r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 00e304a3fc0c2f01af0e94fcefe0ca40
833969e75e5e13e823c8d97ee59a9821eb157ee3
c2b7f7ae4861f2dd16867de54c7e47d95582de77887f523841d9683a369d20a7
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C2B7F7AE4861F2DD16867DE54C7E47D95582DE77887F523841D9683A369D20A7"
Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9168
Expires: Wed, 22 Mar 2023 11:56:12 GMT
Date: Wed, 22 Mar 2023 09:23:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash ec332b81a27117ce9c16b67a5a8e4fac
b6d2afa2c859d000ad830d3d8d73f57bac6ffce2
1dc32c78e4e850303813338fd4e9616a41c8c05d1063748a1e76a92c397a5e8f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DC32C78E4E850303813338FD4E9616A41C8C05D1063748A1E76A92C397A5E8F"
Last-Modified: Mon, 20 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11948
Expires: Wed, 22 Mar 2023 12:42:32 GMT
Date: Wed, 22 Mar 2023 09:23:24 GMT
Connection: keep-alive
track.hearstconnecticuttracking.com/NEyg6ALCV4LjbCGt2/hkBe
209.148.80.76200 OK 355 B URL HTTP/1.1 track.hearstconnecticuttracking.com/NEyg6ALCV4LjbCGt2/hkBe
IP 209.148.80.76:0
ASN #394844 ROOT-LEVEL-TECHNOLOGY
File type HTML document text\012- HTML document, ASCII text
Hash 732892c2e83dc48a89399d8c44ee6ad8
2a9673cde7e4af51bbcf184a9a4031996ff2b7f4
d6a27319c5ec0bc3cf109d487488a0e91ce357572b10bcae72fbf3dc8d76d4cf
GET /NEyg6ALCV4LjbCGt2/hkBe HTTP/1.1
Host: track.hearstconnecticuttracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 09:23:24 GMT
Server: Apache/2.4.52 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 355
Connection: close
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Wed, 22 Mar 2023 08:27:29 GMT
content-type: application/json
age: 3355
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 51a5d4696a6090c295850554508b51ce
c44e143c2223546e64b19f543b8101aaf3b11e97
8794223d5e8d4d276c35e2fdcc24bf99694240634dd749cd9b5bf874dec055cf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8794223D5E8D4D276C35E2FDCC24BF99694240634DD749CD9B5BF874DEC055CF"
Last-Modified: Wed, 22 Mar 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=12380
Expires: Wed, 22 Mar 2023 12:49:44 GMT
Date: Wed, 22 Mar 2023 09:23:24 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: eMCmzv1JKd0CPwcJAaoEb0KSWJMg7Z0w3xAppVqxIxRzRDvK54WBoxM5LXG2KJNpL1nFmpX3LsY=
x-amz-request-id: GYDDGSY9QBQTKSWQ
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Wed, 22 Mar 2023 08:53:34 GMT
age: 1790
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 22 Mar 2023 09:23:24 GMT
content-type: application/json
content-length: 12
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
track.hearstconnecticuttracking.com/NEyg6ALCV4LjbCGt2
209.148.80.76200 OK 540 B URL HTTP/1.1 track.hearstconnecticuttracking.com/NEyg6ALCV4LjbCGt2
IP 209.148.80.76:0
ASN #394844 ROOT-LEVEL-TECHNOLOGY
File type HTML document text\012- HTML document, ASCII text, with very long lines (371)
Hash 36da9d26636d4fe93239f6202c59de83
3bba1c4b9c492b4349790d16216aa71a505f899e
e2e8784caf36f591f069f337025899990607ef63286e7258b1cf71e555d24990
GET /NEyg6ALCV4LjbCGt2 HTTP/1.1
Host: track.hearstconnecticuttracking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 09:23:24 GMT
Server: Apache/2.4.52 (Debian)
Vary: Accept-Encoding
Content-Encoding: gzip
Content-Length: 540
Connection: close
Content-Type: text/html; charset=UTF-8
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: ETag, Last-Modified, Retry-After, Content-Length, Alert, Cache-Control, Expires, Content-Type, Backoff, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Wed, 22 Mar 2023 09:17:23 GMT
age: 361
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash 3462d41d9283fedf24f278089d5d1570
b8bcea77656f775cdc34620322cc616216ed2b95
55e47b413ba648a98eb6e92ab73aee602912cd13e7da23ef3cea1490c1b9de50
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "55E47B413BA648A98EB6E92AB73AEE602912CD13E7DA23EF3CEA1490C1B9DE50"
Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4066
Expires: Wed, 22 Mar 2023 10:31:10 GMT
Date: Wed, 22 Mar 2023 09:23:24 GMT
Connection: keep-alive
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 8f366b150c09100ebd23f0e1299181ea
e6f6a23766f744810b7eb824e2d163d7e06d055b
c45aaa93366d42dd0cc5e4bb7300567009347218f5168f01f922d6449df738f7
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 09:23:25 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Tue, 21 Mar 2023 19:56:11 GMT
Expires: Tue, 28 Mar 2023 19:56:10 GMT
Etag: "e6f6a23766f744810b7eb824e2d163d7e06d055b"
Cache-Control: max-age=555764,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7abd6030dc7bb50c-OSL
urldefense.com/v3/__https://www.gocollette.com/tours/north-america/canada/canadian-rockies-by-train?cm_mmc=Email-_-DomesticSale23-_-Hearst-_-US*DTC&utm_source=Media&utm_medium=Email&utm_campaign=Hearst_DomesticSale23__;Kw!!Ivohdkk!ksI9U6Epcsl-JrjJi3JuHZtVqF0PFJ79YSpr1YtORxtamTx-xYw4cz9yPMz58_-Up7BIj84puIe0YaqXEhGTvBA$
52.6.56.188302 Found 0 B URL HTTP/2 urldefense.com/v3/__https://www.gocollette.com/tours/north-america/canada/canadian-rockies-by-train?cm_mmc=Email-_-DomesticSale23-_-Hearst-_-US*DTC&utm_source=Media&utm_medium=Email&utm_campaign=Hearst_DomesticSale23__;Kw!!Ivohdkk!ksI9U6Epcsl-JrjJi3JuHZtVqF0PFJ79YSpr1YtORxtamTx-xYw4cz9yPMz58_-Up7BIj84puIe0YaqXEhGTvBA$
IP 52.6.56.188:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /v3/__https://www.gocollette.com/tours/north-america/canada/canadian-rockies-by-train?cm_mmc=Email-_-DomesticSale23-_-Hearst-_-US*DTC&utm_source=Media&utm_medium=Email&utm_campaign=Hearst_DomesticSale23__;Kw!!Ivohdkk!ksI9U6Epcsl-JrjJi3JuHZtVqF0PFJ79YSpr1YtORxtamTx-xYw4cz9yPMz58_-Up7BIj84puIe0YaqXEhGTvBA$ HTTP/1.1
Host: urldefense.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Wed, 22 Mar 2023 09:23:25 GMT
content-length: 0
location: https://www.gocollette.com/tours/north-america/canada/canadian-rockies-by-train?cm_mmc=Email-_-DomesticSale23-_-Hearst-_-US+DTC&utm_source=Media&utm_medium=Email&utm_campaign=Hearst_DomesticSale23
strict-transport-security: max-age=31536000
x-robots-tag: noindex, nofollow
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
content-security-policy: default-src 'self';
X-Firefox-Spdy: h2
push.services.mozilla.com/
52.35.228.170101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.35.228.170:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: Wr8+0bDQkgZLs4PW7Gc+wg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: Us2I7cSTqvNKeLrW/4Vrfeem9jk=
www.gocollette.com/tours/north-america/canada/canadian-rockies-by-train?cm_mmc=Email-_-DomesticSale23-_-Hearst-_-US+DTC&utm_source=Media&utm_medium=Email&utm_campaign=Hearst_DomesticSale23
151.101.66.132302 Found 302 B URL HTTP/2 www.gocollette.com/tours/north-america/canada/canadian-rockies-by-train?cm_mmc=Email-_-DomesticSale23-_-Hearst-_-US+DTC&utm_source=Media&utm_medium=Email&utm_campaign=Hearst_DomesticSale23
IP 151.101.66.132:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 247ef1601727e81b257b429fad9b95b3
32823925774c442575f3a181df39a1b3fe3a9340
b0d538e666a871330c2352b85d1fd68fbc34c5d4d40aee95884b2c24edfda55a
GET /tours/north-america/canada/canadian-rockies-by-train?cm_mmc=Email-_-DomesticSale23-_-Hearst-_-US+DTC&utm_source=Media&utm_medium=Email&utm_campaign=Hearst_DomesticSale23 HTTP/1.1
Host: www.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
content-type: text/html; charset=utf-8
location: /en/tours/north-america/canada/canadian-rockies-by-train?cm_mmc=Email-_-DomesticSale23-_-Hearst-_-US DTC&utm_source=Media&utm_medium=Email&utm_campaign=Hearst_DomesticSale23
server: Microsoft-IIS/10.0
x-ua-compatible: IE=edge,chrome=1
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
pragma: cache
x-pass-fastly-cache: False
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 22 Mar 2023 09:23:25 GMT
age: 0
x-served-by: cache-bos4641-BOS, cache-bma1662-BMA
x-cache: HIT, MISS
x-cache-hits: 11, 0
x-timer: S1679477005.385635,VS0,VE375
vvvv: 194
strict-transport-security: max-age=31557600
content-length: 302
X-Firefox-Spdy: h2
www.gocollette.com/css/collette.css?v=291
151.101.66.132200 OK 122 kB URL HTTP/2 www.gocollette.com/css/collette.css?v=291
IP 151.101.66.132:0
File type Unicode text, UTF-8 (with BOM) text, with very long lines (58751), with CRLF line terminators
Size 122 kB (122440 bytes)
Hash ef54abbf317f46e6b2f12dd1f5858191
54197ec120023be842f3355fd2d0c814d73a50de
77720bf01167992fdabf1c50d6a7de3826f95297c335b4c11d947791a7cd5063
GET /css/collette.css?v=291 HTTP/1.1
Host: www.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/en/tours/north-america/canada/canadian-rockies-by-train?cm_mmc=Email-_-DomesticSale23-_-Hearst-_-US%20DTC&utm_source=Media&utm_medium=Email&utm_campaign=Hearst_DomesticSale23
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: text/css
content-encoding: gzip
last-modified: Wed, 15 Mar 2023 21:35:17 GMT
etag: "80d8db88657d91:0"
server: Microsoft-IIS/10.0
x-ua-compatible: IE=edge,chrome=1
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
pragma: cache
x-pass-fastly-cache: False
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 22 Mar 2023 09:23:26 GMT
age: 558434
x-served-by: cache-bos4657-BOS, cache-bma1662-BMA
x-cache: HIT, HIT
x-cache-hits: 7, 1
x-timer: S1679477006.259343,VS0,VE2
vvvv: 194
strict-transport-security: max-age=31557600
content-length: 122440
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 3e968c0f4319273e79821cbabf3bdbdc
99f1127052594878d49370fdcc61b1e4fbb69e61
82ea5f81bec224fa88a6b83c50481d819586b5de2fbb435d522d24ce1250b6cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 09:23:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 06adbc463c1bafb4b79a2d2f10791ef8
30a6d093719f89764805f62102b0a07c493016a0
64000d2bedca454efa1fc2de6083ca06cb3e94b33565427ba9ac7c9345a926fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 09:23:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fdeee94dc8a2dedb2ffd9f44c9a7e6a3
605dd1ed088fa8e059da6cdbb554320507942494
06e70802efb4784ed111892189dde15c48ea88e38136a2f8b26fec6205f142e8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "06E70802EFB4784ED111892189DDE15C48EA88E38136A2F8B26FEC6205F142E8"
Last-Modified: Tue, 21 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9001
Expires: Wed, 22 Mar 2023 11:53:27 GMT
Date: Wed, 22 Mar 2023 09:23:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fdeee94dc8a2dedb2ffd9f44c9a7e6a3
605dd1ed088fa8e059da6cdbb554320507942494
06e70802efb4784ed111892189dde15c48ea88e38136a2f8b26fec6205f142e8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "06E70802EFB4784ED111892189DDE15C48EA88E38136A2F8B26FEC6205F142E8"
Last-Modified: Tue, 21 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9001
Expires: Wed, 22 Mar 2023 11:53:27 GMT
Date: Wed, 22 Mar 2023 09:23:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash fdeee94dc8a2dedb2ffd9f44c9a7e6a3
605dd1ed088fa8e059da6cdbb554320507942494
06e70802efb4784ed111892189dde15c48ea88e38136a2f8b26fec6205f142e8
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "06E70802EFB4784ED111892189DDE15C48EA88E38136A2F8B26FEC6205F142E8"
Last-Modified: Tue, 21 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=9001
Expires: Wed, 22 Mar 2023 11:53:27 GMT
Date: Wed, 22 Mar 2023 09:23:26 GMT
Connection: keep-alive
i.gocollette.com/icons/flags/flag_australia_16.png
185.76.9.21200 OK 722 B URL HTTP/2 i.gocollette.com/icons/flags/flag_australia_16.png
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 13edee77b58c0459ba5f14fcd43ceab3
3ccf509ae0b2631be3d638500f655a8fa4815023
e2c3a7762de7456f6790a8d170335b0d446a42745db2c5d55319991fcc3c12bc
GET /icons/flags/flag_australia_16.png HTTP/1.1
Host: i.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/png
content-length: 722
last-modified: Fri, 25 Nov 2016 22:16:14 GMT
etag: "5838b82e-2d2"
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: AblMCRR3cAr/jtIKAA
x-77-nzt-ray: af5856305262941b0ec91a64155d8c19
x-accel-expires: @1679804544
x-cache: HIT
x-age: 709262
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
i.gocollette.com/icons/flags/flag_usa_16.png
185.76.9.21200 OK 672 B URL HTTP/2 i.gocollette.com/icons/flags/flag_usa_16.png
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 89953eef08d69d42ef23067f016f99b1
3b10a40e72c2530b18fab0d8042a881db91d2f10
8cfdd1e8582171a5671e95502ffef88642bc1fad470557603e5a46e9dec8b062
GET /icons/flags/flag_usa_16.png HTTP/1.1
Host: i.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/png
content-length: 672
last-modified: Fri, 25 Nov 2016 22:16:15 GMT
etag: "5838b82f-2a0"
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: AblMCRRC3SD/2CALAA
x-77-nzt-ray: af5856305262941b0ec91a6447979319
x-accel-expires: @1679784502
x-cache: HIT
x-age: 729304
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-W4MQ78
142.250.74.168200 OK 106 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-W4MQ78
IP 142.250.74.168:0
File type ASCII text, with very long lines (39299)
Size 106 kB (106247 bytes)
Hash 04e2cee5d0ab417b7bcd91c1e2470d85
0c81b4ce271ed4f2aed0e4cd6c2cce5e697e029c
d05386f3f317a723f3077a2c22776699a3fcf39e66a4a128e45922aab071e820
GET /gtm.js?id=GTM-W4MQ78 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 22 Mar 2023 09:23:26 GMT
expires: Wed, 22 Mar 2023 09:23:26 GMT
cache-control: private, max-age=900
last-modified: Wed, 22 Mar 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 106247
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.gocollette.com/renderings/objects/page-components/feefo/stars/5star.png
185.76.9.21200 OK 575 B URL HTTP/2 i.gocollette.com/renderings/objects/page-components/feefo/stars/5star.png
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type PNG image data, 89 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash 410120cacb68de7fb454e94da42f2d5b
2f6b1e02a9064afc7fd27c5ddcf96d18b1a0defe
3915c789499c2146e5957f5d0f447c3b147ee7b56ac9360a338d412d46ab9b75
GET /renderings/objects/page-components/feefo/stars/5star.png HTTP/1.1
Host: i.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/png
content-length: 575
last-modified: Thu, 08 Jun 2017 11:25:30 GMT
etag: "5939342a-23f"
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: AblMCRTbW/T/o0cFAA
x-77-nzt-ray: af5856305262941b0ec91a64d8319919
x-accel-expires: @1680167787
x-cache: HIT
x-age: 346019
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
i.gocollette.com/icons/tour-detail-page/icon-calendar.png
185.76.9.21200 OK 4.4 kB URL HTTP/2 i.gocollette.com/icons/tour-detail-page/icon-calendar.png
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type PNG image data, 69 x 68, 8-bit/color RGBA, non-interlaced\012- data
Hash 96e4acbbd6b61686e7a0fc82141352e1
66769966bf3748332e46e7a53fccd87b774646a4
e4454796a5aadad7788510823cc5112e550685c4d94ec0e553481ad2e484ca70
GET /icons/tour-detail-page/icon-calendar.png HTTP/1.1
Host: i.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/png
content-length: 4405
last-modified: Fri, 20 Jul 2018 15:49:22 GMT
etag: "5b520482-1135"
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: AblMCRT9/ebvza8HAA
x-77-nzt-ray: af5856305262941b0ec91a641fdca019
x-accel-expires: @1680010049
x-cache: HIT
x-age: 503757
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
i.gocollette.com/renderings/objects/page-components/feefo/stars/2star.png
185.76.9.21200 OK 864 B URL HTTP/2 i.gocollette.com/renderings/objects/page-components/feefo/stars/2star.png
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type PNG image data, 89 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash b6e1d1dc9c5c85ea3ce5030d292c9385
86f891d76cbf503e44c9309d4b5c95e0686469cf
d5fa0802643dd784c126f4f9ac2e10bc7304caeb8d3d64f30aca29946759e696
GET /renderings/objects/page-components/feefo/stars/2star.png HTTP/1.1
Host: i.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/png
content-length: 864
last-modified: Thu, 08 Jun 2017 11:25:02 GMT
etag: "5939340e-360"
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: AblMCRQuktX/Wa0HAA
x-77-nzt-ray: af5856305262941b0ec91a6443dda919
x-accel-expires: @1680010677
x-cache: HIT
x-age: 503129
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
i.gocollette.com/renderings/objects/page-components/feefo/stars/4star.png
185.76.9.21200 OK 697 B URL HTTP/2 i.gocollette.com/renderings/objects/page-components/feefo/stars/4star.png
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type PNG image data, 89 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash af4330c0ac2dbcb063e69074dea8a294
b0d4e5e3f29718b23bce63176fa5319067f44db7
aa53c824d52a431e2d99779be2c8009b8d21f1b4d094a9ed69d9844000eef6b9
GET /renderings/objects/page-components/feefo/stars/4star.png HTTP/1.1
Host: i.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/png
content-length: 697
last-modified: Thu, 08 Jun 2017 11:25:21 GMT
etag: "59393421-2b9"
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: AblMCRSPvF3/zK8HAA
x-77-nzt-ray: af5856305262941b0ec91a644db8b319
x-accel-expires: @1680010050
x-cache: HIT
x-age: 503756
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
i.gocollette.com/renderings/objects/page-components/feefo/stars/3star.png
185.76.9.21200 OK 798 B URL HTTP/2 i.gocollette.com/renderings/objects/page-components/feefo/stars/3star.png
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type PNG image data, 89 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash d04e71e5d02383ee0ec88d8ae58fbf62
9dceadb99b67b30cfbf561f9b77a884190c4891f
885025cb1c517190c8cb6a2d1b83ddc9a94e982c682dd8aeed40ac9cee5b94f5
GET /renderings/objects/page-components/feefo/stars/3star.png HTTP/1.1
Host: i.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/png
content-length: 798
last-modified: Thu, 08 Jun 2017 11:25:11 GMT
etag: "59393417-31e"
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: AblMCRSBgBT/Wa0HAA
x-77-nzt-ray: af5856305262941b0ec91a6497e4a61a
x-accel-expires: @1680010677
x-cache: HIT
x-age: 503129
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
i.gocollette.com/icons/tour-detail-page/icon-culinary.png
185.76.9.21200 OK 5.1 kB URL HTTP/2 i.gocollette.com/icons/tour-detail-page/icon-culinary.png
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type PNG image data, 70 x 68, 8-bit/color RGBA, non-interlaced\012- data
Hash a8f00b31ceebed6b1ad5f43494e47d9a
ca1596ffa430223c434e57d0121cd0fa7809a6b4
05badaa0089c6212924a2e4dbe8a0eb01f9764e4310bcf4204f750fe05d31722
GET /icons/tour-detail-page/icon-culinary.png HTTP/1.1
Host: i.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/png
content-length: 5063
last-modified: Fri, 20 Jul 2018 15:49:53 GMT
etag: "5b5204a1-13c7"
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: AblMCRQ9y9zvw6sIAA
x-77-nzt-ray: af5856305262941b0ec91a64672fd11b
x-accel-expires: @1679945547
x-cache: HIT
x-age: 568259
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
i.gocollette.com/img/logos/collette-logo-22_200x50.jpg
185.76.9.21200 OK 14 kB URL HTTP/2 i.gocollette.com/img/logos/collette-logo-22_200x50.jpg
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 200x50, components 3\012- data
Hash e7ed11b447c120640433f2dd804391cc
f823ed181aa0aa119594d105231d4148d91d411c
0d652aed22f036fe9bb6f51ddef0e8b117f685f813ecd645d80451a8b011fa78
GET /img/logos/collette-logo-22_200x50.jpg HTTP/1.1
Host: i.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/jpeg
content-length: 13775
last-modified: Thu, 22 Sep 2022 13:50:58 GMT
etag: "632c6842-35cf"
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: AblMCRRb31X/jtIKAA
x-77-nzt-ray: af5856305262941b0ec91a649ce2de1b
x-accel-expires: @1679804544
x-cache: HIT
x-age: 709262
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
i.gocollette.com/icons/flags/flag_canada_16.png
185.76.9.21200 OK 673 B URL HTTP/2 i.gocollette.com/icons/flags/flag_canada_16.png
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type PNG image data, 16 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 0b6d38bdeeee07377c0d4ba1c5631d10
08f0539de51e4032346c0d14533bb53d48b38b69
90fda1b6ec902a138d60136e0366d501d67940879132413333cf2a8268119d00
GET /icons/flags/flag_canada_16.png HTTP/1.1
Host: i.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/png
content-length: 673
last-modified: Fri, 25 Nov 2016 22:16:16 GMT
etag: "5838b830-2a1"
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: AblMCRT2OG//1yALAA
x-77-nzt-ray: af5856305262941b0ec91a64b9feec1b
x-accel-expires: @1679784503
x-cache: HIT
x-age: 729303
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
i.gocollette.com/renderings/objects/page-components/feefo/stars/1star.png
185.76.9.21200 OK 815 B URL HTTP/2 i.gocollette.com/renderings/objects/page-components/feefo/stars/1star.png
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type PNG image data, 89 x 18, 8-bit/color RGBA, non-interlaced\012- data
Hash 553eeac6e9d91294b207ae25f3a26a9c
f9da3b8396fc28ab145ce41cdafe0a4a219bd2e7
e82bdca1feffe9021b7a4516e5e368b306a8fa11b9eae219f243f42e99e215f8
GET /renderings/objects/page-components/feefo/stars/1star.png HTTP/1.1
Host: i.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/png
content-length: 815
last-modified: Thu, 08 Jun 2017 11:24:53 GMT
etag: "59393405-32f"
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: AblMCRTHSGn/2b4OAA
x-77-nzt-ray: af5856305262941b0ec91a64c38dfe1b
x-accel-expires: @1679547445
x-cache: HIT
x-age: 966361
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gocollette.com/css/fonts/gotham/gotham-bold.woff2
151.101.66.132200 OK 19 kB URL HTTP/2 www.gocollette.com/css/fonts/gotham/gotham-bold.woff2
IP 151.101.66.132:0
File type Web Open Font Format (Version 2), TrueType, length 19008, version 1.0\012- data
Hash cb98b3657e1d9b28712349e8addfcf1e
c5703fa751947d22916f94de6470ec38a1d2c6d4
107caf471365a61e6b8a37f08aeb72083d80775644f1c2975eb65d290650c516
GET /css/fonts/gotham/gotham-bold.woff2 HTTP/1.1
Host: www.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.gocollette.com/css/collette.css?v=291
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: application/font-woff2
last-modified: Wed, 15 Mar 2023 21:29:42 GMT
etag: "7e0b7418557d91:0"
server: Microsoft-IIS/10.0
x-ua-compatible: IE=edge,chrome=1
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
pragma: cache
x-pass-fastly-cache: False
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 22 Mar 2023 09:23:26 GMT
age: 558367
x-served-by: cache-bos4620-BOS, cache-bma1662-BMA
x-cache: MISS, HIT
x-cache-hits: 0, 1
x-timer: S1679477007.547077,VS0,VE2
vvvv: 194
strict-transport-security: max-age=31557600
content-length: 19008
X-Firefox-Spdy: h2
i.gocollette.com/tour-media-manager/tours/north-america/canada/493/packages/master-package/search-result-image/maritimescoastalwonders_search_img_sm.jpg
185.76.9.21200 OK 63 kB URL HTTP/2 i.gocollette.com/tour-media-manager/tours/north-america/canada/493/packages/master-package/search-result-image/maritimescoastalwonders_search_img_sm.jpg
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 450x300, components 3\012- data
Hash d77f32af5122182935df182d36fadea6
58e7c4b23cebaff5e2064de0a35cf4e652e57d37
cce48a712ebe749e42d4922e3d215995933f9705b4e6ec9e30e98de60d5997c8
GET /tour-media-manager/tours/north-america/canada/493/packages/master-package/search-result-image/maritimescoastalwonders_search_img_sm.jpg HTTP/1.1
Host: i.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/jpeg
content-length: 62895
last-modified: Mon, 16 Jul 2018 17:38:44 GMT
etag: "5b4cd824-f5af"
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: AblMCRRJ8SPvUTkDAA
x-77-nzt-ray: af5856305262941b0ec91a64f49f0a1c
x-accel-expires: @1680302525
x-cache: HIT
x-age: 211281
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gocollette.com/css/fonts/gotham/gotham-light.woff2
151.101.66.132200 OK 19 kB URL HTTP/2 www.gocollette.com/css/fonts/gotham/gotham-light.woff2
IP 151.101.66.132:0
File type Web Open Font Format (Version 2), TrueType, length 19124, version 1.0\012- data
Hash 2c9fbe4338b76ec25ac5643a18d76014
0e2024844e5b24cff7cde293671e5c0067d1d843
7fa7267ae515e8c6df5257856238da9b8fac5a7c52cab685f4d7f87e28ccd05a
GET /css/fonts/gotham/gotham-light.woff2 HTTP/1.1
Host: www.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.gocollette.com/css/collette.css?v=291
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: application/font-woff2
last-modified: Wed, 15 Mar 2023 20:38:51 GMT
etag: "eb6eb9267e57d91:0"
server: Microsoft-IIS/10.0
x-ua-compatible: IE=edge,chrome=1
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
pragma: cache
x-pass-fastly-cache: False
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 22 Mar 2023 09:23:26 GMT
age: 558435
x-served-by: cache-bos4663-BOS, cache-bma1662-BMA
x-cache: HIT, HIT
x-cache-hits: 92, 1
x-timer: S1679477007.547772,VS0,VE2
vvvv: 194
strict-transport-security: max-age=31557600
content-length: 19124
X-Firefox-Spdy: h2
www.gocollette.com/css/fonts/acumin/acuminprocond-light.woff2
151.101.66.132200 OK 29 kB URL HTTP/2 www.gocollette.com/css/fonts/acumin/acuminprocond-light.woff2
IP 151.101.66.132:0
File type Web Open Font Format (Version 2), TrueType, length 29336, version 1.0\012- data
Hash c1ee6dbfea35aedb8ea8ae95a68520ec
4341b5d8807ca86f2ad6e9eb73850adae591fe9d
3c5994a8096acae95937957ef035188441caacfb97cb71f950f768c5968b3537
GET /css/fonts/acumin/acuminprocond-light.woff2 HTTP/1.1
Host: www.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.gocollette.com/css/collette.css?v=291
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: application/font-woff2
last-modified: Wed, 15 Mar 2023 20:39:27 GMT
etag: "4456623c7e57d91:0"
server: Microsoft-IIS/10.0
x-ua-compatible: IE=edge,chrome=1
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
pragma: cache
x-pass-fastly-cache: False
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 22 Mar 2023 09:23:26 GMT
age: 558425
x-served-by: cache-bos4621-BOS, cache-bma1662-BMA
x-cache: HIT, HIT
x-cache-hits: 75, 1
x-timer: S1679477007.549900,VS0,VE2
vvvv: 194
strict-transport-security: max-age=31557600
content-length: 29336
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5700
Expires: Wed, 22 Mar 2023 10:58:26 GMT
Date: Wed, 22 Mar 2023 09:23:26 GMT
Connection: keep-alive
s7.addthis.com/js/300/addthis_widget.js
23.38.200.123200 OK 116 kB URL HTTP/2 s7.addthis.com/js/300/addthis_widget.js
IP 23.38.200.123:0
File type ASCII text, with very long lines (54602)
Size 116 kB (116423 bytes)
Hash d5b9b7a3accd3b7b7de639c072ae3ee2
9583b5c046d78af5c6379d844219f828aa2222d0
648dad6716bb917c7d981e7772fca499d9583717fd83ffef47b0534cb9132b60
GET /js/300/addthis_widget.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-5834c"
cache-control: public, max-age=600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 116423
date: Wed, 22 Mar 2023 09:23:26 GMT
vary: Accept-Encoding
x-distribution: 99
x-host: s7.addthis.com
X-Firefox-Spdy: h2
i.gocollette.com/img/collette-gives-you-more/awards/2022_travel-weekly-readers-choice.png
185.76.9.21200 OK 8.2 kB URL HTTP/2 i.gocollette.com/img/collette-gives-you-more/awards/2022_travel-weekly-readers-choice.png
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type PNG image data, 411 x 269, 8-bit colormap, non-interlaced\012- data
Hash 0a91b24af4edc84f4c4fcbc075974a4f
5725b33a29876eb50cd1801a3a463d2839491193
a3757969e3db64f6544171209097963c727676f54c1c9a169a829b9a1384fdca
GET /img/collette-gives-you-more/awards/2022_travel-weekly-readers-choice.png HTTP/1.1
Host: i.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/png
content-length: 8230
last-modified: Thu, 19 Jan 2023 17:53:29 GMT
etag: "63c98399-2026"
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: AblMCRTUf0D/ckMCAA
x-77-nzt-ray: af5856305262941b0ec91a641a4fa322
x-accel-expires: @1680365468
x-cache: HIT
x-age: 148338
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.0/webfonts/fa-solid-900.woff2
172.64.133.15200 OK 74 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.0/webfonts/fa-solid-900.woff2
IP 172.64.133.15:0
File type Web Open Font Format (Version 2), TrueType, length 74316, version 329.30932\012- data
Hash 52134b924fd61958f88323845deffc64
cfccdf2c8be593220ea949989a5abc0b380ea2ac
658cf43db24e9d4c57890e958aa74656a13139754de24f19e706f0a355279e4d
GET /releases/v5.7.0/webfonts/fa-solid-900.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gocollette.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: font/woff2
content-length: 74316
x-amz-id-2: o8PTmZu5yF4svcVCamh4C6JczYtWk6lA8RXl6EmpOucwQT/gQvQBunJjNyWHCN33eaNa+kl4Wqo=
x-amz-request-id: VGKM4J5EZ2JFF32J
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:37 GMT
etag: "52134b924fd61958f88323845deffc64"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1322826
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=njEkmg0ftklQrs2yRL4W%2F6HCChx54KaQiuaAWWLGI6a8KWmvAPyhpOIMqP02JMS%2FbxaDQUtFV1t3qCxosBL%2B4sLa4zuXx7CHyla6tvff3YsaLsVLZGpqCMot5ob2%2BoGyujYUjOxM"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7abd603acb8f7427-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gocollette.com/js/libs/custom/datalayer.js
151.101.66.132200 OK 1.1 kB URL HTTP/2 www.gocollette.com/js/libs/custom/datalayer.js
IP 151.101.66.132:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 10991ff875a56d7d14d1a8e1a5aee0d5
ebff0081a31e6e7e649fbbad63154efd2b3a4160
c24ef50c353eed91988c1013291a1bdf6b7ea051958823097b68cc869b429b78
GET /js/libs/custom/datalayer.js HTTP/1.1
Host: www.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/en/tours/north-america/canada/canadian-rockies-by-train?cm_mmc=Email-_-DomesticSale23-_-Hearst-_-US%20DTC&utm_source=Media&utm_medium=Email&utm_campaign=Hearst_DomesticSale23
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: application/javascript
last-modified: Wed, 15 Mar 2023 20:39:30 GMT
etag: "5134b3e7e57d91:0"
server: Microsoft-IIS/10.0
x-ua-compatible: IE=edge,chrome=1
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
pragma: cache
x-pass-fastly-cache: False
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 22 Mar 2023 09:23:26 GMT
age: 558434
x-served-by: cache-bos4673-BOS, cache-bma1662-BMA
x-cache: HIT, HIT
x-cache-hits: 1, 1
x-timer: S1679477007.603493,VS0,VE1
vvvv: 194
strict-transport-security: max-age=31557600
content-length: 1115
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.0/webfonts/fa-brands-400.woff2
172.64.133.15200 OK 72 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.0/webfonts/fa-brands-400.woff2
IP 172.64.133.15:0
File type Web Open Font Format (Version 2), TrueType, length 72120, version 329.30932\012- data
Hash ae990e80be9a9904db60b0d3d06adbc1
d9e9c4775f4910f9fae04600d9dab922848098cf
ed7514b6c3a5fdc386bff4dcccaee5e0c72e83cf31f90ff5ac4fb70e33fb6857
GET /releases/v5.7.0/webfonts/fa-brands-400.woff2 HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.gocollette.com
Connection: keep-alive
Referer: https://use.fontawesome.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: font/woff2
content-length: 72120
x-amz-id-2: TsROacEPlU8X9O54w1iInaE/3RXKw6wKMGi5USlXscn7kieLLcE5+ox3q7td3AaUi89d7uAASBk=
x-amz-request-id: DQWQF3WVDX79Z4M5
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:36 GMT
etag: "ae990e80be9a9904db60b0d3d06adbc1"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 557178
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=jWwUNy27nbGRV04JGiafqJon4gNQUc5vgXKYyF6F5okOC5ieHAk1MNGcMrcHPjx%2Fkrcw2McEDQcem71ivwnNi42kQPogei7SOaFVnnyodQjhfYZHDiMZsTINPqN1GMD4FlyntxTt"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7abd603afbb37427-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-6730750-24
142.250.74.168200 OK 45 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-6730750-24
IP 142.250.74.168:0
File type ASCII text, with very long lines (2206)
Hash 88452b7e8e37ccbe0f89458cb3bfafdb
e0b10f7b40b2f4568d440af9206750e909f5762b
7a46907dd17276f6e3d9b3132c5712d5009e4adb45d537ef1bceb33a9c70f9a2
GET /gtag/js?id=UA-6730750-24 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 22 Mar 2023 09:23:26 GMT
expires: Wed, 22 Mar 2023 09:23:26 GMT
cache-control: private, max-age=900
last-modified: Wed, 22 Mar 2023 09:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44713
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
i.gocollette.com/img/collette-gives-you-more/awards/2022-travelage-west-wave-editors-pick-logo.jpg
185.76.9.21200 OK 33 kB URL HTTP/2 i.gocollette.com/img/collette-gives-you-more/awards/2022-travelage-west-wave-editors-pick-logo.jpg
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 329x196, components 3\012- data
Hash bbdf69afd71861825afb97518673aec0
6b3b30bb89bf6150e47c8155886356d34a2a0255
5ec6fdf7a33545c551d44c4d7d19e38c4eab9140ff7c077af885b1fd3dcb8249
GET /img/collette-gives-you-more/awards/2022-travelage-west-wave-editors-pick-logo.jpg HTTP/1.1
Host: i.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/jpeg
content-length: 32728
last-modified: Fri, 10 Jun 2022 12:26:28 GMT
etag: "62a33874-7fd8"
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: AblMCRQGfUX/jtIKAA
x-77-nzt-ray: af5856305262941b0ec91a644220dc22
x-accel-expires: @1679804544
x-cache: HIT
x-age: 709262
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.gocollette.com/Scripts/apps/tour.js?v=550
151.101.66.132200 OK 40 kB URL HTTP/2 www.gocollette.com/Scripts/apps/tour.js?v=550
IP 151.101.66.132:0
File type HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash 116a4512ddc6d32b817605f63cadfc02
db9cb0d5f7c3dac836162870531d22e7302c40db
0f141cec5a0b0dc75fe199341b9b1826978df2706ca33e2bfc04700acdf57772
GET /Scripts/apps/tour.js?v=550 HTTP/1.1
Host: www.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/en/tours/north-america/canada/canadian-rockies-by-train?cm_mmc=Email-_-DomesticSale23-_-Hearst-_-US%20DTC&utm_source=Media&utm_medium=Email&utm_campaign=Hearst_DomesticSale23
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 15 Mar 2023 20:44:00 GMT
etag: "0e8d2de7e57d91:0"
server: Microsoft-IIS/10.0
x-ua-compatible: IE=edge,chrome=1
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
pragma: cache
x-pass-fastly-cache: False
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 22 Mar 2023 09:23:26 GMT
age: 558434
x-served-by: cache-bos4655-BOS, cache-bma1662-BMA
x-cache: HIT, HIT
x-cache-hits: 282, 1
x-timer: S1679477007.622789,VS0,VE2
vvvv: 194
strict-transport-security: max-age=31557600
content-length: 40206
X-Firefox-Spdy: h2
i.gocollette.com/img/footer-awards/2022_travvy_gold.png
185.76.9.21200 OK 3.3 kB URL HTTP/2 i.gocollette.com/img/footer-awards/2022_travvy_gold.png
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type PNG image data, 323 x 162, 8-bit colormap, non-interlaced\012- data
Hash 7acba9650dafdd89c185a09c83a5dd85
510ce297ff1ad9d49a913abbada1a9090f88278f
67a8581d507595213620f53c140f673a6b1fee4302f9a92e21aee40a706a7cd2
GET /img/footer-awards/2022_travvy_gold.png HTTP/1.1
Host: i.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/png
content-length: 3349
last-modified: Thu, 19 Jan 2023 18:05:31 GMT
etag: "63c9866b-d15"
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: AblMCRSErNL/HN4BAA
x-77-nzt-ray: af5856305262941b0ec91a64f88fe822
x-accel-expires: @1680391410
x-cache: HIT
x-age: 122396
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
i.gocollette.com/img/footer-awards/travel-weekly-magellan-gold-winner-2022.jpg
185.76.9.21200 OK 12 kB URL HTTP/2 i.gocollette.com/img/footer-awards/travel-weekly-magellan-gold-winner-2022.jpg
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 210x210, components 3\012- data
Hash bed3ebc4e8c10f5284695ddc71cbb024
67e1a6f256e30ce22aa7e6601394ef7af3e03d0a
36a41df4969febfcf0727af2d33a602d1b3a1c586d95a972f5fd7eec5ef69f37
GET /img/footer-awards/travel-weekly-magellan-gold-winner-2022.jpg HTTP/1.1
Host: i.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/jpeg
content-length: 11499
last-modified: Thu, 27 Oct 2022 13:24:57 GMT
etag: "635a86a9-2ceb"
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: AblMCRSIq9X/jtIKAA
x-77-nzt-ray: af5856305262941b0ec91a645134fd22
x-accel-expires: @1679804544
x-cache: HIT
x-age: 709262
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
i.gocollette.com/img/footer-awards/ustoa.jpg
185.76.9.21200 OK 21 kB URL HTTP/2 i.gocollette.com/img/footer-awards/ustoa.jpg
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 359x121, components 3\012- data
Hash a0c3e597bc268adf2a8aa7eb491aeee5
491a09563ad34d5909b2800999f271e83f6e2370
381652c43f102a4572f50277f09f63de5fb70d07fe3ccd31e58ca24f4791b0e4
GET /img/footer-awards/ustoa.jpg HTTP/1.1
Host: i.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/jpeg
content-length: 20826
last-modified: Thu, 31 Oct 2019 16:53:48 GMT
etag: "5dbb119c-515a"
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: AblMCRSZIwv/jtIKAA
x-77-nzt-ray: af5856305262941b0ec91a6490262723
x-accel-expires: @1679804544
x-cache: HIT
x-age: 709262
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=G-83LPQJX1G8&l=dataLayer&cx=c
142.250.74.168200 OK 84 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=G-83LPQJX1G8&l=dataLayer&cx=c
IP 142.250.74.168:0
File type ASCII text, with very long lines (30260)
Hash 2b4587bda3de1f59ffba38e3bb6a322a
4c12a8862f194bc381f8e88ff8988c51c4c7c3d7
4f2efe216a7e3c54edb329151213dbfac5c94f462f4d17c98985b7628caef3ac
GET /gtag/js?id=G-83LPQJX1G8&l=dataLayer&cx=c HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Wed, 22 Mar 2023 09:23:26 GMT
expires: Wed, 22 Mar 2023 09:23:26 GMT
cache-control: private, max-age=900
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 83631
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fast.wistia.com/embed/medias/(lqcdutx7z9).jsonp
151.101.194.110200 OK 80 B URL HTTP/2 fast.wistia.com/embed/medias/(lqcdutx7z9).jsonp
IP 151.101.194.110:0
Hash 87625da28ff14a81c9dd06cf745b5f11
40c2811abfb829ab50dfd8950dc17d5058de2940
5649e9272cefb59fae5bf98cb4999689779887ceb731284644282f0a38216868
GET /embed/medias/(lqcdutx7z9).jsonp HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, no-cache
content-encoding: br
content-type: application/javascript; charset=utf-8
etag: W/"9e094639b844bbf922433d60ad908522"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: b7b48c2435444244689c815bdda646b1
x-runtime: 0.007933
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 22 Mar 2023 09:23:26 GMT
age: 1069
x-served-by: cache-iad-kcgs7200082-IAD, cache-bma1620-BMA
x-cache: HIT, MISS
x-cache-hits: 26, 0
x-timer: S1679477007.593376,VS0,VE91
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 80
X-Firefox-Spdy: h2
i.gocollette.com/img/logos/feefo_gold_trusted_service_award_2023.jpg
185.76.9.21200 OK 73 kB URL HTTP/2 i.gocollette.com/img/logos/feefo_gold_trusted_service_award_2023.jpg
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 500x500, components 3\012- data
Hash 285522a6c3b44eac7c5c6296dd11f4f0
3b06bdefce331492dcf74ebcd3c7a0fc4d1b23fa
9cbcd0adde4252998b646000474884c1c3311eb497b6d4220a673bb8d69ee8b7
GET /img/logos/feefo_gold_trusted_service_award_2023.jpg HTTP/1.1
Host: i.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/jpeg
content-length: 72902
last-modified: Thu, 19 Jan 2023 14:59:29 GMT
etag: "63c95ad1-11cc6"
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: AblMCRTi08T/Gt4BAA
x-77-nzt-ray: af5856305262941b0ec91a64b9de0f24
x-accel-expires: @1680391412
x-cache: HIT
x-age: 122394
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
i.gocollette.com/tour-media-manager/tours/north-america/canada/216/packages/master-package/search-result-image/canrockiesglaciernp_search_img_sm.jpg
185.76.9.21200 OK 68 kB URL HTTP/2 i.gocollette.com/tour-media-manager/tours/north-america/canada/216/packages/master-package/search-result-image/canrockiesglaciernp_search_img_sm.jpg
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2018 (Windows), datetime=2018:06:28 15:22:07], baseline, precision 8, 450x300, components 3\012- data
Hash 6fd73d1027fa6fd4f9f59aa470041854
38421fea0d1b261e0a09b6381c39a46ab0cb88f6
9495856ec051a2d210802915d522eca84b02879fe396280bdf2fcd7f5d971130
GET /tour-media-manager/tours/north-america/canada/216/packages/master-package/search-result-image/canrockiesglaciernp_search_img_sm.jpg HTTP/1.1
Host: i.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/jpeg
content-length: 68398
last-modified: Mon, 16 Jul 2018 17:43:00 GMT
etag: "5b4cd924-10b2e"
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: AblMCRTpSBeh
x-77-nzt-ray: af5856305262941b0ec91a64900d081d
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5700
Expires: Wed, 22 Mar 2023 10:58:26 GMT
Date: Wed, 22 Mar 2023 09:23:26 GMT
Connection: keep-alive
i.gocollette.com/tour-media-manager/tours/north-america/usa/643/packages/master-package/search-result-image/washington-dc-nyc-and-niagara-falls-search.jpg
185.76.9.21200 OK 34 kB URL HTTP/2 i.gocollette.com/tour-media-manager/tours/north-america/usa/643/packages/master-package/search-result-image/washington-dc-nyc-and-niagara-falls-search.jpg
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 450x300, components 3\012- data
Hash 47ae8322f3851e7f7db1794dc44eed10
24f6185b9bddfcd57404bf2c824e391b1f0258f4
5614e14e94093002200c010bcaf82fe0716bcb645408bc276e36d576d59cc999
GET /tour-media-manager/tours/north-america/usa/643/packages/master-package/search-result-image/washington-dc-nyc-and-niagara-falls-search.jpg HTTP/1.1
Host: i.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/jpeg
content-length: 34173
last-modified: Mon, 04 Feb 2019 21:28:54 GMT
etag: "5c58ae96-857d"
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: AblMCRRy2WKh
x-77-nzt-ray: af5856305262941b0ec91a64a26d9e22
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 06adbc463c1bafb4b79a2d2f10791ef8
30a6d093719f89764805f62102b0a07c493016a0
64000d2bedca454efa1fc2de6083ca06cb3e94b33565427ba9ac7c9345a926fb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 09:23:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
i.gocollette.com/img/footer-awards/bptw_winner2019.jpg
185.76.9.21200 OK 287 kB URL HTTP/2 i.gocollette.com/img/footer-awards/bptw_winner2019.jpg
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=12, height=720, bps=0, PhotometricIntepretation=CMYK, orientation=upper-left, width=1123], baseline, precision 8, 1123x720, components 3\012- data
Size 287 kB (287343 bytes)
Hash 531929529d715d4e1cc0df23832e6606
2a7cbeb99fca2231181c523f10a110fde382e997
b8e5156451abbb9f4c0d50298a13a4470fd8e0d2e00cbca3f52d33aaf43a67ea
GET /img/footer-awards/bptw_winner2019.jpg HTTP/1.1
Host: i.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/jpeg
content-length: 287343
last-modified: Thu, 28 Jul 2022 19:50:49 GMT
etag: "62e2e899-4626f"
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: AblMCRTVKe7/1SALAA
x-77-nzt-ray: af5856305262941b0ec91a6480660e23
x-accel-expires: @1679784505
x-cache: HIT
x-age: 729301
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85351059b67b0a42eda7e69a31b3b4b4
b798268806dc2f79f033e5872676019faf0e0cc1
86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4000
x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJpraEqyoAMFgNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: 2e9Y7K5xIkpbhFR8a4kGAVX7X2-97lB13zHrjOuqlkalxzdbCDcfPA==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 abbf2df97f9d83839470842dc2e68cb6.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 21:47:57 GMT
age: 41729
etag: "b798268806dc2f79f033e5872676019faf0e0cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
i.gocollette.com/tour-media-manager/tours/north-america/canada/609/packages/master-package/search-result-image/canadian_rockies_by_traint_featuring_rm_search_img_sm.jpg
185.76.9.21200 OK 76 kB URL HTTP/2 i.gocollette.com/tour-media-manager/tours/north-america/canada/609/packages/master-package/search-result-image/canadian_rockies_by_traint_featuring_rm_search_img_sm.jpg
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2018 (Windows), datetime=2018:07:05 10:20:15], baseline, precision 8, 450x300, components 3\012- data
Hash 7a81017e3b5e01db560aefda268f860f
54d5ad2d794d9402baa11cca06698a1c5819b1ea
879d7a0774a7a0b6ec07b23989fdd782dd646660608449b3888af60316ecc865
GET /tour-media-manager/tours/north-america/canada/609/packages/master-package/search-result-image/canadian_rockies_by_traint_featuring_rm_search_img_sm.jpg HTTP/1.1
Host: i.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/jpeg
content-length: 75873
last-modified: Mon, 16 Jul 2018 18:25:01 GMT
etag: "5b4ce2fd-12861"
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: AblMCRS+ju+h
x-77-nzt-ray: af5856305262941b0ec91a64ce583722
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F882a2ebf-b22a-46de-bf52-8b9a1aaa2743.jpeg
34.120.237.76200 OK 8.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F882a2ebf-b22a-46de-bf52-8b9a1aaa2743.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aeb0d8069d746e467fecd886c0e42628
8229b537f84a7418dc67e30691e62db4cea67f0f
24705dc5b7eefd79a35323beee7c741aa041c3bf55801d13b4ffc2b202e6a394
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F882a2ebf-b22a-46de-bf52-8b9a1aaa2743.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8037
x-amzn-requestid: 7a9f7bb5-d810-4831-b5d2-3eead1af864a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJprcGY1IAMFSAg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-53cdee4b645ed18e1dfeb92c;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: QW8T5AGg_L1mT4fE8IHeBG9TSiGpbBJpZE2yZdBtAQMJCPV8OKK5Dw==
via: 1.1 a87682502db4b394cc6ba84510da9f98.cloudfront.net (CloudFront), 1.1 ae06b19943a6bad1c1b12b79f7339498.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 21:47:59 GMT
etag: "8229b537f84a7418dc67e30691e62db4cea67f0f"
content-type: image/jpeg
age: 41727
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
i.gocollette.com/icons/footer/paymentcards.png
185.76.9.21200 OK 3.9 kB URL HTTP/2 i.gocollette.com/icons/footer/paymentcards.png
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type GIF image data, version 89a, 245 x 45\012- data
Hash 964fc7b165b76f87cd08f868e2e1921d
641035e36b7c1029173f0db9768ecc5cb80724e5
3999e490296d46b21cc531da4b1ca028406847733b50f2cd4e477ca063b6f696
GET /icons/footer/paymentcards.png HTTP/1.1
Host: i.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/png
content-length: 3888
last-modified: Fri, 25 Nov 2016 22:34:41 GMT
etag: "5838bc81-f30"
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: AblMCRSK7kf/pQcLAA
x-77-nzt-ray: af5856305262941b0ec91a646a1eb72b
x-accel-expires: @1679790953
x-cache: HIT
x-age: 722853
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F725f0930-57cc-4b81-8685-8be1acf4b380.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F725f0930-57cc-4b81-8685-8be1acf4b380.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7a9178701002b637a130aec44024349b
d51674c9b6d98baa4ec3905e2982ffecfcb1e9cb
d3888f5cc4aef7239fe7d1ae8cee2f1ca94d1c1524b1629a1da5d6327376b5da
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F725f0930-57cc-4b81-8685-8be1acf4b380.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3474
x-amzn-requestid: ac3a81e6-328d-4944-beda-d9c85de30aff
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJqP6F8gIAMFoww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a23ff-52d04e4a6adace9e17003e80;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:39:11 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: WzP3lkcd3AEE-N0bujYeE5UWkvfG5xmGfqLCbIv04YMkJ_E4OaThEg==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 9adef5b1c5fc9ca80d6f4f8d19e103a2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 22:09:39 GMT
etag: "d51674c9b6d98baa4ec3905e2982ffecfcb1e9cb"
content-type: image/jpeg
age: 40427
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5700
Expires: Wed, 22 Mar 2023 10:58:26 GMT
Date: Wed, 22 Mar 2023 09:23:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5700
Expires: Wed, 22 Mar 2023 10:58:26 GMT
Date: Wed, 22 Mar 2023 09:23:26 GMT
Connection: keep-alive
fonts.googleapis.com/css?family=Homemade+Apple
142.250.74.74200 OK 2.8 kB URL HTTP/2 fonts.googleapis.com/css?family=Homemade+Apple
IP 142.250.74.74:0
Hash 67fbea0bc6e06cef8aad7fa927a5671c
b53b4a8faef100429ddbbd80e160ca612d70741f
f5de17b46bee1c0b10802b9c8a86527b92010c559bb7f530ad8e7125dd17a12e
GET /css?family=Homemade+Apple HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Wed, 22 Mar 2023 09:23:26 GMT
date: Wed, 22 Mar 2023 09:23:26 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.33.119.27200 OK 503 B IP 23.33.119.27:0
ASN #20940 Akamai International B.V.
Hash a0d3d7099bbc5fed74a6e78e1a3096bf
96afaf8b3ac053577c56aca5f4a20d8655ecb771
c8ff32c6809a506d4c656d3200dbfc6682c156c3de0647d13ab8f07a6f9a38ba
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C8FF32C6809A506D4C656D3200DBFC6682C156C3DE0647D13AB8F07A6F9A38BA"
Last-Modified: Tue, 21 Mar 2023 15:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5700
Expires: Wed, 22 Mar 2023 10:58:26 GMT
Date: Wed, 22 Mar 2023 09:23:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6f0b9e85381489dcf646c251722b21d4
5f7ea91288a2170bcabdca6be296718c4191eacd
911f803271ad9053ebac3787bdde9b75ec604acc6aa28692cc8e4c5c4fb61483
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F08561a1f-1d19-45db-be98-107d6b1ed25d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10480
x-amzn-requestid: 58aa8272-4b4e-4a2f-9d6e-d47f70891c49
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJptHG7JoAMFSwA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2320-2fd6502b1271d5c13b4ebbe9;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:28 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: hqGFdT1Sk0IcvaNqfvjz5RsGBK-qMBcNKbK9FyZ7OoiH30hDL9ekxA==
via: 1.1 2241406ac19fffc8f35d6ddef8e22f56.cloudfront.net (CloudFront), 1.1 de2dd11312f7d5ad3bcd0cb112c7fd0e.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 22:09:39 GMT
age: 40427
etag: "5f7ea91288a2170bcabdca6be296718c4191eacd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44275491-68d9-43b4-8a23-8d98e6e935bd.jpeg
34.120.237.76200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44275491-68d9-43b4-8a23-8d98e6e935bd.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a281f27512fbe07f84702fe8801c4397
a80ecb653048fee95df524941bdac2550f241460
b08919f9cd7c08ad24c3c9e5942c0de1f51f9cf6b7a045244bb31296e151eb90
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F44275491-68d9-43b4-8a23-8d98e6e935bd.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6822
x-amzn-requestid: e47fea88-e815-4516-8c78-96c0cae212d7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CHqJnFqvoAMFsAQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6419570a-5a4ae60213c9bfd44497222a;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 07:04:42 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: kXio80vWJutfgnUfINkc-BVMg3LxeJMwF2x0DXLr7npoWge98roqzQ==
via: 1.1 ee6ea1e4552345de209d26f9ffb35d4a.cloudfront.net (CloudFront), 1.1 1d0860167e2100a6d1cd9c0213c2b8e8.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 07:04:27 GMT
age: 8339
etag: "a80ecb653048fee95df524941bdac2550f241460"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
api.feefo.com/api/logo?template=independent_service-percentage-stars-grey-200x60_en.png&nocache=true&since=all&merchantidentifier=collette-group
104.16.75.76200 OK 4.7 kB URL HTTP/2 api.feefo.com/api/logo?template=independent_service-percentage-stars-grey-200x60_en.png&nocache=true&since=all&merchantidentifier=collette-group
IP 104.16.75.76:0
File type PNG image data, 200 x 51, 8-bit/color RGBA, non-interlaced\012- data
Hash 817f7ef86b11b90d36aba683d96aee44
59f52cb6b5f27b85ee11011c2b5884279dc98402
1eda7b3c8aebc9969af9ac0a01642ffcf70c4e51b9ef53ee4e72416d3f616a51
GET /api/logo?template=independent_service-percentage-stars-grey-200x60_en.png&nocache=true&since=all&merchantidentifier=collette-group HTTP/1.1
Host: api.feefo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/png
content-length: 4728
cache-control: max-age=86400
cf-bgj: imgq:100,h2pri
cf-polished: status=not_needed
expires: Wed, 22 Mar 2023 15:06:51 GMT
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; always
vary: Accept-Language, Accept-Encoding
via: kong/3.0.2
x-content-type-options: nosniff
x-kong-proxy-latency: 0
x-kong-upstream-latency: 37
x-xss-protection: 1; mode=block
last-modified: Tue, 21 Mar 2023 15:06:51 GMT
cf-cache-status: HIT
age: 45904
accept-ranges: bytes
server: cloudflare
cf-ray: 7abd603ccd23b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 3e968c0f4319273e79821cbabf3bdbdc
99f1127052594878d49370fdcc61b1e4fbb69e61
82ea5f81bec224fa88a6b83c50481d819586b5de2fbb435d522d24ce1250b6cb
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 09:23:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ceeeb08-532b-488e-be1c-b788708d76a2.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ceeeb08-532b-488e-be1c-b788708d76a2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 76347a0b2f0908b35321e7a53e5eb91c
2b6f011b911eb48604f22971afb21f61e4a14b70
ac892c186171836289a2ebd733ce96a2659d640f6408527bf8c6422ca31e713b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ceeeb08-532b-488e-be1c-b788708d76a2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5686
x-amzn-requestid: 8e5120a5-ecfd-4850-9560-a71e7bd1940c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CHqH3GHwoAMFVSw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641956fe-0a1578d857aa27bb521b4292;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 07:04:30 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: OLBdDXSEiTByfiQh1PHhDVU8PDQa7F9Irau-RrOJWC88bFMMt1FrEA==
via: 1.1 185f4b03b711932fc7e735c08fdc5abe.cloudfront.net (CloudFront), 1.1 618052a0d9c86c1a3bf663f82d041d1c.cloudfront.net (CloudFront), 1.1 google
date: Wed, 22 Mar 2023 07:05:24 GMT
age: 8282
etag: "2b6f011b911eb48604f22971afb21f61e4a14b70"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.feefo.com/api/feedback-image/5d34c5bfe4b0ce9f15ef8c8b
104.16.75.76200 OK 91 kB URL HTTP/2 www.feefo.com/api/feedback-image/5d34c5bfe4b0ce9f15ef8c8b
IP 104.16.75.76:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x512, components 3\012- data
Hash f0fa7fef205e4231b00d3a304fa376f9
9c702ea1caaf36cccefe76a86de84f9bc347bd5a
6460a91ebce805ab7b47cf96c0d4cb575720c5da6170572553b8517a522bd26f
GET /api/feedback-image/5d34c5bfe4b0ce9f15ef8c8b HTTP/1.1
Host: www.feefo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/jpeg
content-length: 90976
expires: Wed, 22 Mar 2023 10:23:26 GMT
cache-control: max-age=3600
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; always
x-kong-upstream-latency: 58
x-kong-proxy-latency: 0
via: kong/3.0.2
last-modified: Wed, 22 Mar 2023 09:23:26 GMT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7abd603c1be5b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.feefo.com/api/feedback-image/59ff8c23498ed7bcfc6d7e09
104.16.75.76200 OK 76 kB URL HTTP/2 www.feefo.com/api/feedback-image/59ff8c23498ed7bcfc6d7e09
IP 104.16.75.76:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x800, components 3\012- data
Hash ee830bbdc183dc262a93301bce4d9ee5
6b64110a411cd11c7adea948b91574a3952c2f21
f8e4cc775d731c32fd7fad709d26ff80f2a65cb1b61d30b1bc9169eea5dd5c0e
GET /api/feedback-image/59ff8c23498ed7bcfc6d7e09 HTTP/1.1
Host: www.feefo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/jpeg
content-length: 75913
expires: Wed, 22 Mar 2023 10:23:26 GMT
cache-control: max-age=3600
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; always
x-kong-upstream-latency: 72
x-kong-proxy-latency: 0
via: kong/3.0.2
last-modified: Wed, 22 Mar 2023 09:23:26 GMT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7abd603c1be7b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.gocollette.com/en/tours/north-america/canada/canadian-rockies-by-train?cm_mmc=Email-_-DomesticSale23-_-Hearst-_-US%20DTC&utm_source=Media&utm_medium=Email&utm_campaign=Hearst_DomesticSale23
151.101.66.132200 OK 567 B URL HTTP/2 www.gocollette.com/en/tours/north-america/canada/canadian-rockies-by-train?cm_mmc=Email-_-DomesticSale23-_-Hearst-_-US%20DTC&utm_source=Media&utm_medium=Email&utm_campaign=Hearst_DomesticSale23
IP 151.101.66.132:0
File type PNG image data, 89 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 1d73c8b6e0a452c1a558643cfe21d591
1c2d6a0e94b7311f9e983278f7bf763bdfd756e8
596ccad63c782953f2f3ba2e6e2ebc4ad17542bcca124b4ca7172999c0c5856b
GET /en/tours/north-america/canada/canadian-rockies-by-train?cm_mmc=Email-_-DomesticSale23-_-Hearst-_-US%20DTC&utm_source=Media&utm_medium=Email&utm_campaign=Hearst_DomesticSale23 HTTP/1.1
Host: www.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
cache-control: no-cache
content-type: text/html; charset=utf-8
server: Microsoft-IIS/10.0
x-ua-compatible: IE=edge,chrome=1
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
pragma: cache
x-pass-fastly-cache: False
accept-ranges: bytes
via: 1.1 varnish, 1.1 varnish
age: 544
date: Wed, 22 Mar 2023 09:23:26 GMT
x-served-by: cache-bos4631-BOS, cache-bma1662-BMA
x-cache: HIT, MISS
x-cache-hits: 10, 0
x-timer: S1679477006.774310,VS0,VE375
vvvv: 194
set-cookie: site-language=site=collette-us&language=en; path=/; SameSite=Strict; Secure; max-age=31536000; domain=gocollette.com
site-language=site=collette-us&language=en; path=/; SameSite=Strict; Secure; max-age=31536000; domain=gocollette.com
x-fastly-location: en, en
strict-transport-security: max-age=31557600
content-length: 644032
X-Firefox-Spdy: h2
api.feefo.com/api/logo?template=jtstars.png&since=all&nocache=true&merchantidentifier=collette-group&vendorref=148
104.16.75.76200 OK 567 B URL HTTP/2 api.feefo.com/api/logo?template=jtstars.png&since=all&nocache=true&merchantidentifier=collette-group&vendorref=148
IP 104.16.75.76:0
File type PNG image data, 89 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 1d73c8b6e0a452c1a558643cfe21d591
1c2d6a0e94b7311f9e983278f7bf763bdfd756e8
596ccad63c782953f2f3ba2e6e2ebc4ad17542bcca124b4ca7172999c0c5856b
GET /api/logo?template=jtstars.png&since=all&nocache=true&merchantidentifier=collette-group&vendorref=148 HTTP/1.1
Host: api.feefo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/png
content-length: 567
vary: Accept-Language, Accept-Encoding
expires: Thu, 23 Mar 2023 09:23:26 GMT
cache-control: max-age=86400
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; always
x-kong-upstream-latency: 71
x-kong-proxy-latency: 0
via: kong/3.0.2
last-modified: Wed, 22 Mar 2023 09:23:26 GMT
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 7abd603c8cc1b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ww2.feefo.com/api/feedback-image/5766b1f0498e0e62d7ef3cd4
104.16.75.76200 OK 70 kB URL HTTP/2 ww2.feefo.com/api/feedback-image/5766b1f0498e0e62d7ef3cd4
IP 104.16.75.76:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x597, components 3\012- data
Hash f8dcf3907d1d59e271ac532a127f4d42
44d3da08de0814def0204f518a93dcaea0a0caf1
3d982464f678cbfd695f268b500ff05c247ad8e3b8d92d2afebba57af29d2542
GET /api/feedback-image/5766b1f0498e0e62d7ef3cd4 HTTP/1.1
Host: ww2.feefo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/jpeg
content-length: 69908
expires: Wed, 22 Mar 2023 11:23:26 GMT
cache-control: max-age=7200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-kong-upstream-latency: 74
x-kong-proxy-latency: 0
via: kong/3.0.2
last-modified: Wed, 22 Mar 2023 09:23:26 GMT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7abd603c3c13b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ww2.feefo.com/api/feedback-image/5766b1f3498e0e62d7ef3d44
104.16.75.76200 OK 79 kB URL HTTP/2 ww2.feefo.com/api/feedback-image/5766b1f3498e0e62d7ef3d44
IP 104.16.75.76:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 450x800, components 3\012- data
Hash 869530ea3723206d2d5d539634fabd18
4365f418a674bd07d3d07c78053461eb79e61ba7
33801662d3906ae629d3f4188f0ca435c42b0904d32f64ae9a2ef0c1ca8d854b
GET /api/feedback-image/5766b1f3498e0e62d7ef3d44 HTTP/1.1
Host: ww2.feefo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/jpeg
content-length: 78786
expires: Wed, 22 Mar 2023 11:23:26 GMT
cache-control: max-age=7200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-kong-upstream-latency: 60
x-kong-proxy-latency: 0
via: kong/3.0.2
last-modified: Wed, 22 Mar 2023 09:23:26 GMT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7abd603c3c16b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ww2.feefo.com/api/feedback-image/5766b1ef498e0e62d7ef3cab
104.16.75.76200 OK 75 kB URL HTTP/2 ww2.feefo.com/api/feedback-image/5766b1ef498e0e62d7ef3cab
IP 104.16.75.76:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x597, components 3\012- data
Hash 68587295ea834e0e3313b8ce22a2d677
9268aaa976a77403a11a009473a0b6ddad543c12
2680b4d716f44a3eda91a293b8aa94d6e8dd2e8e76c8c46441155e77865d3ed7
GET /api/feedback-image/5766b1ef498e0e62d7ef3cab HTTP/1.1
Host: ww2.feefo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/jpeg
content-length: 74950
expires: Wed, 22 Mar 2023 11:23:26 GMT
cache-control: max-age=7200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-kong-upstream-latency: 63
x-kong-proxy-latency: 1
via: kong/3.0.2
last-modified: Wed, 22 Mar 2023 09:23:26 GMT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7abd603c3c18b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ww2.feefo.com/api/feedback-image/57858f1e498e64930fdb151f
104.16.75.76200 OK 144 kB URL HTTP/2 ww2.feefo.com/api/feedback-image/57858f1e498e64930fdb151f
IP 104.16.75.76:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x600, components 3\012- data
Size 144 kB (143636 bytes)
Hash 8f7e60f3560e85a9fae98c2273fa56fb
08f848eef83c2dce4962c7f642e56a7e40ab0115
36e1085793fdff3b13f995724861246e5b3657243628e912e804d49ca2dd2ce4
GET /api/feedback-image/57858f1e498e64930fdb151f HTTP/1.1
Host: ww2.feefo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/jpeg
content-length: 143636
expires: Wed, 22 Mar 2023 11:23:26 GMT
cache-control: max-age=7200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-kong-upstream-latency: 60
x-kong-proxy-latency: 0
via: kong/3.0.2
last-modified: Wed, 22 Mar 2023 09:23:26 GMT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7abd603c3c25b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.feefo.com/api/logo?template=jtstars.png&since=all&nocache=true&merchantidentifier=collette-group&vendorref=493
104.16.75.76200 OK 567 B URL HTTP/2 api.feefo.com/api/logo?template=jtstars.png&since=all&nocache=true&merchantidentifier=collette-group&vendorref=493
IP 104.16.75.76:0
File type PNG image data, 89 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 1d73c8b6e0a452c1a558643cfe21d591
1c2d6a0e94b7311f9e983278f7bf763bdfd756e8
596ccad63c782953f2f3ba2e6e2ebc4ad17542bcca124b4ca7172999c0c5856b
GET /api/logo?template=jtstars.png&since=all&nocache=true&merchantidentifier=collette-group&vendorref=493 HTTP/1.1
Host: api.feefo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/png
content-length: 567
vary: Accept-Language, Accept-Encoding
expires: Thu, 23 Mar 2023 09:23:26 GMT
cache-control: max-age=86400
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; always
x-kong-upstream-latency: 77
x-kong-proxy-latency: 0
via: kong/3.0.2
last-modified: Wed, 22 Mar 2023 09:23:26 GMT
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 7abd603c7cacb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ww2.feefo.com/api/feedback-image/578a8f63498e685a6a3ace66
104.16.75.76200 OK 122 kB URL HTTP/2 ww2.feefo.com/api/feedback-image/578a8f63498e685a6a3ace66
IP 104.16.75.76:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 720x800, components 3\012- data
Size 122 kB (121998 bytes)
Hash fa3c618528acee043244fcefc0ecc272
a8ffa3df6db999decc0da918af8fbc0c7d2d146e
0c31943c1f914dc3803d69025cc3aff890550f93d3e8fa8fc1c31e1dd37a7417
GET /api/feedback-image/578a8f63498e685a6a3ace66 HTTP/1.1
Host: ww2.feefo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/jpeg
content-length: 121998
expires: Wed, 22 Mar 2023 11:23:26 GMT
cache-control: max-age=7200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-kong-upstream-latency: 63
x-kong-proxy-latency: 0
via: kong/3.0.2
last-modified: Wed, 22 Mar 2023 09:23:26 GMT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7abd603c3c0cb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ww2.feefo.com/api/feedback-image/578a8f63498e685a6a3ace70
104.16.75.76200 OK 83 kB URL HTTP/2 ww2.feefo.com/api/feedback-image/578a8f63498e685a6a3ace70
IP 104.16.75.76:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 450x800, components 3\012- data
Hash 5fee78ff436a72db09047bd0e9787d0f
548afc1523fdef71304f6e5b09145578bfdf88eb
fcfbb01ce97d0a86ef97d7d73365697e1b177df0b286d228012e404a1d8e2d82
GET /api/feedback-image/578a8f63498e685a6a3ace70 HTTP/1.1
Host: ww2.feefo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/jpeg
content-length: 83218
expires: Wed, 22 Mar 2023 11:23:26 GMT
cache-control: max-age=7200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-kong-upstream-latency: 56
x-kong-proxy-latency: 0
via: kong/3.0.2
last-modified: Wed, 22 Mar 2023 09:23:26 GMT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7abd603c3c22b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ww2.feefo.com/api/feedback-image/57c8d92a498e6a71af9c15a7
104.16.75.76200 OK 92 kB URL HTTP/2 ww2.feefo.com/api/feedback-image/57c8d92a498e6a71af9c15a7
IP 104.16.75.76:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x600, components 3\012- data
Hash 387fb5c30c445ceafb175a27e90aef26
b414472edf4bfc00f5a0e60880e5c7b8bf69d8fa
743e88f14c95182e8a4c0be2fbca22f88079f76ac64d96801775c26cbf534d12
GET /api/feedback-image/57c8d92a498e6a71af9c15a7 HTTP/1.1
Host: ww2.feefo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/jpeg
content-length: 92407
expires: Wed, 22 Mar 2023 11:23:26 GMT
cache-control: max-age=7200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-kong-upstream-latency: 81
x-kong-proxy-latency: 1
via: kong/3.0.2
last-modified: Wed, 22 Mar 2023 09:23:26 GMT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7abd603c3c1db527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ww2.feefo.com/api/feedback-image/5766b1f4498e0e62d7ef3d69
104.16.75.76200 OK 138 kB URL HTTP/2 ww2.feefo.com/api/feedback-image/5766b1f4498e0e62d7ef3d69
IP 104.16.75.76:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x597, components 3\012- data
Size 138 kB (138433 bytes)
Hash 657fae17add1c22040631e1186e044c7
3bc92f2aa8b1aa7b3a0e8560b4c13f261dc57014
06e91643c443646516c937734a322a58151d37867e0fb69b2900a4cec7b6df8b
GET /api/feedback-image/5766b1f4498e0e62d7ef3d69 HTTP/1.1
Host: ww2.feefo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/jpeg
content-length: 138433
expires: Wed, 22 Mar 2023 11:23:26 GMT
cache-control: max-age=7200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-kong-upstream-latency: 82
x-kong-proxy-latency: 0
via: kong/3.0.2
last-modified: Wed, 22 Mar 2023 09:23:26 GMT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7abd603c3c12b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash b6afecf4bfd9417d0db7af1ce338b842
2d962da890b6df8bf4a1f0e1597eb250a56c0190
cf0ba6def2078bc1c5efcadffa816d8211d73b1e77121935523e896dc5af793a
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=134888
Date: Wed, 22 Mar 2023 09:23:26 GMT
Etag: "641a20ce-1d7"
Expires: Thu, 23 Mar 2023 22:51:34 GMT
Last-Modified: Tue, 21 Mar 2023 21:25:34 GMT
Server: ECAcc (bsa/EACA)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: E7KpPLAYIV5jc-3UEkQ05-E5tM8Y2sjzDY4wZEhTvO24N1Dp2E_wZw==
Age: 5160
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 018a160003559f69db9c738f68b4a454
388f02289d8b0c789f86d6df3dbbd1ddd05af41b
92385007d3a6ce4d116c91a0fd5afa71bfea923743c4065f014f5ce5a45ffe16
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 22 Mar 2023 09:23:26 GMT
Last-Modified: Wed, 22 Mar 2023 08:39:07 GMT
Server: ECAcc (bsa/EA8F)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: TzSAcaVTBl0OkrT8Kq0x3tgh2THjEABKu-WhYGwtbZJSofMJa258mQ==
Age: 2659
i.gocollette.com/tour-media-manager/tours/north-america/canada/5/packages/master-package/search-result-image/bestofcandaftmontreal_searchimg.jpg
185.76.9.21200 OK 119 kB URL HTTP/2 i.gocollette.com/tour-media-manager/tours/north-america/canada/5/packages/master-package/search-result-image/bestofcandaftmontreal_searchimg.jpg
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 450x300, components 3\012- data
Size 119 kB (119256 bytes)
Hash 47108b54b74b799c31dfb3bc93463c80
757f9b69cbcf0f59f0a71d7901ae0ab5f7400c94
913ed9f84bc0b48e9d56b8ede62694fe38d4c43eea6fdc294554d8cb6354f194
GET /tour-media-manager/tours/north-america/canada/5/packages/master-package/search-result-image/bestofcandaftmontreal_searchimg.jpg HTTP/1.1
Host: i.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/jpeg
content-length: 119256
last-modified: Fri, 21 Sep 2018 13:29:35 GMT
etag: "5ba4f23f-1d1d8"
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: AblMCRTVkc+h
x-77-nzt-ray: af5856305262941b0ec91a6474fe071c
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
libs.coremetrics.com/eluminate.js
104.110.11.108200 OK 44 kB URL HTTP/1.1 libs.coremetrics.com/eluminate.js
IP 104.110.11.108:0
File type ASCII text, with very long lines (65012), with CRLF line terminators
Hash 33fb06791e1e18cc8a1cab5002f2a158
5122b8edc24d6d7f2d027f00a99493040ac0fd5c
3ace04894bd6eeb731c097b1edb44bdec42b7fa83d364cd8705aa6b8eb5120c9
GET /eluminate.js HTTP/1.1
Host: libs.coremetrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "83394aeb894a3082735d0600850908f4:1634567904.960225"
Last-Modified: Mon, 18 Oct 2021 14:38:24 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 22 Mar 2023 09:23:27 GMT
Transfer-Encoding: chunked
Connection: keep-alive, Transfer-Encoding
js.adsrvr.org/up_loader.1.1.0.js
54.230.241.118200 OK 1.9 kB URL HTTP/1.1 js.adsrvr.org/up_loader.1.1.0.js
IP 54.230.241.118:0
File type ASCII text, with very long lines (4593), with no line terminators
Hash 8dc722d27824e60548fd25752623cd07
33d66ad1a4a162e2d6c9ed732d6c9af79635fc4d
14ce9119fe06fb2d363ba3c824e9f5b3f212f1f39dfab38c836fa13a20daec1b
GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Wed, 22 Mar 2023 07:56:03 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 6259d2cd8a5947ad41a420527bbed7a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: EVBSwOTyrEn2AM6cfTqNK3IXMnpn2ZyKZE6pJI411i1B9gg9HcLGWg==
Age: 5245
ww2.feefo.com/api/feedback-image/57858f1e498e64930fdb1533
104.16.75.76200 OK 126 kB URL HTTP/2 ww2.feefo.com/api/feedback-image/57858f1e498e64930fdb1533
IP 104.16.75.76:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x600, components 3\012- data
Size 126 kB (126019 bytes)
Hash ea1ae4d5392703b33a40dc2cfc9b310e
79be0c5dc0d81d985abe8effc0c4a76810c2c3c5
db9f5e5738acc93f6da08e55ca3a4c1038439bd735036413fc0633be02706a59
GET /api/feedback-image/57858f1e498e64930fdb1533 HTTP/1.1
Host: ww2.feefo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/jpeg
content-length: 126019
expires: Wed, 22 Mar 2023 11:23:26 GMT
cache-control: max-age=7200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-kong-upstream-latency: 102
x-kong-proxy-latency: 1
via: kong/3.0.2
last-modified: Wed, 22 Mar 2023 09:23:26 GMT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7abd603c3c1fb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.feefo.com/api/logo?template=jtstars.png&since=all&nocache=true&merchantidentifier=collette-group&vendorref=216
104.16.75.76200 OK 593 B URL HTTP/2 api.feefo.com/api/logo?template=jtstars.png&since=all&nocache=true&merchantidentifier=collette-group&vendorref=216
IP 104.16.75.76:0
File type PNG image data, 89 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash f3b4e29cd4df3282d1634d6c8d0d12d8
3919a5b15d4a2645d43a1afc4f9f7abe9cf7426f
8bb44038b3f3913276e1e0a51eb79291f1e1c2060e35ae3b7ef0295f93fd139d
GET /api/logo?template=jtstars.png&since=all&nocache=true&merchantidentifier=collette-group&vendorref=216 HTTP/1.1
Host: api.feefo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/png
content-length: 593
vary: Accept-Language, Accept-Encoding
expires: Thu, 23 Mar 2023 09:23:26 GMT
cache-control: max-age=86400
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; always
x-kong-upstream-latency: 48
x-kong-proxy-latency: 1
via: kong/3.0.2
last-modified: Wed, 22 Mar 2023 09:23:26 GMT
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 7abd603cdd34b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ww2.feefo.com/api/feedback-image/578a8f62498e685a6a3ace5b
104.16.75.76200 OK 95 kB URL HTTP/2 ww2.feefo.com/api/feedback-image/578a8f62498e685a6a3ace5b
IP 104.16.75.76:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x450, components 3\012- data
Hash 4719320ee01fdbd8fdf625f554707718
80729563aa7f2762674d47b516a49f52c0767b2e
842a347d0489c301691aed5e76c5ca0153469a183e627ca404b01daf9bd9d94c
GET /api/feedback-image/578a8f62498e685a6a3ace5b HTTP/1.1
Host: ww2.feefo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/jpeg
content-length: 94584
expires: Wed, 22 Mar 2023 11:23:26 GMT
cache-control: max-age=7200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-kong-upstream-latency: 85
x-kong-proxy-latency: 1
via: kong/3.0.2
last-modified: Wed, 22 Mar 2023 09:23:26 GMT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7abd603c6c80b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/popover.js
151.101.194.110200 OK 28 kB URL HTTP/2 fast.wistia.com/assets/external/popover.js
IP 151.101.194.110:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 308a956322f5a2e8579bfbdb03b0728a
8ae91de899b901696f381faf5e0c1bfec93546f3
9952eae1d352ff2377e2b917de28ade672f7dc609030140457ad1bc3406db9a9
GET /assets/external/popover.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 21 Mar 2023 18:30:55 GMT
etag: "308a956322f5a2e8579bfbdb03b0728a"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Wed, 22 Mar 2023 09:23:27 GMT
age: 191
x-served-by: cache-iad-kiad7000106-IAD, cache-bma1620-BMA
x-cache: HIT, HIT
x-cache-hits: 81, 4
x-timer: S1679477007.081373,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: e4df25371907fe478cb7556652bc90dde32449d6
content-length: 27472
X-Firefox-Spdy: h2
api.feefo.com/api/logo?template=jtstars.png&nocache=true&since=all&merchantidentifier=collette-group&vendorref=371
104.16.75.76200 OK 567 B URL HTTP/2 api.feefo.com/api/logo?template=jtstars.png&nocache=true&since=all&merchantidentifier=collette-group&vendorref=371
IP 104.16.75.76:0
File type PNG image data, 89 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 1d73c8b6e0a452c1a558643cfe21d591
1c2d6a0e94b7311f9e983278f7bf763bdfd756e8
596ccad63c782953f2f3ba2e6e2ebc4ad17542bcca124b4ca7172999c0c5856b
GET /api/logo?template=jtstars.png&nocache=true&since=all&merchantidentifier=collette-group&vendorref=371 HTTP/1.1
Host: api.feefo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:27 GMT
content-type: image/png
content-length: 567
vary: Accept-Language, Accept-Encoding
expires: Thu, 23 Mar 2023 09:23:26 GMT
cache-control: max-age=86400
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; always
x-kong-upstream-latency: 48
x-kong-proxy-latency: 1
via: kong/3.0.2
last-modified: Wed, 22 Mar 2023 09:23:27 GMT
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 7abd603d1dbab527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.feefo.com/api/feedback-image/59ff8c22498ed7bcfc6d7dec
104.16.75.76200 OK 83 kB URL HTTP/2 www.feefo.com/api/feedback-image/59ff8c22498ed7bcfc6d7dec
IP 104.16.75.76:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x600, components 3\012- data
Hash 8130bdd5f679e5d20b34b285405a96c4
5c15442af1fac280db9e74e8cb0560ee18f1090e
902f9af95f07a6dd03fe763be6e5daa10a364d5129ef787ae6efa020739cc201
GET /api/feedback-image/59ff8c22498ed7bcfc6d7dec HTTP/1.1
Host: www.feefo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:27 GMT
content-type: image/jpeg
content-length: 83024
expires: Wed, 22 Mar 2023 10:23:26 GMT
cache-control: max-age=3600
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; always
x-kong-upstream-latency: 80
x-kong-proxy-latency: 0
via: kong/3.0.2
last-modified: Wed, 22 Mar 2023 09:23:27 GMT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7abd603cdd47b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/wistia-mux.js
151.101.194.110200 OK 31 kB URL HTTP/2 fast.wistia.com/assets/external/wistia-mux.js
IP 151.101.194.110:0
File type ASCII text, with very long lines (65468)
Hash fa03c21a6e8952e171cdcd98dcfa7b3c
e24d08b3ba411a5f3d4f6b0fd94010a24a7173b4
6d4c76da123aaa59aef4ff4c5b28c086570f2fb8c606bcfe497d9de352f18151
GET /assets/external/wistia-mux.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 21 Mar 2023 18:30:56 GMT
etag: "fa03c21a6e8952e171cdcd98dcfa7b3c"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Wed, 22 Mar 2023 09:23:27 GMT
age: 91
x-served-by: cache-iad-kcgs7200136-IAD, cache-bma1620-BMA
x-cache: HIT, HIT
x-cache-hits: 70, 7
x-timer: S1679477007.087170,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: e4df25371907fe478cb7556652bc90dde32449d6
content-length: 31306
X-Firefox-Spdy: h2
www.feefo.com/api/feedback-image/5c2fe4cfe4b0766e23e21cdf
104.16.75.76200 OK 52 kB URL HTTP/2 www.feefo.com/api/feedback-image/5c2fe4cfe4b0766e23e21cdf
IP 104.16.75.76:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 480x640, components 3\012- data
Hash a02759421be9406c91cca32e2b17dd90
d48106565f70496c596789e81b9efbfcf7cde37e
07a0f53f897b9c1ec08c9fa718adf0f37674bdc735114fef96d3569ff58e26ea
GET /api/feedback-image/5c2fe4cfe4b0766e23e21cdf HTTP/1.1
Host: www.feefo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:27 GMT
content-type: image/jpeg
content-length: 52024
expires: Wed, 22 Mar 2023 10:23:27 GMT
cache-control: max-age=3600
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; always
x-kong-upstream-latency: 67
x-kong-proxy-latency: 0
via: kong/3.0.2
last-modified: Wed, 22 Mar 2023 09:23:27 GMT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7abd603d0d94b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pixel.mathtag.com/event/js?mt_id=1113133&mt_adid=178979&v1=&v2=Travel+Package&v3=North+America&v4=Canada&v5=Canadian+Rockies+By+Train&v6=Collette&v7=&s1=&s2=&s3=en
23.38.200.207200 OK 1.4 kB URL HTTP/1.1 pixel.mathtag.com/event/js?mt_id=1113133&mt_adid=178979&v1=&v2=Travel+Package&v3=North+America&v4=Canada&v5=Canadian+Rockies+By+Train&v6=Collette&v7=&s1=&s2=&s3=en
IP 23.38.200.207:0
Hash 58fe2b49082d36583062ff560d784edb
b105789aaf8bd87ae19b661b63369ceed4bd757c
8474ab55d61ce754590eab34b730f21ea21b980a537852a3ea3b6421352ce8aa
GET /event/js?mt_id=1113133&mt_adid=178979&v1=&v2=Travel+Package&v3=North+America&v4=Canada&v5=Canadian+Rockies+By+Train&v6=Collette&v7=&s1=&s2=&s3=en HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/javascript
Content-Length: 1439
Access-Control-Allow-Origin: *
Server: MT3 622 a74c1f2 master iad-pixel-x24 config_version:"unknown"
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Wed, 22 Mar 2023 09:23:26 GMT
Date: Wed, 22 Mar 2023 09:23:27 GMT
Connection: keep-alive
Set-Cookie: uuid=325f641a-c90f-4100-824c-a3eb5eb31d49; domain=.mathtag.com; path=/; expires=Thu, 18-Apr-2024 09:23:27 GMT; SameSite=None; Secure
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 76e62fa6623d782ab99ffe8585df735b
75e377f2c50ddb0a5a68c5f7b28830d3a5d67c8f
59e93afd5465a4a2cb8bbc0a3565aa6fdd16e017b30f4e4daa1288695661a024
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=132728
Date: Wed, 22 Mar 2023 09:23:27 GMT
Etag: "641a2233-1d7"
Expires: Thu, 23 Mar 2023 22:15:35 GMT
Last-Modified: Tue, 21 Mar 2023 21:31:31 GMT
Server: ECAcc (nya/796A)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: af5oNNTDbn0JPQL8p6K0AhhNoZDVklcahC2GjJnF92_Hn5kyLMdz6w==
Age: 2644
www.gocollette.com/layouts/system/VisitorIdentification.js
151.101.66.132200 OK 2.3 kB URL HTTP/2 www.gocollette.com/layouts/system/VisitorIdentification.js
IP 151.101.66.132:0
File type Unicode text, UTF-8 (with BOM) text, with CRLF line terminators
Hash 3f2ef03f82ee02dd6b9d71c4f0e73bca
c7ec8bc0af1bddb22d3a6fed516962a145fff4db
36b999c4def4aa0163b440531d4c2036452c27da48ab19ec85683001e0ffb7ba
GET /layouts/system/VisitorIdentification.js HTTP/1.1
Host: www.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/en/tours/north-america/canada/canadian-rockies-by-train?cm_mmc=Email-_-DomesticSale23-_-Hearst-_-US%20DTC&utm_source=Media&utm_medium=Email&utm_campaign=Hearst_DomesticSale23
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: application/javascript
last-modified: Thu, 16 Mar 2023 18:26:58 GMT
accept-ranges: bytes
etag: "642ccce43458d91:0"
server: Microsoft-IIS/10.0
x-ua-compatible: IE=edge,chrome=1
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-pass-fastly-cache: True
date: Wed, 22 Mar 2023 09:23:27 GMT
via: 1.1 varnish
x-served-by: cache-bma1662-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679477007.702779,VS0,VE439
vary: Accept-Encoding
vvvv: 194
strict-transport-security: max-age=31557600
content-length: 2286
X-Firefox-Spdy: h2
api.feefo.com/api/logo?template=jtstars.png&since=all&nocache=true&merchantidentifier=collette-group&vendorref=609
104.16.75.76200 OK 506 B URL HTTP/2 api.feefo.com/api/logo?template=jtstars.png&since=all&nocache=true&merchantidentifier=collette-group&vendorref=609
IP 104.16.75.76:0
File type PNG image data, 89 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 0f72f1f4385551bb55296e3a8e06abf1
d7e689d3e2caa34105474e43b4f975ecf4868ff7
edce323b92b1db6bdbf937a2e7facd0d4694f4e86e1558f16751572d94174ea1
GET /api/logo?template=jtstars.png&since=all&nocache=true&merchantidentifier=collette-group&vendorref=609 HTTP/1.1
Host: api.feefo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:27 GMT
content-type: image/png
content-length: 506
vary: Accept-Language, Accept-Encoding
expires: Thu, 23 Mar 2023 09:23:27 GMT
cache-control: max-age=86400
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; always
x-kong-upstream-latency: 78
x-kong-proxy-latency: 0
via: kong/3.0.2
last-modified: Wed, 22 Mar 2023 09:23:27 GMT
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 7abd603dfef3b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.godaddy.com/
192.124.249.22200 OK 1.8 kB IP 192.124.249.22:0
Hash 205ca725d32e66e0228029ee6e265d21
647cbecd23756d171d3317816124e4da948dd20c
e133fbb9d1d1f92804d320781ad9ca12d75e0b70e492439b679ed24cff8eb483
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 75
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Wed, 22 Mar 2023 09:23:26 GMT
Content-Type: application/ocsp-response
Content-Length: 1777
Connection: keep-alive
X-Sucuri-ID: 19022
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Tue, 21 Mar 2023 18:52:54 GMT
Expires: Wed, 22 Mar 2023 18:52:54 GMT
ETag: "647cbecd23756d171d3317816124e4da948dd20c"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
www.feefo.com/api/feedback-image/59ff8c20498ed7bcfc6d7dbe
104.16.75.76200 OK 104 kB URL HTTP/2 www.feefo.com/api/feedback-image/59ff8c20498ed7bcfc6d7dbe
IP 104.16.75.76:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x638, components 3\012- data
Size 104 kB (103867 bytes)
Hash da0595479d5dcab420e116956c14e4d7
8c2185c05f7d68d99e28e291d9a5f08ef0e0f59b
d49b02af926ca307de18729ca0d7bb0d30a512eef80131672bfa295a3446c36e
GET /api/feedback-image/59ff8c20498ed7bcfc6d7dbe HTTP/1.1
Host: www.feefo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:27 GMT
content-type: image/jpeg
content-length: 103867
expires: Wed, 22 Mar 2023 10:23:27 GMT
cache-control: max-age=3600
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; always
x-kong-upstream-latency: 73
x-kong-proxy-latency: 0
via: kong/3.0.2
last-modified: Wed, 22 Mar 2023 09:23:27 GMT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7abd603e4f6cb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.feefo.com/api/feedback-image/59ff8c21498ed7bcfc6d7dd8
104.16.75.76200 OK 92 kB URL HTTP/2 www.feefo.com/api/feedback-image/59ff8c21498ed7bcfc6d7dd8
IP 104.16.75.76:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x600, components 3\012- data
Hash 393da950d65af5438ba9439e4d8cc0f6
5abb4935dad6a900c04bf53ad302d5c1193b064b
5910e428dd7bca62957fc49266d6a7e06b5b02eaf26e671c9dd5271ab935ce79
GET /api/feedback-image/59ff8c21498ed7bcfc6d7dd8 HTTP/1.1
Host: www.feefo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:27 GMT
content-type: image/jpeg
content-length: 91882
expires: Wed, 22 Mar 2023 10:23:27 GMT
cache-control: max-age=3600
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; always
x-kong-upstream-latency: 78
x-kong-proxy-latency: 0
via: kong/3.0.2
last-modified: Wed, 22 Mar 2023 09:23:27 GMT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7abd603e4f6db527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ww2.feefo.com/api/feedback-image/59931ba3498e9aae8f27eb11
104.16.75.76200 OK 11 kB URL HTTP/2 ww2.feefo.com/api/feedback-image/59931ba3498e9aae8f27eb11
IP 104.16.75.76:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 256x192, components 3\012- data
Hash 69ad6955c123585b02cfe06b573fb713
e8fa1ddff0f5ddeabe048efd0be7e0a3f4ab2740
c2d392619c2843b01af86e1a5f4ed644b6bb59dda899f4d8be43db8155d26ee7
GET /api/feedback-image/59931ba3498e9aae8f27eb11 HTTP/1.1
Host: ww2.feefo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:27 GMT
content-type: image/jpeg
content-length: 11204
expires: Wed, 22 Mar 2023 11:23:27 GMT
cache-control: max-age=7200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-kong-upstream-latency: 97
x-kong-proxy-latency: 1
via: kong/3.0.2
last-modified: Wed, 22 Mar 2023 09:23:27 GMT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7abd603e4f76b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.0/css/all.css
172.64.133.15200 OK 93 kB URL HTTP/2 use.fontawesome.com/releases/v5.7.0/css/all.css
IP 172.64.133.15:0
File type ASCII text, with very long lines (54456)
Hash aa4935a14bb4ceb5e5c636e4e0083564
b711fd66161226c9bf7ad4f449938a622b91df16
a011ef743a4c21cfdac65479a2df898d6cecf34c457bf0d1889cd92b29724b7f
GET /releases/v5.7.0/css/all.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.gocollette.com
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: text/css
x-amz-id-2: WbjVTWZ8nZ3kjZgvyaOMMwW4rGwqnrFqBRg0KJuX0wzj+PMasnohgSNp6En35QfAQCtiUV2n2nY=
x-amz-request-id: NVJXN9ETBJGQ56YD
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:15 GMT
etag: W/"251d28bd755f5269a4531df8a81d5664"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1212991
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OCEx8UhYrD5IULIobNSzekxkqFfTrlPWWxHyhOdw9AYgVVghDGDx%2Bpryo8YeVPWjlDlHnLg6XS2jUp9dPvEmkU0yiKftW6LDIbIYsoYRFBCMOKPU4MUsMvUkLxcPlDe8yrsO9OLs"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7abd6039ba877427-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
dx.mountain.com/spx?dxver=4.0.0&shaid=32987&tdr=&plh=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&cb=92651907334121940term=value
52.7.151.245200 OK 4.1 kB URL HTTP/1.1 dx.mountain.com/spx?dxver=4.0.0&shaid=32987&tdr=&plh=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&cb=92651907334121940term=value
IP 52.7.151.245:0
File type ASCII text, with very long lines (15171), with no line terminators
Hash 8eb368e1f4376ca805a13537943e4fff
8faf7e4daacd44b74fbcb7b33b4cc533d7228f03
408065394b227598216bf7ff361a4c8c6caab65d924da33a17ad826b8a7297cd
GET /spx?dxver=4.0.0&shaid=32987&tdr=&plh=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&cb=92651907334121940term=value HTTP/1.1
Host: dx.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
vary: origin,access-control-request-method,access-control-request-headers,accept-encoding
expires: Thu, 01 Jan 1970 00:00:00 GMT
content-encoding: gzip
content-type: application/javascript;charset=utf-8
date: Wed, 22 Mar 2023 09:23:27 GMT
x-envoy-upstream-service-time: 1
be: spx-prod
server: istio-envoy
transfer-encoding: chunked
i.gocollette.com/tour-media-manager/tours/north-america/canada/371/packages/master-package/top-carousel/canadian-rockies-by-train-ts371-2023-hero_1.jpg
185.76.9.21200 OK 1.0 MB URL HTTP/2 i.gocollette.com/tour-media-manager/tours/north-america/canada/371/packages/master-package/top-carousel/canadian-rockies-by-train-ts371-2023-hero_1.jpg
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type JPEG image data, JFIF standard 1.02, resolution (DPI), density 72x72, segment length 16, progressive, precision 8, 1540x565, components 3\012- data
Size 1.0 MB (1022254 bytes)
Hash d6f5f1c3a8b4b88583d85c978d77fb6f
4b1f4ed2c80e85b71baf684a572bbcf0402bb76a
0f9da3c05dc7d072986574593a55325355526a70c1850a38daeee3be5029ff26
GET /tour-media-manager/tours/north-america/canada/371/packages/master-package/top-carousel/canadian-rockies-by-train-ts371-2023-hero_1.jpg HTTP/1.1
Host: i.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/jpeg
content-length: 1022254
last-modified: Wed, 23 Nov 2022 16:38:23 GMT
etag: "637e4c7f-f992e"
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: AblMCRTCZ4yh
x-77-nzt-ray: af5856305262941b0ec91a64c4918619
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
view.vzaar.com/7599623/thumb
35.172.176.246302 Found 0 B URL HTTP/2 view.vzaar.com/7599623/thumb
IP 35.172.176.246:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /7599623/thumb HTTP/1.1
Host: view.vzaar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: awselb/2.0
content-type: image/*
content-length: 0
location: https://universe-files.vzaar.com/vzaar/vz3/b52/target/vz3b5235daf15b4fa491f4d24d99fa300a_thumb.jpg
x-robots-tag: noindex, nofollow
x-amzn-trace-id: Root=1-641ac90f-101130ed5f4dabef02837321;Sampled=0
x-amz-apigw-id: CLRabFNdIAMFX1Q=
access-control-allow-origin: *
content-disposition: inline
x-amzn-requestid: d519301b-5bf1-4615-bc83-f6c1cc410112
date: Wed, 22 Mar 2023 09:23:27 GMT
X-Firefox-Spdy: h2
ww2.feefo.com/api/feedback-image/57a086c3498edbec89666f1e
104.16.75.76200 OK 140 kB URL HTTP/2 ww2.feefo.com/api/feedback-image/57a086c3498edbec89666f1e
IP 104.16.75.76:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x600, components 3\012- data
Size 140 kB (139922 bytes)
Hash ce7471a051a74b8fecf186daa83b9783
342cbb8b73c01d5457078d695be148879d545704
88c7c3b136c54a8e7842ad087c19d5205fe45b555b72e8a0f3ee60d0c33c5b2a
GET /api/feedback-image/57a086c3498edbec89666f1e HTTP/1.1
Host: ww2.feefo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:27 GMT
content-type: image/jpeg
content-length: 139922
expires: Wed, 22 Mar 2023 11:23:27 GMT
cache-control: max-age=7200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-kong-upstream-latency: 369
x-kong-proxy-latency: 1
via: kong/3.0.2
last-modified: Wed, 22 Mar 2023 09:23:27 GMT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7abd603c3c1cb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ww2.feefo.com/api/feedback-image/597e4b9d498efb1fe0eb290f
104.16.75.76200 OK 81 kB URL HTTP/2 ww2.feefo.com/api/feedback-image/597e4b9d498efb1fe0eb290f
IP 104.16.75.76:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x533, components 3\012- data
Hash 2ab07d9631e78ba1efe4aa2a6440e91c
5461ce39c79e2205ecddd4ee1224e6e71dc573c2
80834edaf0745a3a91e8ff8932d9a2aa3f9515c9341279bc30bb3dcce6091563
GET /api/feedback-image/597e4b9d498efb1fe0eb290f HTTP/1.1
Host: ww2.feefo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:27 GMT
content-type: image/jpeg
content-length: 80801
expires: Wed, 22 Mar 2023 11:23:27 GMT
cache-control: max-age=7200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-kong-upstream-latency: 235
x-kong-proxy-latency: 0
via: kong/3.0.2
last-modified: Wed, 22 Mar 2023 09:23:27 GMT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7abd603e5f7ab527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
view.vzaar.com/7636500/thumb
35.172.176.246302 Found 0 B URL HTTP/2 view.vzaar.com/7636500/thumb
IP 35.172.176.246:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /7636500/thumb HTTP/1.1
Host: view.vzaar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: awselb/2.0
content-type: image/*
content-length: 0
location: https://universe-files.vzaar.com/vzaar/vzb/77a/target/vzb77a30aa327c4f8e8f1495dbbee56ff5_thumb.jpg
x-robots-tag: noindex, nofollow
x-amzn-trace-id: Root=1-641ac90f-7fc929c9741c51d232c6aeb9;Sampled=0
x-amz-apigw-id: CLRabFQ9oAMFyUQ=
access-control-allow-origin: *
content-disposition: inline
x-amzn-requestid: 3530f541-bff5-4e9b-9137-cc0fff0fe20e
date: Wed, 22 Mar 2023 09:23:27 GMT
X-Firefox-Spdy: h2
servedby.flashtalking.com/container/12457;92414;9555;iframe/?spotName=Retargeting_Spotlight&U1=Canadian+Rockies+By+Train&U2=North+America&U3=Canada&U4=Canadian+Rockies+by+Train&cachebuster=139364.53071947163
104.88.10.141200 OK 1.1 kB URL HTTP/1.1 servedby.flashtalking.com/container/12457;92414;9555;iframe/?spotName=Retargeting_Spotlight&U1=Canadian+Rockies+By+Train&U2=North+America&U3=Canada&U4=Canadian+Rockies+by+Train&cachebuster=139364.53071947163
IP 104.88.10.141:0
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (657)
Hash f89aeaaab2e63af7805c673a156d1ccc
536cee5537886793cb5b028cfebbdc09c3271a8c
ca210da7dfb7cbb34e84e322b3b498e2d5a379e2ad862d58972cad615efdda05
GET /container/12457;92414;9555;iframe/?spotName=Retargeting_Spotlight&U1=Canadian+Rockies+By+Train&U2=North+America&U3=Canada&U4=Canadian+Rockies+by+Train&cachebuster=139364.53071947163 HTTP/1.1
Host: servedby.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html
Server: prod-xre-app5.frk11
Content-Encoding: gzip
Expires: Wed, 22 Mar 2023 09:23:27 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 22 Mar 2023 09:23:27 GMT
Content-Length: 1102
Connection: keep-alive
Vary: Accept-Encoding
Strict-Transport-Security: max-age=86400
ww2.feefo.com/api/feedback-image/5987ca17498e3bb87e6e8192
104.16.75.76200 OK 159 kB URL HTTP/2 ww2.feefo.com/api/feedback-image/5987ca17498e3bb87e6e8192
IP 104.16.75.76:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 600x800, components 3\012- data
Size 159 kB (159058 bytes)
Hash 65fa92d0f912e2e535f601e8847139c6
65704c619b7ee213c7844e67535d33837d31199a
b4fda4e0b26d3fb2372ef80ff92d1cab9f803eb0ba0018f88ced5650d4428b1d
GET /api/feedback-image/5987ca17498e3bb87e6e8192 HTTP/1.1
Host: ww2.feefo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:27 GMT
content-type: image/jpeg
content-length: 159058
expires: Wed, 22 Mar 2023 11:23:27 GMT
cache-control: max-age=7200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-kong-upstream-latency: 147
x-kong-proxy-latency: 0
via: kong/3.0.2
last-modified: Wed, 22 Mar 2023 09:23:27 GMT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7abd603e5f77b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
api.feefo.com/api/logo?template=product-stars-white-200x50_en.png&nocache=true&since=all&merchantidentifier=collette-group&vendorref=371
104.16.75.76200 OK 4.5 kB URL HTTP/2 api.feefo.com/api/logo?template=product-stars-white-200x50_en.png&nocache=true&since=all&merchantidentifier=collette-group&vendorref=371
IP 104.16.75.76:0
File type PNG image data, 200 x 51, 8-bit/color RGBA, non-interlaced\012- data
Hash e6424b3da56ad9731a123a5c0921acaa
32d65995c3601af606d6bee6a451568f8f276813
0f7a45d12325caee3f8d942a3728b43a8cbd12c3e4e07addb1dbd278749be1ea
GET /api/logo?template=product-stars-white-200x50_en.png&nocache=true&since=all&merchantidentifier=collette-group&vendorref=371 HTTP/1.1
Host: api.feefo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:27 GMT
content-type: image/png
content-length: 4455
vary: Accept-Language, Accept-Encoding
expires: Thu, 23 Mar 2023 09:23:27 GMT
cache-control: max-age=86400
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; always
x-kong-upstream-latency: 482
x-kong-proxy-latency: 0
via: kong/3.0.2
last-modified: Wed, 22 Mar 2023 09:23:27 GMT
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 7abd603d5e25b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
pixel.mathtag.com/sync/iframe?mt_uuid=325f641a-c90f-4100-824c-a3eb5eb31d49&no_iframe=1&mt_adid=178979&source=mathtag
23.38.200.207200 OK 677 B URL HTTP/1.1 pixel.mathtag.com/sync/iframe?mt_uuid=325f641a-c90f-4100-824c-a3eb5eb31d49&no_iframe=1&mt_adid=178979&source=mathtag
IP 23.38.200.207:0
File type HTML document text\012- HTML document, ASCII text
Hash d40dcbee218af49abbd15f61f5da0ffd
e3ec85d9073fa1cc0be1fed18344a6d4a2076e9d
3ef64e4a0001cd55211fff6bd306290f29c7482a6006d070ee21e52484b7ef22
GET /sync/iframe?mt_uuid=325f641a-c90f-4100-824c-a3eb5eb31d49&no_iframe=1&mt_adid=178979&source=mathtag HTTP/1.1
Host: pixel.mathtag.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: text/html
Content-Length: 677
Access-Control-Allow-Origin: *
Server: MT3 622 a74c1f2 master iad-pixel-x16 config_version:"unknown"
Cache-Control: no-cache
P3P: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Expires: Wed, 22 Mar 2023 09:23:26 GMT
Date: Wed, 22 Mar 2023 09:23:27 GMT
Connection: keep-alive
servedby.flashtalking.com/spot/8/12457;92414;9555/?spotName=Retargeting_Spotlight&U1=Canadian+Rockies+By+Train&U2=North+America&U3=Canada&U4=Canadian+Rockies+by+Train&cachebuster=139364.53071947163
104.88.10.141200 OK 42 B URL HTTP/1.1 servedby.flashtalking.com/spot/8/12457;92414;9555/?spotName=Retargeting_Spotlight&U1=Canadian+Rockies+By+Train&U2=North+America&U3=Canada&U4=Canadian+Rockies+by+Train&cachebuster=139364.53071947163
IP 104.88.10.141:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash accba0b69f352b4c9440f05891b015c5
9d01cc5dc8e042c0d4ad6cfb8b3ac38e84a5ef9f
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
GET /spot/8/12457;92414;9555/?spotName=Retargeting_Spotlight&U1=Canadian+Rockies+By+Train&U2=North+America&U3=Canada&U4=Canadian+Rockies+by+Train&cachebuster=139364.53071947163 HTTP/1.1
Host: servedby.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://servedby.flashtalking.com/container/12457;92414;9555;iframe/?spotName=Retargeting_Spotlight&U1=Canadian+Rockies+By+Train&U2=North+America&U3=Canada&U4=Canadian+Rockies+by+Train&cachebuster=139364.53071947163
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 42
Server: prod-xre-app12.frk11
Expires: Wed, 22 Mar 2023 09:23:27 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 22 Mar 2023 09:23:27 GMT
Connection: keep-alive
Strict-Transport-Security: max-age=86400
seal.digicert.com/seals/cascade/seal.min.js
63.33.186.64200 OK 3.3 kB URL HTTP/1.1 seal.digicert.com/seals/cascade/seal.min.js
IP 63.33.186.64:0
File type ASCII text, with very long lines (7741), with no line terminators
Hash 02dcd5ea231004305b668ecad0e0ee37
d8d16e16a55374e91cf8eb68374d60f315e3cc29
b330547e047a0b2529f3136dd520bc64d5a8ced171bdcff2065db886aae07219
GET /seals/cascade/seal.min.js HTTP/1.1
Host: seal.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 09:23:27 GMT
Content-Type: application/javascript
Transfer-Encoding: chunked
Connection: keep-alive
vary: Accept-Encoding
last-modified: Fri, 17 Mar 2023 23:46:56 GMT
etag: W/"1e3d-5f7213142dc00"
content-encoding: gzip
X-XSS-Protection: 1; mode=block, 1; mode=block
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=31536000
servedby.flashtalking.com/segment/modify/xiw;;pixel/?valuePairs=collette_lv&setTime=0&granularity=day
104.88.10.141200 OK 42 B URL HTTP/1.1 servedby.flashtalking.com/segment/modify/xiw;;pixel/?valuePairs=collette_lv&setTime=0&granularity=day
IP 104.88.10.141:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash accba0b69f352b4c9440f05891b015c5
9d01cc5dc8e042c0d4ad6cfb8b3ac38e84a5ef9f
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
GET /segment/modify/xiw;;pixel/?valuePairs=collette_lv&setTime=0&granularity=day HTTP/1.1
Host: servedby.flashtalking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://servedby.flashtalking.com/container/12457;92414;9555;iframe/?spotName=Retargeting_Spotlight&U1=Canadian+Rockies+By+Train&U2=North+America&U3=Canada&U4=Canadian+Rockies+by+Train&cachebuster=139364.53071947163
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
HTTP/1.1 200 OK
Content-Type: image/gif
Content-Length: 42
Server: prod-xre-app2.frk11
Expires: Wed, 22 Mar 2023 09:23:27 GMT
Cache-Control: max-age=0, no-cache, no-store
Pragma: no-cache
Date: Wed, 22 Mar 2023 09:23:27 GMT
Connection: keep-alive
Set-Cookie: flashtalkingad1="GUID=5559BAEFFF01A0|segment=(xiw-t:5559-m:collette_lv)";Comment="Flashtalking Cookie";Path=/;Domain=.flashtalking.com;Expires=Fri, 21-Mar-2025 09:23:27 GMT;SameSite=None;Secure
Strict-Transport-Security: max-age=86400
i.gocollette.com/tour-media-manager/tours/north-america/usa/148/packages/master-package/search-result-image/alaska_discovery_search_img_sm.jpg
185.76.9.21200 OK 79 kB URL HTTP/2 i.gocollette.com/tour-media-manager/tours/north-america/usa/148/packages/master-package/search-result-image/alaska_discovery_search_img_sm.jpg
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type JPEG image data, Exif standard: [TIFF image data, big-endian, direntries=7, orientation=upper-left, xresolution=98, yresolution=106, resolutionunit=2, software=Adobe Photoshop CC 2018 (Windows), datetime=2018:07:05 16:11:02], baseline, precision 8, 450x300, components 3\012- data
Hash b4dd94347aa5633dd6625b1eb3a0931e
a3c5a7f18d59bdd5ebc8615df0ef22f457f05990
f4e0040b7bee3cd550bb65d311c598baa09316c8f3cbc2f4ed701ee7bc7f6664
GET /tour-media-manager/tours/north-america/usa/148/packages/master-package/search-result-image/alaska_discovery_search_img_sm.jpg HTTP/1.1
Host: i.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: image/jpeg
content-length: 79430
last-modified: Tue, 14 Mar 2023 17:52:50 GMT
etag: "6410b472-13646"
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: AblMCRSHkZSh
x-77-nzt-ray: af5856305262941b0ec91a64932dcb1c
x-cache: MISS
x-77-pop: stockholmSE
x-77-cache: MISS
accept-ranges: bytes
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-83LPQJX1G8>m=45je33k0&_p=1265935948&_gaz=1&cid=712386116.1679477012&ul=en-us&sr=1280x1024&_s=1&sid=1679477012&sct=1&seg=0&dl=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&dt=Canadian%20Rockies%20by%20Train%3A%20Trips%2C%20Tours%20%26%20Vacation%20Packages&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.34.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-83LPQJX1G8>m=45je33k0&_p=1265935948&_gaz=1&cid=712386116.1679477012&ul=en-us&sr=1280x1024&_s=1&sid=1679477012&sct=1&seg=0&dl=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&dt=Canadian%20Rockies%20by%20Train%3A%20Trips%2C%20Tours%20%26%20Vacation%20Packages&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.34.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-83LPQJX1G8>m=45je33k0&_p=1265935948&_gaz=1&cid=712386116.1679477012&ul=en-us&sr=1280x1024&_s=1&sid=1679477012&sct=1&seg=0&dl=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&dt=Canadian%20Rockies%20by%20Train%3A%20Trips%2C%20Tours%20%26%20Vacation%20Packages&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.gocollette.com
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.gocollette.com
date: Wed, 22 Mar 2023 09:23:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash ff476bde43022243f6c3f9dddd9360d3
7862bf4ba04f1218f10f85bbddbe2a11aeeeece6
6e8b017b6722c1f95b920e14876ef42e2a38556bbad3b9f4b1b1879634ced74a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 09:23:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fast.wistia.com/embed/medias/lqcdutx7z9.json?callback=wistiajson1
151.101.194.110200 OK 1.9 kB URL HTTP/2 fast.wistia.com/embed/medias/lqcdutx7z9.json?callback=wistiajson1
IP 151.101.194.110:0
File type ASCII text, with very long lines (5465), with no line terminators
Hash 30e62b9ceae950b09e4ee6f7f695e320
894d927874ad2debd9327bf9290d7f9f444f05c6
d40a750fa6b5108a0e6b6f9c678d94687048c1787c67326362a8980a6cae25cd
GET /embed/medias/lqcdutx7z9.json?callback=wistiajson1 HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
cache-control: public, no-cache
content-encoding: br
content-type: text/javascript; charset=utf-8
etag: W/"7ee0367c6b0fb282d746a5261fcbbfde"
p3p: CP="CURi ADMa DEVa IVAa IVDa CONi OUR IND DSP CAO COR"
referrer-policy: strict-origin-when-cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
x-download-options: noopen
x-permitted-cross-domain-policies: none
x-request-id: 87572322547d8ea0ef76be7167b871ae
x-runtime: 0.057482
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 22 Mar 2023 09:23:27 GMT
age: 43260
x-served-by: cache-iad-kiad7000097-IAD, cache-bma1620-BMA
x-cache: HIT, MISS
x-cache-hits: 108, 0
x-timer: S1679477008.540249,VS0,VE91
vary: Accept-Encoding,X-Forwarded-Proto,X-ECMA-Override
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
content-length: 1898
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 6913cffb1c7cc7e93f0172f010467659
269f81cd29255d5b1baa3393e2299d5f4d232707
ddfa9b0b0da557a084a8dcd5c9208d098513d63dffd760e6f8666cbd410cf9c9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 22 Mar 2023 09:23:27 GMT
Etag: "6419f513-1d7"
Last-Modified: Wed, 22 Mar 2023 08:45:44 GMT
Server: ECAcc (nya/78C0)
X-Cache: Miss from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8L2RVOlzoosHbIID1nQeZnzbImLL8iiaJC6awAUklQmnZu2xwX21fQ==
Age: 2263
stats.g.doubleclick.net/g/collect?v=2&tid=G-83LPQJX1G8&cid=712386116.1679477012>m=45je33k0&aip=1
209.85.233.156204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-83LPQJX1G8&cid=712386116.1679477012>m=45je33k0&aip=1
IP 209.85.233.156:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-83LPQJX1G8&cid=712386116.1679477012>m=45je33k0&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.gocollette.com
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.gocollette.com
date: Wed, 22 Mar 2023 09:23:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
54.230.245.110200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 54.230.245.110:0
Hash 6913cffb1c7cc7e93f0172f010467659
269f81cd29255d5b1baa3393e2299d5f4d232707
ddfa9b0b0da557a084a8dcd5c9208d098513d63dffd760e6f8666cbd410cf9c9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 22 Mar 2023 09:23:27 GMT
Last-Modified: Wed, 22 Mar 2023 08:21:26 GMT
Server: ECAcc (bsa/EACC)
X-Cache: Miss from cloudfront
Via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: -kFNAh4gWUMLr2fxAdgv8tu6eGpVYP5ANAFUvaPUSs_jdLn8xFZrJQ==
Age: 3723
cdn.segment.com/analytics.js/v1/BOdbDs6HYTIpfHSg3kmec1JCwh1WCPZ1/analytics.min.js
54.230.219.201200 OK 28 kB URL HTTP/2 cdn.segment.com/analytics.js/v1/BOdbDs6HYTIpfHSg3kmec1JCwh1WCPZ1/analytics.min.js
IP 54.230.219.201:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d000458ec7ddc655eb46c5c8de109099
aed0a099288c64785dad5f479d478edeccd07193
327d4d28d5f6681037a47876739686415b8b8016a33de27a663c52c94fed1ddc
GET /analytics.js/v1/BOdbDs6HYTIpfHSg3kmec1JCwh1WCPZ1/analytics.min.js HTTP/1.1
Host: cdn.segment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Thu, 26 Jan 2023 04:23:23 GMT
x-amz-server-side-encryption: AES256
x-amz-version-id: RfSzsJ_oXXCcTWoGWcNpGMwXrnxWI6Te
server: AmazonS3
content-encoding: br
date: Wed, 22 Mar 2023 09:22:29 GMT
cache-control: public, max-age=120
etag: W/"96094c4e50976b73e5ac2ccd7800a035"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Z7dPXGhKUooWr3p8XTwMVoLfpgExwjsTIgiRo9s_QVZ2ySRz-_NdYg==
age: 59
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 472 B IP 172.64.155.188:0
Hash 9cb248f95c880fa98248c08b2285a22f
05a6b92bfbfa4ae28038c72633ca5bf69262ccd2
5a1a5282fcb5c343a2f114cb68874c0b5520a83b1900b47ad9184953a1af8781
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 09:23:27 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Mon, 20 Mar 2023 10:03:55 GMT
Expires: Mon, 27 Mar 2023 10:03:54 GMT
Etag: "05a6b92bfbfa4ae28038c72633ca5bf69262ccd2"
Cache-Control: max-age=433826,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7abd6041aedbb50c-OSL
universe-files.vzaar.com/vzaar/vz3/b52/target/vz3b5235daf15b4fa491f4d24d99fa300a_thumb.jpg
54.230.111.110200 OK 2.5 kB URL HTTP/1.1 universe-files.vzaar.com/vzaar/vz3/b52/target/vz3b5235daf15b4fa491f4d24d99fa300a_thumb.jpg
IP 54.230.111.110:0
File type JPEG image data, baseline, precision 8, 120x90, components 3\012- data
Hash 946b3953b086f413448d87463e112e27
5690d42da772ccb2c4dbacc6e8cf4ec582ad7915
2e41c321a18f5a0df52fb655b30a86f569cc0a708c7de44a2f36147a1c7db546
GET /vzaar/vz3/b52/target/vz3b5235daf15b4fa491f4d24d99fa300a_thumb.jpg HTTP/1.1
Host: universe-files.vzaar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gocollette.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 2472
Connection: keep-alive
Date: Mon, 20 Mar 2023 13:43:26 GMT
Last-Modified: Wed, 13 Jul 2016 00:48:14 GMT
ETag: "946b3953b086f413448d87463e112e27"
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: B-b07i8szbBV-DcPcnV4WkXhGA4ONjSlUt1SeV0TCBA_W_P1sKpPJg==
Age: 157202
Vary: Origin
universe-files.vzaar.com/vzaar/vzb/77a/target/vzb77a30aa327c4f8e8f1495dbbee56ff5_thumb.jpg
54.230.111.110200 OK 4.3 kB URL HTTP/1.1 universe-files.vzaar.com/vzaar/vzb/77a/target/vzb77a30aa327c4f8e8f1495dbbee56ff5_thumb.jpg
IP 54.230.111.110:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 639x640, segment length 16, comment: "Lavc56.46.101", baseline, precision 8, 120x90, components 3\012- data
Hash 613c71c87421c37425540cdc8eb60a73
3193ec17a602027338bb838d7f6cf621b0292880
649b3bc29927e731377d7472c31c66174cfd3c28df27b68fd54d61b3f5d02d01
GET /vzaar/vzb/77a/target/vzb77a30aa327c4f8e8f1495dbbee56ff5_thumb.jpg HTTP/1.1
Host: universe-files.vzaar.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gocollette.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: image/jpeg
Content-Length: 4255
Connection: keep-alive
Date: Mon, 20 Mar 2023 13:43:26 GMT
Last-Modified: Sat, 16 Jul 2016 19:50:00 GMT
ETag: "613c71c87421c37425540cdc8eb60a73"
Cache-Control: max-age=31536000
Accept-Ranges: bytes
Server: AmazonS3
X-Cache: Hit from cloudfront
Via: 1.1 0c35b89cb607eddb1b7cc5d6ada865d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: LA1-93eB0csuMTqorMpICwxS5isLYwcH-AFMpM7MijUlPuQVNvONHA==
Age: 157202
Vary: Origin
fast.wistia.com/assets/external/captions.js
151.101.194.110200 OK 30 kB URL HTTP/2 fast.wistia.com/assets/external/captions.js
IP 151.101.194.110:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 29262520d317abae95c679cdb7792c9a
2336b487a290536ffed53ea8437a687716ea454e
cd3829826d0ee088fcad24883414e95251f469d5dbed270930a7bcd23d2937ce
GET /assets/external/captions.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 21 Mar 2023 18:30:55 GMT
etag: "29262520d317abae95c679cdb7792c9a"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Wed, 22 Mar 2023 09:23:27 GMT
age: 92
x-served-by: cache-iad-kjyo7100127-IAD, cache-bma1620-BMA
x-cache: HIT, HIT
x-cache-hits: 78, 4
x-timer: S1679477008.710121,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: e4df25371907fe478cb7556652bc90dde32449d6
content-length: 30438
X-Firefox-Spdy: h2
18.210.229.244/is
18.210.229.244200 OK 32 B IP 18.210.229.244:0
File type ASCII text, with no line terminators
Hash cf58193590b254db46c605d769f20466
b2265f00c8cea2caf3b13b4503473d0df3a9f77c
93d9f82b8136fdbdab838e095f571eab08b3fa480ca29fcfafc6850200ce6693
Analyzer Verdict Alert quad9 Sinkholed
GET /is HTTP/1.1
Host: 18.210.229.244
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gocollette.com/
Origin: https://www.gocollette.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Wed, 22 Mar 2023 09:23:27 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: text/plain;charset=utf-8
content-length: 32
x-envoy-upstream-service-time: 4
server: istio-envoy
connection: close
starling.crowdriff.com/graphql
54.230.111.49200 OK 4 B URL HTTP/2 starling.crowdriff.com/graphql
IP 54.230.111.49:0
File type ASCII text, with no line terminators
Hash a02439ec229d8be0e74b0c1602392310
61ff81c30aa3c76e78afea62b2e3bd1dfa49e854
9aee6b1bcdf617d8e39bb1f2b624c68ea33deb9d48e0364aeaded836d3d00293
OPTIONS /graphql HTTP/1.1
Host: starling.crowdriff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.gocollette.com/
Origin: https://www.gocollette.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=utf-8
content-length: 4
date: Wed, 22 Mar 2023 09:23:27 GMT
set-cookie: AWSALB=AuvWrr74If8F5MdqqgWxib6j4aY2H9XPynWw6zWrT8Ylvq1M6NLUMjAvjvZ15bFsaOVYL/bLVzs0xFZQv2jiKlC9r1zpgzeIdIZRodkoIpECl2sRi99ignOS0au8; Expires=Wed, 29 Mar 2023 09:23:27 GMT; Path=/
AWSALBCORS=AuvWrr74If8F5MdqqgWxib6j4aY2H9XPynWw6zWrT8Ylvq1M6NLUMjAvjvZ15bFsaOVYL/bLVzs0xFZQv2jiKlC9r1zpgzeIdIZRodkoIpECl2sRi99ignOS0au8; Expires=Wed, 29 Mar 2023 09:23:27 GMT; Path=/; SameSite=None; Secure
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type, Authorization, Origin, X-Requested-With, Content-Type, Accept
allow: POST
etag: W/"4-Yf+Bwwqjx254r+pisuO9HfpJ6FQ"
x-cache: Miss from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NmF2cIYCW8MX8A5N-bq1RSlDPeFeT_WKEeqaZ_YxKtvX9Mt-3eEVJw==
X-Firefox-Spdy: h2
s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
23.38.200.123200 OK 26 kB URL HTTP/2 s7.addthis.com/static/sh.f48a1a04fe8dbf021b4cda1d.html
IP 23.38.200.123:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (63757)
Hash 707317ccaabe08d32d1bd781754e6871
bb82dcd3e044c960e0861c2ce878f5504e628f78
d0a164ece41c61aec26517fb645646f5ba91f72ea5448eff1ee6c393b7c53051
GET /static/sh.f48a1a04fe8dbf021b4cda1d.html HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: text/html
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-11adc"
timing-allow-origin: *
cache-control: public, max-age=86313600
p3p: CP="NON ADM OUR DEV IND COM STA"
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 26421
date: Wed, 22 Mar 2023 09:23:28 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
seal.digicert.com/seals/cascade/?tag=2WpIrzHq&referer=www.gocollette.com&format=png&lang=en&seal_number=3&seal_size=s
63.33.186.64200 OK 2.5 kB URL HTTP/1.1 seal.digicert.com/seals/cascade/?tag=2WpIrzHq&referer=www.gocollette.com&format=png&lang=en&seal_number=3&seal_size=s
IP 63.33.186.64:0
File type PNG image data, 140 x 68, 8-bit colormap, non-interlaced\012- data
Hash 1917c21b8bceac9de6380793d9bb48d4
860cceeb79de37d81f1515578029a60c76b9def5
bd9d68d5f1fd010ffa592493f6993df3f33b9965574d3fe530cc1a5729375955
GET /seals/cascade/?tag=2WpIrzHq&referer=www.gocollette.com&format=png&lang=en&seal_number=3&seal_size=s HTTP/1.1
Host: seal.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Wed, 22 Mar 2023 09:23:28 GMT
Content-Type: image/png
Content-Length: 2486
Connection: keep-alive
last-modified: Wed, 22 Mar 2023 00:00:00 +0000
cache-control: max-age=86400
expires: Thu, 23 Mar 2023 09:07:54 +0000
X-XSS-Protection: 1; mode=block, 1; mode=block
X-Content-Type-Options: nosniff, nosniff
Strict-Transport-Security: max-age=31536000
www.gocollette.com/json/collette-us.taxonomy.json?v=638150196342324165
151.101.66.132200 OK 21 kB URL HTTP/2 www.gocollette.com/json/collette-us.taxonomy.json?v=638150196342324165
IP 151.101.66.132:0
File type JSON data\012- , ASCII text, with very long lines (20746), with no line terminators
Hash e61c1d1b52173e6fb76f05124795d814
db4021866a66877a26cf78ee4b7599adef6a7a31
526b0905c613e9c8bec9aaacb90e7a5e6095b2d7728ec65995fc6a9e60dd9a2a
GET /json/collette-us.taxonomy.json?v=638150196342324165 HTTP/1.1
Host: www.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.gocollette.com/en/tours/north-america/canada/canadian-rockies-by-train?cm_mmc=Email-_-DomesticSale23-_-Hearst-_-US%20DTC&utm_source=Media&utm_medium=Email&utm_campaign=Hearst_DomesticSale23
Cookie: site-language=site=collette-us&language=en; _gcl_au=1.1.175392605.1679477012; _ga_83LPQJX1G8=GS1.1.1679477012.1.0.1679477012.60.0.0; _ga=GA1.1.712386116.1679477012; __atuvc=1%7C12; __atuvs=641ac913b8c66163000; TLTSID=17160957194180701171045619552105
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: application/json
last-modified: Tue, 21 Mar 2023 17:48:28 GMT
etag: "5b7afc571d5cd91:0"
server: Microsoft-IIS/10.0
x-ua-compatible: IE=edge,chrome=1
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
pragma: cache
x-pass-fastly-cache: False
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 22 Mar 2023 09:23:28 GMT
age: 39734
x-served-by: cache-bos4664-BOS, cache-bma1662-BMA
x-cache: HIT, HIT
x-cache-hits: 78, 1
x-timer: S1679477008.439992,VS0,VE82
vvvv: 194
strict-transport-security: max-age=31557600
content-length: 20746
X-Firefox-Spdy: h2
www.gocollette.com/json/collette-us.taxonomy.json?v=638150196342324165
151.101.66.132200 OK 21 kB URL HTTP/2 www.gocollette.com/json/collette-us.taxonomy.json?v=638150196342324165
IP 151.101.66.132:0
File type JSON data\012- , ASCII text, with very long lines (20746), with no line terminators
Hash e61c1d1b52173e6fb76f05124795d814
db4021866a66877a26cf78ee4b7599adef6a7a31
526b0905c613e9c8bec9aaacb90e7a5e6095b2d7728ec65995fc6a9e60dd9a2a
GET /json/collette-us.taxonomy.json?v=638150196342324165 HTTP/1.1
Host: www.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.gocollette.com/en/tours/north-america/canada/canadian-rockies-by-train?cm_mmc=Email-_-DomesticSale23-_-Hearst-_-US%20DTC&utm_source=Media&utm_medium=Email&utm_campaign=Hearst_DomesticSale23
Cookie: site-language=site=collette-us&language=en; _gcl_au=1.1.175392605.1679477012; _ga_83LPQJX1G8=GS1.1.1679477012.1.0.1679477012.60.0.0; _ga=GA1.1.712386116.1679477012; __atuvc=1%7C12; __atuvs=641ac913b8c66163000; TLTSID=17160957194180701171045619552105
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: application/json
last-modified: Tue, 21 Mar 2023 17:48:28 GMT
etag: "5b7afc571d5cd91:0"
server: Microsoft-IIS/10.0
x-ua-compatible: IE=edge,chrome=1
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
pragma: cache
x-pass-fastly-cache: False
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 22 Mar 2023 09:23:28 GMT
age: 39734
x-served-by: cache-bos4664-BOS, cache-bma1662-BMA
x-cache: HIT, MISS
x-cache-hits: 78, 1
x-timer: S1679477008.426754,VS0,VE95
vvvv: 194
strict-transport-security: max-age=31557600
content-length: 20746
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash f28cdad099beff5dccccb72c52486330
89e1a25292501055a99a6660e6f1446ab5932f73
1f74839dcb14cc65e4e33699616140da43b6d0ef590a706494688e8fb80cf5c7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3392
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 09:23:28 GMT
Last-Modified: Wed, 22 Mar 2023 08:26:56 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash f28cdad099beff5dccccb72c52486330
89e1a25292501055a99a6660e6f1446ab5932f73
1f74839dcb14cc65e4e33699616140da43b6d0ef590a706494688e8fb80cf5c7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2879
Cache-Control: max-age=117422
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 09:23:28 GMT
Etag: "6419e57f-1d7"
Expires: Thu, 23 Mar 2023 18:00:30 GMT
Last-Modified: Tue, 21 Mar 2023 17:12:31 GMT
Server: ECAcc (ska/F73A)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash f28cdad099beff5dccccb72c52486330
89e1a25292501055a99a6660e6f1446ab5932f73
1f74839dcb14cc65e4e33699616140da43b6d0ef590a706494688e8fb80cf5c7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2829
Cache-Control: max-age=117372
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 09:23:28 GMT
Etag: "6419e57f-1d7"
Expires: Thu, 23 Mar 2023 17:59:40 GMT
Last-Modified: Tue, 21 Mar 2023 17:12:31 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash f28cdad099beff5dccccb72c52486330
89e1a25292501055a99a6660e6f1446ab5932f73
1f74839dcb14cc65e4e33699616140da43b6d0ef590a706494688e8fb80cf5c7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3057
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 09:23:28 GMT
Etag: "6419e57f-1d7"
Last-Modified: Wed, 22 Mar 2023 08:32:31 GMT
Server: ECAcc (amb/6B43)
X-Cache: HIT
Content-Length: 471
lib-us-2.brilliantcollector.com/collector/switch/461fdba66ec3419caa4488b1425c9631
34.206.41.130200 OK 0 B URL HTTP/2 lib-us-2.brilliantcollector.com/collector/switch/461fdba66ec3419caa4488b1425c9631
IP 34.206.41.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /collector/switch/461fdba66ec3419caa4488b1425c9631 HTTP/1.1
Host: lib-us-2.brilliantcollector.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: x-requested-with
Referer: https://www.gocollette.com/
Origin: https://www.gocollette.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:28 GMT
content-length: 0
vary: Accept-Encoding,Origin
access-control-allow-origin: https://www.gocollette.com
access-control-allow-methods: GET
access-control-allow-headers: x-requested-with
access-control-allow-credentials: true
access-control-max-age: 3600
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
x-envoy-upstream-service-time: 0
server: istio-envoy
X-Firefox-Spdy: h2
lib-us-2.brilliantcollector.com/collector/collectorPost
34.206.41.130200 OK 0 B URL HTTP/2 lib-us-2.brilliantcollector.com/collector/collectorPost
IP 34.206.41.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /collector/collectorPost HTTP/1.1
Host: lib-us-2.brilliantcollector.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: x-pageid,x-requested-with,x-tealeaf-endpointcheck,x-tealeaf-saas-appkey
Referer: https://www.gocollette.com/
Origin: https://www.gocollette.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:28 GMT
content-length: 0
vary: Accept-Encoding,Origin
access-control-allow-origin: https://www.gocollette.com
access-control-allow-methods: POST
access-control-allow-headers: x-pageid, x-requested-with, x-tealeaf-endpointcheck, x-tealeaf-saas-appkey
access-control-allow-credentials: true
access-control-max-age: 3600
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
x-envoy-upstream-service-time: 0
server: istio-envoy
X-Firefox-Spdy: h2
www.gocollette.com/json/collette-us.dictionary.json?v=638150196342324165
151.101.66.132200 OK 60 kB URL HTTP/2 www.gocollette.com/json/collette-us.dictionary.json?v=638150196342324165
IP 151.101.66.132:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (59924), with no line terminators
Hash add77b6f40dd6fab2f1028b3de621eee
e541ce43168a3d962f468b882a15ab8cb09db540
0bcd7c2b4eef2d65750a1b8a1bdb052968ef436a931b00ba442f4baa9c1249f1
GET /json/collette-us.dictionary.json?v=638150196342324165 HTTP/1.1
Host: www.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.gocollette.com/en/tours/north-america/canada/canadian-rockies-by-train?cm_mmc=Email-_-DomesticSale23-_-Hearst-_-US%20DTC&utm_source=Media&utm_medium=Email&utm_campaign=Hearst_DomesticSale23
Cookie: site-language=site=collette-us&language=en; _gcl_au=1.1.175392605.1679477012; _ga_83LPQJX1G8=GS1.1.1679477012.1.0.1679477012.60.0.0; _ga=GA1.1.712386116.1679477012; __atuvc=1%7C12; __atuvs=641ac913b8c66163000; TLTSID=17160957194180701171045619552105
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: application/json
last-modified: Tue, 21 Mar 2023 17:28:21 GMT
etag: "bd0e8881a5cd91:0"
server: Microsoft-IIS/10.0
x-ua-compatible: IE=edge,chrome=1
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
pragma: cache
x-pass-fastly-cache: False
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 22 Mar 2023 09:23:28 GMT
age: 39734
x-served-by: cache-bos4655-BOS, cache-bma1662-BMA
x-cache: HIT, MISS
x-cache-hits: 73, 0
x-timer: S1679477008.422700,VS0,VE308
vvvv: 194
strict-transport-security: max-age=31557600
content-length: 59944
X-Firefox-Spdy: h2
www.gocollette.com/json/collette-us.dictionary.json?v=638150196342324165
151.101.66.132200 OK 60 kB URL HTTP/2 www.gocollette.com/json/collette-us.dictionary.json?v=638150196342324165
IP 151.101.66.132:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (59924), with no line terminators
Hash add77b6f40dd6fab2f1028b3de621eee
e541ce43168a3d962f468b882a15ab8cb09db540
0bcd7c2b4eef2d65750a1b8a1bdb052968ef436a931b00ba442f4baa9c1249f1
GET /json/collette-us.dictionary.json?v=638150196342324165 HTTP/1.1
Host: www.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.gocollette.com/en/tours/north-america/canada/canadian-rockies-by-train?cm_mmc=Email-_-DomesticSale23-_-Hearst-_-US%20DTC&utm_source=Media&utm_medium=Email&utm_campaign=Hearst_DomesticSale23
Cookie: site-language=site=collette-us&language=en; _gcl_au=1.1.175392605.1679477012; _ga_83LPQJX1G8=GS1.1.1679477012.1.0.1679477012.60.0.0; _ga=GA1.1.712386116.1679477012; __atuvc=1%7C12; __atuvs=641ac913b8c66163000; TLTSID=17160957194180701171045619552105
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: application/json
last-modified: Tue, 21 Mar 2023 17:28:21 GMT
etag: "bd0e8881a5cd91:0"
server: Microsoft-IIS/10.0
x-ua-compatible: IE=edge,chrome=1
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
pragma: cache
x-pass-fastly-cache: False
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 22 Mar 2023 09:23:28 GMT
age: 39734
x-served-by: cache-bos4655-BOS, cache-bma1662-BMA
x-cache: HIT, HIT
x-cache-hits: 73, 1
x-timer: S1679477008.438358,VS0,VE292
vvvv: 194
strict-transport-security: max-age=31557600
content-length: 59944
X-Firefox-Spdy: h2
acsbapp.com/apps/app/dist/js/app.js
172.67.11.155200 OK 235 kB URL HTTP/2 acsbapp.com/apps/app/dist/js/app.js
IP 172.67.11.155:0
File type Unicode text, UTF-8 text, with very long lines (65512), with no line terminators
Size 235 kB (234898 bytes)
Hash 80ebde11e901e71dc9fa4354e570e1a2
89491f6ca64505b65a887b17775578b1da63610d
1bf8b4c8c43af4c97228ec4da706bf1916c684b8ca57d2a8e795a125ae96ea0b
GET /apps/app/dist/js/app.js HTTP/1.1
Host: acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:28 GMT
content-type: text/javascript
x-guploader-uploadid: ADPycdulTSmHhTfuInty-qe_n5yFYLo5K_UG5WkzgH_AnjzVGy1k3CwU8SvyeY73JujHOKf8rM2wuhLeOixh7qk-w7hkFQ
cache-control: no-cache
expires: Thu, 21 Mar 2024 09:21:53 GMT
last-modified: Thu, 16 Mar 2023 16:22:51 GMT
etag: W/"991e4f6e85ee57b09ce4515b1b24a831"
x-goog-generation: 1678983771807394
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 482650
x-goog-meta-goog-reserved-file-mtime: 1678983686
x-goog-hash: crc32c=piKUIQ==, md5=mR5PboXuV7Cc5FFbGySoMQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
access-control-expose-headers: *
cf-cache-status: HIT
age: 94
vary: Accept-Encoding
server: cloudflare
cf-ray: 7abd6043da61b50f-OSL
content-encoding: br
X-Firefox-Spdy: h2
starling.crowdriff.com/graphql
54.230.111.49200 OK 1.2 kB URL HTTP/2 starling.crowdriff.com/graphql
IP 54.230.111.49:0
Hash 1485c26b35262723dba90c13cadb85a6
2709bee3d10015ce24bb9a65fde0e9da662951d2
263c8e8b46ee227a6ca6d573844f29a72641cb999e7d108212c20b4c768e6d7f
POST /graphql HTTP/1.1
Host: starling.crowdriff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gocollette.com/
Content-Type: application/json
Origin: https://www.gocollette.com
Content-Length: 701
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
date: Wed, 22 Mar 2023 09:23:28 GMT
set-cookie: AWSALB=eR4Mjm375jou56o4JP0ZTnPDknQAvYts928jEklloDJtU3U92U5/dBFd0TSbYXsOlesjEB+TQvk3to24D3aGISy1GANZ5OyzxGllHimierdO1y7XgidfBznF6LWS; Expires=Wed, 29 Mar 2023 09:23:28 GMT; Path=/
AWSALBCORS=eR4Mjm375jou56o4JP0ZTnPDknQAvYts928jEklloDJtU3U92U5/dBFd0TSbYXsOlesjEB+TQvk3to24D3aGISy1GANZ5OyzxGllHimierdO1y7XgidfBznF6LWS; Expires=Wed, 29 Mar 2023 09:23:28 GMT; Path=/; SameSite=None; Secure
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type, Authorization, Origin, X-Requested-With, Content-Type, Accept
etag: W/"bd2-I8txKXGwpGVZ07VaKxDa44hCUFg"
vary: Accept-Encoding
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GUWMmyy-PqepoJh-_Q3FMn3835k2cYz1P3WcDVVV4pqfBJUXteUTDA==
X-Firefox-Spdy: h2
www.gocollette.com/json/collette-us.locations.json?v=638150196342324165
151.101.66.132200 OK 66 kB URL HTTP/2 www.gocollette.com/json/collette-us.locations.json?v=638150196342324165
IP 151.101.66.132:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash fafe9717cbcb4e9945bf6fb65cf35620
80c00e0fb4d3c2b68568b9c396fc48d843193520
5e5c2c67f7b84eb648692e3be2b60c3fda4f922746f378b6d3e820c1284a97ce
GET /json/collette-us.locations.json?v=638150196342324165 HTTP/1.1
Host: www.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.gocollette.com/en/tours/north-america/canada/canadian-rockies-by-train?cm_mmc=Email-_-DomesticSale23-_-Hearst-_-US%20DTC&utm_source=Media&utm_medium=Email&utm_campaign=Hearst_DomesticSale23
Cookie: site-language=site=collette-us&language=en; _gcl_au=1.1.175392605.1679477012; _ga_83LPQJX1G8=GS1.1.1679477012.1.0.1679477012.60.0.0; _ga=GA1.1.712386116.1679477012; __atuvc=1%7C12; __atuvs=641ac913b8c66163000; TLTSID=17160957194180701171045619552105
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: application/json
last-modified: Tue, 21 Mar 2023 17:28:21 GMT
etag: "d727e8881a5cd91:0"
server: Microsoft-IIS/10.0
x-ua-compatible: IE=edge,chrome=1
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
pragma: cache
x-pass-fastly-cache: False
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 22 Mar 2023 09:23:28 GMT
age: 39734
x-served-by: cache-bos4639-BOS, cache-bma1662-BMA
x-cache: HIT, MISS
x-cache-hits: 4, 0
x-timer: S1679477008.429803,VS0,VE408
vvvv: 194
strict-transport-security: max-age=31557600
content-length: 66387
X-Firefox-Spdy: h2
www.gocollette.com/json/collette-us.locations.json?v=638150196342324165
151.101.66.132200 OK 66 kB URL HTTP/2 www.gocollette.com/json/collette-us.locations.json?v=638150196342324165
IP 151.101.66.132:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65534), with no line terminators
Hash fafe9717cbcb4e9945bf6fb65cf35620
80c00e0fb4d3c2b68568b9c396fc48d843193520
5e5c2c67f7b84eb648692e3be2b60c3fda4f922746f378b6d3e820c1284a97ce
GET /json/collette-us.locations.json?v=638150196342324165 HTTP/1.1
Host: www.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.gocollette.com/en/tours/north-america/canada/canadian-rockies-by-train?cm_mmc=Email-_-DomesticSale23-_-Hearst-_-US%20DTC&utm_source=Media&utm_medium=Email&utm_campaign=Hearst_DomesticSale23
Cookie: site-language=site=collette-us&language=en; _gcl_au=1.1.175392605.1679477012; _ga_83LPQJX1G8=GS1.1.1679477012.1.0.1679477012.60.0.0; _ga=GA1.1.712386116.1679477012; __atuvc=1%7C12; __atuvs=641ac913b8c66163000; TLTSID=17160957194180701171045619552105
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: application/json
last-modified: Tue, 21 Mar 2023 17:28:21 GMT
etag: "d727e8881a5cd91:0"
server: Microsoft-IIS/10.0
x-ua-compatible: IE=edge,chrome=1
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
pragma: cache
x-pass-fastly-cache: False
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 22 Mar 2023 09:23:28 GMT
age: 39734
x-served-by: cache-bos4639-BOS, cache-bma1662-BMA
x-cache: HIT, HIT
x-cache-hits: 4, 1
x-timer: S1679477008.440682,VS0,VE398
vvvv: 194
strict-transport-security: max-age=31557600
content-length: 66387
X-Firefox-Spdy: h2
www.gocollette.com/json/collette-us.locationsOnAddresses.json?v=638150196342324165
151.101.66.132200 OK 75 kB URL HTTP/2 www.gocollette.com/json/collette-us.locationsOnAddresses.json?v=638150196342324165
IP 151.101.66.132:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 1f1c769dcc3def4d3147b17415a1ab16
350ed565e39470cfb4a6b19f3ee86d5d354127ef
04d8191207b684c0a4df052e61698f785eeca2eb2a176441df7c522285397051
GET /json/collette-us.locationsOnAddresses.json?v=638150196342324165 HTTP/1.1
Host: www.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.gocollette.com/en/tours/north-america/canada/canadian-rockies-by-train?cm_mmc=Email-_-DomesticSale23-_-Hearst-_-US%20DTC&utm_source=Media&utm_medium=Email&utm_campaign=Hearst_DomesticSale23
Cookie: site-language=site=collette-us&language=en; _gcl_au=1.1.175392605.1679477012; _ga_83LPQJX1G8=GS1.1.1679477012.1.0.1679477012.60.0.0; _ga=GA1.1.712386116.1679477012; __atuvc=1%7C12; __atuvs=641ac913b8c66163000; TLTSID=17160957194180701171045619552105
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: application/json
last-modified: Tue, 21 Mar 2023 17:38:49 GMT
etag: "4219a5fe1b5cd91:0"
server: Microsoft-IIS/10.0
x-ua-compatible: IE=edge,chrome=1
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
pragma: cache
x-pass-fastly-cache: False
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 22 Mar 2023 09:23:28 GMT
age: 39734
x-served-by: cache-bos4656-BOS, cache-bma1662-BMA
x-cache: HIT, MISS
x-cache-hits: 81, 1
x-timer: S1679477008.430591,VS0,VE440
vvvv: 194
strict-transport-security: max-age=31557600
content-length: 75369
X-Firefox-Spdy: h2
www.gocollette.com/json/collette-us.locationsOnAddresses.json?v=638150196342324165
151.101.66.132200 OK 75 kB URL HTTP/2 www.gocollette.com/json/collette-us.locationsOnAddresses.json?v=638150196342324165
IP 151.101.66.132:0
File type JSON data\012- , ASCII text, with very long lines (65536), with no line terminators
Hash 1f1c769dcc3def4d3147b17415a1ab16
350ed565e39470cfb4a6b19f3ee86d5d354127ef
04d8191207b684c0a4df052e61698f785eeca2eb2a176441df7c522285397051
GET /json/collette-us.locationsOnAddresses.json?v=638150196342324165 HTTP/1.1
Host: www.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/javascript, */*; q=0.01
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Referer: https://www.gocollette.com/en/tours/north-america/canada/canadian-rockies-by-train?cm_mmc=Email-_-DomesticSale23-_-Hearst-_-US%20DTC&utm_source=Media&utm_medium=Email&utm_campaign=Hearst_DomesticSale23
Cookie: site-language=site=collette-us&language=en; _gcl_au=1.1.175392605.1679477012; _ga_83LPQJX1G8=GS1.1.1679477012.1.0.1679477012.60.0.0; _ga=GA1.1.712386116.1679477012; __atuvc=1%7C12; __atuvs=641ac913b8c66163000; TLTSID=17160957194180701171045619552105
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: application/json
last-modified: Tue, 21 Mar 2023 17:38:49 GMT
etag: "4219a5fe1b5cd91:0"
server: Microsoft-IIS/10.0
x-ua-compatible: IE=edge,chrome=1
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
pragma: cache
x-pass-fastly-cache: False
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 22 Mar 2023 09:23:28 GMT
age: 39734
x-served-by: cache-bos4656-BOS, cache-bma1662-BMA
x-cache: HIT, HIT
x-cache-hits: 81, 1
x-timer: S1679477008.441865,VS0,VE429
vvvv: 194
strict-transport-security: max-age=31557600
content-length: 75369
X-Firefox-Spdy: h2
lib-us-2.brilliantcollector.com/collector/collectorPost
34.206.41.130200 OK 0 B URL HTTP/2 lib-us-2.brilliantcollector.com/collector/collectorPost
IP 34.206.41.130:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /collector/collectorPost HTTP/1.1
Host: lib-us-2.brilliantcollector.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-encoding,content-type,x-pageid,x-requested-with,x-tealeaf,x-tealeaf-messagetypes,x-tealeaf-page-url,x-tealeaf-saas-appkey,x-tealeaf-saas-tltsid,x-tealeaf-syncxhr,x-tealeaftype
Referer: https://www.gocollette.com/
Origin: https://www.gocollette.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:29 GMT
content-length: 0
vary: Accept-Encoding,Origin
access-control-allow-origin: https://www.gocollette.com
access-control-allow-methods: POST
access-control-allow-headers: content-encoding, content-type, x-pageid, x-requested-with, x-tealeaf, x-tealeaf-messagetypes, x-tealeaf-page-url, x-tealeaf-saas-appkey, x-tealeaf-saas-tltsid, x-tealeaf-syncxhr, x-tealeaftype
access-control-allow-credentials: true
access-control-max-age: 3600
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
x-envoy-upstream-service-time: 1
server: istio-envoy
X-Firefox-Spdy: h2
libs.coremetrics.com/configs/55310000.js
104.110.11.108200 OK 125 B URL HTTP/1.1 libs.coremetrics.com/configs/55310000.js
IP 104.110.11.108:0
File type core file (Xenix)\012- , ASCII text
Hash 82e6d8421d893ce68d9bb32d26b20975
34065163d1bd93c6e69eb70169ec2c65c015f429
d2f65b5b23c8346bf2a6a561789dd547803405f7291e517798c2f048dd0e7318
GET /configs/55310000.js HTTP/1.1
Host: libs.coremetrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "82e6d8421d893ce68d9bb32d26b20975:1576153239"
Last-Modified: Thu, 12 Dec 2019 12:20:17 GMT
Server: AkamaiNetStorage
Content-Length: 125
Date: Wed, 22 Mar 2023 09:23:29 GMT
Connection: keep-alive
i.gocollette.com/icons/favs/collette-fav-icon-2022.png
185.76.9.21200 OK 1.9 kB URL HTTP/2 i.gocollette.com/icons/favs/collette-fav-icon-2022.png
IP 185.76.9.21:0
ASN #60068 Datacamp Limited
File type JPEG image data, Exif standard: [TIFF image data, little-endian, direntries=0], baseline, precision 8, 32x32, components 3\012- data
Hash 05c054bb21640f1a7b5cdd9a47c12478
da3ffe688f600cffe333eb1b9c4cc625fc621d52
7e4d87e4c2b24defef864d8edcf1a6c3c2cd319c896f9ca7b9b5630f60d49450
GET /icons/favs/collette-fav-icon-2022.png HTTP/1.1
Host: i.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Cookie: site-language=site=collette-us&language=en; _gcl_au=1.1.175392605.1679477012; _ga_83LPQJX1G8=GS1.1.1679477012.1.0.1679477012.60.0.0; _ga=GA1.1.712386116.1679477012; TLTSID=17160957194180701171045619552105
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:29 GMT
content-type: image/png
content-length: 1875
last-modified: Tue, 27 Sep 2022 14:44:18 GMT
etag: "63330c42-753"
access-control-allow-origin: *
server: CDN77-Turbo
x-77-nzt: AblMCRRSoDL/8xEKAA
x-77-nzt-ray: af5856305262941b11c91a6416a93d11
x-accel-expires: @1679853854
x-cache: HIT
x-age: 659955
x-77-pop: stockholmSE
x-77-cache: HIT
accept-ranges: bytes
X-Firefox-Spdy: h2
api.feefo.com/api/logo?template=jtstars.png&since=all&nocache=true&merchantidentifier=collette-group&vendorref=643
104.16.75.76200 OK 506 B URL HTTP/2 api.feefo.com/api/logo?template=jtstars.png&since=all&nocache=true&merchantidentifier=collette-group&vendorref=643
IP 104.16.75.76:0
File type PNG image data, 89 x 16, 8-bit/color RGBA, non-interlaced\012- data
Hash 0f72f1f4385551bb55296e3a8e06abf1
d7e689d3e2caa34105474e43b4f975ecf4868ff7
edce323b92b1db6bdbf937a2e7facd0d4694f4e86e1558f16751572d94174ea1
GET /api/logo?template=jtstars.png&since=all&nocache=true&merchantidentifier=collette-group&vendorref=643 HTTP/1.1
Host: api.feefo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:29 GMT
content-type: image/png
content-length: 506
vary: Accept-Language, Accept-Encoding
expires: Thu, 23 Mar 2023 09:23:29 GMT
cache-control: max-age=86400
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
referrer-policy: origin-when-cross-origin
strict-transport-security: max-age=31536000; includeSubDomains; always
x-kong-upstream-latency: 2445
x-kong-proxy-latency: 0
via: kong/3.0.2
last-modified: Wed, 22 Mar 2023 09:23:29 GMT
cf-cache-status: MISS
accept-ranges: bytes
server: cloudflare
cf-ray: 7abd603cdd39b527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
lib-us-2.brilliantcollector.com/collector/collectorPost
34.206.41.130200 OK 38 B URL HTTP/2 lib-us-2.brilliantcollector.com/collector/collectorPost
IP 34.206.41.130:0
File type JSON data\012- , ASCII text
Hash b893b8fd23144f8071cf2abf44b9d2ad
d1c7e3ee42344fc673719df1ba77f220453ef033
1d4fdec9bbde03db70d2add577e12d713e8cceb38fb75ba13df9c89252475f60
POST /collector/collectorPost HTTP/1.1
Host: lib-us-2.brilliantcollector.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gocollette.com/
Content-Type: application/json
X-PageId: P.DFHZKK7U5T37ND92NFL3NWYLFH6F
X-Tealeaf: device (UIC) Lib/6.1.0.1989
X-TealeafType: GUI
X-TeaLeaf-Page-Url: /en/tours/north-america/canada/canadian-rockies-by-train
X-Tealeaf-SyncXHR: false
X-Tealeaf-MessageTypes: 1,2,12,14
X-Tealeaf-SaaS-AppKey: 461fdba66ec3419caa4488b1425c9631
X-Tealeaf-SaaS-TLTSID: 17160957194180701171045619552105
Content-Encoding: gzip
X-Requested-With: fetch
Origin: https://www.gocollette.com
Content-Length: 94223
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:29 GMT
content-type: application/json
content-length: 38
vary: Accept-Encoding,Origin
access-control-allow-origin: https://www.gocollette.com
access-control-allow-credentials: true
cache-control: no-cache
expires: Fri, 31 Dec 1998 12:00:00 GMT
dcname: prod-wdc
nodeid: wscollector-7d7f597f94-clrkr
tltsid: 17160957194180701171045619552105
x-envoy-upstream-service-time: 4
server: istio-envoy
X-Firefox-Spdy: h2
snap.licdn.com/li.lms-analytics/insight.min.js
23.36.76.210200 OK 4.8 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP 23.36.76.210:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13351)
Hash 74f72658f6efd10c4c286ab07cd5e452
9fa4dfc644b6e818914f2f2c4fe4bdf791fd6d39
6681619d5962f95b3fccfa34a7f035664edb66522d237ea0c28a05851f9d295c
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=84292
date: Wed, 22 Mar 2023 09:23:29 GMT
content-length: 4777
x-content-type-options: nosniff
x-cdn: AKAM
X-Firefox-Spdy: h2
z.moatads.com/addthismoatframe568911941483/moatframe.js
2.18.173.140200 OK 948 B URL HTTP/2 z.moatads.com/addthismoatframe568911941483/moatframe.js
IP 2.18.173.140:0
File type ASCII text, with very long lines (523)
Hash f14b4e1f799b14f798a195f43cf58376
b6fd3b3d407fb4c0a00fb8a31862235e2a6e0a86
92ed3e9fda5fa4d738ff4d9023846b56633617363dda6a750cacb4fba53241ac
GET /addthismoatframe568911941483/moatframe.js HTTP/1.1
Host: z.moatads.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: TYrAmp44ddThNKrHeBmfOrJOox8ItZdAJeP4Uj7Uut6T7Jvp1PpX/XFzXT0gU1oJH/SwK8Irisw=
x-amz-request-id: 598E0BAF9E725A50
last-modified: Fri, 08 Nov 2019 20:13:52 GMT
etag: "f14b4e1f799b14f798a195f43cf58376"
content-encoding: gzip
accept-ranges: bytes
content-type: application/x-javascript
content-length: 948
server: AmazonS3
vary: Accept-Encoding
unused62: 8096267
cache-control: max-age=42746
date: Wed, 22 Mar 2023 09:23:29 GMT
X-Firefox-Spdy: h2
v1.addthisedge.com/live/boost/ra-50bcb9321a0ad93f/_ate.track.config_resp
23.38.200.123200 OK 789 B URL HTTP/2 v1.addthisedge.com/live/boost/ra-50bcb9321a0ad93f/_ate.track.config_resp
IP 23.38.200.123:0
File type ASCII text, with very long lines (3278), with no line terminators
Hash 196d15dae13cad1bbe92efbd9c6b84ca
89e42ba2148c9ba8f9527cbb8aa113d41074d23b
5e4b508e4cca4f2e004c753f9939237791b50a53876f483c478c717fa27e6855
GET /live/boost/ra-50bcb9321a0ad93f/_ate.track.config_resp HTTP/1.1
Host: v1.addthisedge.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 789
etag: -303014123--gzip
content-disposition: attachment; filename=1.txt
content-encoding: gzip
cache-control: public, max-age=51, s-maxage=86400
date: Wed, 22 Mar 2023 09:23:29 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 98ef2332e938afb8647401c2c93963f8
290d4c70dff2177f0ce9d642f2b65d241b5c1b09
4aeade23ccb305259c80c6b38ec7d1f1710abe0086693f471edb3529f542837a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 09:23:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash f86da0dd278dab61512989673262b7b7
0a9e07a3e3001b0fd895cd6be56f4b6929048e7b
ac48a2d4cff37e533bcead879c78d3a6f937e6c07fe2aa71a7d0aa4cc5181752
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 09:23:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash e2ba316dbf0d1c231f12512204d0e832
16271f049892b4d07ab70043935b1873a2e423f9
99a5a7e359df4cc82ef7a931bc93c0252f28c938155c1a6bd886550a0709cb11
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3613
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 09:23:29 GMT
Last-Modified: Wed, 22 Mar 2023 08:23:16 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471
m.addthis.com/live/red_lojson/300lo.json?si=641ac913f8f9e9b9&bkl=0&bl=1&pdt=1706&sid=641ac913f8f9e9b9&pub=ra-50bcb9321a0ad93f&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.gocollette.com&fp=en%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=Canadian%20Rockies%20by%20Train%20Tours%2CCanadian%20Rockies%20by%20Train%20Travel&colc=1679477013362&jsl=1&uvs=641ac913b8c66163000&skipb=1&callback=addthis.cbs.jsonp__60355059999688270
23.38.200.123200 OK 89 B URL HTTP/2 m.addthis.com/live/red_lojson/300lo.json?si=641ac913f8f9e9b9&bkl=0&bl=1&pdt=1706&sid=641ac913f8f9e9b9&pub=ra-50bcb9321a0ad93f&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.gocollette.com&fp=en%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=Canadian%20Rockies%20by%20Train%20Tours%2CCanadian%20Rockies%20by%20Train%20Travel&colc=1679477013362&jsl=1&uvs=641ac913b8c66163000&skipb=1&callback=addthis.cbs.jsonp__60355059999688270
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash dba08e59aca610c3ef781c53ec44e2c5
072d76c42c3bd452f2f094d8d74ccbca88673339
e4ae02e2151a7245f123c08c27b70cb451d9a22018ddc393a1f534053f4fa172
GET /live/red_lojson/300lo.json?si=641ac913f8f9e9b9&bkl=0&bl=1&pdt=1706&sid=641ac913f8f9e9b9&pub=ra-50bcb9321a0ad93f&rev=v8.28.8-wp&ln=en&pc=men&cb=0&ab=-&dp=www.gocollette.com&fp=en%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&fr=&of=0&pd=0&irt=0&vcl=0&md=0&ct=0&tct=0&abt=0&cdn=0&pi=1&rb=0&gen=100&chr=UTF-8&mk=Canadian%20Rockies%20by%20Train%20Tours%2CCanadian%20Rockies%20by%20Train%20Travel&colc=1679477013362&jsl=1&uvs=641ac913b8c66163000&skipb=1&callback=addthis.cbs.jsonp__60355059999688270 HTTP/1.1
Host: m.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
content-length: 89
cache-control: max-age=0, no-cache, no-store, no-transform
pragma: no-cache
content-disposition: attachment; filename=1.txt
date: Wed, 22 Mar 2023 09:23:29 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 8a237b3ec23da41b2cdefc39b643691f
322b5b2a4fb99140ac53a94058d34a4806133519
4d88ec2ff0cf38948e56dabbd03130bb35850d89921fe80e242e762fedde2468
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 09:23:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 0086fc6b6b52670b2d7ca51fc65d8d44
1d906db50d0373e0e3e1e85031de970218264f4d
24a9078b3b1b7b060c8e68777d0baaa3651c18cebe9107a2598f07981086f830
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 09:23:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash e5f5bf796d91f271e383cf1ff3ee5af4
70ead02da19095ca752d55e89a48fcdf59d44d33
247f023e282f1556e668df0033858196d682f31f659d1b53ea6dcaeff56c401a
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
origin-agent-cluster: ?0
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: ebdaN0f+D7QWa4Xc9NTgZrB/1rA6PllKrBpON/FUXWNCXPA2mwWxy+NtEibksVZRBAC23NX19jTptrgVMpoM2g==
content-length: 27907
x-fb-trip-id: 1904183273
date: Wed, 22 Mar 2023 09:23:29 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.142200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.142:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Wed, 22 Mar 2023 07:53:25 GMT
expires: Wed, 22 Mar 2023 09:53:25 GMT
cache-control: public, max-age=7200
age: 5404
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash dda37260ef3da2106791d958718f88f2
81457c5eda68e0f0b1bb08495d73c4dd51d8031a
f81f5d752ee4fe8a0a55b6bf1695cc5c3e75f8bb8e0887ab5b03439c55c70e3d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5399
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 09:23:29 GMT
Last-Modified: Wed, 22 Mar 2023 07:53:30 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
192.229.221.95200 OK 313 B IP 192.229.221.95:0
Hash 5cd946186beb2d5aaf67bed9e5da5408
2ef7ba5577c3eb69b7829489f33aa5057f84f4ae
5650882d3cb625310e1bfe412dc2a95a9dcc760f4f5002c6d4126abc06ce8c12
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4704
Cache-Control: max-age=120027
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 09:23:29 GMT
Etag: "6419e88c-139"
Expires: Thu, 23 Mar 2023 18:43:56 GMT
Last-Modified: Tue, 21 Mar 2023 17:25:32 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 313
www.googleadservices.com/pagead/conversion.js
142.250.74.130200 OK 18 kB URL HTTP/2 www.googleadservices.com/pagead/conversion.js
IP 142.250.74.130:0
File type ASCII text, with very long lines (3253)
Hash 889e9624c8ea59cc524615ac97b8910b
494f001853aec9882ccbd96274eadbab433b5557
aaebe58a6cb3727c125f7639d137d2f7d3503597f320f41d900f01986b41be60
GET /pagead/conversion.js HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 22 Mar 2023 09:23:29 GMT
expires: Wed, 22 Mar 2023 09:23:29 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 4389133715377062430
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 17669
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
bat.bing.com/bat.js
204.79.197.200200 OK 12 kB IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
File type Unicode text, UTF-8 text, with very long lines (40607), with no line terminators
Hash df60fd7bf44328874a83d1502b426d93
c7377c67c92e016832d20e3fce453c1c436daa5a
01409313ef9be8fbe03b48a803cbc49fee135bf75b85bb4e1089f9c542a72cc3
GET /bat.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: private,max-age=1800
content-length: 11902
content-type: application/javascript
content-encoding: gzip
last-modified: Thu, 16 Feb 2023 18:31:53 GMT
accept-ranges: bytes
etag: "8072cff03442d91:0"
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 32FF824DA34B4E84934E8939C382E7B2 Ref B: OSL30EDGE0512 Ref C: 2023-03-22T09:23:29Z
date: Wed, 22 Mar 2023 09:23:28 GMT
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/753938020/?random=1679477011753&cv=11&fst=1679477011753&bg=ffffff&guid=ON&async=1>m=45He33k0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&hn=www.googleadservices.com&frm=0&tiba=Canadian%20Rockies%20by%20Train%3A%20Trips%2C%20Tours%20%26%20Vacation%20Packages&auid=175392605.1679477012&rfmt=3&fmt=4
142.250.74.130200 OK 1.3 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/753938020/?random=1679477011753&cv=11&fst=1679477011753&bg=ffffff&guid=ON&async=1>m=45He33k0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&hn=www.googleadservices.com&frm=0&tiba=Canadian%20Rockies%20by%20Train%3A%20Trips%2C%20Tours%20%26%20Vacation%20Packages&auid=175392605.1679477012&rfmt=3&fmt=4
IP 142.250.74.130:0
File type ASCII text, with very long lines (2987), with no line terminators
Hash 9ef01e05e457c18adc59a6b9c502748b
2399f2a7cbd5605146b9b7207a7b6383d487c283
53740e04635d84559b288c7dc675e4b071c07ccfb03eb4f384a3747c265a3fe7
GET /pagead/viewthroughconversion/753938020/?random=1679477011753&cv=11&fst=1679477011753&bg=ffffff&guid=ON&async=1>m=45He33k0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&hn=www.googleadservices.com&frm=0&tiba=Canadian%20Rockies%20by%20Train%3A%20Trips%2C%20Tours%20%26%20Vacation%20Packages&auid=175392605.1679477012&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 22 Mar 2023 09:23:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 1342
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 22-Mar-2023 09:38:29 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-83LPQJX1G8&cid=712386116.1679477012>m=45je33k0&aip=1&z=35055600
216.58.207.227200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-83LPQJX1G8&cid=712386116.1679477012>m=45je33k0&aip=1&z=35055600
IP 216.58.207.227:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-83LPQJX1G8&cid=712386116.1679477012>m=45je33k0&aip=1&z=35055600 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 22 Mar 2023 09:23:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.gstatic.com/wcm/loader.js
142.250.74.3200 OK 1.3 kB URL HTTP/2 www.gstatic.com/wcm/loader.js
IP 142.250.74.3:0
File type ASCII text, with very long lines (1123)
Hash 22300d54ba7faf32360c95915053014c
ea83f097bd99413f9d8fcb08d0312ba7ba1be99f
2c4c9c9d6af1ad12556ab11c8021eb5c254025ce04500bc885b69984dd562ce5
GET /wcm/loader.js HTTP/1.1
Host: www.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-encoding: br
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-length: 1339
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 22 Mar 2023 08:32:53 GMT
expires: Wed, 22 Mar 2023 09:32:53 GMT
cache-control: public, max-age=3600
age: 3036
last-modified: Mon, 15 Mar 2021 16:45:00 GMT
content-type: text/javascript
vary: Accept-Encoding
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash e2ba316dbf0d1c231f12512204d0e832
16271f049892b4d07ab70043935b1873a2e423f9
99a5a7e359df4cc82ef7a931bc93c0252f28c938155c1a6bd886550a0709cb11
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3613
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 09:23:29 GMT
Last-Modified: Wed, 22 Mar 2023 08:23:16 GMT
Server: ECAcc (ska/F757)
X-Cache: HIT
Content-Length: 471
beacon.sojern.com/pixel/p/200655?f_v=v6_js&p_v=2&vid=cru&cid=
107.178.244.119200 OK 690 B URL HTTP/2 beacon.sojern.com/pixel/p/200655?f_v=v6_js&p_v=2&vid=cru&cid=
IP 107.178.244.119:0
Hash 61432d9cae3c149caac952608fa4bea8
e09d8834bdd7acf9207d415092ef2e1fc29df37a
539cdf7bba560c83fd1a119f54a3c8456b707677d7e05a8b295d958067bd6469
GET /pixel/p/200655?f_v=v6_js&p_v=2&vid=cru&cid= HTTP/1.1
Host: beacon.sojern.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-encoding: gzip
content-type: application/javascript
p3p: policyref="/w3c/p3p.xml", CP="ADMa OUR IND DSP NON LAW"
set-cookie: cid=304a21c4-3cab-0fa4-fd30-826446933387#1680048000000; Path=/; Domain=sojern.com; Max-Age=31536000; Secure; SameSite=None
vary: Accept-Encoding
date: Wed, 22 Mar 2023 09:23:29 GMT
content-length: 690
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 53c77f4eac44f53913d68abe7c9896d4
27b4242556156f2eaa06ff21ecb364865a50b8d9
15db303474e740477045393c0c00b8d64807d711d65e672e7263427263df6045
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 09:23:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash a67c7e014793d3f1531134abc22902b5
0a7b911ec6a81a3760dd91195b3cbab6c1b212e1
d325abe39a12f92235394f50e91f1cdca0f51691ee3d8738d4c596c9e4a244d7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5550
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 09:23:29 GMT
Last-Modified: Wed, 22 Mar 2023 07:50:59 GMT
Server: ECAcc (ska/F775)
X-Cache: HIT
Content-Length: 471
stags.bluekai.com/site/24365?limit=1&phint=site%3Dgocollette.com&phint=action%3Dvisit
23.38.201.22200 OK 62 B URL HTTP/2 stags.bluekai.com/site/24365?limit=1&phint=site%3Dgocollette.com&phint=action%3Dvisit
IP 23.38.201.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3f386f5061436a0338a64e0910db495d
599fe4a552c991a2b3ce5a1660732bf7b21fb901
0af3aae90b7de9fdceee2ab421378ea2f54c74be81ef43fc6c1790a032755d80
GET /site/24365?limit=1&phint=site%3Dgocollette.com&phint=action%3Dvisit HTTP/1.1
Host: stags.bluekai.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
content-length: 62
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV", policyref="http://tags.bluekai.com/w3c/p3p.xml"
bk-server: 2294
date: Wed, 22 Mar 2023 09:23:29 GMT
set-cookie: bkdc=phx; expires=Mon, 18-Sep-2023 09:23:29 GMT; path=/; domain=.bluekai.com; SameSite=None; Secure
bkpa=KJpEnXTLu5Dl1MWt1fUw0zpBnnWNPYF/01ygLxPJ3O3fomz78I4AoJSDomGk8I5Y8HvEupnpXTY0jjk9jx9QsOQo; expires=Mon, 18-Sep-2023 09:23:29 GMT; path=/; domain=.bluekai.com; SameSite=None; Secure
bku=nPX99OcJsZEAax92; expires=Mon, 18-Sep-2023 09:23:29 GMT; path=/; domain=.bluekai.com; SameSite=None; Secure
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash f86da0dd278dab61512989673262b7b7
0a9e07a3e3001b0fd895cd6be56f4b6929048e7b
ac48a2d4cff37e533bcead879c78d3a6f937e6c07fe2aa71a7d0aa4cc5181752
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 09:23:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 8a237b3ec23da41b2cdefc39b643691f
322b5b2a4fb99140ac53a94058d34a4806133519
4d88ec2ff0cf38948e56dabbd03130bb35850d89921fe80e242e762fedde2468
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 09:23:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash 0086fc6b6b52670b2d7ca51fc65d8d44
1d906db50d0373e0e3e1e85031de970218264f4d
24a9078b3b1b7b060c8e68777d0baaa3651c18cebe9107a2598f07981086f830
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 09:23:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash dda37260ef3da2106791d958718f88f2
81457c5eda68e0f0b1bb08495d73c4dd51d8031a
f81f5d752ee4fe8a0a55b6bf1695cc5c3e75f8bb8e0887ab5b03439c55c70e3d
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5396
Cache-Control: max-age=110971
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 09:23:29 GMT
Etag: "6419c278-1d7"
Expires: Thu, 23 Mar 2023 16:13:00 GMT
Last-Modified: Tue, 21 Mar 2023 14:43:04 GMT
Server: ECAcc (ska/F6AF)
X-Cache: HIT
Content-Length: 471
s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D0cc466b5-d830-c201-1a17-5673d0efdf16%26type%3D55%26m%3D1&ex-fch=416613&ex-src=www.gocollette.com/en/collette-gives-you-more/explorations&ex-hargs=v%3D1.0%3Bc%3D6789850140901%3Bp%3D0CC466B5-D830-C201-1A17-5673D0EFDF16
52.46.143.56302 Found 0 B URL HTTP/1.1 s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D0cc466b5-d830-c201-1a17-5673d0efdf16%26type%3D55%26m%3D1&ex-fch=416613&ex-src=www.gocollette.com/en/collette-gives-you-more/explorations&ex-hargs=v%3D1.0%3Bc%3D6789850140901%3Bp%3D0CC466B5-D830-C201-1A17-5673D0EFDF16
IP 52.46.143.56:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /iui3?d=forester-did&ex-fargs=%3Fid%3D0cc466b5-d830-c201-1a17-5673d0efdf16%26type%3D55%26m%3D1&ex-fch=416613&ex-src=www.gocollette.com/en/collette-gives-you-more/explorations&ex-hargs=v%3D1.0%3Bc%3D6789850140901%3Bp%3D0CC466B5-D830-C201-1A17-5673D0EFDF16 HTTP/1.1
Host: s.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: Server
Date: Wed, 22 Mar 2023 09:23:29 GMT
Content-Length: 0
Connection: keep-alive
x-amz-rid: N9V4J9BF8HS3R1Z4X2RF
Set-Cookie: ad-id=A_uxk0W3CEr0vjpLvbz_q2o|t; Domain=.amazon-adsystem.com; Expires=Sun, 01-Oct-2023 09:23:29 GMT; Path=/; Secure; HttpOnly; SameSite=None
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Location: https://s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D0cc466b5-d830-c201-1a17-5673d0efdf16%26type%3D55%26m%3D1&ex-fch=416613&ex-src=www.gocollette.com/en/collette-gives-you-more/explorations&ex-hargs=v%3D1.0%3Bc%3D6789850140901%3Bp%3D0CC466B5-D830-C201-1A17-5673D0EFDF16&dcc=t
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.2cd9e450202b69d545a3.js
54.230.219.201200 OK 4.8 kB URL HTTP/2 cdn.segment.com/analytics-next/bundles/ajs-destination.bundle.2cd9e450202b69d545a3.js
IP 54.230.219.201:0
File type ASCII text, with very long lines (9157)
Hash c433d480e84b841dfb59e3cb01a5abea
02315157b4a1bdc687c8ea8bb69f779b833f9bd8
592b490731b95fa5b932935754c46af3d2b876e84c9ae284248d5989f52ea533
GET /analytics-next/bundles/ajs-destination.bundle.2cd9e450202b69d545a3.js HTTP/1.1
Host: cdn.segment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Tue, 07 Mar 2023 01:16:11 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Thu, 26 Jan 2023 20:14:52 GMT
etag: W/"cc39e85781964199cd0d9501c897e385"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=31536000,immutable
x-amz-version-id: jZ2L92raJDMf08tukXqdJ6aGBdPFzdTy
server: AmazonS3
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _RFfrTHsAREtVC-zogOks1ZSdTZkRoXfeZ9ukqueUo-yIKqsDJFMgA==
age: 1325239
X-Firefox-Spdy: h2
static.criteo.net/js/ld/ld.js
178.250.0.130200 OK 18 kB URL HTTP/2 static.criteo.net/js/ld/ld.js
IP 178.250.0.130:0
File type ASCII text, with very long lines (55022)
Hash df7f3a7ca54e4feaefb9fe8b643218ff
2ea0a4de291d5d45b17aa4c92151a326e79a44a0
65efb1c4bb97adbef8ddcf6c8410d0e9ae88e3070f0fdad25e2cdb67e673d81e
GET /js/ld/ld.js HTTP/1.1
Host: static.criteo.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 22 Mar 2023 09:23:29 GMT
content-type: text/javascript
last-modified: Tue, 07 Mar 2023 15:05:20 GMT
etag: W/"640752b0-ae53"
expires: Thu, 23 Mar 2023 09:23:29 GMT
cross-origin-resource-policy: cross-origin
cache-control: max-age=86400, public
timing-allow-origin: *
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
cdn.segment.com/next-integrations/integrations/hubspot/2.2.4/hubspot.dynamic.js.gz
54.230.219.201200 OK 1.6 kB URL HTTP/2 cdn.segment.com/next-integrations/integrations/hubspot/2.2.4/hubspot.dynamic.js.gz
IP 54.230.219.201:0
File type HTML document, ASCII text, with very long lines (3477)
Hash eca7290acd47797e77fc87621b4b7a5d
7c8a86ec89f9a931efe1cc1355f07b62f0527cee
223a450e4d786bac93559a8a5d34c78be271a89f7417842b0ae254bf7e90fb55
GET /next-integrations/integrations/hubspot/2.2.4/hubspot.dynamic.js.gz HTTP/1.1
Host: cdn.segment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 1554
date: Wed, 15 Mar 2023 10:24:10 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Wed, 08 Feb 2023 17:50:06 GMT
etag: "eca7290acd47797e77fc87621b4b7a5d"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=31536000,immutable
content-encoding: gzip
x-amz-version-id: 3gw.GGYrhRKw8wAj97LsHoqUcNHjaWz9
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: l6lQCoa5IGY5c0VSLc3hqu17DOI-kl2cZTd5vwvkmPoP7d5G1d7TnA==
age: 601160
X-Firefox-Spdy: h2
cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
54.230.219.201200 OK 22 kB URL HTTP/2 cdn.segment.com/next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz
IP 54.230.219.201:0
File type HTML document text\012- HTML document, ASCII text, with very long lines (65536), with no line terminators
Hash befb217271e2e926c7d898f1c85f6cb7
b6ca8f0b9eb7ddebc916cbc77eddab8532216748
21c28b41965eaf22aae5ee670f71227bd2d8fd32a024d62864873f7c8621e8f4
GET /next-integrations/integrations/vendor/commons.c42222c4cb2f8913500f.js.gz HTTP/1.1
Host: cdn.segment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 22177
date: Tue, 21 Mar 2023 17:53:38 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
last-modified: Wed, 08 Feb 2023 17:50:04 GMT
etag: "befb217271e2e926c7d898f1c85f6cb7"
x-amz-server-side-encryption: AES256
cache-control: public,max-age=31536000,immutable
content-encoding: gzip
x-amz-version-id: lJtmCXSyB5Fd94udMEaQ3Fg4j3ghWk62
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mIv_6y_pGrG_xEW6Yh3zRGsUbyHSqJJXRl6ep7ZmV5xz_DohvMFljg==
age: 55792
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash c724796656f45a6ae4029aebfcd13bce
89ba2bb4d9afb4ea6c31fb58d1ab145472552206
73628c27b39a8ea374809b3e71ea135b4ffc13bab15095b49649c470a44d3352
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3871
Cache-Control: max-age=110531
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 09:23:29 GMT
Etag: "6419c6b5-1d7"
Expires: Thu, 23 Mar 2023 16:05:40 GMT
Last-Modified: Tue, 21 Mar 2023 15:01:09 GMT
Server: ECAcc (ska/F756)
X-Cache: HIT
Content-Length: 471
cdn.linkedin.oribi.io/partner/3300780/domain/gocollette.com/token
54.230.111.112200 OK 627 B URL HTTP/2 cdn.linkedin.oribi.io/partner/3300780/domain/gocollette.com/token
IP 54.230.111.112:0
Hash 2e95d0ee89e14f4366294e0dfe0a19a2
0598d93343f2d826a7313980e616fc178f311d66
477fd5f62744a9bc81261f4ef39942078275fa810d58fce67147051b27311e86
GET /partner/3300780/domain/gocollette.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.gocollette.com
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Wed, 22 Mar 2023 08:44:56 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 98794c1dec0d4e7b10ddf0faa094cf94.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IO7wO86oqRuHfKcNmQiF5UxxVUUpHgIxdN5yuVTzzNFBpJQgjVZ3Sg==
age: 2313
X-Firefox-Spdy: h2
ww2.feefo.com/api/feedback-image/5766b1f3498e0e62d7ef3d60
104.16.75.76200 OK 100 kB URL HTTP/2 ww2.feefo.com/api/feedback-image/5766b1f3498e0e62d7ef3d60
IP 104.16.75.76:0
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 800x597, components 3\012- data
Size 100 kB (100271 bytes)
Hash eeacc994a5635eed91e164f87a7e49fa
c4c49206ca5597abe1976ff128a3b41579bceb9b
c177b5c2b6ba69cd5b2da61be9f30479fa0b5dcdcea80453b5035580cc9468bf
GET /api/feedback-image/5766b1f3498e0e62d7ef3d60 HTTP/1.1
Host: ww2.feefo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:30 GMT
content-type: image/jpeg
content-length: 100271
expires: Wed, 22 Mar 2023 11:23:29 GMT
cache-control: max-age=7200
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-kong-upstream-latency: 3076
x-kong-proxy-latency: 1
via: kong/3.0.2
last-modified: Wed, 22 Mar 2023 09:23:29 GMT
cf-cache-status: MISS
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7abd603c3c0fb527-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
192.229.221.95200 OK 314 B IP 192.229.221.95:0
Hash 6617760b072de5dae5f2d57fdff61a30
4d088bb0d117838e31ddb470f21ee5ad9f756e43
3cc185910f60110f0b2352884f2a8b130024fe4688b188780303a7538e208218
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 797
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 09:23:30 GMT
Last-Modified: Wed, 22 Mar 2023 09:10:13 GMT
Server: ECAcc (ska/F73A)
X-Cache: HIT
Content-Length: 314
ocsp.digicert.com/
192.229.221.95200 OK 471 B IP 192.229.221.95:0
Hash 1cb7df8af6a9e5b949755871be365735
8120239c2f494afc1d5b601164b52431cba74162
72ee07506a23d2e1121ae3f7d8b9941ea57365b3eacd8ed481de7da7290451cb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6159
Cache-Control: max-age=121065
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 09:23:30 GMT
Etag: "6419e6ec-1d7"
Expires: Thu, 23 Mar 2023 19:01:15 GMT
Last-Modified: Tue, 21 Mar 2023 17:18:36 GMT
Server: ECAcc (ska/F6D2)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
192.229.221.95200 OK 314 B IP 192.229.221.95:0
Hash 6617760b072de5dae5f2d57fdff61a30
4d088bb0d117838e31ddb470f21ee5ad9f756e43
3cc185910f60110f0b2352884f2a8b130024fe4688b188780303a7538e208218
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3084
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 09:23:30 GMT
Last-Modified: Wed, 22 Mar 2023 08:32:06 GMT
Server: ECAcc (ska/F7A5)
X-Cache: HIT
Content-Length: 314
gum.criteo.com/syncframe?topUrl=www.gocollette.com&origin=onetag
178.250.0.157200 OK 5.1 kB URL HTTP/2 gum.criteo.com/syncframe?topUrl=www.gocollette.com&origin=onetag
IP 178.250.0.157:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13465)
Hash 2cf12a61c5f3f23abe6f26d2181f908c
7cc44e27a14d87f3a8180a7b3a99f6fbc52f99c8
f0b7a85374c53a3a5e3dc9074aa1587df2e43cbd4835cb777f23ae7492cf2041
GET /syncframe?topUrl=www.gocollette.com&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:28 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: uid=4fb980a1-ab14-48b3-abb4-e951414b3b31; expires=Mon, 15 Apr 2024 09:23:29 GMT; domain=.criteo.com; path=/; secure; samesite=none
optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 779394
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
js.hs-analytics.net/analytics/1679476800000/2641890.js
104.17.70.176200 OK 56 kB URL HTTP/2 js.hs-analytics.net/analytics/1679476800000/2641890.js
IP 104.17.70.176:0
File type ASCII text, with very long lines (64503)
Hash efd9eb2c75d3779f39b8ecbf50c678c0
3142642e0001e373cde857c2f19f922e9837c5c0
80e00d160f2f12c76ae7ac19b088eb2d6a1c50cab5745512eb1e100f7458564a
GET /analytics/1679476800000/2641890.js HTTP/1.1
Host: js.hs-analytics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:29 GMT
content-type: text/javascript
x-amz-id-2: 9PuOlVtbi5dkHoyaXoQnXQbOWwMy2uwVUHqwDXRPzcP7DgJ2Q5geeNwta6fK5+e9BPO1autjDj0=
x-amz-request-id: C9107X2XJQZMFQ73
last-modified: Thu, 02 Mar 2023 23:01:27 GMT
etag: W/"860dbb6c1d828f00101ec41244fed911"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: null
access-control-allow-credentials: false
vary: origin, Accept-Encoding
expires: Wed, 22 Mar 2023 09:28:29 GMT
cf-cache-status: MISS
server: cloudflare
cf-ray: 7abd604ceb461c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
23.38.200.123200 OK 78 kB URL HTTP/2 s7.addthis.com/static/layers.fa6cd1947ce26e890d3d.js
IP 23.38.200.123:0
File type Unicode text, UTF-8 text, with very long lines (65533), with no line terminators
Hash 9a77dff666eebb6cf4bbc4c67c7b563b
9e98d7824a7b4e34665c2690d6f52caddad1fe4b
6cdf8e597f3cbe759531153fd926d51aeaebd836a1c9bc1436e079645bfd3ad7
GET /static/layers.fa6cd1947ce26e890d3d.js HTTP/1.1
Host: s7.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/javascript
last-modified: Mon, 26 Oct 2020 18:11:48 GMT
etag: W/"5f971164-41cf5"
timing-allow-origin: *
cache-control: public, max-age=86313600
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 77672
date: Wed, 22 Mar 2023 09:23:30 GMT
vary: Accept-Encoding
x-host: s7.addthis.com
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.132200 OK 1.3 kB URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.132:0
File type JSON data\012- , ASCII text
Hash d879608946643402a35c83de8bb3d708
fce56d209931b50b15243497cfd8d67612a4b4c6
56c9b69020a401f3ea6f135481ca73571f6648ec2d05a84328c1cceec9d0834a
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:29 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 95391
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
bat.bing.com/action/0?ti=5090430&Ver=2&mid=75ef909d-0e4e-4b4d-841e-fe0340d64fc8&sid=38411c50c89311edba61c5356fbb5e2e&vid=384114c0c89311ed93cc0ffade1777bc&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Canadian%20Rockies%20by%20Train%3A%20Trips,%20Tours%20%26%20Vacation%20Packages&kw=Canadian%20Rockies%20by%20Train%20Tours,%20Canadian%20Rockies%20by%20Train%20Travel&p=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&r=<=3653&evt=pageLoad&sv=1&rn=623773
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/action/0?ti=5090430&Ver=2&mid=75ef909d-0e4e-4b4d-841e-fe0340d64fc8&sid=38411c50c89311edba61c5356fbb5e2e&vid=384114c0c89311ed93cc0ffade1777bc&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Canadian%20Rockies%20by%20Train%3A%20Trips,%20Tours%20%26%20Vacation%20Packages&kw=Canadian%20Rockies%20by%20Train%20Tours,%20Canadian%20Rockies%20by%20Train%20Travel&p=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&r=<=3653&evt=pageLoad&sv=1&rn=623773
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /action/0?ti=5090430&Ver=2&mid=75ef909d-0e4e-4b4d-841e-fe0340d64fc8&sid=38411c50c89311edba61c5356fbb5e2e&vid=384114c0c89311ed93cc0ffade1777bc&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Canadian%20Rockies%20by%20Train%3A%20Trips,%20Tours%20%26%20Vacation%20Packages&kw=Canadian%20Rockies%20by%20Train%20Tours,%20Canadian%20Rockies%20by%20Train%20Travel&p=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&r=<=3653&evt=pageLoad&sv=1&rn=623773 HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=30512907B0616351258F3BDBB194621F; domain=.bing.com; expires=Mon, 15-Apr-2024 09:23:30 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 793630696678465392799E0B157830FC Ref B: OSL30EDGE0512 Ref C: 2023-03-22T09:23:30Z
date: Wed, 22 Mar 2023 09:23:29 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash dcd9f6156f4e8761c71f09d9e0461adf
4dee53387d92dee7833943bf23ae641776434c8a
d2e17254d2aed901036ec6ea67bd8ee2dbc4e7f7f4faa241ce17a4ea76f65af0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 09:23:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D0cc466b5-d830-c201-1a17-5673d0efdf16%26type%3D55%26m%3D1&ex-fch=416613&ex-src=www.gocollette.com/en/collette-gives-you-more/explorations&ex-hargs=v%3D1.0%3Bc%3D6789850140901%3Bp%3D0CC466B5-D830-C201-1A17-5673D0EFDF16&dcc=t
52.46.143.56200 OK 43 B URL HTTP/1.1 s.amazon-adsystem.com/iui3?d=forester-did&ex-fargs=%3Fid%3D0cc466b5-d830-c201-1a17-5673d0efdf16%26type%3D55%26m%3D1&ex-fch=416613&ex-src=www.gocollette.com/en/collette-gives-you-more/explorations&ex-hargs=v%3D1.0%3Bc%3D6789850140901%3Bp%3D0CC466B5-D830-C201-1A17-5673D0EFDF16&dcc=t
IP 52.46.143.56:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 6851dbf491ae442da3314f19e8aff085
ecfec27263608c4ae7cd4f8e0cebb1b061df2ac3
c21e2c1246fe45a6750ae6208db2b5965ff6ed63eb80d2ecec3be9c83813428e
GET /iui3?d=forester-did&ex-fargs=%3Fid%3D0cc466b5-d830-c201-1a17-5673d0efdf16%26type%3D55%26m%3D1&ex-fch=416613&ex-src=www.gocollette.com/en/collette-gives-you-more/explorations&ex-hargs=v%3D1.0%3Bc%3D6789850140901%3Bp%3D0CC466B5-D830-C201-1A17-5673D0EFDF16&dcc=t HTTP/1.1
Host: s.amazon-adsystem.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gocollette.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: Server
Date: Wed, 22 Mar 2023 09:23:30 GMT
Content-Type: image/gif
Content-Length: 43
Connection: keep-alive
x-amz-rid: SZX2Z4A10JPFXJGZVVK5
Cache-Control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
Pragma: no-cache
Expires: Thu, 01 Jan 1970 00:00:00 GMT
p3p: policyref="https://www.amazon.com/w3c/p3p.xml", CP="PSAo PSDo OUR SAM OTR DSP COR"
Vary: Content-Type,Accept-Encoding,User-Agent
Strict-Transport-Security: max-age=47474747; includeSubDomains; preload
cm.g.doubleclick.net/pixel?google_hm=MEohxDyrD6T9MIJkRpMzhw&google_nid=sojern_adh
216.58.207.226302 Found 305 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_hm=MEohxDyrD6T9MIJkRpMzhw&google_nid=sojern_adh
IP 216.58.207.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 1b588709022a8341661b3cbaca5fbfdc
efc5f1d567edbc523067517419386dfd0e3a7a8b
4a153ea34cd8eedeba39b5e41b6a00a08a391fa12fcd28119ecd31c0e81e986b
GET /pixel?google_hm=MEohxDyrD6T9MIJkRpMzhw&google_nid=sojern_adh HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_hm=MEohxDyrD6T9MIJkRpMzhw&google_nid=sojern_adh&google_tc=
date: Wed, 22 Mar 2023 09:23:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 305
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 22-Mar-2023 09:38:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash d8076782b7586aea6d69480d5434652e
6bd6f10f27f62711c6783bc8b5ea72cb74622e2f
ab660e165b0044aa0ca16ab2a42ac38a1922a24a6ae6e879d4e3e1e9c19822c2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 09:23:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
bat.bing.com/p/action/5090430.js
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/p/action/5090430.js
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /p/action/5090430.js HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
cache-control: private,max-age=1800
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F19151153E6E44C4A72780D073DE9D24 Ref B: OSL30EDGE0512 Ref C: 2023-03-22T09:23:30Z
date: Wed, 22 Mar 2023 09:23:29 GMT
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_cm=true&google_hm=MEohxDyrD6T9MIJkRpMzhw&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=JQizGFxxNJ8gnpv7YV_w9o810_iqGb6ENn7GtxNIE0swEehP1UiDjPZQ7sgRNXdV&sjrn_ula=797679517
216.58.207.226302 Found 461 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_cm=true&google_hm=MEohxDyrD6T9MIJkRpMzhw&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=JQizGFxxNJ8gnpv7YV_w9o810_iqGb6ENn7GtxNIE0swEehP1UiDjPZQ7sgRNXdV&sjrn_ula=797679517
IP 216.58.207.226:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash c7e7e21bd9718a9fcf76a902b48d54dc
bacec04f704a42ea7ed316324680a48361b60ea9
74ec4f0c4dffe5c935f224f0258640bddaf32781516cfcd6ad215d6e76b1fcbc
GET /pixel?google_cm=true&google_hm=MEohxDyrD6T9MIJkRpMzhw&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=JQizGFxxNJ8gnpv7YV_w9o810_iqGb6ENn7GtxNIE0swEehP1UiDjPZQ7sgRNXdV&sjrn_ula=797679517 HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_cm=true&google_hm=MEohxDyrD6T9MIJkRpMzhw&google_nid=sojern__adx_open_bidder_seat&google_sc=true&sjrn_id=JQizGFxxNJ8gnpv7YV_w9o810_iqGb6ENn7GtxNIE0swEehP1UiDjPZQ7sgRNXdV&sjrn_ula=797679517&google_tc=
date: Wed, 22 Mar 2023 09:23:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 461
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 22-Mar-2023 09:38:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=JQizGFxxNJ8gnpv7YV_w9o810_iqGb6ENn7GtxNIE0swEehP1UiDjPZQ7sgRNXdV
185.89.210.46307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=JQizGFxxNJ8gnpv7YV_w9o810_iqGb6ENn7GtxNIE0swEehP1UiDjPZQ7sgRNXdV
IP 185.89.210.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://pixel.sojern.com/idsync/apn?id=$UID&sjrn_id=JQizGFxxNJ8gnpv7YV_w9o810_iqGb6ENn7GtxNIE0swEehP1UiDjPZQ7sgRNXdV HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Wed, 22 Mar 2023 09:23:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DJQizGFxxNJ8gnpv7YV_w9o810_iqGb6ENn7GtxNIE0swEehP1UiDjPZQ7sgRNXdV
AN-X-Request-Uuid: 74c85d44-ceaa-4675-9953-bbcc896d2de1
Set-Cookie: uuid2=5158811987294206292; SameSite=None; Path=/; Max-Age=7776000; Expires=Tue, 20-Jun-2023 09:23:30 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ad.doubleclick.net/ddm/activity/src=4832529;type=sales;cat=colle001;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]
142.250.74.134302 Found 0 B URL HTTP/2 ad.doubleclick.net/ddm/activity/src=4832529;type=sales;cat=colle001;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID]
IP 142.250.74.134:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/activity/src=4832529;type=sales;cat=colle001;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID] HTTP/1.1
Host: ad.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 22 Mar 2023 09:23:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.com/ddm/fls/p/src=4832529;type=sales;cat=colle001;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID];~oref=https://www.gocollette.com/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 22-Mar-2023 09:38:30 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.com/pagead/1p-user-list/753938020/?random=1679477011753&cv=11&fst=1679475600000&bg=ffffff&guid=ON&async=1>m=45He33k0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&frm=0&tiba=Canadian%20Rockies%20by%20Train%3A%20Trips%2C%20Tours%20%26%20Vacation%20Packages&fmt=3&is_vtc=1&random=4142457976&rmt_tld=0&ipr=y
142.250.74.132200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/753938020/?random=1679477011753&cv=11&fst=1679475600000&bg=ffffff&guid=ON&async=1>m=45He33k0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&frm=0&tiba=Canadian%20Rockies%20by%20Train%3A%20Trips%2C%20Tours%20%26%20Vacation%20Packages&fmt=3&is_vtc=1&random=4142457976&rmt_tld=0&ipr=y
IP 142.250.74.132:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/753938020/?random=1679477011753&cv=11&fst=1679475600000&bg=ffffff&guid=ON&async=1>m=45He33k0&u_w=1280&u_h=1024&url=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&frm=0&tiba=Canadian%20Rockies%20by%20Train%3A%20Trips%2C%20Tours%20%26%20Vacation%20Packages&fmt=3&is_vtc=1&random=4142457976&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 22 Mar 2023 09:23:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
starling.crowdriff.com/js/2.e5442ff1b0fab0c125ba.js
54.230.111.49200 OK 69 kB URL HTTP/2 starling.crowdriff.com/js/2.e5442ff1b0fab0c125ba.js
IP 54.230.111.49:0
Hash 639b0e89c0dfa7ad68584d64392a8834
7658a279c9e4fe54fe16cacc9456a55adbda7626
7e45476334560a7507ff597839407f59e0eca443ed6b9e5bf44117f29a61fa39
GET /js/2.e5442ff1b0fab0c125ba.js HTTP/1.1
Host: starling.crowdriff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.gocollette.com
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Thu, 09 Mar 2023 19:27:04 GMT
set-cookie: AWSALB=nxLtMPPYqlmI0SkdPzNIx79OrgqTmI51ZQB8bqYwLkZnL653P8qwBAxc7oW3DVx2F7k5QdHDI2CJw3ENHEUGQZ2iBC4bLg0/ELBcJcmXRbdWRmstNRAXyPky9box; Expires=Thu, 16 Mar 2023 19:27:04 GMT; Path=/
AWSALBCORS=nxLtMPPYqlmI0SkdPzNIx79OrgqTmI51ZQB8bqYwLkZnL653P8qwBAxc7oW3DVx2F7k5QdHDI2CJw3ENHEUGQZ2iBC4bLg0/ELBcJcmXRbdWRmstNRAXyPky9box; Expires=Thu, 16 Mar 2023 19:27:04 GMT; Path=/; SameSite=None; Secure
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type, Authorization, Origin, X-Requested-With, Content-Type, Accept
cache-control: max-age=31536000
last-modified: Thu, 09 Mar 2023 19:23:46 GMT
etag: W/"31256-186c7d451d0"
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: g-psdRlaZWwhUlzEQxkP3wn7MJTyC5xKEe2LrBEPSsJe_H3soed7lw==
age: 1086986
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=3300780&time=1679477014545&url=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23
13.107.42.14302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=3300780&time=1679477014545&url=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=3300780&time=1679477014545&url=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23 HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3300780%26time%3D1679477014545%26url%3Dhttps%253A%252F%252Fwww.gocollette.com%252Fen%252Ftours%252Fnorth-america%252Fcanada%252Fcanadian-rockies-by-train%253Fcm_mmc%253DEmail-_-DomesticSale23-_-Hearst-_-US%252520DTC%2526utm_source%253DMedia%2526utm_medium%253DEmail%2526utm_campaign%253DHearst_DomesticSale23%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQJh4i4ZLoZZkAAAAYcIoW_WOjIVAu7Dl9DDUMoLn-OqJcOS26Ii4vYxqQ8iQiK0AMOQMCEV9B6xnA; Max-Age=2592000; Expires=Fri, 21 Apr 2023 09:23:30 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQJSfK2Xy07_vQAAAYcIoW_WbRFWoegGAY4mrsmmkTEK1a6Ej3g8WsnZLoFVP3TaQdHsfEHm73QmOh7Qo-QA8A; Max-Age=2592000; Expires=Fri, 21 Apr 2023 09:23:30 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
bcookie="v=2&6f8f0c91-06b2-44f3-87cd-27e5613fa95a"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 21-Mar-2024 09:23:30 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2486:u=1:x=1:i=1679477010:t=1679563410:v=2:sig=AQGflsu8qjcyHLubhqrF8cZroQHUqcKL"; Expires=Thu, 23 Mar 2023 09:23:30 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAX3ebacnyaWNxILgdTISQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: FC28EE310E014E50953FC44BF3CC7664 Ref B: OSL30EDGE0409 Ref C: 2023-03-22T09:23:30Z
date: Wed, 22 Mar 2023 09:23:29 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 471 B IP 142.250.74.163:0
Hash dcd9f6156f4e8761c71f09d9e0461adf
4dee53387d92dee7833943bf23ae641776434c8a
d2e17254d2aed901036ec6ea67bd8ee2dbc4e7f7f4faa241ce17a4ea76f65af0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 09:23:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=JQizGFxxNJ8gnpv7YV_w9o810_iqGb6ENn7GtxNIE0swEehP1UiDjPZQ7sgRNXdV&ttd_tpi=1
52.223.40.198200 OK 70 B URL HTTP/2 match.adsrvr.org/track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=JQizGFxxNJ8gnpv7YV_w9o810_iqGb6ENn7GtxNIE0swEehP1UiDjPZQ7sgRNXdV&ttd_tpi=1
IP 52.223.40.198:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 58a7930cd4577fc33c35828c271eab8f
406e57f86dc101e10f3a57be1e2f7b93c4580474
8d70b3e6badb6973663b398d297bb32eaedd08826a1af98d0a1cfce5324ffce0
GET /track/cmf/generic?ttd_pid=ombl9hp&ttd_puid=JQizGFxxNJ8gnpv7YV_w9o810_iqGb6ENn7GtxNIE0swEehP1UiDjPZQ7sgRNXdV&ttd_tpi=1 HTTP/1.1
Host: match.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:30 GMT
content-type: image/gif
content-length: 70
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 9446303f24a6e8e8d138867549399aa2
410a03d7475ec879b8e346f1706aea491e3f1da5
f7d7017ca9dbdf1822739e9baa6f34868504e6ce0d827aeeef82517c5db72960
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 09:23:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
tmscdn.coremetrics.com/tms/55310000/cp-v3.js?__t=20230322092335662
104.110.11.108200 OK 13 kB URL HTTP/1.1 tmscdn.coremetrics.com/tms/55310000/cp-v3.js?__t=20230322092335662
IP 104.110.11.108:0
Hash bb076c99628eda1c77ba241779212842
820888cac96e3c19d69cc09a70e8bcd520144ef3
129f9b5e6eecdd7c006748047a9b1e6cdf41dd3701b43d7c1cbac02d9fe76eb2
GET /tms/55310000/cp-v3.js?__t=20230322092335662 HTTP/1.1
Host: tmscdn.coremetrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "44df15b85c866fb23ca259ed53799775:1580401511"
Last-Modified: Thu, 30 Jan 2020 16:25:11 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 22 Mar 2023 09:23:30 GMT
Content-Length: 12638
Connection: keep-alive
libs.coremetrics.com/ddxlibs/yahoo-min.js
104.110.11.108200 OK 3.0 kB URL HTTP/1.1 libs.coremetrics.com/ddxlibs/yahoo-min.js
IP 104.110.11.108:0
File type ASCII text, with very long lines (6013)
Hash e50d9edc420b41235b5c5e9519c604ed
1836b64e01c7ea96a86febe73044353dc32b0541
b3808ba4336778f7f72268e0f5e187e7df31a65362b91a6c4708ccb079033abb
GET /ddxlibs/yahoo-min.js HTTP/1.1
Host: libs.coremetrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "839e18c2abe9817eb0b63acb4f014aa4:1407414707"
Last-Modified: Thu, 07 Aug 2014 12:31:47 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Date: Wed, 22 Mar 2023 09:23:30 GMT
Content-Length: 3005
Connection: keep-alive
js.hs-analytics.net/analytics/1679477100000/2641890.js
104.17.70.176200 OK 23 kB URL HTTP/2 js.hs-analytics.net/analytics/1679477100000/2641890.js
IP 104.17.70.176:0
File type ASCII text, with very long lines (64503)
Hash d58cc432492bb7f64a377f8a57209819
bf2a3036b4b7e4db252e8863f3375aed2a85801b
90caf3eafc98c98e66ecb08a0c00b7ec7e73dae57f1679bb9e930a2956124e78
GET /analytics/1679477100000/2641890.js HTTP/1.1
Host: js.hs-analytics.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:30 GMT
content-type: text/javascript
x-amz-id-2: fB+6HWCAEAHQ+aUxqL6LnSHVXJu0kJ3ZZ0h69oYaVFPUTB3rPuP1ITGGq/lI/wfwpaLIXlkkuyo=
x-amz-request-id: 15MD08BS6BK7FJTT
last-modified: Thu, 02 Mar 2023 23:01:27 GMT
etag: W/"860dbb6c1d828f00101ec41244fed911"
x-amz-server-side-encryption: AES256
cache-control: max-age=300, public
x-amz-version-id: null
access-control-allow-credentials: false
vary: origin, Accept-Encoding
expires: Wed, 22 Mar 2023 09:28:30 GMT
cf-cache-status: MISS
server: cloudflare
cf-ray: 7abd605249231c06-OSL
content-encoding: br
X-Firefox-Spdy: h2
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DJQizGFxxNJ8gnpv7YV_w9o810_iqGb6ENn7GtxNIE0swEehP1UiDjPZQ7sgRNXdV
185.89.210.46302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DJQizGFxxNJ8gnpv7YV_w9o810_iqGb6ENn7GtxNIE0swEehP1UiDjPZQ7sgRNXdV
IP 185.89.210.46:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fpixel.sojern.com%2Fidsync%2Fapn%3Fid%3D%24UID%26sjrn_id%3DJQizGFxxNJ8gnpv7YV_w9o810_iqGb6ENn7GtxNIE0swEehP1UiDjPZQ7sgRNXdV HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gocollette.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Wed, 22 Mar 2023 09:23:30 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://pixel.sojern.com/idsync/apn?id=0&sjrn_id=JQizGFxxNJ8gnpv7YV_w9o810_iqGb6ENn7GtxNIE0swEehP1UiDjPZQ7sgRNXdV
AN-X-Request-Uuid: ffdfd5f0-5610-41cc-90d3-5fa34788427a
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 940.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
starling.crowdriff.com/css/13.1ecd3053828fe655af5c.css
54.230.111.49200 OK 5.6 kB URL HTTP/2 starling.crowdriff.com/css/13.1ecd3053828fe655af5c.css
IP 54.230.111.49:0
Hash 425e901de786973e2684e2d7eb442b50
9877089624fa33624cd9406bcbb67d6801284d82
31419217a8c6a377637c13ec0eb63dd44cc559ed0af7789a4e65883e3f5e4d3c
GET /css/13.1ecd3053828fe655af5c.css HTTP/1.1
Host: starling.crowdriff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.gocollette.com
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
date: Thu, 05 May 2022 22:32:45 GMT
set-cookie: AWSALB=HYY0lWJL9rxJsFre8dI9fr6/eC4j1lrcXm+Lbg5cQqztwvEmB0XYbDZlOSxHivkO4zMpXz1NkQLY9Tk8wFeAB2SE4HkUWMtHgIxIcui+wCcXIwF6s1qNMQ5uk+M4; Expires=Thu, 12 May 2022 22:32:45 GMT; Path=/
AWSALBCORS=HYY0lWJL9rxJsFre8dI9fr6/eC4j1lrcXm+Lbg5cQqztwvEmB0XYbDZlOSxHivkO4zMpXz1NkQLY9Tk8wFeAB2SE4HkUWMtHgIxIcui+wCcXIwF6s1qNMQ5uk+M4; Expires=Thu, 12 May 2022 22:32:45 GMT; Path=/; SameSite=None; Secure
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type, Authorization, Origin, X-Requested-With, Content-Type, Accept
cache-control: max-age=31536000
last-modified: Mon, 28 Mar 2022 14:38:06 GMT
etag: W/"b32a-17fd0f670b0"
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yb90YhP0lsq1VShb76K5GC8w8py4qslOFnYmloBBKqydLsIG5V2zSw==
age: 27687045
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.163200 OK 472 B IP 142.250.74.163:0
Hash 9446303f24a6e8e8d138867549399aa2
410a03d7475ec879b8e346f1706aea491e3f1da5
f7d7017ca9dbdf1822739e9baa6f34868504e6ce0d827aeeef82517c5db72960
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Wed, 22 Mar 2023 09:23:30 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash d002f211eff5c513bb58183c87274c77
f07fce5cbf9ff0a5c288448f17103f92c35d2d48
947a07baee9712c0d78e557490d705794edd1d8c77fb3b692c7511a791a372a5
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Wed, 22 Mar 2023 09:23:30 GMT
Last-Modified: Wed, 22 Mar 2023 08:07:52 GMT
Server: ECAcc (bsa/EB2A)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: s4F7o6aefce1_zJcLstD-7HiS5465FpClL70wmIkenkGv3dnte8icQ==
Age: 4538
adservice.google.com/ddm/fls/p/src=4832529;type=sales;cat=colle001;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID];~oref=https://www.gocollette.com/
172.217.21.162302 Found 0 B URL HTTP/2 adservice.google.com/ddm/fls/p/src=4832529;type=sales;cat=colle001;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID];~oref=https://www.gocollette.com/
IP 172.217.21.162:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ddm/fls/p/src=4832529;type=sales;cat=colle001;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID];~oref=https://www.gocollette.com/ HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gocollette.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 22 Mar 2023 09:23:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://adservice.google.no/ddm/fls/p/src=4832529;type=sales;cat=colle001;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID];~oref=https://www.gocollette.com/
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3300780%26time%3D1679477014545%26url%3Dhttps%253A%252F%252Fwww.gocollette.com%252Fen%252Ftours%252Fnorth-america%252Fcanada%252Fcanadian-rockies-by-train%253Fcm_mmc%253DEmail-_-DomesticSale23-_-Hearst-_-US%252520DTC%2526utm_source%253DMedia%2526utm_medium%253DEmail%2526utm_campaign%253DHearst_DomesticSale23%26liSync%3Dtrue
13.107.42.14302 Found 0 B URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3300780%26time%3D1679477014545%26url%3Dhttps%253A%252F%252Fwww.gocollette.com%252Fen%252Ftours%252Fnorth-america%252Fcanada%252Fcanadian-rockies-by-train%253Fcm_mmc%253DEmail-_-DomesticSale23-_-Hearst-_-US%252520DTC%2526utm_source%253DMedia%2526utm_medium%253DEmail%2526utm_campaign%253DHearst_DomesticSale23%26liSync%3Dtrue
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3300780%26time%3D1679477014545%26url%3Dhttps%253A%252F%252Fwww.gocollette.com%252Fen%252Ftours%252Fnorth-america%252Fcanada%252Fcanadian-rockies-by-train%253Fcm_mmc%253DEmail-_-DomesticSale23-_-Hearst-_-US%252520DTC%2526utm_source%253DMedia%2526utm_medium%253DEmail%2526utm_campaign%253DHearst_DomesticSale23%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gocollette.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3300780&time=1679477014545&url=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&liSync=true
set-cookie: bcookie="v=2&b5373fde-0b0a-4b11-88bf-8967a46293d2"; Domain=.linkedin.com; Expires=Thu, 21-Mar-2024 09:23:30 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&2023032209233046fb0340-4519-4188-887c-a5739d6dcd18AQEFfuNayieCC-ZVctIrw1SrISySZGXN"; Domain=.www.linkedin.com; Expires=Thu, 21-Mar-2024 09:23:30 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2Nzk0NzcwMTA7MjswMjEgz5MiLHSZ+kjOte26wH52EqqX/uIR/f0kN9cfCJenDg==; Domain=.linkedin.com; Expires=Mon, 18 Sep 2023 09:23:30 GMT; Path=/; Secure; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2527:u=1:x=1:i=1679477010:t=1679563410:v=2:sig=AQFlq5OAJftEmSmdk6wcvAylmcDNx4Xk"; Expires=Thu, 23 Mar 2023 09:23:30 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src 'self' blob: static.licdn.com static-exp1.licdn.com static-exp2.licdn.com static-exp3.licdn.com; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lva1
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAX3ebah4avgtZvu8CN+7w==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 99AADA1315434F38BA6F4EBC868F229A Ref B: OSL30EDGE0409 Ref C: 2023-03-22T09:23:30Z
date: Wed, 22 Mar 2023 09:23:30 GMT
content-length: 0
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/p/src=4832529;type=sales;cat=colle001;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID];~oref=https://www.gocollette.com/
142.250.74.2200 OK 42 B URL HTTP/2 adservice.google.no/ddm/fls/p/src=4832529;type=sales;cat=colle001;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID];~oref=https://www.gocollette.com/
IP 142.250.74.2:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ddm/fls/p/src=4832529;type=sales;cat=colle001;qty=1;cost=0;u1=;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;npa=;ord=[OrderID];~oref=https://www.gocollette.com/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gocollette.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Wed, 22 Mar 2023 09:23:30 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
s2.adform.net/banners/scripts/st/trackpoint-async.js
37.157.2.249200 OK 31 kB URL HTTP/2 s2.adform.net/banners/scripts/st/trackpoint-async.js
IP 37.157.2.249:0
File type ASCII text, with very long lines (992)
Hash 94ebf674b78798222bce485e08820a28
b9374450d8c01cb2739c8aef5a9101fa6d1bb495
028d3c52df4afa08d89c76ba65126da44beb39d03bca2c5baed7f9c840c4e223
GET /banners/scripts/st/trackpoint-async.js HTTP/1.1
Host: s2.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gocollette.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Wed, 22 Mar 2023 09:19:09 GMT
content-type: application/javascript
vary: Accept-Encoding
last-modified: Tue, 29 Nov 2022 10:23:25 GMT
x-rgw-object-type: Normal
etag: W/"83eb5fafaa212c785f7393188ff817aa"
x-amz-request-id: tx00000bdfae384ccf5a381-006385e0d4-329373d4-default
access-control-allow-origin: *
cache-control: public, max-age=604800
x-cache-status: HIT
content-encoding: gzip
X-Firefox-Spdy: h2
api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23
23.38.200.123200 OK 2 B URL HTTP/2 api-public.addthis.com/url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23
IP 23.38.200.123:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /url/serviceapi/shares-post.json?services=sFbt&url=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: text/plain
Origin: https://www.gocollette.com
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
content-length: 2
cache-control: no-transform, max-age=0, s-maxage=14400
surrogate-key: sFbt=https://www.gocollette.com/en/tours/north-america/canada/canadian-rockies-by-train?cm_mmc=Email-_-DomesticSale23-_-Hearst-_-US%20DTC&utm_source=Media&utm_medium=Email&utm_campaign=Hearst_DomesticSale23
last-modified: Wed, 22 Mar 2023 09:00:00 GMT
access-control-allow-origin: https://www.gocollette.com
access-control-allow-credentials: true
strict-transport-security: max-age=15724800; includeSubDomains
date: Wed, 22 Mar 2023 09:23:30 GMT
X-Firefox-Spdy: h2
api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&callback=_ate.cbs.rcb_ku600
23.38.200.123200 OK 53 B URL HTTP/2 api-public.addthis.com/url/shares.json?url=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&callback=_ate.cbs.rcb_ku600
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash 5c6b298ba02cbcc5d3faccfb27fe2ede
6ee23504a0806e22e2e3a3e4a319041729b219f4
2b3a39576ba32be1befb1b6239b77590f2adf2a6f0c5014ee99bdd13970ee8a0
GET /url/shares.json?url=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&callback=_ate.cbs.rcb_ku600 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: www.gocollette.com/en/tours/north-america/canada/canadian-rockies-by-train?cm_mmc=email-_-domesticsale23-_-hearst-_-us%20dtc&utm_source=media&utm_medium=email&utm_campaign=hearst_domesticsale23
last-modified: Wed, 22 Mar 2023 09:23:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 53
date: Wed, 22 Mar 2023 09:23:30 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&callback=_ate.cbs.rcb_27ab0
23.38.200.123200 OK 53 B URL HTTP/2 api-public.addthis.com/url/shares.json?url=http%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&callback=_ate.cbs.rcb_27ab0
IP 23.38.200.123:0
File type ASCII text, with no line terminators
Hash 63fc75c402c9fb77f286b1ef4d61f03b
f3513ed70d499d88a86744c3e8ffd505cb473431
ae60013ec1c19b6a7d6f8eff8bad5e8e19d954df3af9843ebdc6f06df0c0b907
GET /url/shares.json?url=http%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&callback=_ate.cbs.rcb_27ab0 HTTP/1.1
Host: api-public.addthis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx/1.15.8
content-type: application/json
cache-control: no-transform, must-revalidate, max-age=0, s-maxage=3600
surrogate-key: www.gocollette.com/en/tours/north-america/canada/canadian-rockies-by-train?cm_mmc=email-_-domesticsale23-_-hearst-_-us%20dtc&utm_source=media&utm_medium=email&utm_campaign=hearst_domesticsale23
last-modified: Wed, 22 Mar 2023 09:23:30 GMT
strict-transport-security: max-age=15724800; includeSubDomains
content-encoding: gzip
content-length: 53
date: Wed, 22 Mar 2023 09:23:30 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
api.segment.io/v1/p
44.225.161.10200 OK 21 B IP 44.225.161.10:0
File type JSON data\012- , ASCII text
Hash 90749a50019a27e1f32cebdbaa7a1bc1
8329e3339f928f8591024bb0f938dab99c0ad4b8
12f71cb993958eefc4bdb41d7dbbda490779a9c7aba448f7be52bb63912e0254
POST /v1/p HTTP/1.1
Host: api.segment.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gocollette.com/
Content-Type: text/plain
Origin: https://www.gocollette.com
Content-Length: 1755
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:30 GMT
content-type: application/json
content-length: 21
access-control-allow-origin: https://www.gocollette.com
strict-transport-security: max-age=31536000
vary: Origin
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=3300780&time=1679477014545&url=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&liSync=true
13.107.42.14200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=3300780&time=1679477014545&url=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&liSync=true
IP 13.107.42.14:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=3300780&time=1679477014545&url=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gocollette.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: bcookie="v=2&b808c7f6-2328-47ec-8b0e-c5ce70ae39d3"; domain=.linkedin.com; Path=/; Secure; Expires=Thu, 21-Mar-2024 09:23:31 GMT; SameSite=None
lidc="b=TGST09:s=T:r=T:a=T:p=T:g=2486:u=1:x=1:i=1679477011:t=1679563411:v=2:sig=AQE1HnNzD76SvFZdzwgGuM7QpCRNLHXX"; Expires=Thu, 23 Mar 2023 09:23:31 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-ltx1
x-li-pop: afd-prod-ltx1-x
x-li-proto: http/2
x-li-uuid: AAX3ebanVi2/NWIlv/QUPA==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: F418CDF2577D4A2A9438F9DE2D50C759 Ref B: OSL30EDGE0409 Ref C: 2023-03-22T09:23:31Z
date: Wed, 22 Mar 2023 09:23:30 GMT
content-length: 0
X-Firefox-Spdy: h2
bat.bing.com/actionp/0?ti=5090430&Ver=2&mid=75ef909d-0e4e-4b4d-841e-fe0340d64fc8&sid=38411c50c89311edba61c5356fbb5e2e&vid=384114c0c89311ed93cc0ffade1777bc&vids=1&msclkid=N&evt=dedup
204.79.197.200204 No Content 0 B URL HTTP/2 bat.bing.com/actionp/0?ti=5090430&Ver=2&mid=75ef909d-0e4e-4b4d-841e-fe0340d64fc8&sid=38411c50c89311edba61c5356fbb5e2e&vid=384114c0c89311ed93cc0ffade1777bc&vids=1&msclkid=N&evt=dedup
IP 204.79.197.200:0
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /actionp/0?ti=5090430&Ver=2&mid=75ef909d-0e4e-4b4d-841e-fe0340d64fc8&sid=38411c50c89311edba61c5356fbb5e2e&vid=384114c0c89311ed93cc0ffade1777bc&vids=1&msclkid=N&evt=dedup HTTP/1.1
Host: bat.bing.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.gocollette.com
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=2E01EBFC3D4E69D62AE2F9203CBB687A; domain=.bing.com; expires=Mon, 15-Apr-2024 09:23:31 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: B8BC8C22430B40088C40A4C0F8D3EB08 Ref B: OSL30EDGE0512 Ref C: 2023-03-22T09:23:31Z
date: Wed, 22 Mar 2023 09:23:30 GMT
X-Firefox-Spdy: h2
px.mountain.com/st?ga_tracking_id=UA-6730750-24&ga_client_id=712386116.1679477012&shpt=Canadian%20Rockies%20by%20Train%3A%20Trips%20Tours%20%26%20Vacation%20Packages&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-6730750-24%22%2C%22ga_client_id%22%3A%22712386116.1679477012%22%2C%22shpt%22%3A%22Canadian%20Rockies%20by%20Train%3A%20Trips%20Tours%20%26%20Vacation%20Packages%22%2C%22dcm_cid%22%3A%22712386116.1679477012%22%2C%22dcm_gid%22%3A%222098168939.1679477015%22%2C%22ga_utm_campaign%22%3A%22Hearst_DomesticSale23%22%2C%22ga_utm_source%22%3A%22Media%22%2C%22ga_utm_medium%22%3A%22Email%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A14%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=712386116.1679477012&dcm_gid=2098168939.1679477015&dxver=4.0.0&shaid=32987&plh=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&cb=92651907334121940term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Cmediamath%3Dtrue%2Ccriteo%3Dtrue%2Cappnexus%3Dtrue
52.37.218.4200 OK 1.3 kB URL HTTP/1.1 px.mountain.com/st?ga_tracking_id=UA-6730750-24&ga_client_id=712386116.1679477012&shpt=Canadian%20Rockies%20by%20Train%3A%20Trips%20Tours%20%26%20Vacation%20Packages&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-6730750-24%22%2C%22ga_client_id%22%3A%22712386116.1679477012%22%2C%22shpt%22%3A%22Canadian%20Rockies%20by%20Train%3A%20Trips%20Tours%20%26%20Vacation%20Packages%22%2C%22dcm_cid%22%3A%22712386116.1679477012%22%2C%22dcm_gid%22%3A%222098168939.1679477015%22%2C%22ga_utm_campaign%22%3A%22Hearst_DomesticSale23%22%2C%22ga_utm_source%22%3A%22Media%22%2C%22ga_utm_medium%22%3A%22Email%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A14%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=712386116.1679477012&dcm_gid=2098168939.1679477015&dxver=4.0.0&shaid=32987&plh=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&cb=92651907334121940term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Cmediamath%3Dtrue%2Ccriteo%3Dtrue%2Cappnexus%3Dtrue
IP 52.37.218.4:0
File type ASCII text, with very long lines (2710)
Hash 6bec717dde46c559f22b19297f4a15c3
3087d7bd49bfe0e5a060da0e5de82ea7fc43706c
75b41e8618081bfa461fcd2aa0662201cf913f94924e01379744263ca74c9939
GET /st?ga_tracking_id=UA-6730750-24&ga_client_id=712386116.1679477012&shpt=Canadian%20Rockies%20by%20Train%3A%20Trips%20Tours%20%26%20Vacation%20Packages&ga_info=%7B%22status%22%3A%22OK%22%2C%22ga_tracking_id%22%3A%22UA-6730750-24%22%2C%22ga_client_id%22%3A%22712386116.1679477012%22%2C%22shpt%22%3A%22Canadian%20Rockies%20by%20Train%3A%20Trips%20Tours%20%26%20Vacation%20Packages%22%2C%22dcm_cid%22%3A%22712386116.1679477012%22%2C%22dcm_gid%22%3A%222098168939.1679477015%22%2C%22ga_utm_campaign%22%3A%22Hearst_DomesticSale23%22%2C%22ga_utm_source%22%3A%22Media%22%2C%22ga_utm_medium%22%3A%22Email%22%2C%22mntnis%22%3A%7B%7D%2C%22execution_workflow%22%3A%7B%22iteration%22%3A14%2C%22getClientIdByGA%22%3A%22FAILED%22%2C%22getClientIdByTracker%22%3A%22FAILED%22%2C%22getClientIdByGAData%22%3A%22FAILED%22%2C%22getClientIdByCookie%22%3A%22FAILED%22%2C%22shpt%22%3A%22OK%22%2C%22dcm_cid%22%3A%22OK%22%2C%22ga_utm_campaign%22%3A%22OK%22%2C%22ga_utm_source%22%3A%22OK%22%2C%22ga_utm_medium%22%3A%22OK%22%2C%22dcm_gid%22%3A%22OK%22%7D%2C%22message%22%3A%7B%7D%7D&dcm_cid=712386116.1679477012&dcm_gid=2098168939.1679477015&dxver=4.0.0&shaid=32987&plh=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&cb=92651907334121940term%3Dvalue&shadditional=googletagmanager%3Dtrue%2Cga4%3Dtrue%2Cmediamath%3Dtrue%2Ccriteo%3Dtrue%2Cappnexus%3Dtrue HTTP/1.1
Host: px.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Wed, 22 Mar 2023 09:23:31 GMT
content-type: application/javascript;charset=utf-8
access-control-allow-origin: *
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
set-cookie: guid=3644ce59-c893-11ed-9650-15de7c7ff2ee;Domain=mountain.com;Max-Age=63113852;Path=/;SameSite=None;Secure
content-encoding: gzip
x-envoy-upstream-service-time: 2
server: istio-envoy
connection: close
transfer-encoding: chunked
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 591e8fc237e2e4d3a9a15f3a3bf5ecfe
838c5e0684e8d9d9146a41f41eda70afb7c6f616
3807f2f2dc43ffd55577786ea45b7a81855721bc128f8e0da4ecbbcca00acd61
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=156653
Date: Wed, 22 Mar 2023 09:23:31 GMT
Etag: "641a70e5-1d7"
Expires: Fri, 24 Mar 2023 04:54:24 GMT
Last-Modified: Wed, 22 Mar 2023 03:07:17 GMT
Server: ECAcc (nya/796A)
X-Cache: Miss from cloudfront
Via: 1.1 0e39dca74306d7aab723ed3d73dbfbb4.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: tj1tv-RT9iUVw32jr_CzPZ1-SRBEgiNGJmLhjuIIMy50Nf3Y1P3IQA==
Age: 6427
data.coremetrics.com/cm?ci=55310000%7CUS&st=1679477012299&vn1=4.23.201&ec=utf-8&vn2=e4.0&pi=US%3A%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train&ul=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&cjen=1&cjuid=02991069394016794770162&cjsid=92135751679477016273&cjvf=7&tid=6&cg=US&rnd=1679485153651&pc=Y&jv=1.8.5&je=n&sw=1280&sh=1024&pd=24&tz=0
3.86.136.12200 OK 43 B URL HTTP/1.1 data.coremetrics.com/cm?ci=55310000%7CUS&st=1679477012299&vn1=4.23.201&ec=utf-8&vn2=e4.0&pi=US%3A%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train&ul=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&cjen=1&cjuid=02991069394016794770162&cjsid=92135751679477016273&cjvf=7&tid=6&cg=US&rnd=1679485153651&pc=Y&jv=1.8.5&je=n&sw=1280&sh=1024&pd=24&tz=0
IP 3.86.136.12:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 55fade2068e7503eae8d7ddf5eb6bd09
317496a096d6c86486a71d4521994bcd171a6bb3
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
GET /cm?ci=55310000%7CUS&st=1679477012299&vn1=4.23.201&ec=utf-8&vn2=e4.0&pi=US%3A%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train&ul=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&cjen=1&cjuid=02991069394016794770162&cjsid=92135751679477016273&cjvf=7&tid=6&cg=US&rnd=1679485153651&pc=Y&jv=1.8.5&je=n&sw=1280&sh=1024&pd=24&tz=0 HTTP/1.1
Host: data.coremetrics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Wed, 22 Mar 2023 09:23:31 GMT
Server: Apache
Vary: Host
Expires: Tue, 21 Mar 2023 09:23:31 GMT
Cache-Control: no-cache, no-store, must-revalidate, max-age=0, proxy-revalidate, no-transform, pre-check=0, post-check=0, private
Pragma: no-cache
Content-Length: 43
P3P: CP="NON DSP COR CUR ADMo DEVo PSAo PSDo OUR IND ONL UNI PUR COM NAV INT DEM STA"
Connection: close
Content-Type: image/gif
gs.mountain.com/gs
52.12.117.226200 OK 144 B IP 52.12.117.226:0
File type ASCII text, with no line terminators
Hash 9bbb0c240c2ebc611401a226e5d0cc62
10dd35694521e54d05048931d88ab07b94171468
3d39088f7ceee83ceb4c70d7a20692e19f51dbdd3d2f4aa64410ef06d99551dd
GET /gs HTTP/1.1
Host: gs.mountain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Cookie: guid=3644ce59-c893-11ed-9650-15de7c7ff2ee
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
date: Wed, 22 Mar 2023 09:23:32 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: Accept, Content-Type, x-requested-with, X-Custom-Header
x-application-context: application:prod:8080
content-type: application/javascript;charset=utf-8
p3p: CP="NON DSP COR NID CURa ADMa DEVa PSAa PSDa OUR STP UNI COM NAV INT STA PRE"
cache-control: public, max-age=31536000
last-modified: Thu, 01 Jan 1970 00:00:00 GMT
content-length: 144
x-envoy-upstream-service-time: 3
server: istio-envoy
connection: close
ocsp.r2m01.amazontrust.com/
54.230.80.227200 OK 471 B URL HTTP/1.1 ocsp.r2m01.amazontrust.com/
IP 54.230.80.227:0
Hash 38c8221f6b5f45246060ff33bf59eab1
7a7981bddce950750bddcf41a76b8915c0f998fd
4fdbdefab7619cd7c43152bcf64168c1fc331f48c578d943a29b36215d6e2c2c
POST / HTTP/1.1
Host: ocsp.r2m01.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=140048
Date: Wed, 22 Mar 2023 09:23:32 GMT
Etag: "641a373d-1d7"
Expires: Fri, 24 Mar 2023 00:17:40 GMT
Last-Modified: Tue, 21 Mar 2023 23:01:17 GMT
Server: ECAcc (bsa/EA8F)
X-Cache: Miss from cloudfront
Via: 1.1 9037b7743a833da13439f0d4e2619b52.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: iHBrLyZO5NMofRfbJ0OWewY3ObsoRuq0zC8GMixNxGicCXB4KVDAag==
Age: 4583
cdn.acsbapp.com/cache/app/en.build.json
104.22.0.204200 OK 30 kB URL HTTP/2 cdn.acsbapp.com/cache/app/en.build.json
IP 104.22.0.204:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65461), with no line terminators
Hash 6533f81dd8729287d947dfa3cd33b47d
5ab131f92feb40123716b72f3b20e58dbd53f20b
5c937472bb8830243f3a68a7b7e57503b87a8737ebd735d34c206b39e2897c03
GET /cache/app/en.build.json HTTP/1.1
Host: cdn.acsbapp.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gocollette.com/
Origin: https://www.gocollette.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:31 GMT
content-type: application/json
x-guploader-uploadid: ADPycduKHY2QX8ASvo8Gfx43B0jR2Dao1cdJ7ggI7gkfPcL7iOPZZM-O4HtCLQEQiPs9CqeAlR_WeqyiddeXFMfGTcYs1A
x-goog-generation: 1678983699799139
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 244609
x-goog-meta-goog-reserved-file-mtime: 1678983644
x-goog-hash: crc32c=3jItvA==, md5=yhKgVPDCqUpoqYHja6MnxA==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
access-control-expose-headers: *, Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
expires: Thu, 21 Mar 2024 09:23:31 GMT
cache-control: no-cache
last-modified: Thu, 16 Mar 2023 16:21:39 GMT
etag: W/"ca12a054f0c2a94a68a981e36ba327c4"
cf-cache-status: REVALIDATED
vary: Accept-Encoding
server: cloudflare
cf-ray: 7abd60576965b51e-OSL
content-encoding: br
X-Firefox-Spdy: h2
lib-us-2.brilliantcollector.com/collector/collectorPost?Content-Type=application%2Fjson&X-PageId=P.DFHZKK7U5T37ND92NFL3NWYLFH6F&X-Tealeaf=device%20(UIC)%20Lib%2F6.1.0.1989&X-TealeafType=GUI&X-TeaLeaf-Page-Url=%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train&X-Tealeaf-SyncXHR=true&X-Tealeaf-MessageTypes=1%2C2%2C5%2C7&X-Tealeaf-SaaS-AppKey=461fdba66ec3419caa4488b1425c9631&X-Tealeaf-SaaS-TLTSID=17160957194180701171045619552105&Content-Encoding=gzip
34.206.41.130200 OK 38 B URL HTTP/2 lib-us-2.brilliantcollector.com/collector/collectorPost?Content-Type=application%2Fjson&X-PageId=P.DFHZKK7U5T37ND92NFL3NWYLFH6F&X-Tealeaf=device%20(UIC)%20Lib%2F6.1.0.1989&X-TealeafType=GUI&X-TeaLeaf-Page-Url=%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train&X-Tealeaf-SyncXHR=true&X-Tealeaf-MessageTypes=1%2C2%2C5%2C7&X-Tealeaf-SaaS-AppKey=461fdba66ec3419caa4488b1425c9631&X-Tealeaf-SaaS-TLTSID=17160957194180701171045619552105&Content-Encoding=gzip
IP 34.206.41.130:0
File type JSON data\012- , ASCII text
Hash b893b8fd23144f8071cf2abf44b9d2ad
d1c7e3ee42344fc673719df1ba77f220453ef033
1d4fdec9bbde03db70d2add577e12d713e8cceb38fb75ba13df9c89252475f60
POST /collector/collectorPost?Content-Type=application%2Fjson&X-PageId=P.DFHZKK7U5T37ND92NFL3NWYLFH6F&X-Tealeaf=device%20(UIC)%20Lib%2F6.1.0.1989&X-TealeafType=GUI&X-TeaLeaf-Page-Url=%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train&X-Tealeaf-SyncXHR=true&X-Tealeaf-MessageTypes=1%2C2%2C5%2C7&X-Tealeaf-SaaS-AppKey=461fdba66ec3419caa4488b1425c9631&X-Tealeaf-SaaS-TLTSID=17160957194180701171045619552105&Content-Encoding=gzip HTTP/1.1
Host: lib-us-2.brilliantcollector.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Length: 1880
Origin: https://www.gocollette.com
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:32 GMT
content-type: application/json
content-length: 38
vary: Accept-Encoding,Origin
access-control-allow-origin: https://www.gocollette.com
access-control-allow-credentials: true
cache-control: no-cache
expires: Fri, 31 Dec 1998 12:00:00 GMT
dcname: prod-wdc
nodeid: wscollector-7d7f597f94-clrkr
tltsid: 17160957194180701171045619552105
x-envoy-upstream-service-time: 1
server: istio-envoy
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/allIntegrations.js
151.101.194.110200 OK 5.6 kB URL HTTP/2 fast.wistia.com/assets/external/allIntegrations.js
IP 151.101.194.110:0
File type ASCII text, with very long lines (21637), with no line terminators
Hash 09be549e79d04b9f45f4caf3f3d8df05
bbd93b7fd028e06650387d88563d588f68e77e34
cbb37a6ae7c8b0ae150e4b8a0b7d68d8bb9b0e1a196ff743678f0bf58091c775
GET /assets/external/allIntegrations.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
last-modified: Tue, 21 Mar 2023 18:30:55 GMT
etag: "09be549e79d04b9f45f4caf3f3d8df05"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Wed, 22 Mar 2023 09:23:32 GMT
age: 98
x-served-by: cache-iad-kjyo7100044-IAD, cache-bma1620-BMA
x-cache: HIT, HIT
x-cache-hits: 37, 5
x-timer: S1679477013.911202,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: e4df25371907fe478cb7556652bc90dde32449d6
content-length: 5625
X-Firefox-Spdy: h2
starling.crowdriff.com/js/vendors~init.9218273f571dddb714cc.js
54.230.111.49200 OK 0 B URL HTTP/2 starling.crowdriff.com/js/vendors~init.9218273f571dddb714cc.js
IP 54.230.111.49:0
GET /js/vendors~init.9218273f571dddb714cc.js HTTP/1.1
Host: starling.crowdriff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.gocollette.com
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 10 May 2022 22:59:22 GMT
set-cookie: AWSALB=/uxlhxaXOfp71v+4iprx3RsDqOe2YI7w9PzUVAK+werBi4XiY6zeeqCMVK/6AwEzlXZCp64IhoGO8gwfq4TbQB102gTD153spLd3fyBEmbbnvDT9QX2u2ftk21YD; Expires=Tue, 17 May 2022 22:59:22 GMT; Path=/
AWSALBCORS=/uxlhxaXOfp71v+4iprx3RsDqOe2YI7w9PzUVAK+werBi4XiY6zeeqCMVK/6AwEzlXZCp64IhoGO8gwfq4TbQB102gTD153spLd3fyBEmbbnvDT9QX2u2ftk21YD; Expires=Tue, 17 May 2022 22:59:22 GMT; Path=/; SameSite=None; Secure
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type, Authorization, Origin, X-Requested-With, Content-Type, Accept
cache-control: max-age=31536000
last-modified: Mon, 28 Mar 2022 14:38:06 GMT
etag: W/"3f580-17fd0f670b0"
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: po46fr_W3uMuY-3rsTMjuPRAi5goII761g5LbrS1JRESUjQ1ZTdLWw==
age: 27253445
X-Firefox-Spdy: h2
starling.crowdriff.com/css/init.11c9a7736e53de8b1979.css
54.230.111.49200 OK 0 B URL HTTP/2 starling.crowdriff.com/css/init.11c9a7736e53de8b1979.css
IP 54.230.111.49:0
GET /css/init.11c9a7736e53de8b1979.css HTTP/1.1
Host: starling.crowdriff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.gocollette.com
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
date: Thu, 09 Mar 2023 19:26:53 GMT
set-cookie: AWSALB=7NE52lcYWT+1HBMRw2hPxCEEiRU8pgtZ2RWngRPBCtA13xa/aEcnkilAmcqL5/zABpKFuS2SRJ06a0t/wx1d15HpJeX/Fx6Z1AQbc6CZndoqrUjbqLaHYdGhFqwx; Expires=Thu, 16 Mar 2023 19:26:53 GMT; Path=/
AWSALBCORS=7NE52lcYWT+1HBMRw2hPxCEEiRU8pgtZ2RWngRPBCtA13xa/aEcnkilAmcqL5/zABpKFuS2SRJ06a0t/wx1d15HpJeX/Fx6Z1AQbc6CZndoqrUjbqLaHYdGhFqwx; Expires=Thu, 16 Mar 2023 19:26:53 GMT; Path=/; SameSite=None; Secure
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type, Authorization, Origin, X-Requested-With, Content-Type, Accept
cache-control: max-age=31536000
last-modified: Thu, 09 Mar 2023 19:23:46 GMT
etag: W/"8a4-186c7d451d0"
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rHG-Is3BEFJYQcYiaDZz7gvPgijsYgqViAh_0Z3fVnp7ZUqGAzq0Yw==
age: 1086994
X-Firefox-Spdy: h2
starling.crowdriff.com/js/gallery.7fd019d23710808758aa.js
54.230.111.49200 OK 0 B URL HTTP/2 starling.crowdriff.com/js/gallery.7fd019d23710808758aa.js
IP 54.230.111.49:0
GET /js/gallery.7fd019d23710808758aa.js HTTP/1.1
Host: starling.crowdriff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.gocollette.com
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Mon, 09 May 2022 23:31:54 GMT
set-cookie: AWSALB=/TwDHEp6E78Zij9EXSl48HEwlGMvSkByEXC9ZUmwA26h0DIADL4EMkskkpEYYnTLpm2WMzdj4U1lrmsIpRv0H2RDIUYIed6spiZN2xzgFsGu6xJiQj+1Fe+b5WEs; Expires=Mon, 16 May 2022 23:31:54 GMT; Path=/
AWSALBCORS=/TwDHEp6E78Zij9EXSl48HEwlGMvSkByEXC9ZUmwA26h0DIADL4EMkskkpEYYnTLpm2WMzdj4U1lrmsIpRv0H2RDIUYIed6spiZN2xzgFsGu6xJiQj+1Fe+b5WEs; Expires=Mon, 16 May 2022 23:31:54 GMT; Path=/; SameSite=None; Secure
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type, Authorization, Origin, X-Requested-With, Content-Type, Accept
cache-control: max-age=31536000
last-modified: Mon, 28 Mar 2022 14:38:06 GMT
etag: W/"8912-17fd0f670b0"
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ztWnJx3fs8EKwxhUpHWmx7W160ZP5B8w6s1OYwdDJuh_rwdJer6efQ==
age: 27337896
X-Firefox-Spdy: h2
a2.adform.net/Serving/TrackPoint/?pm=1766098&ADFdivider=%7C&ord=53550114475&ADFtpmode=2&itm=eyJzdjEiOiJOb3J0aCBBbWVyaWNhIiwic3YyIjoiQ2FuYWRhIiwic3YzIjoiQ2FuYWRpYW4gUm9ja2llcyBCeSBUcmFpbiIsInN2NCI6IkNhbmFkaWFuIFJvY2tpZXMgYnkgVHJhaW4gIn0&loc=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&Set1=en-US%7Cen-US%7C1280x1024%7C24
185.167.164.49302 Found 0 B URL HTTP/2 a2.adform.net/Serving/TrackPoint/?pm=1766098&ADFdivider=%7C&ord=53550114475&ADFtpmode=2&itm=eyJzdjEiOiJOb3J0aCBBbWVyaWNhIiwic3YyIjoiQ2FuYWRhIiwic3YzIjoiQ2FuYWRpYW4gUm9ja2llcyBCeSBUcmFpbiIsInN2NCI6IkNhbmFkaWFuIFJvY2tpZXMgYnkgVHJhaW4gIn0&loc=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&Set1=en-US%7Cen-US%7C1280x1024%7C24
IP 185.167.164.49:0
GET /Serving/TrackPoint/?pm=1766098&ADFdivider=%7C&ord=53550114475&ADFtpmode=2&itm=eyJzdjEiOiJOb3J0aCBBbWVyaWNhIiwic3YyIjoiQ2FuYWRhIiwic3YzIjoiQ2FuYWRpYW4gUm9ja2llcyBCeSBUcmFpbiIsInN2NCI6IkNhbmFkaWFuIFJvY2tpZXMgYnkgVHJhaW4gIn0&loc=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&Set1=en-US%7Cen-US%7C1280x1024%7C24 HTTP/1.1
Host: a2.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
server: nginx
date: Wed, 22 Mar 2023 09:23:30 GMT
content-type: text/html; charset=utf-8
location: https://a2.adform.net/Serving/TrackPoint/?CC=1&pm=1766098&ADFdivider=%7C&ord=53550114475&ADFtpmode=2&itm=eyJzdjEiOiJOb3J0aCBBbWVyaWNhIiwic3YyIjoiQ2FuYWRhIiwic3YzIjoiQ2FuYWRpYW4gUm9ja2llcyBCeSBUcmFpbiIsInN2NCI6IkNhbmFkaWFuIFJvY2tpZXMgYnkgVHJhaW4gIn0&loc=https%3A%2F%2Fwww.gocollette.com%2Fen%2Ftours%2Fnorth-america%2Fcanada%2Fcanadian-rockies-by-train%3Fcm_mmc%3DEmail-_-DomesticSale23-_-Hearst-_-US%2520DTC%26utm_source%3DMedia%26utm_medium%3DEmail%26utm_campaign%3DHearst_DomesticSale23&Set1=en-US%7Cen-US%7C1280x1024%7C24
cache-control: no-cache, no-store, must-revalidate, no-transform
pragma: no-cache
expires: -1
access-control-allow-origin: *
accept-ch: Sec-CH-UA,Sec-CH-UA-Arch,Sec-CH-UA-Bitness,Sec-CH-UA-Full-Version-List,Sec-CH-UA-Mobile,Sec-CH-UA-Model,Sec-CH-UA-Platform,Sec-CH-UA-Platform-Version
set-cookie: C=1; domain=adform.net; expires=Sat, 22-Apr-2023 08:23:30 GMT; path=/
p3p: CP="NOI DSP COR NID CURa ADMa DEVa TAIa PSAa PSDa OUR LEG NAV INT"
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
www.gocollette.com/Scripts/main.js?v=550
151.101.66.132200 OK 0 B URL HTTP/2 www.gocollette.com/Scripts/main.js?v=550
IP 151.101.66.132:0
GET /Scripts/main.js?v=550 HTTP/1.1
Host: www.gocollette.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/en/tours/north-america/canada/canadian-rockies-by-train?cm_mmc=Email-_-DomesticSale23-_-Hearst-_-US%20DTC&utm_source=Media&utm_medium=Email&utm_campaign=Hearst_DomesticSale23
Cookie: site-language=site=collette-us&language=en
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
cache-control: max-age=604800
content-type: application/javascript
content-encoding: gzip
last-modified: Wed, 15 Mar 2023 21:34:36 GMT
etag: "0be6bf08557d91:0"
server: Microsoft-IIS/10.0
x-ua-compatible: IE=edge,chrome=1
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
pragma: cache
x-pass-fastly-cache: False
via: 1.1 varnish, 1.1 varnish
accept-ranges: bytes
date: Wed, 22 Mar 2023 09:23:26 GMT
age: 558434
x-served-by: cache-bos4669-BOS, cache-bma1662-BMA
x-cache: HIT, HIT
x-cache-hits: 3, 1
x-timer: S1679477007.604439,VS0,VE16
vvvv: 194
strict-transport-security: max-age=31557600
content-length: 761144
X-Firefox-Spdy: h2
fast.wistia.com/assets/external/E-v1.js
151.101.194.110200 OK 0 B URL HTTP/2 fast.wistia.com/assets/external/E-v1.js
IP 151.101.194.110:0
GET /assets/external/E-v1.js HTTP/1.1
Host: fast.wistia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 21 Mar 2023 18:30:55 GMT
etag: "982e76791b91b058620cb7caab04ebeb"
x-amz-server-side-encryption: AES256
content-encoding: br
content-type: text/javascript
server: AmazonS3
via: 1.1 varnish, 1.1 varnish
cache-control: public, max-age=3600
access-control-allow-origin: *
timing-allow-origin: *
accept-ranges: bytes
date: Wed, 22 Mar 2023 09:23:26 GMT
age: 105
x-served-by: cache-iad-kjyo7100166-IAD, cache-bma1620-BMA
x-cache: HIT, HIT
x-cache-hits: 16, 13
x-timer: S1679477007.593361,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=0
x-ecma-v: modern
x-browser: firefox
x-browser-version: 105
asset-version: e4df25371907fe478cb7556652bc90dde32449d6
content-length: 117367
X-Firefox-Spdy: h2
track.securedvisit.com/js/sv.js
174.129.119.118200 OK 0 B URL HTTP/2 track.securedvisit.com/js/sv.js
IP 174.129.119.118:0
GET /js/sv.js HTTP/1.1
Host: track.securedvisit.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:27 GMT
content-type: application/javascript; charset=utf-8
server: nginx/1.22.0
vary: Accept-Encoding
etag: W/"273cf9801333aefc61a4f311b0692f6a"
last-modified: Wed, 22 Mar 2023 09:23:27 GMT
expires: Wed, 22 Mar 2023 09:23:27 GMT
pragma: no-cache
cache-control: no-cache, max-age=0, must-revalidate, proxy-revalidate, private
content-encoding: gzip
X-Firefox-Spdy: h2
js.hsforms.net/forms/v2.js
104.17.185.73200 OK 0 B URL HTTP/2 js.hsforms.net/forms/v2.js
IP 104.17.185.73:0
GET /forms/v2.js HTTP/1.1
Host: js.hsforms.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:27 GMT
content-type: application/javascript; charset=utf-8
x-amz-replication-status: COMPLETED
last-modified: Wed, 08 Mar 2023 01:33:37 UTC
x-amz-server-side-encryption: AES256
x-amz-version-id: 2wXcdIzl9WRVTrxeR26mvDAXbt4ZcTF6
etag: W/"ae0386c025bb39c5f937fe3f182d3e80"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 736ad67f05a9a5a8fd5ed8cba30196f4.cloudfront.net (CloudFront)
x-amz-cf-pop: IAD12-P3
x-amz-cf-id: b_dx3GogICo2-caOyAZdlfN2A5WRJObajJt7sKNOIHI9ur0M5FuZMA==
cache-control: s-maxage=600, max-age=300
content-security-policy-report-only: frame-ancestors 'self'; report-uri https://exceptions.hubspot.com/csp/report?resource=forms-embed/static-1.2802/bundles/project-v2.js&cfRay=7a4b83044b340b45-IAD
x-hs-target-asset: forms-embed/static-1.2802/bundles/project-v2.js
access-control-allow-origin: *
x-hs-cache-status: HIT
cache-tag: staticjsapp-forms-embed-v2-web-prod,staticjsapp-prod
cf-cache-status: HIT
age: 450
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=5kIgO%2B%2Fg0meaq7dTWL62JlzBXnwEwm1HhhtFxiuTOQPmTQM8yoNKnlVlbtGk1WMf15NCEmdcedcn18PvFj%2BTbhsxU5dDDioAENizcdbxkPD2FlYD4b3e%2BawFJu0RWkM7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7abd603dffb9b4ff-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
js.hs-scripts.com/2641890.js
104.17.212.204200 OK 0 B URL HTTP/2 js.hs-scripts.com/2641890.js
IP 104.17.212.204:0
GET /2641890.js HTTP/1.1
Host: js.hs-scripts.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:27 GMT
content-type: application/javascript;charset=utf-8
x-trace: 2B49B5C20014C7C7ED170B1941658A2435F4B1DF2B000000000000000000
cache-control: public, max-age=60
vary: origin, Accept-Encoding
x-hubspot-correlation-id: 4f04925d-ab3c-4afd-a39f-672ba09d18d1
access-control-allow-credentials: true
access-control-max-age: 3600
access-control-allow-origin: https://www.gocollette.com
last-modified: Wed, 22 Mar 2023 08:27:29 GMT
cf-cache-status: EXPIRED
expires: Wed, 22 Mar 2023 09:24:27 GMT
server: cloudflare
cf-ray: 7abd603dccc6b512-OSL
content-encoding: br
X-Firefox-Spdy: h2
starling.crowdriff.com/js/13.1ecd3053828fe655af5c.js
54.230.111.49200 OK 0 B URL HTTP/2 starling.crowdriff.com/js/13.1ecd3053828fe655af5c.js
IP 54.230.111.49:0
GET /js/13.1ecd3053828fe655af5c.js HTTP/1.1
Host: starling.crowdriff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.gocollette.com
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Mon, 06 Mar 2023 16:27:40 GMT
set-cookie: AWSALB=kF1Hr19O2uPdWitPE84yGmULlQCm8mwd4sUleCm0tAviegNAMQlO6RAZCNwZ4biscP7PDe4Yi7vBw6u1pyi5TFXSaMwOH934wMIAtz63/CZ2C7xschQzleV4OAIe; Expires=Mon, 13 Mar 2023 16:27:40 GMT; Path=/
AWSALBCORS=kF1Hr19O2uPdWitPE84yGmULlQCm8mwd4sUleCm0tAviegNAMQlO6RAZCNwZ4biscP7PDe4Yi7vBw6u1pyi5TFXSaMwOH934wMIAtz63/CZ2C7xschQzleV4OAIe; Expires=Mon, 13 Mar 2023 16:27:40 GMT; Path=/; SameSite=None; Secure
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type, Authorization, Origin, X-Requested-With, Content-Type, Accept
cache-control: max-age=31536000
last-modified: Mon, 28 Mar 2022 14:38:06 GMT
etag: W/"2775c-17fd0f670b0"
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3Teo1KZpbd-Bfe95YbpQfuK5VzIxfdAwfbsiGilt_Xl_exeEHnz9hw==
age: 1356950
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.1.11200 OK 0 B IP 178.250.1.11:0
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=gwtMEV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhsUUwyYTNlJTJGaGpsaVY1Y1ZNSmpQRHIzYjBGVDFaQlFvMndMREFMb3R1eg
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:31 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=22zHQV80M0RITmhlJTJCZkMwOUJGQlhaMUN2czhsUUwyYTNlJTJGaGpsaVY1Y1ZNSmpQQU1ZQUNRaTVmcjFuNSUyQlNGR3RCJTJGV3U; expires=Mon, 15 Apr 2024 09:23:32 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 224720
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
starling.crowdriff.com/js/crowdriff.js
54.230.111.49200 OK 0 B URL HTTP/2 starling.crowdriff.com/js/crowdriff.js
IP 54.230.111.49:0
GET /js/crowdriff.js HTTP/1.1
Host: starling.crowdriff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
vary: Accept-Encoding
date: Wed, 22 Mar 2023 09:23:27 GMT
set-cookie: AWSALB=iKtwGNDVxg1Zk8FTy4Vc0uQmsu6U0632OP0bG5F1d+E19+Z+4yrVxUXXTacg3z3RkJ1LOr0wNx017yvr0fSQQie6qlDkHh81U42EJVhuvQcDHveNtTU2Q5daLx4z; Expires=Wed, 29 Mar 2023 09:23:27 GMT; Path=/
AWSALBCORS=iKtwGNDVxg1Zk8FTy4Vc0uQmsu6U0632OP0bG5F1d+E19+Z+4yrVxUXXTacg3z3RkJ1LOr0wNx017yvr0fSQQie6qlDkHh81U42EJVhuvQcDHveNtTU2Q5daLx4z; Expires=Wed, 29 Mar 2023 09:23:27 GMT; Path=/; SameSite=None; Secure
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type, Authorization, Origin, X-Requested-With, Content-Type, Accept
cache-control: max-age=0
last-modified: Thu, 09 Mar 2023 19:23:46 GMT
etag: W/"7af0-186c7d451d0"
content-encoding: gzip
x-cache: Miss from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DCOBvcEKH5TMZpfsk4Ik3p0RMFWQH7UT6zv6_WPrWCmctDj0PwnHnA==
X-Firefox-Spdy: h2
use.fontawesome.com/releases/v5.7.0/css/v4-shims.css
172.64.133.15200 OK 0 B URL HTTP/2 use.fontawesome.com/releases/v5.7.0/css/v4-shims.css
IP 172.64.133.15:0
GET /releases/v5.7.0/css/v4-shims.css HTTP/1.1
Host: use.fontawesome.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.gocollette.com
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Wed, 22 Mar 2023 09:23:26 GMT
content-type: text/css
x-amz-id-2: sYCYFzDSygKVb2Lu8KfB8zv/WFwrnSCBAyOIW7t+Izk4E3//GKSVH3Af/tuTNzSdnQrS+gTZF/s=
x-amz-request-id: NVJTXEQ1D8DCEH0F
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:45:16 GMT
etag: W/"c217bda6dbb0d3e301283e4118777ac0"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 1212991
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=itlIQSQZ1BXKougt1Xn0Z0bec%2BTmgtfbJrLudtHDYXhO6sO5HXNTnP3JOMX%2FGQb5S%2FoV%2BWYi4%2Fr597qGcICX10us%2Ftjnco1xNrM20ICiD6zvX9MYIyQzGJt%2FlgvcNAt016h4wcSr"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7abd6039ba8a7427-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
d1n00d49gkbray.cloudfront.net/js/collette.js
54.230.245.81200 OK 0 B URL HTTP/2 d1n00d49gkbray.cloudfront.net/js/collette.js
IP 54.230.245.81:0
GET /js/collette.js HTTP/1.1
Host: d1n00d49gkbray.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Wed, 22 Mar 2023 00:53:18 GMT
last-modified: Tue, 03 May 2022 20:06:00 GMT
etag: W/"7a7a498cd9464c1311bf28956541194c"
x-amz-server-side-encryption: AES256
x-amz-version-id: MXIEYlHaDW8PLp4sPHJUpuYgUWoVoYwY
server: AmazonS3
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ADuG4bfy2APlks389ln1Fm_DyzlWC_NuH2U7hhTKKbhjHg8zPEPEIQ==
age: 30612
X-Firefox-Spdy: h2
a2.adform.net/serving/scripts/trackpoint/async/
185.167.164.49301 Moved Permanently 0 B URL HTTP/2 a2.adform.net/serving/scripts/trackpoint/async/
IP 185.167.164.49:0
GET /serving/scripts/trackpoint/async/ HTTP/1.1
Host: a2.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Wed, 22 Mar 2023 09:23:29 GMT
content-type: text/html
location: https://s2.adform.net/banners/scripts/st/trackpoint-async.js
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
cdn.segment.com/v1/projects/BOdbDs6HYTIpfHSg3kmec1JCwh1WCPZ1/settings
54.230.219.201200 OK 0 B URL HTTP/2 cdn.segment.com/v1/projects/BOdbDs6HYTIpfHSg3kmec1JCwh1WCPZ1/settings
IP 54.230.219.201:0
GET /v1/projects/BOdbDs6HYTIpfHSg3kmec1JCwh1WCPZ1/settings HTTP/1.1
Host: cdn.segment.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.gocollette.com/
Origin: https://www.gocollette.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-max-age: 3000
x-amz-replication-status: COMPLETED
last-modified: Mon, 12 Dec 2022 18:21:56 GMT
x-amz-version-id: _XvZ.g0BoPAaTuFdZFQtrhQsD5vHsakA
server: AmazonS3
content-encoding: br
date: Wed, 22 Mar 2023 09:23:27 GMT
cache-control: public, max-age=10800
etag: W/"c127aa60a38a651033ea9c8e855a6714"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9v1fBgSKYg7qzTnexx_eP7DZBEwgjF2YuWO9ZJgfOaJicuavYJ_vUw==
age: 428
X-Firefox-Spdy: h2
starling.crowdriff.com/js/vendors~gallery.5712d3e55729a1824d83.js
54.230.111.49200 OK 0 B URL HTTP/2 starling.crowdriff.com/js/vendors~gallery.5712d3e55729a1824d83.js
IP 54.230.111.49:0
GET /js/vendors~gallery.5712d3e55729a1824d83.js HTTP/1.1
Host: starling.crowdriff.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.gocollette.com
Connection: keep-alive
Referer: https://www.gocollette.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Tue, 10 May 2022 22:56:32 GMT
set-cookie: AWSALB=MKRP39abxTJlDt7vYBG66NnxTGDszx/Ncf85nNlXDwoJuJvXUH4CPVlc9EQl80TdYLQ5rV4kP7f+FZmAhTwWoFt8HJEd/DUfz/Gjb8tlgVzQpUR4B60e/9SX1sUi; Expires=Tue, 17 May 2022 22:56:32 GMT; Path=/
AWSALBCORS=MKRP39abxTJlDt7vYBG66NnxTGDszx/Ncf85nNlXDwoJuJvXUH4CPVlc9EQl80TdYLQ5rV4kP7f+FZmAhTwWoFt8HJEd/DUfz/Gjb8tlgVzQpUR4B60e/9SX1sUi; Expires=Tue, 17 May 2022 22:56:32 GMT; Path=/; SameSite=None; Secure
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: content-type, Authorization, Origin, X-Requested-With, Content-Type, Accept
cache-control: max-age=31536000
last-modified: Mon, 28 Mar 2022 14:38:06 GMT
etag: W/"659a-17fd0f670b0"
content-encoding: gzip
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 f46773a8236e136c4f6648dd79a7af8e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9UjeN0Rl5KanUukMVszYlY1cJlIuq2xW4SjB5T7FQzq1Husl0LuZ9g==
age: 27253618
X-Firefox-Spdy: h2