.com
timing-allow-origin: *
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=2013561;type=micro372;cat=delma0;u1=SANQQQQ;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4265426481846.2505;~oref=https://hoteldel.com/
142.250.74.66200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=2013561;type=micro372;cat=delma0;u1=SANQQQQ;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4265426481846.2505;~oref=https://hoteldel.com/
IP 142.250.74.66:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=2013561;type=micro372;cat=delma0;u1=SANQQQQ;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=4265426481846.2505;~oref=https://hoteldel.com/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 23:40:39 GMT
expires: Thu, 26 Jan 2023 23:40:39 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c8a0d6bc80301700d6fb1d520beb8b49
f33a1a1e491fcd6ca31360b28b092457a2d48f23
ef0535b52ccb717c1200d5974ea8841b92f655234d67ace0e71c1ec7f5fbb3f4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:40:39 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
consent-pref.trustarc.com/images/loading.gif
54.230.111.52200 OK 2.6 kB URL HTTP/2 consent-pref.trustarc.com/images/loading.gif
IP 54.230.111.52:0
File type GIF image data, version 89a, 31 x 31\012- data
Hash 394bafc3cc4dfb3a0ee48c1f54669539
5640ea4d0eba1c390f587ec69463c9a5196b7fa2
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
GET /images/loading.gif HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 2608
server: nginx
accept-ranges: bytes
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
date: Thu, 26 Jan 2023 01:26:00 GMT
etag: W/"2608-1672991998000"
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _XIp9_G9GKlYpu9rqKY5yKuDBgZucO7B_DhFz6lYyF3yRVOW6Qp-xA==
age: 80080
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Origin
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8841
Expires: Fri, 27 Jan 2023 02:08:01 GMT
Date: Thu, 26 Jan 2023 23:40:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8841
Expires: Fri, 27 Jan 2023 02:08:01 GMT
Date: Thu, 26 Jan 2023 23:40:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8841
Expires: Fri, 27 Jan 2023 02:08:01 GMT
Date: Thu, 26 Jan 2023 23:40:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8841
Expires: Fri, 27 Jan 2023 02:08:01 GMT
Date: Thu, 26 Jan 2023 23:40:40 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash bd56ce22720c6e6072efdabae64669fd
29194390d12177fe0d88e1bd2fb4436509366a1c
c41996d83d942ca58a13e2d1adfd171cf26a84bc9b7fdbd1ca941eb0269b5404
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C41996D83D942CA58A13E2D1ADFD171CF26A84BC9B7FDBD1CA941EB0269B5404"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8841
Expires: Fri, 27 Jan 2023 02:08:01 GMT
Date: Thu, 26 Jan 2023 23:40:40 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b7a0759c043594fbe85af422b59b8227
a05cfaad16078f42218dae233da38f6f5dff8487
e898d6ef1b3998fb9322a8fc190069ec5f7b3582bfe8397a2367497d84a27549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb887e5-87fa-4855-b0ee-712d39779fa0.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11568
x-amzn-requestid: 79b70f1f-a157-4dd4-8743-825714195b3c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e9T3UGA3oAMFSlQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c86695-36e60aba09c152c73b8aefcb;Sampled=0
x-amzn-remapped-date: Wed, 18 Jan 2023 21:37:25 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: zt4bgV2C6Wb_Ufa5mZ7-UDTfCvhXJggPJw9668v5DEmyBnWZ-aNrCg==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 943c6a4d4ee43b18ee91634536f53eae.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 23:01:22 GMT
age: 2358
etag: "a05cfaad16078f42218dae233da38f6f5dff8487"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47dfbf8f-d762-4550-83d7-2992a8c8fe66.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47dfbf8f-d762-4550-83d7-2992a8c8fe66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bad60daf652c598a06510ff955137b69
235bf4642e726bb6a303fe1b69238e2e973414cb
d655c5ac17274a30a89c31674e14dc9c1b6bc39bfff94db1c9ff0d8006bb673b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F47dfbf8f-d762-4550-83d7-2992a8c8fe66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12508
x-amzn-requestid: 68787c38-72fe-4d8a-9521-aeb9efa56b05
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBYWyGIHoAMF-LQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca075e-1ee9488d2dd0437728beac94;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 03:15:42 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 2RZzMCqjRpKbm-g_6vAq1YV4LQ5RAB9HrkKCQx_ah4C6PnAzHZpKCg==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 18:49:04 GMT
age: 17496
etag: "235bf4642e726bb6a303fe1b69238e2e973414cb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5623b111-3a93-4843-8a40-550089a3d3eb.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5623b111-3a93-4843-8a40-550089a3d3eb.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a5de6b54196befa95e9291a051c645d0
e3100707a4e9b1d5c30223d31f58cd6ee8ad010b
5bcc3dd7011df4e17d7ef86d892fedeca14b0d0eabbe782fecf35c9a82b25e40
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5623b111-3a93-4843-8a40-550089a3d3eb.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7804
x-amzn-requestid: 4cd6ed50-202c-4e57-94db-cc6585dca5b1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLQWuH20oAMFxzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdfa91-05441777646d154650c97512;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 03:10:09 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: D6nD7sD6FQavjUir9rxJlh9U2reSno5qNQ0qQdG4iS6hscVfSHdBCQ==
via: 1.1 9b311162717b41c968f6f00426d88aaa.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 22:01:13 GMT
age: 5967
etag: "e3100707a4e9b1d5c30223d31f58cd6ee8ad010b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33883a9-7857-4110-892f-73f67db692bc.jpeg
34.120.237.76200 OK 9.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33883a9-7857-4110-892f-73f67db692bc.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a85badd84c0542610b94f22c4f265511
5b490095b5e02d9fef4b762888353998b645dfc9
23d6d9848caf36f0556438c371f112b40dcbf9b08b8b27bd37d4d73960c701c1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd33883a9-7857-4110-892f-73f67db692bc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9482
x-amzn-requestid: 825c5e6b-8fda-445e-9ed3-f5d634943c00
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fIZd0HqkIAMFn7g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ccd5f1-2b31fe3001a1b04a406ff7ff;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 06:21:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: i5KrM3iFZQcfmxq0qPhIUYRIqfWbEF8k9qmZAq8Fq_MTRX34HKiU8w==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 05:18:54 GMT
age: 66106
etag: "5b490095b5e02d9fef4b762888353998b645dfc9"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbccadbe9-ae35-4a03-bf17-9342e0629c81.jpeg
34.120.237.76200 OK 4.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbccadbe9-ae35-4a03-bf17-9342e0629c81.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6e96f3ea585b5fa8ed6446ed16e2b4b2
f90c205f370a2426dffe3c21b24bfa551b385556
6967ba25887f87200fcb39a3e6f065fd27596b2ebcf0d33a2751c655d6e724f2
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbccadbe9-ae35-4a03-bf17-9342e0629c81.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4272
x-amzn-requestid: e051c22b-c2ec-4e59-b29b-ba1464d8015b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fRz28G13oAMFeeQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d099c5-48b013ff34b9702a6d2fd560;Sampled=0
x-amzn-remapped-date: Wed, 25 Jan 2023 02:53:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: X4SfAYS0JvW4sUNqSuBERNBwaI_xgKugxZ76_fsih_LSnImMC7Pnzg==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 12:54:20 GMT
age: 38780
etag: "f90c205f370a2426dffe3c21b24bfa551b385556"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23169a26-33f3-4f92-9612-02bf2555d37c.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23169a26-33f3-4f92-9612-02bf2555d37c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7d2506ac511dfbea29e29ab14ba10f85
b2e2972ffa82b103c62ffde0fca99454e12d95e6
fbe6f833114208d84033ba691a74da18d641e38f0f327c752333a339f1baae34
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F23169a26-33f3-4f92-9612-02bf2555d37c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5263
x-amzn-requestid: ea2f25ff-f62a-4850-a9d1-72f26d817faf
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLzOkGtWoAMFV0A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ce325d-39e5ed054ead447d3cedf047;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 07:08:13 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: BcMB1y0etnIGvZr54EllkdEOlahZGTjgrw2-3FYu3WET2f5lDLV1dw==
via: 1.1 86b676273517904f44af31586adb06ae.cloudfront.net (CloudFront), 1.1 e66162aafd55b64ba1478ff7105150fa.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:24:02 GMT
age: 8198
etag: "b2e2972ffa82b103c62ffde0fca99454e12d95e6"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html
54.230.111.52200 OK 47 kB URL HTTP/2 consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html
IP 54.230.111.52:0
Hash c4dce7042ffce0cc818a3db36d48a8de
0efe29a0dd7797239b5c29891f9d8f98bc0332ad
0bf400a0bf5fc91f69b9714f1691bcd44689dea747214cf0930c68e393eae85c
GET /defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Wed, 18 Jan 2023 05:03:36 GMT
server: nginx
etag: W/"142492-1672992016000"
last-modified: Fri, 06 Jan 2023 08:00:16 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: p0zRLKf3k8-oYPDC-sE3jByYavmy4EpnyD5EP8qUiN-DeJ2QER8dMA==
age: 758224
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
dp58aslhmbcib.cloudfront.net/static/cache/css/output.34846959e9a8.css
54.230.245.62200 OK 332 B URL HTTP/2 dp58aslhmbcib.cloudfront.net/static/cache/css/output.34846959e9a8.css
IP 54.230.245.62:0
File type ASCII text, with very long lines (2522), with no line terminators
Hash 001907b87e05991d1961f86f1ce7a0bb
e09fcef2012ab21ec2a1e8697bcbbcbd498084b0
bf6395a520565dc78675aa52d7d8c9f07d7e6ef37fbbb8738cc261535a60ba68
GET /static/cache/css/output.34846959e9a8.css HTTP/1.1
Host: dp58aslhmbcib.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fareharbor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 332
date: Tue, 17 Jan 2023 01:07:51 GMT
cache-control: public
content-encoding: gzip
etag: "63c20eb1-9da"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Sat, 14 Jan 2023 02:08:49 GMT
server: nginx/1.22.1
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-fh-loadbalancer: production-appservers_docker-a-0
x-xss-protection: 1; mode=block
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IJO4icASZVUnjFh5yP-jqBQNWbYniyQVX_69Q05Tj27X6-NWUbb7MQ==
age: 858769
X-Firefox-Spdy: h2
smetric.hilton.com/id?d_visid_ver=5.5.0&d_fieldgroup=MC&mcorgid=F0C120B3534685700A490D45%40AdobeOrg&ts=1674776439966
13.37.25.97200 OK 48 B URL HTTP/2 smetric.hilton.com/id?d_visid_ver=5.5.0&d_fieldgroup=MC&mcorgid=F0C120B3534685700A490D45%40AdobeOrg&ts=1674776439966
IP 13.37.25.97:0
File type JSON data\012- , ASCII text, with no line terminators
Hash a8537fa9ea493740c41cfc2e3de95896
ad3f93d1e1fc063f7e737ee4c21a34add67418bc
61a5b8f71175c100e1d870fd039d45d3d9d836a7f766db6b8f041e0432b7e52c
GET /id?d_visid_ver=5.5.0&d_fieldgroup=MC&mcorgid=F0C120B3534685700A490D45%40AdobeOrg&ts=1674776439966 HTTP/1.1
Host: smetric.hilton.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://hoteldel.com
access-control-allow-credentials: true
date: Thu, 26 Jan 2023 23:40:40 GMT
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=0%7CMCMID%7C23631572537739377260844208569661397441; Path=/; Domain=hilton.com; Max-Age=63072000; Expires=Sat, 25 Jan 2025 23:40:40 GMT; SameSite=None; Secure
s_ecid=MCMID%7C23631572537739377260844208569661397441; Path=/; Domain=hilton.com; Max-Age=63072000; Expires=Sat, 25 Jan 2025 23:40:40 GMT; SameSite=None; Secure
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 48
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
consent-pref.trustarc.com/defaultpreferencemanager/truste
54.230.111.52200 OK 469 B URL HTTP/2 consent-pref.trustarc.com/defaultpreferencemanager/truste
IP 54.230.111.52:0
File type ASCII text, with very long lines (969), with no line terminators
Hash 01064096d38fe642f21364057c6ed847
93bb118ec04f1206a3a139ab402928d84da3547b
d4115f3236400bed58337b4590edec46d1306237a78f8f652ea57cc8af9c048f
POST /defaultpreferencemanager/truste HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Content-Type: text/x-gwt-rpc; charset=utf-8
X-GWT-Permutation: 9F5DDAD4256889D2A2BB0A3140E8B74B
X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
Content-Length: 181
Origin: https://consent-pref.trustarc.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=utf-8
content-length: 469
date: Thu, 26 Jan 2023 23:40:40 GMT
server: nginx
content-encoding: gzip
content-disposition: attachment
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: r-Ct3d_qbFqimh--2HMyv8TxWDiWvqAHMwasjcwuo3cy6WDi7O4AFA==
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
consent-pref.trustarc.com/defaultpreferencemanager/truste
54.230.111.52200 OK 48 B URL HTTP/2 consent-pref.trustarc.com/defaultpreferencemanager/truste
IP 54.230.111.52:0
File type ASCII text, with no line terminators
Hash 8e2f2dd3d21e81293d9bac40d9f126c3
82bf5252d5ff66db565278b125779258acbb5219
c3b782c3c5a1de168cb9d1c192b56007c2ef2ecbb69a467edec9d416ba06e5d8
POST /defaultpreferencemanager/truste HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Content-Type: text/x-gwt-rpc; charset=utf-8
X-GWT-Permutation: 9F5DDAD4256889D2A2BB0A3140E8B74B
X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
Content-Length: 180
Origin: https://consent-pref.trustarc.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=utf-8
content-length: 48
date: Thu, 26 Jan 2023 23:40:40 GMT
server: nginx
content-disposition: attachment
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BRP07HDlWoY0wn1wIHmofv3WDEsmfWiP_78w1gLkMzLL9wVJeMOJTw==
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
dp58aslhmbcib.cloudfront.net/static/cache/css/output.2a40a4d96366.css
54.230.245.62200 OK 100 kB URL HTTP/2 dp58aslhmbcib.cloudfront.net/static/cache/css/output.2a40a4d96366.css
IP 54.230.245.62:0
Size 100 kB (100442 bytes)
Hash 54539cec25ee4d98052366fc5d9dd82e
1512a2817eb2bf4150750f71dd4afb635a0b47b5
cb403003d5265abc4c9bdee0a439606f91f69d9a72cf6ac7940d9f7cf502c023
GET /static/cache/css/output.2a40a4d96366.css HTTP/1.1
Host: dp58aslhmbcib.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fareharbor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
date: Thu, 05 Jan 2023 21:35:54 GMT
cache-control: public
content-encoding: gzip
etag: "63b731c4-2dec0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 05 Jan 2023 20:23:32 GMT
server: nginx/1.22.1
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-fh-loadbalancer: production-appservers_docker-a-7
x-xss-protection: 1; mode=block
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _K-mpZuBl6-wr1YzL79V08c6oGN1izWZki70QoNv7rQsBh376a_fww==
age: 1821886
X-Firefox-Spdy: h2
cdn.branch.io/branch-latest.min.js
54.230.111.8200 OK 22 kB URL HTTP/2 cdn.branch.io/branch-latest.min.js
IP 54.230.111.8:0
File type ASCII text, with very long lines (2646)
Hash 2a6320386437cc44ae1713f25f6ea30b
cf60f8578b16e8beddb82eb43d9b1f9db5491650
75622ee3451d62f121868396395909cd979874287141da4de39562ccf1f8f799
GET /branch-latest.min.js HTTP/1.1
Host: cdn.branch.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 22048
date: Thu, 26 Jan 2023 23:36:42 GMT
cache-control: max-age=300
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 20:07:47 GMT
x-amz-version-id: LzwY9oP1_KD6QZAz0SCDQRP53VCVCZV0
etag: "2a6320386437cc44ae1713f25f6ea30b"
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XVe0le6UYK2Lw49XO76rXAFIDo5hSiKfRm1TeVlA7TxP2WGSYnDlVg==
age: 239
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 217fbaa8fc7824107e8324ce82a519de
bb1e88ce595108216f37760e3539a1b51ad0a48a
954430d9a66fe55ca8fbd2d9069f6ae0cad407e6a1f096d91e1bd6ea39bf2be4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5210
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:40:40 GMT
Last-Modified: Thu, 26 Jan 2023 22:13:50 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 280
snap.licdn.com/li.lms-analytics/insight.min.js
95.101.11.57200 OK 4.8 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 95.101.11.57:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13351)
Hash 74f72658f6efd10c4c286ab07cd5e452
9fa4dfc644b6e818914f2f2c4fe4bdf791fd6d39
6681619d5962f95b3fccfa34a7f035664edb66522d237ea0c28a05851f9d295c
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=60152
date: Thu, 26 Jan 2023 23:40:40 GMT
content-length: 4777
x-content-type-options: nosniff
x-cdn: AKAM
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 58bee798660dae739b64c6c857490fff
bcfe56f00b749385ca3d2ffb7a68c4a13c186317
800396e3a57e9ebd98a56f8ebab32c3bc576310632d9ece8b282e88c6d20d8f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5023
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:40:40 GMT
Last-Modified: Thu, 26 Jan 2023 22:16:57 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
www.google-analytics.com/analytics.js
142.250.74.46200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.46:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 26 Jan 2023 21:45:20 GMT
expires: Thu, 26 Jan 2023 23:45:20 GMT
cache-control: public, max-age=7200
age: 6920
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 9ba458c0d3060a442f3094daf58ec05d
fc35d487d0dd81e6855f1b02367b755609d9608d
17087257ea25c2232c025f338b9f3153d35c3d953cb382b7b6e01728a643bc0b
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: gHmeA05MhoVNmOhfYOcKIvtriJ4p3CmwK9fYidd5DBSZQx1Qo+j72YeEanxsCxkeJP8xTXTe+hks9FtJT2nrnw==
priority: u=3,i
content-length: 27859
x-fb-trip-id: 1904183273
date: Thu, 26 Jan 2023 23:40:40 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
fareharbor.com/static/jstranslation/en-us/djangojs.js
54.193.132.100200 OK 998 B URL HTTP/2 fareharbor.com/static/jstranslation/en-us/djangojs.js
IP 54.193.132.100:0
Hash c82d91724f3a5f2c73a46fd2fe54aebf
ad55676deba66f12b7b9697769d3504ebaeedb98
a73227c3ce91ff8c6ec6877cff133277b5b0fa7ed21dd9e15157bb4b73afda93
GET /static/jstranslation/en-us/djangojs.js HTTP/1.1
Host: fareharbor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fareharbor.com/embeds/cart/?u=8928d445-0084-4906-80f2-762db4dd77d8&from-ssl=yes&g4=yes&a=yes&back=https://hoteldel.com/events/thanksgiving/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:40:40 GMT
content-type: application/javascript
content-length: 998
cache-control: public
content-encoding: gzip
etag: "63d29c2e-d2b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 26 Jan 2023 15:28:46 GMT
server: nginx/1.22.1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-fh-loadbalancer: production-appservers_docker-a-5
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 58bee798660dae739b64c6c857490fff
bcfe56f00b749385ca3d2ffb7a68c4a13c186317
800396e3a57e9ebd98a56f8ebab32c3bc576310632d9ece8b282e88c6d20d8f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5023
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:40:40 GMT
Last-Modified: Thu, 26 Jan 2023 22:16:57 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&d_mid=23631572537739377260844208569661397441&ts=1674776440626
34.251.134.200200 OK 1.7 kB URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&d_mid=23631572537739377260844208569661397441&ts=1674776440626
IP 34.251.134.200:0
File type JSON data\012- , ASCII text, with very long lines (5444), with no line terminators
Hash 8434a00a6bde67cf5129d52820d04cf8
640aad8c618e05711b84b7809bf432d0db4c7ab7
9d255eb593b589f150ba868bfae53fafc71e970dbdd3e31eb91c5296d98dde08
GET /id?d_visid_ver=5.5.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&d_mid=23631572537739377260844208569661397441&ts=1674776440626 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hoteldel.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v045-0dc3ea27c.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=23607930497361995370846567867979393166; Max-Age=15552000; Expires=Tue, 25 Jul 2023 23:40:40 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: EBacbvwnR1Q=
Content-Length: 1710
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 6f097807309f139fdf3dc2f21e9fb944
332dfb2ca91602c6146fe642fba693014535d958
3d646dfd0b759f9a612ecc01edd6a83fb76158c2af3b915ba0673561fb455847
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=131896
Date: Thu, 26 Jan 2023 23:40:40 GMT
Etag: "63d2618f-1d7"
Expires: Sat, 28 Jan 2023 12:18:56 GMT
Last-Modified: Thu, 26 Jan 2023 11:18:39 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: pnhfC8MexMJHb_ae-yzuf08sHgTBzWewn9l16282W_PxjDsYXj3FwA==
Age: 3617
app.link/_r?sdk=web2.71.0&branch_key=key_live_glXPM2Kabtb7o8tG8hg7fhohwraYrfE7&callback=branch_callback__0
54.230.111.23200 OK 91 B URL HTTP/2 app.link/_r?sdk=web2.71.0&branch_key=key_live_glXPM2Kabtb7o8tG8hg7fhohwraYrfE7&callback=branch_callback__0
IP 54.230.111.23:0
File type ASCII text, with no line terminators
Hash 1daf7978943f2f49d2407a1301498de3
616c3b36d5c35a3b9415ccbd8143946622651ffd
038d70c5460bcd810396d84d235c3ab5fcf904930bdff7e2f598591fbda7332f
GET /_r?sdk=web2.71.0&branch_key=key_live_glXPM2Kabtb7o8tG8hg7fhohwraYrfE7&callback=branch_callback__0 HTTP/1.1
Host: app.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 91
server: openresty
date: Thu, 26 Jan 2023 23:40:40 GMT
set-cookie: _s=jmBDUk2gM%2FSSHj28mVxxGrBVkMFfR5ZUacntE48BWoftMKphMwwOofM%2B6QeefCx6; Max-Age=31536000; Domain=.app.link; Path=/; Expires=Fri, 26 Jan 2024 23:40:40 GMT; Secure
x-content-type-options: nosniff
etag: W/"5b-YWw7NtXDWjuUFcy9gUOUZiJlH/0"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rVhAsL1KGQbFNDim6OM7tq_o6u5jN6JKahMN5Esw2vrvkS2wrkoKxw==
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5922bf86752393c5a09db0020b4bafed
671f9725fa09ac28eda0415d1fbdaa2b7f486712
d5efd3cae6c363a0cdc675f934d6515c16c532609ed995976e0212b6281c3d4c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D5EFD3CAE6C363A0CDC675F934D6515C16C532609ED995976E0212B6281C3D4C"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2760
Expires: Fri, 27 Jan 2023 00:26:40 GMT
Date: Thu, 26 Jan 2023 23:40:40 GMT
Connection: keep-alive
o10963.ingest.sentry.io/api/5933789/envelope/?sentry_key=3c9ece80fbdf4edfaf944d2be20b4532&sentry_version=7
34.120.195.249200 OK 2 B URL HTTP/2 o10963.ingest.sentry.io/api/5933789/envelope/?sentry_key=3c9ece80fbdf4edfaf944d2be20b4532&sentry_version=7
IP 34.120.195.249:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/5933789/envelope/?sentry_key=3c9ece80fbdf4edfaf944d2be20b4532&sentry_version=7 HTTP/1.1
Host: o10963.ingest.sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fareharbor.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://fareharbor.com
Content-Length: 459
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 23:40:40 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: https://fareharbor.com
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
vary: Origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fh-sites.imgix.net/fonts/roboto/roboto-v20-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2
151.101.246.208200 OK 51 kB URL HTTP/2 fh-sites.imgix.net/fonts/roboto/roboto-v20-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2
IP 151.101.246.208:0
File type Web Open Font Format (Version 2), TrueType, length 51116, version 1.0\012- data
Hash 9549360090baf2eb8b25d3a9708fc19d
3229ae839d33696d39c89dc0d3e193fe985f1da4
a7bf1f115e60e0c8f3b335df66d4d77baaae4eb11d2cea2cf7c5b4693403a46f
GET /fonts/roboto/roboto-v20-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2 HTTP/1.1
Host: fh-sites.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fareharbor.com
Connection: keep-alive
Referer: https://dp58aslhmbcib.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=315360000
last-modified: Thu, 24 Sep 2020 23:44:49 GMT
server: imgix
x-imgix-id: 4c8dac6ea6a85c8c41b67aee30211153f2529382
x-imgix-render-farm: 01.584
date: Thu, 26 Jan 2023 23:40:40 GMT
age: 4796389
accept-ranges: bytes
content-type: application/octet-stream
access-control-allow-origin: *
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10078-SJC, cache-hel1410031-HEL
x-cache: HIT, HIT
content-length: 51116
X-Firefox-Spdy: h2
ad.ipredictive.com/d/track/cvt/pixel?acct_id=49891&cache_buster=1674776438
3.214.243.172200 OK 479 B URL HTTP/1.1 ad.ipredictive.com/d/track/cvt/pixel?acct_id=49891&cache_buster=1674776438
IP 3.214.243.172:0
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1x1, components 3\012- data
Hash 1f1be6721cdc096ab63cc0ab0235de0e
86c01db3df78bcd14371ef2b859c27b883c3791e
6899ed8fa010014f8b8f04d0bcdfa68e082df93f022a331d362d0b5a94dc3b15
GET /d/track/cvt/pixel?acct_id=49891&cache_buster=1674776438 HTTP/1.1
Host: ad.ipredictive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: image/jpeg
Date: Thu, 26 Jan 2023 23:40:40 GMT
Set-Cookie: cu=abbaa4b6-51a9-4870-a52a-e2c1214a6fc5|1674776440898; Path=/; Domain=ipredictive.com; Expires=Fri, 26 Jan 2024 23:40:40 GMT; Max-Age=31536000; SameSite=None; Secure
X-CI-RTID: ab9b23e0-3e81-4db0-99e4-4eaa2c0a1d33
Content-Length: 479
Connection: keep-alive
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 5922bf86752393c5a09db0020b4bafed
671f9725fa09ac28eda0415d1fbdaa2b7f486712
d5efd3cae6c363a0cdc675f934d6515c16c532609ed995976e0212b6281c3d4c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D5EFD3CAE6C363A0CDC675F934D6515C16C532609ED995976E0212B6281C3D4C"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2760
Expires: Fri, 27 Jan 2023 00:26:40 GMT
Date: Thu, 26 Jan 2023 23:40:40 GMT
Connection: keep-alive
o10963.ingest.sentry.io/api/5933789/envelope/?sentry_key=3c9ece80fbdf4edfaf944d2be20b4532&sentry_version=7
34.120.195.249200 OK 2 B URL HTTP/2 o10963.ingest.sentry.io/api/5933789/envelope/?sentry_key=3c9ece80fbdf4edfaf944d2be20b4532&sentry_version=7
IP 34.120.195.249:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/5933789/envelope/?sentry_key=3c9ece80fbdf4edfaf944d2be20b4532&sentry_version=7 HTTP/1.1
Host: o10963.ingest.sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fareharbor.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://fareharbor.com
Content-Length: 464
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 23:40:40 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: https://fareharbor.com
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
vary: Origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
consent-pref.trustarc.com/EuPreferenceManager.css
54.230.111.52200 OK 6.8 kB URL HTTP/2 consent-pref.trustarc.com/EuPreferenceManager.css
IP 54.230.111.52:0
Hash 289bd9107e8baf39ec9ce6522d803a13
c3ac1b0283bf0d54b4cba6467ed83b467a052765
1ef48a6606bd60945b1115031c122ffc4ca698a7519b05db93eb5355d4c02057
GET /EuPreferenceManager.css HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
server: nginx
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
content-encoding: gzip
date: Thu, 26 Jan 2023 23:40:40 GMT
expires: Thu, 26 Jan 2023 23:40:39 GMT
cache-control: no-cache
etag: W/"29043-1672991998000"
x-cache: RefreshHit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 21_dXq7Q3Bgze7I7o23bTmsNcM5w9D8ZzarezpvPnDRps3oP_kg7Sg==
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash c4f7419edd9aa1d1626534e2345b297a
0d72a162560fe6bf39529d2cb85ceb89b5361e43
e0177f93922f32423fa90aa470d4a739e8c540267ecda45bc0be7e5ff21e8110
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6526
Cache-Control: max-age=138040
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:40:41 GMT
Etag: "63d26e34-118"
Expires: Sat, 28 Jan 2023 14:01:21 GMT
Last-Modified: Thu, 26 Jan 2023 12:12:36 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 280
geoip-js.com/geoip/v2.1/country/me?referrer=https%3A%2F%2Ffareharbor.com
104.18.19.68200 OK 683 B URL HTTP/2 geoip-js.com/geoip/v2.1/country/me?referrer=https%3A%2F%2Ffareharbor.com
IP 104.18.19.68:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (609), with no line terminators
Hash b23adeb0d94f48cce3bab96ced275eda
e793d7b3b49595a05bc12e688e7602d658c2b418
60086cece1f12986c8e11897de7e479d6402708eecd8d4fd767e1e50a83f55b8
GET /geoip/v2.1/country/me?referrer=https%3A%2F%2Ffareharbor.com HTTP/1.1
Host: geoip-js.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fareharbor.com
Connection: keep-alive
Referer: https://fareharbor.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:40:41 GMT
content-type: application/vnd.maxmind.com-country+json; charset=UTF-8; version=2.1
content-length: 683
access-control-allow-origin: *
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78fd18545b820b59-OSL
X-Firefox-Spdy: h2
smetric.hilton.com/b/ss/hiltonglobalprod/10/JS-2.21.0-LCXS/s17666006390048?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=26%2F0%2F2023%2023%3A40%3A40%204%200&d.&nsid=0&jsonv=1&.d&mid=23631572537739377260844208569661397441&aamlh=6&ce=UTF-8&pageName=hotel-del-coronado%3Aevents%3Athanksgiving&g=https%3A%2F%2Fhoteldel.com%2Fevents%2Fthanksgiving%2F&c.&getQueryParam=4.0&getPreviousValue=3.0&.c&cc=USD&ch=events&products=%3BSANQQQQ&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&c1=SANQQQQ&c2=D%3Dv59&c3=D%3Dv24&c4=Logged-out&c6=images%2Ctext&c8=hotel-del-coronado&c9=D%3Dv46&v10=%2B1&c11=D%3Dv40&c12=D%3Dv63&c13=D%3Dv150&c14=Thanksgiving%20at%20Hotel%20del%20Coronado&c15=R&c16=D%3Dv49&c17=events%3Athanksgiving&v17=D%3Dv18&c24=hoteldel.com&v24=en&v25=Logged-out&v27=hotel-del-coronado%3Aevents%3Athanksgiving&c28=D%3Dv9&c35=D%3Dv135&c37=D%3Dv24&c38=D%3Dv59&c39=D%3Dv46&v43=D%3Dc8&v46=events&v47=D%3Dc15&v49=L&c52=core.page-bottom%7C%7Cundefined%7CGW%20-%20Global%20Standard%20%28AT%29&c53=2023-1-26%2023%3A40%3A40&v59=qq&v81=USA&v111=Control%20Group&v131=Not%20Available&v135=old%20hilton&v150=https%3A%2F%2Fhoteldel.com%2Fevents%2Fthanksgiving%2F&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F0C120B3534685700A490D45%40AdobeOrg&AQE=1
13.37.25.97200 OK 5.9 kB URL HTTP/2 smetric.hilton.com/b/ss/hiltonglobalprod/10/JS-2.21.0-LCXS/s17666006390048?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=26%2F0%2F2023%2023%3A40%3A40%204%200&d.&nsid=0&jsonv=1&.d&mid=23631572537739377260844208569661397441&aamlh=6&ce=UTF-8&pageName=hotel-del-coronado%3Aevents%3Athanksgiving&g=https%3A%2F%2Fhoteldel.com%2Fevents%2Fthanksgiving%2F&c.&getQueryParam=4.0&getPreviousValue=3.0&.c&cc=USD&ch=events&products=%3BSANQQQQ&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&c1=SANQQQQ&c2=D%3Dv59&c3=D%3Dv24&c4=Logged-out&c6=images%2Ctext&c8=hotel-del-coronado&c9=D%3Dv46&v10=%2B1&c11=D%3Dv40&c12=D%3Dv63&c13=D%3Dv150&c14=Thanksgiving%20at%20Hotel%20del%20Coronado&c15=R&c16=D%3Dv49&c17=events%3Athanksgiving&v17=D%3Dv18&c24=hoteldel.com&v24=en&v25=Logged-out&v27=hotel-del-coronado%3Aevents%3Athanksgiving&c28=D%3Dv9&c35=D%3Dv135&c37=D%3Dv24&c38=D%3Dv59&c39=D%3Dv46&v43=D%3Dc8&v46=events&v47=D%3Dc15&v49=L&c52=core.page-bottom%7C%7Cundefined%7CGW%20-%20Global%20Standard%20%28AT%29&c53=2023-1-26%2023%3A40%3A40&v59=qq&v81=USA&v111=Control%20Group&v131=Not%20Available&v135=old%20hilton&v150=https%3A%2F%2Fhoteldel.com%2Fevents%2Fthanksgiving%2F&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F0C120B3534685700A490D45%40AdobeOrg&AQE=1
IP 13.37.25.97:0
File type ASCII text, with very long lines (5887)
Hash 8b942af4fda7ff995c78819a874e7a7a
402558baa07fc614e18e745fd12d44271406f195
c34a6651353cff49719d2f7284470d7b0b3f10854536a00fe84d39d316891815
GET /b/ss/hiltonglobalprod/10/JS-2.21.0-LCXS/s17666006390048?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=26%2F0%2F2023%2023%3A40%3A40%204%200&d.&nsid=0&jsonv=1&.d&mid=23631572537739377260844208569661397441&aamlh=6&ce=UTF-8&pageName=hotel-del-coronado%3Aevents%3Athanksgiving&g=https%3A%2F%2Fhoteldel.com%2Fevents%2Fthanksgiving%2F&c.&getQueryParam=4.0&getPreviousValue=3.0&.c&cc=USD&ch=events&products=%3BSANQQQQ&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&c1=SANQQQQ&c2=D%3Dv59&c3=D%3Dv24&c4=Logged-out&c6=images%2Ctext&c8=hotel-del-coronado&c9=D%3Dv46&v10=%2B1&c11=D%3Dv40&c12=D%3Dv63&c13=D%3Dv150&c14=Thanksgiving%20at%20Hotel%20del%20Coronado&c15=R&c16=D%3Dv49&c17=events%3Athanksgiving&v17=D%3Dv18&c24=hoteldel.com&v24=en&v25=Logged-out&v27=hotel-del-coronado%3Aevents%3Athanksgiving&c28=D%3Dv9&c35=D%3Dv135&c37=D%3Dv24&c38=D%3Dv59&c39=D%3Dv46&v43=D%3Dc8&v46=events&v47=D%3Dc15&v49=L&c52=core.page-bottom%7C%7Cundefined%7CGW%20-%20Global%20Standard%20%28AT%29&c53=2023-1-26%2023%3A40%3A40&v59=qq&v81=USA&v111=Control%20Group&v131=Not%20Available&v135=old%20hilton&v150=https%3A%2F%2Fhoteldel.com%2Fevents%2Fthanksgiving%2F&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F0C120B3534685700A490D45%40AdobeOrg&AQE=1 HTTP/1.1
Host: smetric.hilton.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=0%7CMCMID%7C23631572537739377260844208569661397441; s_ecid=MCMID%7C23631572537739377260844208569661397441
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Thu, 26 Jan 2023 23:40:41 GMT
expires: Wed, 25 Jan 2023 23:40:41 GMT
last-modified: Fri, 27 Jan 2023 23:40:41 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_ecid=MCMID%7C23631572537739377260844208569661397441; Path=/; Domain=hilton.com; Max-Age=63072000; Expires=Sat, 25 Jan 2025 23:40:40 GMT; SameSite=None; Secure
etag: 3596555021190266880-4619832842194404572
vary: *
dcs: dcs-prod-irl1-1-v045-0f7e0a58c.edge-irl1.demdex.com 6 ms
x-aam-tid: VIl+rDSySO0=
content-type: application/x-javascript;charset=utf-8
content-length: 5888
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
cdn9.forter.com/vchk2/v1/28b953cd344979733e21e31e18fb07b7f8b09a0e7a811061ece4670ebf969715ac7f4bc9671050e1ddf449dda276
54.230.111.31200 OK 35 B URL HTTP/2 cdn9.forter.com/vchk2/v1/28b953cd344979733e21e31e18fb07b7f8b09a0e7a811061ece4670ebf969715ac7f4bc9671050e1ddf449dda276
IP 54.230.111.31:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 28d6814f309ea289f847c69cf91194c6
0f4e929dd5bb2564f7ab9c76338e04e292a42ace
8337212354871836e6763a41e615916c89bac5b3f1f0adf60ba43c7c806e1015
GET /vchk2/v1/28b953cd344979733e21e31e18fb07b7f8b09a0e7a811061ece4670ebf969715ac7f4bc9671050e1ddf449dda276 HTTP/1.1
Host: cdn9.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: eyJyIjowLjAxMDgzOTM1MTcxNjg3Nzc3NiwidSI6ImY2OWY4M2U4MzVhNDRlMTg4MzQ1ZDlmNGQyNmEwYmUxIiwicyI6IjRkYzJhYTgyYmM1ZSJ9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hoteldel.com
Referer: https://hoteldel.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:40:41 GMT
access-control-allow-origin: *
timing-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: l_uGqLyjQmI6hAMti5pWA3EHvRpuF_EjB4usQZeDm5juDUJVvF1ShQ==
X-Firefox-Spdy: h2
fareharbor.com/api/v1/persistence/8928d445-0084-4906-80f2-762db4dd77d8/
54.193.132.100200 OK 24 B URL HTTP/2 fareharbor.com/api/v1/persistence/8928d445-0084-4906-80f2-762db4dd77d8/
IP 54.193.132.100:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 309b2178203de5a131d3de57b8833209
d303aadfd5a6a760b2fa533758dc5322806fd147
665dfdc1859f43c9f0626d980a4efe4647c5a5d42c12020ac8d136e42c1b0fb7
GET /api/v1/persistence/8928d445-0084-4906-80f2-762db4dd77d8/ HTTP/1.1
Host: fareharbor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-FH-Target-Language: en-us
X-Requested-With: XMLHttpRequest
X-CSRFToken: ADncfT1zwddAQklyDrfFQeStr9sSmY3RfvuzoO4JFSyFbmadBT20iajUZPOtkmJN
sentry-trace: 050c50ec97a444c8b2f9576d6519b0da-80f2c53fc578f60a-0
Connection: keep-alive
Referer: https://fareharbor.com/embeds/cart/?u=8928d445-0084-4906-80f2-762db4dd77d8&from-ssl=yes&g4=yes&a=yes&back=https://hoteldel.com/events/thanksgiving/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:40:41 GMT
content-type: application/json
content-length: 24
content-language: en-us
p3p: CP="This is not a P3P policy."
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Cookie
x-amzn-trace-id: Root=1-63d30f79-2425ccd44b0ef6ba425601be
x-content-type-options: nosniff
x-fh-loadbalancer: production-appservers_docker-a-0
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1f4c8e17a668764556ab61c7c31e53c7
ada5ee5917ab9faf3d55a6da1d5bfc3077e42de2
8ac89ed8b6650ea140c2eac1b1dd61f8498e97e278e6bd6debfd803a588e2468
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:40:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1f4c8e17a668764556ab61c7c31e53c7
ada5ee5917ab9faf3d55a6da1d5bfc3077e42de2
8ac89ed8b6650ea140c2eac1b1dd61f8498e97e278e6bd6debfd803a588e2468
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:40:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-25841763-5&cid=2035966168.1674776441&jid=1224438052&gjid=758345927&_gid=1904769360.1674776441&_u=YGDAiEABBAAAAEAAI~&z=1987557067
173.194.221.156200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-25841763-5&cid=2035966168.1674776441&jid=1224438052&gjid=758345927&_gid=1904769360.1674776441&_u=YGDAiEABBAAAAEAAI~&z=1987557067
IP 173.194.221.156:0
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-25841763-5&cid=2035966168.1674776441&jid=1224438052&gjid=758345927&_gid=1904769360.1674776441&_u=YGDAiEABBAAAAEAAI~&z=1987557067 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://hoteldel.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 26 Jan 2023 23:40:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-25841763-1&cid=2035966168.1674776441&jid=1298768248&gjid=436573510&_gid=1904769360.1674776441&_u=YGBAiEABBAAAAEAAI~&z=177827200
173.194.221.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-25841763-1&cid=2035966168.1674776441&jid=1298768248&gjid=436573510&_gid=1904769360.1674776441&_u=YGBAiEABBAAAAEAAI~&z=177827200
IP 173.194.221.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-25841763-1&cid=2035966168.1674776441&jid=1298768248&gjid=436573510&_gid=1904769360.1674776441&_u=YGBAiEABBAAAAEAAI~&z=177827200 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://hoteldel.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 26 Jan 2023 23:40:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
hilton.demdex.net/dest5.html?d_nsid=0
34.251.134.200200 OK 2.8 kB URL HTTP/1.1 hilton.demdex.net/dest5.html?d_nsid=0
IP 34.251.134.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: hilton.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Thu, 26 Jan 2023 23:40:41 GMT
DCS: dcs-prod-irl1-1-v045-03c381005.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:02:57 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: 6L/MurkSRQ0=
Content-Length: 2791
Connection: keep-alive
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-25841763-1&cid=2035966168.1674776441&jid=165256243&gjid=1841350556&_gid=1904769360.1674776441&_u=YGDACEABBAAAAGAAI~&z=644767201
173.194.221.156200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-25841763-1&cid=2035966168.1674776441&jid=165256243&gjid=1841350556&_gid=1904769360.1674776441&_u=YGDACEABBAAAAGAAI~&z=644767201
IP 173.194.221.156:0
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-25841763-1&cid=2035966168.1674776441&jid=165256243&gjid=1841350556&_gid=1904769360.1674776441&_u=YGDACEABBAAAAGAAI~&z=644767201 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: https://hoteldel.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 26 Jan 2023 23:40:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 1f4c8e17a668764556ab61c7c31e53c7
ada5ee5917ab9faf3d55a6da1d5bfc3077e42de2
8ac89ed8b6650ea140c2eac1b1dd61f8498e97e278e6bd6debfd803a588e2468
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:40:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 828fff395e93f7be2544b97ca2a81e09
2d9b76b7bb7e4505707e6fa30cdaaf80ae05fb88
90d1e5a199f990e517064222bb83c7bb7db1217300c25b14637df3c74f4029d1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 26 Jan 2023 23:40:41 GMT
Last-Modified: Thu, 26 Jan 2023 21:59:32 GMT
Server: ECS (nyb/1D1E)
X-Cache: Miss from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: Z1Ir7o9ibZvoN4bWC_XvM_Vvm7kQ1mvBkrwwv-S5CM-gsJp-XxLgHQ==
Age: 6069
www.facebook.com/tr/?id=967617709996912&ev=Adobe-Audience-Manager-Segment&cd[segID]=15300019,22365141&noscript=1
31.13.72.36200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=967617709996912&ev=Adobe-Audience-Manager-Segment&cd[segID]=15300019,22365141&noscript=1
IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=967617709996912&ev=Adobe-Audience-Manager-Segment&cd[segID]=15300019,22365141&noscript=1 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hilton.demdex.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Jan 2023 23:40:41 GMT
X-Firefox-Spdy: h2
consent-pref.trustarc.com/defaultpreferencemanager/truste
54.230.111.52200 OK 398 B URL HTTP/2 consent-pref.trustarc.com/defaultpreferencemanager/truste
IP 54.230.111.52:0
File type ASCII text, with very long lines (910), with no line terminators
Hash 92aa447af9ce924e41b5a6c94d6d3c28
1e11097fdbe90ee9ec08d36ea2ee346f1b53decb
c225af078d467139e8e84986ef37ed7109b4379cc65881cd967abb61e1cc433f
POST /defaultpreferencemanager/truste HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Content-Type: text/x-gwt-rpc; charset=utf-8
X-GWT-Permutation: 9F5DDAD4256889D2A2BB0A3140E8B74B
X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
Content-Length: 246
Origin: https://consent-pref.trustarc.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=utf-8
content-length: 398
date: Thu, 26 Jan 2023 23:40:41 GMT
server: nginx
content-encoding: gzip
content-disposition: attachment
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LWZ4dgxxePM3adnnWwtvQY0cI7puzT-qaUW2Yq5-R8l_KuyZ0TmgNA==
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
consent-pref.trustarc.com/defaultpreferencemanager/truste
54.230.111.52200 OK 4.2 kB URL HTTP/2 consent-pref.trustarc.com/defaultpreferencemanager/truste
IP 54.230.111.52:0
File type Unicode text, UTF-8 text, with very long lines (14340), with no line terminators
Hash 1deb666082635f0fb442a7a5cffb8339
74619d472d1660e0e88435bc88b78286e26cae45
a6d979849655dc494eaf6b27f6cf6bb14e6fa3c02b2039938c69f4931f1c4108
POST /defaultpreferencemanager/truste HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Content-Type: text/x-gwt-rpc; charset=utf-8
X-GWT-Permutation: 9F5DDAD4256889D2A2BB0A3140E8B74B
X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
Content-Length: 240
Origin: https://consent-pref.trustarc.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=utf-8
content-length: 4172
date: Thu, 26 Jan 2023 23:40:41 GMT
server: nginx
content-encoding: gzip
content-disposition: attachment
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EkkKYe7xggSRwUmQXEy5-KTmC5aPQzCYJjPle99fUlItY5XRYysCQQ==
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=3860260&time=1674776440527&url=https%3A%2F%2Fhoteldel.com%2Fevents%2Fthanksgiving%2F
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=3860260&time=1674776440527&url=https%3A%2F%2Fhoteldel.com%2Fevents%2Fthanksgiving%2F
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=3860260&time=1674776440527&url=https%3A%2F%2Fhoteldel.com%2Fevents%2Fthanksgiving%2F HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3860260%26time%3D1674776440527%26url%3Dhttps%253A%252F%252Fhoteldel.com%252Fevents%252Fthanksgiving%252F%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQKPPi64TtxKhgAAAYXwdHGOv85vodnsKm6bSfW1miz39QCSDONotdig_DI_Ysb3xufh2q9J7y-Jdg; Max-Age=2592000; Expires=Sat, 25 Feb 2023 23:40:41 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQInPvuBVu2RbQAAAYXwdHGOjNNkWro991CXIzHfFqh7oQWLoVTBuiQo4pJuHz8SLgcJTHTs6xXqx5wJhd8dWg; Max-Age=2592000; Expires=Sat, 25 Feb 2023 23:40:41 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&ad05a657-386d-4934-8014-710a1a9e43e3"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 26-Jan-2024 23:40:41 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2422:u=1:x=1:i=1674776441:t=1674862841:v=2:sig=AQGI5aB-fwHcvdcR2Fm-IaQvtlzo16kP"; Expires=Fri, 27 Jan 2023 23:40:41 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXzM0bbW4jThVEX487rpw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: EC81EAC7C78E41598568D367D680211C Ref B: OSL30EDGE0415 Ref C: 2023-01-26T23:40:41Z
date: Thu, 26 Jan 2023 23:40:40 GMT
content-length: 0
X-Firefox-Spdy: h2
cm.everesttech.net/cm/dd?d_uuid=23607930497361995370846567867979393166
54.229.62.148302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=23607930497361995370846567867979393166
IP 54.229.62.148:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=23607930497361995370846567867979393166 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Thu, 26 Jan 2023 23:40:41 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y9MPeQAAADeC0QN6; Domain=.everesttech.net; Expires=Fri, 26-Jan-2024 23:40:41 GMT; Path=/
everest_session_v2=Y9MPeQAAADeC0gN6; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y9MPeQAAADeC0QN6
Server: AMO-cookiemap/1.1
api2.branch.io/v1/open
54.230.111.74200 OK 272 B IP 54.230.111.74:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 17b20bcc2a5b34c2a0edca44d1e71d9c
ab2565fd1d0f221a6a0194feaeebc4c57aa9c4e7
5a752a6120c56a38127431c6411a28ff2c688072881acb16226d6fefffe85535
POST /v1/open HTTP/1.1
Host: api2.branch.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 227
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 272
access-control-allow-origin: *
cache-control: no-cache
date: Thu, 26 Jan 2023 23:40:41 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-branch-request-id: f0551687999e40879798f641639efb44-2023012623
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iorPvOK8BoDE0ubRsiKEktP2XHWhwAUaV5f0PW7IRygzMgoKSlv-RQ==
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=411&dpuuid=Y9MPeQAAADeC0QN6
34.251.134.200302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y9MPeQAAADeC0QN6
IP 34.251.134.200:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y9MPeQAAADeC0QN6 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hoteldel.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-05e780d2b.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y9MPeQAAADeC0QN6
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=80770793431052651282028377885804219944; Max-Age=15552000; Expires=Tue, 25 Jul 2023 23:40:41 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: zCqbf7SjR6M=
Content-Length: 0
Connection: keep-alive
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3ebf9d7211aba4c70b84fb470a61b414
28fe29a24e47d6abda88eeeb5e22eddda03c7fca
a8276e099d9d8452b65b70d161a459fae25afb37cea7eff9cc5563b7de972acc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:40:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 3ebf9d7211aba4c70b84fb470a61b414
28fe29a24e47d6abda88eeeb5e22eddda03c7fca
a8276e099d9d8452b65b70d161a459fae25afb37cea7eff9cc5563b7de972acc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:40:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
consent-pref.trustarc.com/images/trustarc-logo-small.png
54.230.111.52200 OK 4.2 kB URL HTTP/2 consent-pref.trustarc.com/images/trustarc-logo-small.png
IP 54.230.111.52:0
File type PNG image data, 198 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash 01e1b7108fa9f6b54f403309a1616588
e3328418159b7371b64a6cff199b2812c4d0b9c1
91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004
GET /images/trustarc-logo-small.png HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 4197
server: nginx
accept-ranges: bytes
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
date: Thu, 26 Jan 2023 23:30:57 GMT
etag: W/"4197-1672991998000"
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: osm8sttyt7iJ40GqsxXEhD1zPyz7RhHeGFmka2rbZTiudI-oTZlZ3Q==
age: 589
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Origin
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-25841763-1&cid=2035966168.1674776441&jid=1298768248&_u=YGBAiEABBAAAAEAAI~&z=334877427
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-25841763-1&cid=2035966168.1674776441&jid=1298768248&_u=YGBAiEABBAAAAEAAI~&z=334877427
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-25841763-1&cid=2035966168.1674776441&jid=1298768248&_u=YGBAiEABBAAAAEAAI~&z=334877427 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 23:40:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-25841763-1&cid=2035966168.1674776441&jid=1298768248&_u=YGBAiEABBAAAAEAAI~&z=334877427
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-25841763-1&cid=2035966168.1674776441&jid=1298768248&_u=YGBAiEABBAAAAEAAI~&z=334877427
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-25841763-1&cid=2035966168.1674776441&jid=1298768248&_u=YGBAiEABBAAAAEAAI~&z=334877427 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 23:40:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7b8dcc42710b2f68c0ec782d2b2a3ae3
b865da423aa26e774270b8e3942b6fbe76793133
2da0fcf67d020f7c563946fca7ade89803cbe7cfe484f123640f8a9950b3f2b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:40:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-25841763-1&cid=2035966168.1674776441&jid=165256243&_u=YGDACEABBAAAAGAAI~&z=1189856418
216.58.207.228200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-25841763-1&cid=2035966168.1674776441&jid=165256243&_u=YGDACEABBAAAAGAAI~&z=1189856418
IP 216.58.207.228:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-25841763-1&cid=2035966168.1674776441&jid=165256243&_u=YGDACEABBAAAAGAAI~&z=1189856418 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 23:40:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-25841763-1&cid=2035966168.1674776441&jid=165256243&_u=YGDACEABBAAAAGAAI~&z=1189856418
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-25841763-1&cid=2035966168.1674776441&jid=165256243&_u=YGDACEABBAAAAGAAI~&z=1189856418
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-25841763-1&cid=2035966168.1674776441&jid=165256243&_u=YGDACEABBAAAAGAAI~&z=1189856418 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 23:40:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/1.cache.js
54.230.111.52200 OK 118 kB URL HTTP/2 consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/1.cache.js
IP 54.230.111.52:0
File type ASCII text, with very long lines (44684)
Size 118 kB (117992 bytes)
Hash 43b5d50c5644b0536e68366a0b9fe410
ab29bfab8c43af655a58e9e43e9cd8fae4e61794
b3b6acff1e287e22a99b682de492c73e50b4e4324de5ee94a70776e60820470d
GET /defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/1.cache.js HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Wed, 18 Jan 2023 05:03:11 GMT
server: nginx
etag: W/"19787-1672992016000"
last-modified: Fri, 06 Jan 2023 08:00:16 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6NKlzUbcRMB3Wc7Ju-iIa81s52eRu-S429GyW3X9uZWOwgpPv3vbMA==
age: 758250
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1005930085/?value=0&guid=ON&script=0&data=23583573
142.250.74.34302 Found 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1005930085/?value=0&guid=ON&script=0&data=23583573
IP 142.250.74.34:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/1005930085/?value=0&guid=ON&script=0&data=23583573 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hilton.demdex.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 23:40:41 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-user-list/1005930085/?value=0&guid=ON&script=0&data=23583573&is_vtc=1&random=4109713197
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 26-Jan-2023 23:55:41 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
script.crazyegg.com/pages/data-scripts/0112/0335/site/hoteldel.com.json?t=1
104.19.148.8200 OK 1.9 kB URL HTTP/2 script.crazyegg.com/pages/data-scripts/0112/0335/site/hoteldel.com.json?t=1
IP 104.19.148.8:0
File type JSON data\012- , ASCII text, with very long lines (6729), with no line terminators
Hash c578453ed33b36ddd3d4a06c9d29c744
9cc178d832e7d6961dc65a244c38c8140b398acd
58f94386ed89e8d734e65cf7800768fc82301bcb1b01462b8624e725a65a7a50
GET /pages/data-scripts/0112/0335/site/hoteldel.com.json?t=1 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:40:41 GMT
content-type: application/json
content-length: 1917
access-control-expose-headers: CE-Version
ce-version: 11.5.21
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Thu, 26 Jan 2023 23:40:41 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: EXPIRED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd18552f960b45-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 7b8dcc42710b2f68c0ec782d2b2a3ae3
b865da423aa26e774270b8e3942b6fbe76793133
2da0fcf67d020f7c563946fca7ade89803cbe7cfe484f123640f8a9950b3f2b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:40:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3860260%26time%3D1674776440527%26url%3Dhttps%253A%252F%252Fhoteldel.com%252Fevents%252Fthanksgiving%252F%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3860260%26time%3D1674776440527%26url%3Dhttps%253A%252F%252Fhoteldel.com%252Fevents%252Fthanksgiving%252F%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3860260%26time%3D1674776440527%26url%3Dhttps%253A%252F%252Fhoteldel.com%252Fevents%252Fthanksgiving%252F%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hoteldel.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3860260&time=1674776440527&url=https%3A%2F%2Fhoteldel.com%2Fevents%2Fthanksgiving%2F&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&b3642028-ef06-4e2b-8448-afe1828a4211"; Domain=.linkedin.com; Expires=Fri, 26-Jan-2024 23:40:41 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&202301262340416f73fb3d-4711-4a51-8a4b-94c12fe545a0AQHZB0kMTg3Hb_WXdhkfWnqb7vyaYYbE"; Domain=.www.linkedin.com; Expires=Fri, 26-Jan-2024 23:40:41 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzQ3NzY0NDE7MjswMjGQbvD7kuqHDYP28XKAEsaw3ykmGKpuBboZKIDwvAOijg==; Domain=.linkedin.com; Expires=Tue, 25 Jul 2023 23:40:41 GMT; Path=/; Secure; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2450:u=1:x=1:i=1674776441:t=1674862841:v=2:sig=AQGbCfnAWUiLt-zrsjZcRy3fGTmju5mR"; Expires=Fri, 27 Jan 2023 23:40:41 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAXzM0befkPdMeKrzKLaJw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: D001BEBBB9184B649D694BFD8680594F Ref B: OSL30EDGE0415 Ref C: 2023-01-26T23:40:41Z
date: Thu, 26 Jan 2023 23:40:40 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 1dc05c88799ee988b2cdc246d5926984
38db2c3f9579bc366f39e64a554b45863548a652
cbeca4448d2d91f72b4a2c33a800f93adfc4d60c9d749b5b079cd8bf11bb1d83
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=152470
Date: Thu, 26 Jan 2023 23:40:41 GMT
Etag: "63d2ba29-1d7"
Expires: Sat, 28 Jan 2023 18:01:51 GMT
Last-Modified: Thu, 26 Jan 2023 17:36:41 GMT
Server: ECS (dcb/7EEE)
X-Cache: Miss from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: SzvxpLQq1XOidyrDMeyDR0mRBAnYGR7lXWFBYB61F6-gQ3SfO6933g==
Age: 1510
script.crazyegg.com/pages/versioned/common-scripts/a71ff47379fe64aec2ec12080229caf0.js
104.19.148.8200 OK 27 kB URL HTTP/2 script.crazyegg.com/pages/versioned/common-scripts/a71ff47379fe64aec2ec12080229caf0.js
IP 104.19.148.8:0
File type ASCII text, with very long lines (63889)
Hash 3049aeefed95bc075d6055d1c9d07fd3
977b8ffb472e03f7cc58c68265ed21dea9e5991a
f470ab12c1d63a86564518602ae7b82bb327eb5b6fe85b54126190b98273847a
GET /pages/versioned/common-scripts/a71ff47379fe64aec2ec12080229caf0.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:40:41 GMT
content-type: text/javascript
content-length: 26918
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
last-modified: Tue, 24 Jan 2023 13:05:04 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 7808
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd1857d9d7b4ee-OSL
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=3860260&time=1674776440527&url=https%3A%2F%2Fhoteldel.com%2Fevents%2Fthanksgiving%2F&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=3860260&time=1674776440527&url=https%3A%2F%2Fhoteldel.com%2Fevents%2Fthanksgiving%2F&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=3860260&time=1674776440527&url=https%3A%2F%2Fhoteldel.com%2Fevents%2Fthanksgiving%2F&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hoteldel.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&0dae0e3f-7817-43d9-86ab-ff9b44e942ad"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 26-Jan-2024 23:40:41 GMT; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2478:u=1:x=1:i=1674776441:t=1674862841:v=2:sig=AQEQ0v8wlEz8kNv2IpO_Had1v1UlDQl0"; Expires=Fri, 27 Jan 2023 23:40:41 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXzM0bgv7GfmOG93ITETw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 9A861D951F3B4C488D65F9B09A7AF5E9 Ref B: OSL30EDGE0415 Ref C: 2023-01-26T23:40:41Z
date: Thu, 26 Jan 2023 23:40:40 GMT
content-length: 0
X-Firefox-Spdy: h2
api2.branch.io/v1/pageview
54.230.111.74200 OK 29 B URL HTTP/2 api2.branch.io/v1/pageview
IP 54.230.111.74:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 18a4bc16dccf570435a215e0ce99f30e
d19d45e74721249a72e6cac4d07be5398a2c4b3c
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa
POST /v1/pageview HTTP/1.1
Host: api2.branch.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2038
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-length: 29
access-control-allow-origin: *
date: Thu, 26 Jan 2023 23:40:41 GMT
etag: W/"1d-0Z1F50chJJpy5srE0HvlOYosSzw"
strict-transport-security: max-age=31536000; includeSubDomains
x-branch-request-id: b6112a1722e04f2b81bb6aacc87a05f6-2023012623
x-powered-by: Express
x-cache: Miss from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Hupugbw9XpMx1hn_nSSCR440-ZA-lnupSq_oPK5Kqt8kMWt69gZvgw==
X-Firefox-Spdy: h2
prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
54.221.189.17200 OK 2.0 kB URL HTTP/2 prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
IP 54.221.189.17:0
Hash f0f2b3a29bd87f38b17444e40bd84579
0c50e659092329da436375af6f043087c1d298ee
f27431c84c98a41748e8f891d444e02b2231bfc5812760b3972728ba0a9c36ea
GET /cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/ HTTP/1.1
Host: prefmgr-cookie.truste-svc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:40:41 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
etag: W/"5014-1657163800000"
last-modified: Thu, 07 Jul 2022 03:16:40 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin
x-content-type-options: nosniff
permissions-policy: geolocation=(), microphone=(), payment=()
expect-ct: max-age=31536000
cross-origin-embedder-policy: unsafe-none
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
content-encoding: gzip
X-Firefox-Spdy: h2
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/4.cache.js
54.230.111.52200 OK 15 kB URL HTTP/2 consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/4.cache.js
IP 54.230.111.52:0
File type ASCII text, with very long lines (18608)
Hash b6cbdf6d8751079d9d5afc828adfaabd
fda8c4b4a8fb65ccf2f7f73132857974a24ccb4b
403e60ff0d3b7d73f26508781e1eefb5cdb97dfb64e43c8c34abeebfd6d41915
GET /defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/4.cache.js HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Wed, 18 Jan 2023 05:03:30 GMT
server: nginx
etag: W/"44335-1672992016000"
last-modified: Fri, 06 Jan 2023 08:00:16 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: b3GjOmiG_1O6g3U8_w9kKTaNKV1DSPLMO1N0cVNxqAyfzLmNfXtHUg==
age: 758231
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
script.crazyegg.com/pages/data-scripts/0112/0335/sampling/hoteldel.com.json?t=465215
104.19.148.8200 OK 146 B URL HTTP/2 script.crazyegg.com/pages/data-scripts/0112/0335/sampling/hoteldel.com.json?t=465215
IP 104.19.148.8:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 734170ba8fff89eb369247fea9ef956d
e7436dec2cca31dd8291cb89bfda3bdc77b5d570
a34ace74f3e8892d024b8939c6b3509255ea32d5b522dc0f2cf8470dfaca4702
GET /pages/data-scripts/0112/0335/sampling/hoteldel.com.json?t=465215 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:40:41 GMT
content-type: application/json
content-length: 146
access-control-expose-headers: CE-Version
ce-version: 11.5.21
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Thu, 26 Jan 2023 23:40:41 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: EXPIRED
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd185879470b45-OSL
X-Firefox-Spdy: h2
cdn9.forter.com/vchk2
54.230.111.31301 Moved Permanently 1.7 kB IP 54.230.111.31:0
File type GIF image data, version 89a, 16 x 16\012- data
Hash e059607cc5e3ff4a629d51ae66b995ff
8608a5a355aa2906eed6cbc9524686301d2f670f
ee53ada617f2674cbd706e3b24fc6738c7f53f2f7a3a959e71f611aa850dc946
GET /vchk2 HTTP/1.1
Host: cdn9.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: eyJyIjowLjAxMDgzOTM1MTcxNjg3Nzc3NiwidSI6ImY2OWY4M2U4MzVhNDRlMTg4MzQ1ZDlmNGQyNmEwYmUxIiwicyI6IjRkYzJhYTgyYmM1ZSJ9
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://cdn9.forter.com/vchk2/v1/28b953cd344979733e21e31e18fb07b7f8b09a0e7a811061ece4670ebf969715ac7f4bc9671050e1ddf449dda276
date: Thu, 26 Jan 2023 23:40:40 GMT
access-control-allow-origin: *
timing-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 ab09332bca1a3bd382d2e408f65b98d2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JW8NbXqe7hNUP5l6NjsLMMQKKgW65Q0zUSahMBllgOHYvUyRizTlww==
X-Firefox-Spdy: h2
consent-pref.trustarc.com/images/switchbg.png
54.230.111.52200 OK 1.1 kB URL HTTP/2 consent-pref.trustarc.com/images/switchbg.png
IP 54.230.111.52:0
File type PNG image data, 2 x 40, 8-bit/color RGB, non-interlaced\012- data
Hash 8270777231f19af8d977d10eeba04bbf
f4c6cb629a1b31a1480191377be81c3b12f3154b
1ffe0083c43292aaba8148fe6d7286bd27381ea13fef76b9e545a22d8bbd8af5
GET /images/switchbg.png HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/EuPreferenceManager.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1068
server: nginx
accept-ranges: bytes
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
date: Thu, 26 Jan 2023 08:37:03 GMT
etag: W/"1068-1672991998000"
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0ql6b4sX6ZZwoHN497kpzjfEEj5E-3ddO7NlWtc8WJRfC5GLaSb26A==
age: 54220
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Origin
X-Firefox-Spdy: h2
pagestates-tracking.crazyegg.com/healthcheck
54.230.111.20200 OK 19 B URL HTTP/2 pagestates-tracking.crazyegg.com/healthcheck
IP 54.230.111.20:0
File type JSON data\012- , ASCII text
Hash d06f04fccf68d0b228a5923187ce1afd
5de9df9fdd66a91eed06e31981553d4ab9ccf490
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
GET /healthcheck HTTP/1.1
Host: pagestates-tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 19
date: Mon, 14 Nov 2022 03:38:26 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IcdmbRIsR7MypRDy4bFhX-OjI4Y70wkMETeVklGWcGIj_fffXjNIKw==
age: 6379337
X-Firefox-Spdy: h2
f69f83e835a44e188345d9f4d26a0be1-4dc2aa82bc5e.cdn.forter.com/prop.json
54.81.184.157200 OK 2 B URL HTTP/1.1 f69f83e835a44e188345d9f4d26a0be1-4dc2aa82bc5e.cdn.forter.com/prop.json
IP 54.81.184.157:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /prop.json HTTP/1.1
Host: f69f83e835a44e188345d9f4d26a0be1-4dc2aa82bc5e.cdn.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 23:40:42 GMT
Server: Apache
Last-Modified: Thu, 26 Jan 2023 12:08:48 GMT
ETag: "2-5f3299c859527"
Accept-Ranges: bytes
Content-Length: 2
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Access-Control-Allow-Origin: https://hoteldel.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type, x-csrf-token
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Connection: close
Content-Type: application/json
assets-tracking.crazyegg.com/healthcheck
54.230.111.63200 OK 19 B URL HTTP/2 assets-tracking.crazyegg.com/healthcheck
IP 54.230.111.63:0
File type JSON data\012- , ASCII text
Hash d06f04fccf68d0b228a5923187ce1afd
5de9df9fdd66a91eed06e31981553d4ab9ccf490
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
GET /healthcheck HTTP/1.1
Host: assets-tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 19
date: Tue, 06 Dec 2022 01:51:14 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: noiLLk3k6DsXba4m_NDIL_HnBDuYIG6tA0yLgADnY4q2AhOyQttaVA==
age: 4484968
X-Firefox-Spdy: h2
consent-pref.trustarc.com/defaultpreferencemanager/truste
54.230.111.52200 OK 136 kB URL HTTP/2 consent-pref.trustarc.com/defaultpreferencemanager/truste
IP 54.230.111.52:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 136 kB (136312 bytes)
Hash b8af628604bd45f0512e8fa559f01d89
26b10bb447a45476de56e603cceda260b64b6b38
f3e0eaf7e69e2f4c4d5688717fccf6cfe889637cf20d6c01818df750d6121cd0
POST /defaultpreferencemanager/truste HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Content-Type: text/x-gwt-rpc; charset=utf-8
X-GWT-Permutation: 9F5DDAD4256889D2A2BB0A3140E8B74B
X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
Content-Length: 379
Origin: https://consent-pref.trustarc.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=utf-8
content-length: 136312
date: Thu, 26 Jan 2023 23:40:42 GMT
server: nginx
content-encoding: gzip
content-disposition: attachment
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rYPssjvAtxp6AziqMzLMgsNDPRHe6sso9khjNeupx915WuIVpjUiyA==
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.100200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.100:0
Hash 88a45a6c1b10e860d4eb38ba441d00b5
f172559db9b8a6f08d13745e49530d02eb3ce85e
2eb69bcab5afc1edbd95ef4ae3c9ec4eb21f01f6f07ba6ae04c5c60d91caa2c5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 26 Jan 2023 23:40:42 GMT
Last-Modified: Thu, 26 Jan 2023 23:00:30 GMT
Server: ECS (nyb/1D27)
X-Cache: Miss from cloudfront
Via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: XDNVpVcjd6PcHNQMGXJJSOi7KzI7CHNWm2vYZpZIfzZdzqOoOyqylA==
Age: 2412
tracking.crazyegg.com/clock?t=1674776442001&tk=521798438533202404a58ea3a747cc2c&s=400866&p=%2Fevents%2Fthanksgiving%2F&u=1120335&v=f6cc8c84963217bdd99e9d9c26517cc24b1aa352
52.213.152.139200 OK 26 B URL HTTP/2 tracking.crazyegg.com/clock?t=1674776442001&tk=521798438533202404a58ea3a747cc2c&s=400866&p=%2Fevents%2Fthanksgiving%2F&u=1120335&v=f6cc8c84963217bdd99e9d9c26517cc24b1aa352
IP 52.213.152.139:0
File type ASCII text, with no line terminators
Hash 25f7cd5ae24204e7e348019a8d1d185c
4e66f09f28a4d1a0eb470914801e0341909053cc
29d6567a52c3fb7d281c97df65aeab260d03269091a119c8a8f56b339a573a33
GET /clock?t=1674776442001&tk=521798438533202404a58ea3a747cc2c&s=400866&p=%2Fevents%2Fthanksgiving%2F&u=1120335&v=f6cc8c84963217bdd99e9d9c26517cc24b1aa352 HTTP/1.1
Host: tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: awselb/2.0
date: Thu, 26 Jan 2023 23:40:42 GMT
content-type: text/plain
content-length: 26
cache-control: no-store
access-control-allow-origin: *
X-Firefox-Spdy: h2
insight.adsrvr.org/track/up?adv=sv8v2lx&ref=https%3A%2F%2Fhoteldel.com%2Fevents%2Fthanksgiving%2F&upid=94dwe1r&upv=1.1.0
52.223.40.198200 OK 471 B URL HTTP/2 insight.adsrvr.org/track/up?adv=sv8v2lx&ref=https%3A%2F%2Fhoteldel.com%2Fevents%2Fthanksgiving%2F&upid=94dwe1r&upv=1.1.0
IP 52.223.40.198:0
Hash 187b3be61986cd2c61703717c451cbd1
8dd9ddca318f75f3db8644814f5ed6602c43fdf0
ab233a4af2c1cc44257f86a21ac843828c67a29eefc5fb5e54b6afe906d90cec
GET /track/up?adv=sv8v2lx&ref=https%3A%2F%2Fhoteldel.com%2Fevents%2Fthanksgiving%2F&upid=94dwe1r&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:40:41 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
cdn0.forter.com/4dc2aa82bc5e/f69f83e835a44e188345d9f4d26a0be1/prop.json?_=1674776442541
54.204.202.163200 OK 20 B URL HTTP/1.1 cdn0.forter.com/4dc2aa82bc5e/f69f83e835a44e188345d9f4d26a0be1/prop.json?_=1674776442541
IP 54.204.202.163:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5820854f62a6eb3d38ba7ba0d1b3ea75
639df0b84fe699b4a290a713fd6b9a94bd4deb95
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
GET /4dc2aa82bc5e/f69f83e835a44e188345d9f4d26a0be1/prop.json?_=1674776442541 HTTP/1.1
Host: cdn0.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: https://hoteldel.com
Vary: Origin
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cache-Control: no-cache
Expires: -1
Pragma: no-cache
Content-Type: application/json
Connection: keep-alive
Date: Thu, 26 Jan 2023 23:40:43 GMT
Transfer-Encoding: chunked
cdn0.forter.com/4dc2aa82bc5e/f69f83e835a44e188345d9f4d26a0be1/prop.json?_=1674776443108
54.204.202.163200 OK 20 B URL HTTP/1.1 cdn0.forter.com/4dc2aa82bc5e/f69f83e835a44e188345d9f4d26a0be1/prop.json?_=1674776443108
IP 54.204.202.163:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5820854f62a6eb3d38ba7ba0d1b3ea75
639df0b84fe699b4a290a713fd6b9a94bd4deb95
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
GET /4dc2aa82bc5e/f69f83e835a44e188345d9f4d26a0be1/prop.json?_=1674776443108 HTTP/1.1
Host: cdn0.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: https://hoteldel.com
Vary: Origin
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cache-Control: no-cache
Expires: -1
Pragma: no-cache
Content-Type: application/json
Connection: keep-alive
Date: Thu, 26 Jan 2023 23:40:43 GMT
Transfer-Encoding: chunked
cdn0.forter.com/4dc2aa82bc5e/f69f83e835a44e188345d9f4d26a0be1/prop.json?_=1674776443366
54.204.202.163200 OK 20 B URL HTTP/1.1 cdn0.forter.com/4dc2aa82bc5e/f69f83e835a44e188345d9f4d26a0be1/prop.json?_=1674776443366
IP 54.204.202.163:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5820854f62a6eb3d38ba7ba0d1b3ea75
639df0b84fe699b4a290a713fd6b9a94bd4deb95
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
GET /4dc2aa82bc5e/f69f83e835a44e188345d9f4d26a0be1/prop.json?_=1674776443366 HTTP/1.1
Host: cdn0.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: https://hoteldel.com
Vary: Origin
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cache-Control: no-cache
Expires: -1
Pragma: no-cache
Content-Type: application/json
Connection: keep-alive
Date: Thu, 26 Jan 2023 23:40:43 GMT
Transfer-Encoding: chunked
cdn0.forter.com/4dc2aa82bc5e/f69f83e835a44e188345d9f4d26a0be1/wpt.json
54.204.202.163204 No Content 0 B URL HTTP/1.1 cdn0.forter.com/4dc2aa82bc5e/f69f83e835a44e188345d9f4d26a0be1/wpt.json
IP 54.204.202.163:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /4dc2aa82bc5e/f69f83e835a44e188345d9f4d26a0be1/wpt.json HTTP/1.1
Host: cdn0.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hoteldel.com/
Origin: https://hoteldel.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Vary: Access-Control-Request-Headers
Access-Control-Allow-Headers: content-type
Content-Length: 0
Date: Thu, 26 Jan 2023 23:40:43 GMT
Connection: keep-alive
cdn0.forter.com/4dc2aa82bc5e/f69f83e835a44e188345d9f4d26a0be1/wpt.json
54.204.202.163200 OK 20 B URL HTTP/1.1 cdn0.forter.com/4dc2aa82bc5e/f69f83e835a44e188345d9f4d26a0be1/wpt.json
IP 54.204.202.163:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 5820854f62a6eb3d38ba7ba0d1b3ea75
639df0b84fe699b4a290a713fd6b9a94bd4deb95
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
POST /4dc2aa82bc5e/f69f83e835a44e188345d9f4d26a0be1/wpt.json HTTP/1.1
Host: cdn0.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
Content-Length: 29
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: https://hoteldel.com
Vary: Origin
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cache-Control: private, no-cache, no-store
Expires: -1
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Content-Length: 20
ETag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Date: Thu, 26 Jan 2023 23:40:43 GMT
Connection: keep-alive
consent.trustarc.com/get?name=HiltonLogo_Black_HR250.png
54.230.111.76200 OK 0 B URL HTTP/2 consent.trustarc.com/get?name=HiltonLogo_Black_HR250.png
IP 54.230.111.76:0
GET /get?name=HiltonLogo_Black_HR250.png HTTP/1.1
Host: consent.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
date: Thu, 26 Jan 2023 23:14:52 GMT
pragma: public
expires: Sat, 25 Feb 2023 23:14:52 GMT
cache-control: max-age=2592000
timing-allow-origin: *
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: P-l1qID3N3utbI8EmSg7U7AiJo2mK6wy6S-p2zTZmIg09c7Z_biCCQ==
age: 1549
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
X-Firefox-Spdy: h2
consent.trustarc.com/asset/notice.js/v/v1.7-10255
54.230.111.76200 OK 0 B URL HTTP/2 consent.trustarc.com/asset/notice.js/v/v1.7-10255
IP 54.230.111.76:0
GET /asset/notice.js/v/v1.7-10255 HTTP/1.1
Host: consent.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
last-modified: Wed, 18 Jan 2023 04:54:48 GMT
pragma: public
timing-allow-origin: *
content-encoding: gzip
date: Thu, 26 Jan 2023 22:48:36 GMT
expires: Sat, 25 Feb 2023 22:48:36 GMT
cache-control: max-age=2592000
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9aSjO5eno44r38rVLY0qJrNf_0XynT_fNJC3YXVIx-BCep8ikw8Lcw==
age: 3123
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
insight.adsrvr.org/track/up?adv=v996jfo&ref=https%3A%2F%2Fhoteldel.com%2Fevents%2Fthanksgiving%2F&upid=ii0k48p&upv=1.1.0
52.223.40.198200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/up?adv=v996jfo&ref=https%3A%2F%2Fhoteldel.com%2Fevents%2Fthanksgiving%2F&upid=ii0k48p&upv=1.1.0
IP 52.223.40.198:0
GET /track/up?adv=v996jfo&ref=https%3A%2F%2Fhoteldel.com%2Fevents%2Fthanksgiving%2F&upid=ii0k48p&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:40:41 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
hoteldel.com/events/thanksgiving/
141.193.213.10200 OK 0 B URL HTTP/2 hoteldel.com/events/thanksgiving/
IP 141.193.213.10:0
ASN #209242 Cloudflare London, LLC
GET /events/thanksgiving/ HTTP/1.1
Host: hoteldel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:40:38 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
link: <https://hoteldel.com/wp-json/>; rel="https://api.w.org/", <https://hoteldel.com/wp-json/wp/v2/events/4351>; rel="alternate"; type="application/json", <https://hoteldel.com/?p=4351>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: MISS
x-cache-group: normal
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: sameorigin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=XiPwJM0RGjGRETG9Y4b%2BSLNkjQnJFyZuPiOXgdgT%2B%2FGjUhKpEJTit2EkS2FmdD9%2F19qb%2B8Fp9kZAIZuQ5x4%2B4CSw6y9WlQbOwBfTE%2FfnON7xDLwfLQsJ0RkM3Kelng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd1840ee1d1bfa-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
54.230.111.52200 OK 0 B URL HTTP/2 consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
IP 54.230.111.52:0
GET /?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/ HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
content-encoding: gzip
date: Thu, 26 Jan 2023 22:27:57 GMT
etag: W/"5147-1672991998000"
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YsFbPjb8ZiwwUyHf-EmnytrzftGRaob8p2oYDMrY3DjsKI1ScOPdbQ==
age: 4362
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
consent-st.trustarc.com/get?name=combined_static_cm_minified.js
54.230.111.117200 OK 0 B URL HTTP/2 consent-st.trustarc.com/get?name=combined_static_cm_minified.js
IP 54.230.111.117:0
GET /get?name=combined_static_cm_minified.js HTTP/1.1
Host: consent-st.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/javascript
date: Mon, 16 Jan 2023 07:14:08 GMT
pragma: public
expires: Wed, 15 Feb 2023 07:14:08 GMT
cache-control: max-age=2592000
timing-allow-origin: *
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qLoMEqpuhMru_GuQPkz_dxhio0ZufdeqF-5OGET4c90pU62Y3Dgtmg==
age: 923192
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
X-Firefox-Spdy: h2
consent-pref.trustarc.com/cookie_inneriframe.html
54.230.111.52200 OK 0 B URL HTTP/2 consent-pref.trustarc.com/cookie_inneriframe.html
IP 54.230.111.52:0
GET /cookie_inneriframe.html HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://prefmgr-cookie.truste-svc.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
content-encoding: gzip
date: Thu, 26 Jan 2023 22:51:55 GMT
etag: W/"2008-1672991998000"
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AkWR56fFjiprebMjZ84dBGapshj1jgLQlYMTbDkPzPBI783ZuAT4Iw==
age: 2938
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/3860260/domain/hoteldel.com/token
54.230.111.42200 OK 0 B URL HTTP/2 cdn.linkedin.oribi.io/partner/3860260/domain/hoteldel.com/token
IP 54.230.111.42:0
GET /partner/3860260/domain/hoteldel.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Thu, 26 Jan 2023 22:44:01 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 b2b04ca80b95df6bc86478a1bf96b7cc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TB7uVPzLO9h27sst07w99XhAazMgHLz8GdckH_LpsrgE00UjbittTA==
age: 3400
X-Firefox-Spdy: h2
4dc2aa82bc5e.cdn4.forter.com/sn/4dc2aa82bc5e/script.js
54.230.111.68200 OK 0 B URL HTTP/2 4dc2aa82bc5e.cdn4.forter.com/sn/4dc2aa82bc5e/script.js
IP 54.230.111.68:0
GET /sn/4dc2aa82bc5e/script.js HTTP/1.1
Host: 4dc2aa82bc5e.cdn4.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Wed, 25 Jan 2023 17:26:51 GMT
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-origin: *
timing-allow-origin: *
last-modified: Wed, 25 Jan 2023 17:26:50 GMT
expires: Wed, 25 Jan 2023 17:31:50 GMT
cache-control: private, max-age=300
x-sourcemap: https://cdn4.forter.com/map/suid/4dc2aa82bc5e/56016159838
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 5bcfe2deda0bdbc6bade0af9b61602ca.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ifjwYXshxOOCnePI3tKXpb26A6XKcK5waJ71APuf8LUjlPaBZX5Ezw==
age: 108828
X-Firefox-Spdy: h2
consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js
54.230.111.52200 OK 0 B URL HTTP/2 consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js
IP 54.230.111.52:0
GET /defaultpreferencemanager/defaultpreferencemanager.nocache.js HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Thu, 26 Jan 2023 23:40:40 GMT
server: nginx
etag: W/"4867-1672992016000"
last-modified: Fri, 06 Jan 2023 08:00:16 GMT
expires: Thu, 26 Jan 2023 23:40:39 GMT
cache-control: no-cache
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wHE8wukP5lanmgwYZIlUQBKWNgCd5hoZBijLYngdtHiycNONWrLRng==
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
fareharbor.com/embeds/cart/?u=8928d445-0084-4906-80f2-762db4dd77d8&from-ssl=yes&g4=yes&a=yes&back=https://hoteldel.com/events/thanksgiving/
54.193.132.100200 OK 0 B URL HTTP/2 fareharbor.com/embeds/cart/?u=8928d445-0084-4906-80f2-762db4dd77d8&from-ssl=yes&g4=yes&a=yes&back=https://hoteldel.com/events/thanksgiving/
IP 54.193.132.100:0
GET /embeds/cart/?u=8928d445-0084-4906-80f2-762db4dd77d8&from-ssl=yes&g4=yes&a=yes&back=https://hoteldel.com/events/thanksgiving/ HTTP/1.1
Host: fareharbor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:40:40 GMT
content-type: text/html; charset=utf-8
content-encoding: gzip
content-language: en-us
content-security-policy-report-only: form-action 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://content.fareharbor.me https://js.stripe.com *.adyen.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com https://js.pusher.com https://www.google.com *.googleapis.com https://ssl.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://www.googleadservices.com *.gstatic.com *.paypal.com https://translate.google.com https://*.pusher.com https://ssl.google-analytics.com https://www.google-analytics.com dp58aslhmbcib.cloudfront.net fareharbor.com; frame-src https://js.stripe.com https://hooks.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com https://www.google.com airtable.com player.vimeo.com facebook.com *.paypal.com https://bid.g.doubleclick.net fareharbor.com; default-src 'none'; base-uri 'self'; object-src 'none'; style-src 'unsafe-inline' content.fareharbor.me *.googleapis.com dp58aslhmbcib.cloudfront.net fareharbor.com; font-src 'self' data: fh-sites.imgix.net; connect-src wss://ws.pusherapp.com https://api.stripe.com https://www.google-analytics.com https://*.google-analytics.com https: fareharbor.com wss:; img-src data: image/svg+xml image/png cdn.filestackcontent.com fh-sites.imgix.net https://www.google-analytics.com www.tripadvisor.com https://www.google.com d.adroll.com facebook.com bat.bing.com www.googletagmanager.com https://googleads.g.doubleclick.net https://www.facebook.com https://www.filepicker.io https://www.gstatic.com dp58aslhmbcib.cloudfront.net d1a2dkr8rai8e2.cloudfront.net fareharbor.com; report-uri /csp-report/
p3p: CP="This is not a P3P policy."
set-cookie: csrftoken=BVa6ZM5DpRjyNQauLoAU1zp40LDit1SHgNht8H8NywED8SZ9JQnftvQvyrZTrpyD; expires=Thu, 25 Jan 2024 23:40:40 GMT; Max-Age=31449600; Path=/; SameSite=Strict; Secure
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Cookie
x-amzn-trace-id: Root=1-63d30f77-11ff3a427fe2d5e22a253851
x-content-type-options: nosniff
x-fh-loadbalancer: production-appservers_docker-b-0
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
fareharbor.com/embeds/api/v1/?autolightframe=yes&ver=1
54.193.132.100200 OK 0 B URL HTTP/2 fareharbor.com/embeds/api/v1/?autolightframe=yes&ver=1
IP 54.193.132.100:0
GET /embeds/api/v1/?autolightframe=yes&ver=1 HTTP/1.1
Host: fareharbor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:40:39 GMT
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-language: en-us
content-security-policy-report-only: form-action 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://content.fareharbor.me https://js.stripe.com *.adyen.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com https://js.pusher.com https://www.google.com *.googleapis.com https://ssl.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://www.googleadservices.com *.gstatic.com *.paypal.com https://translate.google.com https://*.pusher.com https://ssl.google-analytics.com https://www.google-analytics.com dp58aslhmbcib.cloudfront.net fareharbor.com; frame-src https://js.stripe.com https://hooks.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com https://www.google.com airtable.com player.vimeo.com facebook.com *.paypal.com https://bid.g.doubleclick.net fareharbor.com; default-src 'none'; base-uri 'self'; object-src 'none'; style-src 'unsafe-inline' content.fareharbor.me *.googleapis.com dp58aslhmbcib.cloudfront.net fareharbor.com; font-src 'self' data: fh-sites.imgix.net; connect-src wss://ws.pusherapp.com https://api.stripe.com https://www.google-analytics.com https://*.google-analytics.com https: fareharbor.com wss:; img-src data: image/svg+xml image/png cdn.filestackcontent.com fh-sites.imgix.net https://www.google-analytics.com www.tripadvisor.com https://www.google.com d.adroll.com facebook.com bat.bing.com www.googletagmanager.com https://googleads.g.doubleclick.net https://www.facebook.com https://www.filepicker.io https://www.gstatic.com dp58aslhmbcib.cloudfront.net d1a2dkr8rai8e2.cloudfront.net fareharbor.com; report-uri /csp-report/
expires: 0
p3p: CP="This is not a P3P policy."
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Cookie
x-amzn-trace-id: Root=1-63d30f77-230820395f4594557dff513a
x-content-type-options: nosniff
x-fh-loadbalancer: production-appservers_docker-b-9
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/10.cache.js
54.230.111.52200 OK 0 B URL HTTP/2 consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/10.cache.js
IP 54.230.111.52:0
GET /defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/10.cache.js HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Wed, 18 Jan 2023 05:02:59 GMT
server: nginx
etag: W/"259669-1672992016000"
last-modified: Fri, 06 Jan 2023 08:00:16 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ljAGt2TeOsdTDrsPGG-UR9vtuF3-YoJxPHD_Q5TyB9d1bsj05OyY-A==
age: 758261
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
dp58aslhmbcib.cloudfront.net/static/cache/js/output.c60a9d853c69.js
54.230.245.62200 OK 0 B URL HTTP/2 dp58aslhmbcib.cloudfront.net/static/cache/js/output.c60a9d853c69.js
IP 54.230.245.62:0
GET /static/cache/js/output.c60a9d853c69.js HTTP/1.1
Host: dp58aslhmbcib.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fareharbor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 16 Dec 2022 15:01:53 GMT
cache-control: public
content-encoding: gzip
etag: "639c7866-16fcae"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 16 Dec 2022 13:53:42 GMT
server: nginx/1.22.1
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-fh-loadbalancer: production-appservers_docker-a-5
x-xss-protection: 1; mode=block
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FnPdgv5hRg9ZemfQvq2jtITr1QDF5AtsSGvzHrphpu5pZOb1JvSVIA==
age: 3573526
X-Firefox-Spdy: h2