www.favehotels.com/en/hotel/view/142/favehotel-sorong
54.230.111.109301 Moved Permanently 167 B URL HTTP/1.1 www.favehotels.com/en/hotel/view/142/favehotel-sorong
IP 54.230.111.109:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d
Analyzer Verdict Alert fortinet Phishing
GET /en/hotel/view/142/favehotel-sorong HTTP/1.1
Host: www.favehotels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Tue, 29 Nov 2022 07:14:57 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://www.favehotels.com/en/hotel/view/142/favehotel-sorong
X-Cache: Redirect from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
Alt-Svc: h3=":443"; ma=86400
X-Amz-Cf-Id: QmlHalsE_s0gosaYBQ6x29IwHwGuPB4OUQx4Gj-_bUiT8zbRA1D-GA==
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Referrer-Policy: origin-when-cross-origin
Content-Security-Policy: frame-ancestors 'none'; frame-src 'self' https://accounts.google.com https://content-sheets.googleapis.com; block-all-mixed-content; object-src 'none'; worker-src 'self'; form-action 'self'; base-uri 'none'; report-to default;
X-Content-Type-Options: nosniff
cache-control: public, max-age=3600, stale-while-revalidate=7890000
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
Vary: Origin
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2912
Expires: Tue, 29 Nov 2022 08:03:29 GMT
Date: Tue, 29 Nov 2022 07:14:57 GMT
Connection: keep-alive
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1677
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:14:57 GMT
Last-Modified: Tue, 29 Nov 2022 06:47:00 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
34.102.187.140200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 06:19:36 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3321
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash 6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15620
Expires: Tue, 29 Nov 2022 11:35:17 GMT
Date: Tue, 29 Nov 2022 07:14:57 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: xxlgHIBy1PC/DgW5TyBFIXDmIxuF9Klb8NCd7zHYcM5nEWNum9fG9YEegW4HPVuVv6iQNO1h4VQ=
x-amz-request-id: NK2B1G59AYWKRSW4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 06:45:21 GMT
age: 1776
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 07:14:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 9380d6f34bf18f1189a1faa41005d004
016bcfb1d1ea893bfd272881fd4a286ed9655305
4a1aaa7261872ffbad98fe93c90b814c798d0d551a187186f4e7e736b32d84b9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=90224
Date: Tue, 29 Nov 2022 07:14:58 GMT
Etag: "63846ee2-1d7"
Expires: Wed, 30 Nov 2022 08:18:42 GMT
Last-Modified: Mon, 28 Nov 2022 08:18:42 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nu9l-xy16ydjKhX0hyipKBsKtaP3wbIeoqvBuXwA3e9JjnuZYN9UFA==
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
34.102.187.140200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 34.102.187.140:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 07:08:56 GMT
cache-control: public,max-age=3600
age: 362
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5965
Cache-Control: max-age=99082
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:14:58 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:46:20 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
cdn0.favehotels.com/v3/logo/Logo-favehotel-Sorong.svg
54.230.111.54200 OK 7.1 kB URL HTTP/2 cdn0.favehotels.com/v3/logo/Logo-favehotel-Sorong.svg
IP 54.230.111.54:0
File type SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Hash 093dcfd699bd7b187b707423ed32d090
c9884b4572944fac658ad9eeeedd66122ad9f684
8a05526342211ff01ca03d36269558e769675ba9944294b97ff5fda741b7803c
GET /v3/logo/Logo-favehotel-Sorong.svg HTTP/1.1
Host: cdn0.favehotels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
content-length: 7054
date: Mon, 28 Nov 2022 11:35:06 GMT
x-amz-replication-status: FAILED
last-modified: Fri, 24 Nov 2017 07:52:28 GMT
etag: "093dcfd699bd7b187b707423ed32d090"
cache-control: public, max-age=604800, stale-while-revalidate=7890000
content-encoding: gzip
x-amz-meta-cb-modifiedtime: Fri, 24 Nov 2017 07:29:55 GMT
x-amz-version-id: c2J.mANf00tz.MazLv5xXqz.vmrjGm2Y
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: dHaYSKVRVAomhQSIogE3wUkxH0KCO01wDwjqc6tXnyRm97I6T70a-g==
age: 70793
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
vary: Origin
X-Firefox-Spdy: h2
push.services.mozilla.com/
35.161.148.163101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.161.148.163:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5dMnq+3HBPkBopOr5NoeGw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8yjz1HMFGAXNEkx2ztnbRSs8530=
static.favehotels.com/v3/assets/css/combine_v11.css
54.230.111.54200 OK 13 kB URL HTTP/2 static.favehotels.com/v3/assets/css/combine_v11.css
IP 54.230.111.54:0
File type ASCII text, with very long lines (37070)
Hash ca751ad51d38b41e200b56d44b05f695
0021adb2f34ad372b0b4443803dff578b0cadff0
4193549424a8fe85f112c76202910563d54a23885381cac232663230c37a2020
GET /v3/assets/css/combine_v11.css HTTP/1.1
Host: static.favehotels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 12797
date: Mon, 21 Nov 2022 05:44:59 GMT
x-amz-replication-status: FAILED
last-modified: Thu, 22 Aug 2019 06:56:05 GMT
etag: "ca751ad51d38b41e200b56d44b05f695"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800, stale-while-revalidate=7890000
content-encoding: br
x-amz-version-id: xu4ewE1gOUTtHrNJbMZp3d3901MVEJfA
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: rgQsCQpeQdrfLroLG4wXH6I4N_3FMoniXSQhKHlUPfPfOOwxJ1OYhw==
age: 696600
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
vary: Origin
X-Firefox-Spdy: h2
static.favehotels.com/v3/assets/js/combine_v10.js
54.230.111.54200 OK 17 kB URL HTTP/2 static.favehotels.com/v3/assets/js/combine_v10.js
IP 54.230.111.54:0
File type Unicode text, UTF-8 text, with very long lines (31929)
Hash 18ad6d69d05274311f13499a03eba0f7
f04b899ed1996e880eebcb8970e87de7ad2716a9
8a241a9ae353977b3d19aa2aa7b0cb163eda42735e1648d0fbe37dda57a773a9
GET /v3/assets/js/combine_v10.js HTTP/1.1
Host: static.favehotels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 17258
date: Fri, 18 Nov 2022 13:20:49 GMT
x-amz-replication-status: FAILED
last-modified: Thu, 22 Aug 2019 05:55:23 GMT
etag: "18ad6d69d05274311f13499a03eba0f7"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800, stale-while-revalidate=7890000
content-encoding: br
x-amz-version-id: LGgy54r78iRBuE7TXG94g4nkpl2JUgNX
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 8bODeZOKbk3uLZu34S-LpyxrwuemiHz1Pm5dviaiRsigCr7rFHoyAQ==
age: 928450
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
vary: Origin
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 9380d6f34bf18f1189a1faa41005d004
016bcfb1d1ea893bfd272881fd4a286ed9655305
4a1aaa7261872ffbad98fe93c90b814c798d0d551a187186f4e7e736b32d84b9
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=90224
Date: Tue, 29 Nov 2022 07:14:58 GMT
Etag: "63846ee2-1d7"
Expires: Wed, 30 Nov 2022 08:18:42 GMT
Last-Modified: Mon, 28 Nov 2022 08:18:42 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vLc-XDGa3ZD2jyAUiViM5AX23wamLfnzfjOC07Hea-aFqsApTpP-Wg==
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:14:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0b.woff2
216.58.207.195200 OK 14 kB URL HTTP/2 fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0b.woff2
IP 216.58.207.195:0
File type Web Open Font Format (Version 2), TrueType, length 14048, version 1.0\012- data
Hash cffb686d7d2f4682df8342bd4d276e09
2c07a9656f1e38da408f20f1cf11581a15cbd7a2
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9
GET /s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0b.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14048
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 27 Nov 2022 00:51:05 GMT
expires: Mon, 27 Nov 2023 00:51:05 GMT
cache-control: public, max-age=31536000
age: 195833
last-modified: Wed, 11 Oct 2017 21:49:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons.js
104.17.25.14200 OK 699 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (1634), with no line terminators
Hash db978dfd36d20f54039e4fe2772092bf
1644128a62c40df5415c1893e90453bd97a3023a
bf23d43345950cfd0c8cf6b4254524d23407e0a4858d503b9613be6063d7a4f5
GET /ajax/libs/ionicons/4.5.6/ionicons.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:14:58 GMT
content-type: application/javascript; charset=utf-8
content-length: 699
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-662"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:14:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yNVGvlifEcYXVfaHoZN8TcpGHOYegU1ktsxvO%2BPxcByIcqF0PooHSdmjdH50d352bXsnsAbkBX8ftKUDyxZBg4WNyLhh6xcLqa4mJk3YqJpqy%2FkyR5KMfw5llymEwu8syYcnsT3c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cad6f92b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 9f168a3dc04b8a666136a9af000c3c98
12fc00dae5ae5f3c8cdcdaa6a432ce0ffb696f13
da776ac120eab5721010343932b15386999b052ac24c3db5412bb710eabd2092
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 29 Nov 2022 07:14:58 GMT
Etag: "638414f5-1d7"
Server: ECS (dcb/7F5C)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MXlQ-oXof7qlWjMX8iGCXxheF4vXx4tW9lvBNfJ2FrV0EbhUNd0pKw==
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:14:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 9f168a3dc04b8a666136a9af000c3c98
12fc00dae5ae5f3c8cdcdaa6a432ce0ffb696f13
da776ac120eab5721010343932b15386999b052ac24c3db5412bb710eabd2092
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=153623
Date: Tue, 29 Nov 2022 07:14:58 GMT
Etag: "63856689-1d7"
Expires: Thu, 01 Dec 2022 01:55:21 GMT
Last-Modified: Tue, 29 Nov 2022 01:55:21 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5REkR_6foIDZrs0-WSjA8BF2jofPqE3w6kfWxrjbv0jAvVfXw7oyLQ==
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 9f168a3dc04b8a666136a9af000c3c98
12fc00dae5ae5f3c8cdcdaa6a432ce0ffb696f13
da776ac120eab5721010343932b15386999b052ac24c3db5412bb710eabd2092
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 29 Nov 2022 07:14:58 GMT
Etag: "638414f5-1d7"
Server: ECS (dcb/7F7F)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: djBKfx3PFazIpeE5kzwNu0shc1cdTQbD7CB-_ANoZnDbkzZSTcERRQ==
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 9f168a3dc04b8a666136a9af000c3c98
12fc00dae5ae5f3c8cdcdaa6a432ce0ffb696f13
da776ac120eab5721010343932b15386999b052ac24c3db5412bb710eabd2092
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=153623
Date: Tue, 29 Nov 2022 07:14:58 GMT
Etag: "63856689-1d7"
Expires: Thu, 01 Dec 2022 01:55:21 GMT
Last-Modified: Tue, 29 Nov 2022 01:55:21 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hIDqtDjDcsa98t5uaowBYaTPVGDvQ40g2acqXh2GIzft7rykZwJBng==
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 9f168a3dc04b8a666136a9af000c3c98
12fc00dae5ae5f3c8cdcdaa6a432ce0ffb696f13
da776ac120eab5721010343932b15386999b052ac24c3db5412bb710eabd2092
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 29 Nov 2022 07:14:58 GMT
Server: ECS (dcb/7F18)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CnK41wQP6c56UWF14cqL4cBjL6Rv0DxHfnohbWY0dxc-HZBnoAAZ6A==
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 9f168a3dc04b8a666136a9af000c3c98
12fc00dae5ae5f3c8cdcdaa6a432ce0ffb696f13
da776ac120eab5721010343932b15386999b052ac24c3db5412bb710eabd2092
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=153622
Date: Tue, 29 Nov 2022 07:14:59 GMT
Etag: "63856689-1d7"
Expires: Thu, 01 Dec 2022 01:55:21 GMT
Last-Modified: Tue, 29 Nov 2022 01:55:21 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: irK1cXuZAPEQRaDP8ra6XqBxh0d5WLVIUkT84ARzE5EEm8gJkL4YXw==
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f50fd635895870df33a17fe377a6a038
dd65dfbbc810b095432cfd59f971af04a9e31ab7
ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googletagmanager.com/gtm.js?id=GTM-PSWPT2
142.250.74.168200 OK 68 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PSWPT2
IP 142.250.74.168:0
File type ASCII text, with very long lines (6877)
Hash 5dafe92b407386ccfb8f6ba1385fc2af
8e24649522a50175f0be6a77372abf147736712a
06e9d68522996fab3c15f9a6df0737e130be3f79727371666a09aed12b322e58
GET /gtm.js?id=GTM-PSWPT2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 07:14:59 GMT
expires: Tue, 29 Nov 2022 07:14:59 GMT
cache-control: private, max-age=900
last-modified: Tue, 29 Nov 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 67839
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f50fd635895870df33a17fe377a6a038
dd65dfbbc810b095432cfd59f971af04a9e31ab7
ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 3b02ed097ae865dee23811368d3957f5
c88b6ae62fa81f20799cb9cf7db82d489097b2a9
37cbc2dcbd5c753aaa237899506fce474a7042fa2a2c725de8370906ce3bd7c4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=93822
Date: Tue, 29 Nov 2022 07:14:59 GMT
Etag: "63847cf1-1d7"
Expires: Wed, 30 Nov 2022 09:18:41 GMT
Last-Modified: Mon, 28 Nov 2022 09:18:41 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ltbYp7_-JOakioDTvF9Zdi54JVSPycaJtye-XBDTW3CXi4antTWhaw==
imageresizer.arch.software/favehotels/v1/FaveSorong/Gallery/faveSorong_Exterior.jpg?d=1600x1066&location=center
54.230.111.18200 OK 166 kB URL HTTP/2 imageresizer.arch.software/favehotels/v1/FaveSorong/Gallery/faveSorong_Exterior.jpg?d=1600x1066&location=center
IP 54.230.111.18:0
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 1600x1066, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 166 kB (165920 bytes)
Hash 70039735b318c4eb5f7224b2fe7ad46e
3a301c7905312ce2c8229a6adef65efd885d9525
32fd7c8f0e5ceedee65625a2c02e49340e7e3b4133c956a917d97a76508f61a3
GET /favehotels/v1/FaveSorong/Gallery/faveSorong_Exterior.jpg?d=1600x1066&location=center HTTP/1.1
Host: imageresizer.arch.software
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/webp
content-length: 165920
x-amz-request-id: CVKQ37GJ44AC38N8
x-amz-id-2: eh8sNYmE/HfAb4geyiGtuzVAeeRZeZDr5H8AyfETAhAVqqCx2pyDHxs6ShUu4yre+6LKGrvhGHE=
date: Sun, 27 Nov 2022 13:10:23 GMT
server: AmazonS3
cache-control: public, max-age=31536003
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: ps5goxojdN1qnxgqfPendiWbvQcKMP81_SKFGhCU3WMdtTTPscQGhg==
age: 151468
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
vary: Origin
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/ionicons.a4dtotlf.js
104.17.25.14200 OK 6.4 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/ionicons.a4dtotlf.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (15142)
Hash 62ec69315fe43303465cd0af025a98c2
06b53cd1ac183ef94f30a0b470493431681d303b
fc1751cce2185b808e7f7bd27e1553c8b13e9254a56caaf545b2a2a431ae2200
GET /ajax/libs/ionicons/4.5.6/ionicons/ionicons.a4dtotlf.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:14:59 GMT
content-type: application/javascript; charset=utf-8
content-length: 6377
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-3d97"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:14:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BOueWBhLqRswTf3JZTKJE9Wuj5tZ437%2B6Hxc8j63CgzUbVNkY1lsZBF7q6eDrIleT87BJJQVZpRj33t5UBhtCr1gwVRH0F0dCD2nimlwTNDoamSOSxhbw8EVfFHRGoRXgsbXWtD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb28c5cb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
142.250.74.174200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 142.250.74.174:0
File type ASCII text, with very long lines (1325)
Hash 47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 29 Nov 2022 06:41:08 GMT
expires: Tue, 29 Nov 2022 08:41:08 GMT
cache-control: public, max-age=7200
age: 2031
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d6e2be555d55d272711d589eb5e01165
ecc7643d23c834de4c22974de35738b01b9811e1
d72187965410e6790f2916575018dea4acea7e219d8b5d0a1fc3627026022f0e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3887
Cache-Control: max-age=106391
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:14:59 GMT
Etag: "63849edb-1d7"
Expires: Wed, 30 Nov 2022 12:48:10 GMT
Last-Modified: Mon, 28 Nov 2022 11:43:23 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3bf328fa5ead82aa5e1696c13f561831
d8e89664d692263c840b16377310b92f15649420
2159823edacf05a87566fb2f326d7b225cc28a7464383b4abe27cc2ca58d7561
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4340
Cache-Control: max-age=88123
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:14:59 GMT
Etag: "638455ba-117"
Expires: Wed, 30 Nov 2022 07:43:42 GMT
Last-Modified: Mon, 28 Nov 2022 06:31:22 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 5.5 kB IP 142.250.74.3:0
Hash fa80732140f50250430bc1f7fb12ff27
8381a5049d3dd07a2f47089e8b69bcf4b6418d09
370475120688a8df91f391c5c7ef20737514436c7917f49f4bad0d8340a5ca77
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cb1dfbcccf9ee70994f85a79b3e89a0d
63c0d89cc7367e3500d25dc35e9eea1f9314a0c4
d106cf1491f0c489e12a2678261256610a3bbde03737995ab368dce1f9f8fcbf
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 59
Cache-Control: max-age=130626
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:14:59 GMT
Etag: "63850c7a-1d7"
Expires: Wed, 30 Nov 2022 19:32:05 GMT
Last-Modified: Mon, 28 Nov 2022 19:31:06 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
5667404.fls.doubleclick.net/activityi;src=5667404;type=retar0;cat=retar0;ord=7071735256535;gtm=2wgb90;auiddc=1948251921.1669706099;~oref=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong?
142.250.74.70200 OK 251 B URL HTTP/2 5667404.fls.doubleclick.net/activityi;src=5667404;type=retar0;cat=retar0;ord=7071735256535;gtm=2wgb90;auiddc=1948251921.1669706099;~oref=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong?
IP 142.250.74.70:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (491), with no line terminators
Hash 23dc3dbc2affaff026583f6965ec89c8
ff6bed00e9cd49ef9c39eedb620d7e2f928168ed
d485351e33932cebe4aaa969d7a47ad8164fe73d066c37d1cd4023e84ef7928c
GET /activityi;src=5667404;type=retar0;cat=retar0;ord=7071735256535;gtm=2wgb90;auiddc=1948251921.1669706099;~oref=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong? HTTP/1.1
Host: 5667404.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 07:14:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 251
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 29-Nov-2022 07:29:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.archipelagointernational.com/website/assets/v1/js/bootstrap-3.3.7.min.js
143.204.55.116200 OK 10 kB URL HTTP/2 static.archipelagointernational.com/website/assets/v1/js/bootstrap-3.3.7.min.js
IP 143.204.55.116:0
Hash 1b53834d05b02625ce030c84cb99a99c
ddb9f9c1f93d7be58f2017b451958e3f96e73353
41e90728b14e374b3e06d02f579aa5deb92956e1828475dab808ee20f8cd4673
GET /website/assets/v1/js/bootstrap-3.3.7.min.js HTTP/1.1
Host: static.archipelagointernational.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
date: Sun, 06 Nov 2022 01:47:51 GMT
last-modified: Tue, 16 Nov 2021 07:16:16 GMT
etag: W/"5869c96cc8f19086aee625d670d741f9"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800, stale-while-revalidate=7890000
x-amz-meta-cb-modifiedtime: Tue, 16 Nov 2021 03:22:01 GMT
x-amz-version-id: KeJ5pmvWRPSqGB7rwDdFCH3e9bTuibeu
server: AmazonS3
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: u00xQBVce_HJWYthx70tTsOX0aMG-hgVio8clXeeNQeJv0po9SzUcw==
age: 2006828
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 3bf328fa5ead82aa5e1696c13f561831
d8e89664d692263c840b16377310b92f15649420
2159823edacf05a87566fb2f326d7b225cc28a7464383b4abe27cc2ca58d7561
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4340
Cache-Control: max-age=88123
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:14:59 GMT
Etag: "638455ba-117"
Expires: Wed, 30 Nov 2022 07:43:42 GMT
Last-Modified: Mon, 28 Nov 2022 06:31:22 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 3b02ed097ae865dee23811368d3957f5
c88b6ae62fa81f20799cb9cf7db82d489097b2a9
37cbc2dcbd5c753aaa237899506fce474a7042fa2a2c725de8370906ce3bd7c4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=93822
Date: Tue, 29 Nov 2022 07:14:59 GMT
Etag: "63847cf1-1d7"
Expires: Wed, 30 Nov 2022 09:18:41 GMT
Last-Modified: Mon, 28 Nov 2022 09:18:41 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eysa6p3pUqx9RZLzEQ1U_EzWnq2NKgaBCF3vVlw4Nuj8L-PJXfAj7Q==
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash 30462b52571c91f089bed4de98462a46
7e2b322ea5b8f97b2fa76751bcffe2a420f872eb
c5403dfefa9d043ac501963ff09a6d3d70e21f6e6a1b9728183a3490060a4bfc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d6e2be555d55d272711d589eb5e01165
ecc7643d23c834de4c22974de35738b01b9811e1
d72187965410e6790f2916575018dea4acea7e219d8b5d0a1fc3627026022f0e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3887
Cache-Control: max-age=106391
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:14:59 GMT
Etag: "63849edb-1d7"
Expires: Wed, 30 Nov 2022 12:48:10 GMT
Last-Modified: Mon, 28 Nov 2022 11:43:23 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/g2o31eyc.entry.js
104.17.25.14200 OK 1.4 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/g2o31eyc.entry.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (4070), with no line terminators
Hash 0fde9851d646e92039a3fe0e5f57259d
85c5b13959088ef17bdf6cec87364627ce9e1590
6fca4aebdac9976c791cb70c0299575916b53a22acbe5ce251bb97adc42689a2
GET /ajax/libs/ionicons/4.5.6/ionicons/g2o31eyc.entry.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cdnjs.cloudflare.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:14:59 GMT
content-type: application/javascript; charset=utf-8
content-length: 1438
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-fe6"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:14:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AIxVIbW7w1yHHsCXpnxJU4D3tQXujA%2Bkir9mdabIkmlHVof4sw8AJa7GZ8VUzB7yZwe9n%2FSqUhoPbGuMrxCEUF0wnP9mmpwc6O1feUHYHD%2Fj79%2FY2%2BonxUj1%2Fo%2FESWRUiP6gF4Hw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb35d78b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash cb1dfbcccf9ee70994f85a79b3e89a0d
63c0d89cc7367e3500d25dc35e9eea1f9314a0c4
d106cf1491f0c489e12a2678261256610a3bbde03737995ab368dce1f9f8fcbf
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5958
Cache-Control: max-age=136525
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:14:59 GMT
Etag: "63850c7a-1d7"
Expires: Wed, 30 Nov 2022 21:10:24 GMT
Last-Modified: Mon, 28 Nov 2022 19:31:06 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ab111d84cd3ea973540af40187d88177
2df74aa20c76483c6b3a4c634eada12811095068
c895bc6d1f86e9f8699db318a89c824d21c8e56962abda44d861d6d363695c4b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 848
Cache-Control: max-age=89679
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:14:59 GMT
Etag: "63846972-117"
Expires: Wed, 30 Nov 2022 08:09:38 GMT
Last-Modified: Mon, 28 Nov 2022 07:55:30 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash abd55ecd24d357a9f02612558f723a90
6a1e6963864f0b53ddc6205d35225e6cf0bcbeec
195fa531e0462be58d5c62ebbe6060e147c94bdb1d38ff46c341c74e0ab2671a
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:15:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ab111d84cd3ea973540af40187d88177
2df74aa20c76483c6b3a4c634eada12811095068
c895bc6d1f86e9f8699db318a89c824d21c8e56962abda44d861d6d363695c4b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 849
Cache-Control: max-age=89679
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:15:00 GMT
Etag: "63846972-117"
Expires: Wed, 30 Nov 2022 08:09:39 GMT
Last-Modified: Mon, 28 Nov 2022 07:55:30 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279
adservice.google.com/ddm/fls/i/src=5667404;type=retar0;cat=retar0;ord=7071735256535;gtm=2wgb90;auiddc=1948251921.1669706099;~oref=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong
142.250.74.98200 OK 252 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=5667404;type=retar0;cat=retar0;ord=7071735256535;gtm=2wgb90;auiddc=1948251921.1669706099;~oref=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (490), with no line terminators
Hash d2a1e27f69a1861fc2fe3235d34bdcf4
ef7bfab64656315176f21f604039feb20cb581c0
371cd514e95246e902b97981e0250fae38ec3de6b88d6726f506899f93f6887d
GET /ddm/fls/i/src=5667404;type=retar0;cat=retar0;ord=7071735256535;gtm=2wgb90;auiddc=1948251921.1669706099;~oref=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5667404.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 07:15:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 252
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/chunk-1ca7e569.js
104.17.25.14200 OK 436 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/chunk-1ca7e569.js
IP 104.17.25.14:0
File type ASCII text, with very long lines (935), with no line terminators
Hash 50e258b7621b82d2b4e29990dd94cdce
44f8ccc35338306084abdd2e37495d92464604f6
686af8c58d321de61f2a82eb2c5182c24605943afd7c24c83e5047d04ad599e6
GET /ajax/libs/ionicons/4.5.6/ionicons/chunk-1ca7e569.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cdnjs.cloudflare.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 436
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-3a7"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3QBV84rP7JdfnoyisCB6CldCH42g7LKjkbodLZxKntfzWzIKCVKUvw9M3afUY6J%2BINIXMB%2FDJmQelxPvgps8jNyY1zrVJkLopqXcCTSJyv5fo%2B9MZ5CArH%2F3Vx%2FzHSg725ZNSRf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb4ef35b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7099
Expires: Tue, 29 Nov 2022 09:13:19 GMT
Date: Tue, 29 Nov 2022 07:15:00 GMT
Connection: keep-alive
adservice.google.com/ddm/fls/i/src=11992199;type=visit0;cat=visit0;u1=visitor_fave;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17415630214655.375;~oref=https://www.favehotels.com/
142.250.74.98200 OK 233 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=11992199;type=visit0;cat=visit0;u1=visitor_fave;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17415630214655.375;~oref=https://www.favehotels.com/
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (485), with no line terminators
Hash 3aba4c6bbc770c06e322183ab2010164
b3b5ee35c72c9da54cd8c99e06fab55c73418a7f
5772ccc5027fdf72dc746196b7e0c736dd99d5f06d695935f548299cf77b3aae
GET /ddm/fls/i/src=11992199;type=visit0;cat=visit0;u1=visitor_fave;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17415630214655.375;~oref=https://www.favehotels.com/ HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://11992199.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 07:15:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 233
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7099
Expires: Tue, 29 Nov 2022 09:13:19 GMT
Date: Tue, 29 Nov 2022 07:15:00 GMT
Connection: keep-alive
www.archipelagointernational.com/api/membership/user-location
143.204.55.129200 OK 497 B URL HTTP/2 www.archipelagointernational.com/api/membership/user-location
IP 143.204.55.129:0
Hash 00bf9dca31aa6f5287104e6cdd8091ac
d0fa59592434fb858684933fc76ba95a9454dc41
68c10db503c68e3b4ec568415ce711e05c986e145d86dc52ae59bd28139d52bc
GET /api/membership/user-location HTTP/1.1
Host: www.archipelagointernational.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Tue, 29 Nov 2022 07:14:59 GMT
server: Apache/2.4.52 () OpenSSL/1.0.2k-fips
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: public, max-age=600, stale-while-revalidate=86400
pragma: no-cache
content-encoding: gzip
set-cookie: ci_session=2a571u7in6pt60megbu0u813lgi9vfef; expires=Tue, 29-Nov-2022 09:14:59 GMT; Max-Age=7200; path=/; HttpOnly
x-cache: Miss from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: KgfFTkDnb1qpDas9w2dm16stDVS4o8YOcA2-HvlwCrXeqzftGytr7g==
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
access-control-allow-credentials: true
access-control-allow-origin: https://www.favehotels.com
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.76.226200 OK 503 B IP 23.36.76.226:0
ASN #20940 Akamai International B.V.
Hash ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7099
Expires: Tue, 29 Nov 2022 09:13:19 GMT
Date: Tue, 29 Nov 2022 07:15:00 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9868f6d6-e29b-42b5-89c4-eec4771663b2.jpeg
34.120.237.76200 OK 8.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9868f6d6-e29b-42b5-89c4-eec4771663b2.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash faf3524970b0c3256eb5708f4ccf11ce
47295f2cf1b039c4b85cbe463d7893671a563989
ba0c2ce23eae865936caa7fb47dd1ef6346b8a7bc8340db700df6e2f5e27ec27
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9868f6d6-e29b-42b5-89c4-eec4771663b2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8402
x-amzn-requestid: d2d62f85-b6be-4394-9668-1d913e4120d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYeaGbgoAMFdCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d45c-2b6bfdcc72011cf01ddbd66b;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:07:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1il1ILDPBUseZWYjae_R0BQhpdyPTqqI0GycCljovgxjqhYezCwxCA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:17:21 GMT
age: 10659
etag: "47295f2cf1b039c4b85cbe463d7893671a563989"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg
34.120.237.76200 OK 3.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 22e7d3e11e78242383e452adb9299016
035a1b4a2a7889787532ec2637d5c21e06daf672
990f18423bafc9cc3daaa1bd1290313b6cb3d3a391f642d01fd6797ad4fc9ca8
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3004
x-amzn-requestid: 1e6e228a-fb73-4ed3-881b-6b0e5c8297c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrFRXoAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-45059338501b45d943d7e08c;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rmBhEB-x2sOvI7XfEpZQ0-lXEDWZ4los77q017Im-Lwb32ZLA0Zvcg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:45:15 GMT
age: 8985
etag: "035a1b4a2a7889787532ec2637d5c21e06daf672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
34.120.237.76200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMo3oHpSoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uGocx-Lv8ieJVvICjnTGQZyzaQzjVdICX2RZaNyBTQvUKeIcNxaCJQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 07:38:02 GMT
age: 85018
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn.onesignal.com/sdks/OneSignalSDKWorker.js
104.18.225.52200 OK 49 kB URL HTTP/2 cdn.onesignal.com/sdks/OneSignalSDKWorker.js
IP 104.18.225.52:0
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash cae2be7d1380724c9fe539af06a86700
ef20cb2ceed5fa6e45a4e761adacba9b0030387a
9a8ac538bbcbbd16fcc492ffae4b4ced51c9248f20885459cee22bbc9bebf6a7
GET /sdks/OneSignalSDKWorker.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.favehotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:14:59 GMT
content-type: application/javascript
etag: W/"2c6db169c2c60079c09fc4c994322b13"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 1050
expires: Fri, 02 Dec 2022 07:14:59 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 77198cb4eb8e0af6-OSL
content-encoding: br
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
34.120.237.76200 OK 4.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9fRfgj9_S00P8fI_T-tVt7khJ1kYZux_55K_yLYUsiyVEoiWRM9QAw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 22:07:26 GMT
age: 32854
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b0dcfcd-38d5-4614-ad4e-405d8ad4ee91.jpeg
34.120.237.76200 OK 6.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b0dcfcd-38d5-4614-ad4e-405d8ad4ee91.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b5e2bc1651b37b8e0467c2a6cb860fb3
3348f081a3357490a704592d105d02e81886df89
751c601e075c9338335c05b0f430ba8065b4e97440e6630993afd943f302b253
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b0dcfcd-38d5-4614-ad4e-405d8ad4ee91.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6037
x-amzn-requestid: eb17903e-1fd3-4a41-a6d1-8b671d890400
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPAJjFa3oAMFcLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382ad70-3db95fcd1aeb9c411c55d173;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 00:21:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NqtaziEIRl6auIGehos7TAJfBAY3CtGJX0vC-pWhjs377L_rEyM6hg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 10:14:18 GMT
age: 75642
etag: "3348f081a3357490a704592d105d02e81886df89"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 798c6088f000b3a2464e23a92271c24d
2a53b3d3bd4a9104c79595f664276db5b32b9bad
dcccfc9bb4da634286d08301fcf23be3ae26bb429b35349fb72dde530fdb3ae4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:15:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-home.svg
104.17.25.14200 OK 126 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-home.svg
IP 104.17.25.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 58300d0a178b59debb3b90a8bdb92ee5
480933867fb2f17591a1f24ede92d7c991814675
d4df70d9c6f877587e925eaa1325366061396962ff4fb305f951b9dab4fb7106
GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-home.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 126
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-88"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJhFcd3m9hwHi0Snj0r%2F0EBuDgu5KQQJ4lsj5UOTsh2sVJfReCL%2FeFE2jSmhWGWR7lE5paz%2FeCOlnjRN%2FDTh9DT7j7WMIM%2BBCuQyQXtfM13wve1sggYUFyVRdAiuRYLRAtR4JT6G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb5cfdeb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-close-circle-outline.svg
104.17.25.14200 OK 253 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-close-circle-outline.svg
IP 104.17.25.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (494), with no line terminators
Hash bc64a220bc4c37fa630383f1e3ea13c2
d0f093925b07c8664e4cd8d873b8cadf3ebc593c
01ef8d3728b55b547f65f92bbb857c262eb640684e030e4a3726c03112534f6b
GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-close-circle-outline.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 253
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-1ee"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPSlf3C7Xyny9WUq%2FsYAHMTLbRmOOUSIYRm97NzEHejJOjbYXyvzURugySeehjfc0sDuKKRwSMOI6syHnacvUJ2xxRhBdpPBtvWmkKuTCRhihnYXdIaRf%2BAKt3kpkAXmU%2BzmymAb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb5cfe2b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-search.svg
104.17.25.14200 OK 296 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-search.svg
IP 104.17.25.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (516), with no line terminators
Hash cfee5af5c3c462d879418b6e21c583d4
8fb9b8b46614de65b7294d174e1e4cd952c61d7d
65ef94fba4fe7d00cbdb2b9b63f4a7668f816874a570ca31a8474c89da68655d
GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-search.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 296
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-204"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qbTL8VgfiSc7jLQkywEtFJ41WC16olPPTooeU%2F08fixjJ9UyxlEvOpzNjENbeGe%2F8YF%2BKuD72vy47vOJCAtytSapmmsmeOj0MJ7xcBStgG1eKrVzIeQg2%2BKMYcEJc5iqxdv3oy6H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb5cfe1b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-arrow-round-up.svg
104.17.25.14200 OK 212 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-arrow-round-up.svg
IP 104.17.25.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (327), with no line terminators
Hash 8499f0db8ef1b89f2021d4f00c18ed4c
34782cb27b29f81844a7748387fb988fbf228df5
9926d74f8df575f118b926353f8b394d324c909be829f0040d8c5d1fc86e48a5
GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-arrow-round-up.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 212
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-147"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2F3On16S9p3aQXXmWEz7bzFvwhtj2QfLIcm20BUWt1ICSkZhWG2%2Bp8MADEAVoIkM%2FgoSIsQDAvWTTlhMHRDkF6ddwSSnjeIcJUYf%2FI%2B4BhAcTPE1MxuEPsW6YZ6HZgUapnmSRpd4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb5dff0b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 5d3cb5816bed2c34a54d996b23672a43
0dcc8c20ecc675089b7eb25611bba35873d5552d
3072f881e32b96fdf1b05bec0be99d4a2420b6cbd28246d0cfdffd29a1cbd534
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:15:00 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 03:18:07 GMT
Expires: Mon, 05 Dec 2022 03:18:06 GMT
Etag: "0dcc8c20ecc675089b7eb25611bba35873d5552d"
Cache-Control: max-age=503585,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77198cb60997b515-OSL
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-arrow-dropright.svg
104.17.25.14200 OK 104 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-arrow-dropright.svg
IP 104.17.25.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 2b945168dd7bb36aefbbab7eb280d247
3c814728e4dfe4b5c2ec58700284461b6eadbd02
04d6db9393ad6eac1d0f0721a53d0e04925e51ef2951d61c61347fdad4c48eae
GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-arrow-dropright.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 104
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-69"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=guNrhyqhm0bZZH7KZzndaNa%2Bb27DrBvlyWgBqHIbStRFS20VMDCDP6RBnJw%2FdFaR5bp319XW0WTLqSuJE8JLBEKMFwIK9BF9O%2BczOXuSPstAYaR%2F3Aj7fNEtVUeap7xMOJ%2BnjyCw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb5effdb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=5667404;type=retar0;cat=retar0;ord=7071735256535;gtm=2wgb90;auiddc=1948251921.1669706099;~oref=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong
142.250.74.34200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=5667404;type=retar0;cat=retar0;ord=7071735256535;gtm=2wgb90;auiddc=1948251921.1669706099;~oref=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=5667404;type=retar0;cat=retar0;ord=7071735256535;gtm=2wgb90;auiddc=1948251921.1669706099;~oref=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 07:15:00 GMT
expires: Tue, 29 Nov 2022 07:15:00 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-calendar.svg
104.17.25.14200 OK 194 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-calendar.svg
IP 104.17.25.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 364de6b0f0763dce4e57df8317f0a33d
4c5e7b1fec536711f3d90dd3a90eb4a24cc8a08c
3d5f470c010ea3213b2234b83603e19031b06f2b4ad079b9b20821bd769b627f
GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-calendar.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 194
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-12b"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VgLFMcQ4i3M5OtwbbaS5f4I7FhUL7Lzou2goKxVTRGuDV2rCjRu4FvCrE1FHQeghUhHjjFNFFBZZUfx0Mpj3kHbFnwY2C1NH8MgNeAP%2FirK5Fzvx0A%2FiOySD1KB%2FuBeN6vVwiguW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb5f81ab500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-pin.svg
104.17.25.14200 OK 206 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-pin.svg
IP 104.17.25.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (325), with no line terminators
Hash b8ccdda3bc476ab1024b8a8ec296d987
35eea6107c801fd2c2a50812899c98ebcaf7c0cc
2999607a6a4594e59450e086bb007c4d6d020efebbd1e7b17018d7b0f4c44c0e
GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-pin.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 206
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-145"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2CLJIiQC3JsHMWR0AuHEf5rED8W1SrsbHexPdzK6vRIRyaRzxI%2FbN1YYMTog13ph9B%2F5CkALGnYB7Vg2xP%2BZBzMPHGQ1N6KCLn8T5%2F%2FBCDlIxz4oql9QuWbCBs%2FFTvVzYk31Jm3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb60824b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-arrow-round-back.svg
104.17.25.14200 OK 208 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-arrow-round-back.svg
IP 104.17.25.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (324), with no line terminators
Hash f374edee16243c4f4908d71f7dbf63ab
9b64c38d3d6ba29a5bedf10dd05b1b2a20844572
121dc6f5b536cc3f3a12893d79f6d36668a7cc2565c36e8bfc6295bfa33a711b
GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-arrow-round-back.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 208
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-144"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Be8msAPh9V2%2B%2Fb3ZyfcXHdvTPcLHsrJ7RP9dCkGkyXsxAt75e8nAEZiqnI%2FEgqKbY%2BCt3GBIrr331W9hDmtp17CbLwmhaofZtPV9DqGGqtkb5y1S2uApukqFXYZHI7hl%2F1c0qU8s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb61828b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/logo-twitter.svg
104.17.25.14200 OK 339 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/logo-twitter.svg
IP 104.17.25.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (621), with no line terminators
Hash 236176974639deaee3d735ee9ec03508
fc1b77595379f5232d04cde41162161bfc942a13
c172915f37049298c500ebcd5fe85f5d58c5e8b85b2e359d0e2fcc4b7f3e6240
GET /ajax/libs/ionicons/4.5.6/ionicons/svg/logo-twitter.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 339
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-26d"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JILIdn3P%2FeVQYMRugmh7x8zZVKZWLKTnSLC8BL1XxaXi1h519vZbPupJSYVfN%2FI%2BluAqb4k0dVPiPb0sxo2DTOtRWFQj5DOmCi7BTx4ZozRNYkY3k53O8Mz6%2Bv4ufIr%2BkhTwv6xD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb61831b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/logo-facebook.svg
104.17.25.14200 OK 234 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/logo-facebook.svg
IP 104.17.25.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (356), with no line terminators
Hash 85f273c579b848abe6baf21129194f73
ddec38b4220269278a03cf1c06d0e95525b60095
f166acc7e5746d1dd0e2bbd700483f39f21b864dcc829f74c6d2b030a899f683
GET /ajax/libs/ionicons/4.5.6/ionicons/svg/logo-facebook.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 234
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-164"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OYoJyWI%2BcQmzjO1RsIlx50jM30H7jf4BMUe7yBrwE4vDzwiHgZroS3rTLDmL25fp9lQZUOC6fLMGKq8FuGC7VRjmTXXLy7L9dCAJGMRpqleL79wuORQ8SXLAZe9t9xehtMlS7%2B6u"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb6182ab500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-call.svg
104.17.25.14200 OK 290 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-call.svg
IP 104.17.25.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (498), with no line terminators
Hash e325dc3725f6f4f1686cd211dc115580
0688d932f4e1b059b39f7d84781aa8da56219b9a
159d19eceb943ff1b45fe5606ea2566011569c5385009fa214fc9fbe1f64fe19
GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-call.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 290
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-1f2"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cAVyZ56MTGn7r8NNkkMtpoWLASJWzQMAXGwHjtychLz9lOlYaN2AoAaydFr3dUM%2B8DhXKoKhW2gR9qts%2BsewGjKGAoA9uTIzyUaIQggHmFyQ1cMq7%2BZAjCW5HBbjdGGlNybGCTsK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb60822b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-arrow-round-forward.svg
104.17.25.14200 OK 210 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-arrow-round-forward.svg
IP 104.17.25.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (335), with no line terminators
Hash 16466ad0a537c2611cac7af9a791be11
444990f6a094f824e73a84a0dbdc2790b41c0f89
cea3fb70132dde7c6ac020990c0b5c24a5e77ba7e65cff66fad0399b15d04d50
GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-arrow-round-forward.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 210
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-14f"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2FqyRQrA5sqKmGrxc1NMkTyzFVMQpnvNXY5z3YJWdWjA1E5SjlwGR7%2Fo7DBOrKKcSaGJTiUVCz3CFClE7nuMbPEU9qKAfsUO0vDsl0%2FpgbYAfb%2BHCj%2BPTl2JDxoO9lMgzzwUZ%2FGx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb61829b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-menu.svg
104.17.25.14200 OK 132 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-menu.svg
IP 104.17.25.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash c5a9203d57745afd350251a8acd36db9
0a5c9d0004558c1e54757dc70545b2c0775418e6
547121cb53bfe673efd48b8c47c3fd59b57e97e5af73156f9fcbf2c196d10dd7
GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-menu.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 132
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-a6"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PHnZjwA5EYnES97ajIQPZGkUgQRxl4Cd5Ztz3bRgjhxKMObZNGIgQHtn31w%2BM46yuARNAHuIjxTBH5Ehker0Czm9DFlAEseg7tNIMR8JD9MuCIusWYtW63y9N9W1FkZBK5EZZiX8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb6284db500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-gift.svg
104.17.25.14200 OK 356 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-gift.svg
IP 104.17.25.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (669), with no line terminators
Hash 04be1f0c8f4c5c79df80f7275664dc53
176af02a49fee1a507a9efce0dc0c2054399c5f0
2efa2f2004b8c318da32518199f7b2ddc18cea60f9b737cfb97a9df698156f29
GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-gift.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 356
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-29d"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXQphaK9woUB382iPPW%2FUKgZplOGe%2BX9LPPOpdOkXI6USuiMbsLaVlPOxI9x7YO%2BjkebPhfQ7WHeOpFHnFCBBfirJJAW0Uw1TLLTtmIaPkXUjuYKpc6ZDWgYCRSEO8LlqCRQWmcP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb6283ab500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=11992199;type=visit0;cat=visit0;u1=visitor_fave;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17415630214655.375;~oref=https://www.favehotels.com/
142.250.74.34200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=11992199;type=visit0;cat=visit0;u1=visitor_fave;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17415630214655.375;~oref=https://www.favehotels.com/
IP 142.250.74.34:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=11992199;type=visit0;cat=visit0;u1=visitor_fave;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17415630214655.375;~oref=https://www.favehotels.com/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 07:15:00 GMT
expires: Tue, 29 Nov 2022 07:15:00 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-card.svg
104.17.25.14200 OK 181 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-card.svg
IP 104.17.25.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 6e97db3fad913b33b09bb41db7a1876e
612cfdf8c413c90ed2831b0a80db52d4be334d1b
d9a01cf01e7b59d3331e2bfc952e16c144a2f19e0f400e73bd52848e087ccd70
GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-card.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 181
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-104"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOKBFilagDYfX2Bwwx5c373x5p5wz%2BZN8T3u831MURqkRgQ04hiQZRSEaWJlB4TRn8RQKlrTJapQowkcunHIk5PGnj%2BZqf7KfzsU%2BUq1hgYGWF%2FBaj9ShEBrkdgtA7ahAje82yrW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb63858b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-close.svg
104.17.25.14200 OK 138 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-close.svg
IP 104.17.25.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash de589699ee5b8740e845fc074e4e0ce6
3799a8703b209da05f5081a66f43bb4c53a41bf2
e4c6d5d60df9606bcfd59c975af8bc98534b18b7d52badca4189d8ef5f3b8e36
GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-close.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 138
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-e1"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tfdwo5TUWTy1F2DrXrC2SK1D%2BKp8LolkSo9w4EUqYz%2BV5SelXgFJ8sPJtgYohV%2FoKllnd1dxliMRDbfG01%2FD6heu4VLG%2BWcUTAJ%2FOhVoQjOHB0z%2BKJr9itVm7IqBG26gasmfQYCj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb5eff6b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-person.svg
104.17.25.14200 OK 165 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-person.svg
IP 104.17.25.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 27da8cb37bce1fd5b85ccf5a4ba02dfa
b8d86565d023b5d3cd3dc1ce32653577103b0702
3a504d1390c1e116eb9e27469c151477c271185c94092f84c841b8bae6d12ed1
GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-person.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 165
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-eb"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57cJLHhKZXHVMS13fzvwXkaahafjrCmsN2pTOIb2EgkwqfbIldelNJMGzIeNFxSHOU13byQD%2FnDTngzTOEzh5z3Qv2mLbu8zIfiOL1Q1W%2FjkLiaeYFmeL6MnWi4uWIL6tvhwG4n2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb62851b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-information-circle-outline.svg
104.17.25.14200 OK 249 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-information-circle-outline.svg
IP 104.17.25.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (418), with no line terminators
Hash 7ebc3a290fc374be8263adeb555b16a5
92aabd4c1d0af8d38b8b4c247615f97715a7cc60
7a5d557f74ef3dd23ec4e5e2f7b3b2c5bca338e2005759645354897caf06cc93
GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-information-circle-outline.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 249
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-1a2"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ANUFjsCH7lvR%2FubiDg1DqdLyjuMc7FkuDWNoj6rYUmfmyGorAzglVXaetHxJm3nj%2BE9jpZUuNBkTnZms1ho8UvoAjo4EP0FKHNR%2FRYwCny069ob4qf6LVN2CytMhNzlaAQnlQm7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb64867b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-arrow-forward.svg
104.17.25.14200 OK 148 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-arrow-forward.svg
IP 104.17.25.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 6105b0d0ef3dfd70df9cdf79d5053517
d7b2cca4603cd4936ac3a795b95d143d93b05bf3
bb68b449bdf4c32f257e3b816f9ac3a0a0867ed549e8bf586e365e94496d1050
GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-arrow-forward.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 148
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-b3"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zqp0W56EJb%2B3X0bt7lJRz1%2Fxw%2FZXdLWDjvlxfOWU4q3uh8%2FXBlWUIe3M%2FJZBBU6nX1ztynQv5V2WqE%2B8%2FSpjwm0pHD%2BiT21htyuHAQ%2BnVtls95KQdvMChnFJvGK8g0OLRPfYxYcw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb5f81eb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/logo-instagram.svg
104.17.25.14200 OK 308 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/logo-instagram.svg
IP 104.17.25.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (620), with no line terminators
Hash 861d3a488c5ecd94c74b6d419fdb2898
92a0fca0887068ed9fbf0c119cffb049f87365c2
24de07d7c259646a93240773c87739978a1b770de30c984f9af8bbe0b044816b
GET /ajax/libs/ionicons/4.5.6/ionicons/svg/logo-instagram.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 308
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-26c"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FP0aRjmcojJOpnGnoegpQIfAoHNBQy8N06JnMzkNsPvtc3OR5vCZ%2FaDYospDTfahLVcVkp1pZnSnyTNKdx4SICHSzZZIaPA14RDrPGvE%2B%2Fvj6c%2Fr1dv%2FxaOV0%2BFHTNZ2DV4zVVhA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb62835b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-settings.svg
104.17.25.14200 OK 485 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-settings.svg
IP 104.17.25.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1145), with no line terminators
Hash c69af7c8d1591198b6548bbfe505d4e5
c4683044c4d34590a1b716219312fef5898efd58
8884dcefdd23a7cdfe6181b91de6729a5f2adeb3edc98f2d50feffce757ca24d
GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-settings.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 485
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-479"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k9RS6EspK0PEBpy%2FAMno08pQW5FSLmKahDlUah7jxumuS7M8%2ByOyYlakx1e7ukiPQBupOJgxu2hncWrMX2Ni4601ib8qOYHvpjMN8bad1e%2BLtJ866wyeWmpJpz%2Faw8GeQpCW18Hi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb63855b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-contact.svg
104.17.25.14200 OK 2.9 kB URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-contact.svg
IP 104.17.25.14:0
File type Unicode text, UTF-8 text, with very long lines (8655)
Hash 6b339178056aba898997d2f5a93f0384
585a6509b6ffb6696030f1c95a4f891372c67cfc
6e02ef95b535498009382e561c18ada79ccd3465b54ccedfa8880d8cfc74d75d
GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-contact.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 209
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-175"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hH%2FvgR2axXwgIJ4qmedsIGZTv5fTIgVhf1l5m%2FZqFra9qKF7f8SkoXLS8gFjRR6CAXfc1fbVUZ%2B9odv%2B1Onufe05%2FRCL7Y%2Bt6gKvu9giqJ0SinRUTZIPDX7%2FrY6PCEi%2FnDF49ist"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb6385bb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-phone-portrait.svg
104.17.25.14200 OK 189 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-phone-portrait.svg
IP 104.17.25.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Hash 8bc4c4d947f8cf9836a9cc1416c254e9
e1ccb0259ae3d3fb3711d6f767b1c1e0ce1eedb2
2a1e4cdd467c0ef5d07b0677f9906017cb01d34aec5b4105dce72e8ac7af6489
GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-phone-portrait.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 189
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-11e"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i3yPVB51feAq5K9ns0TDtw8%2Bs1TziN9rnNjZCh%2BbBF3dn%2BzUODe3CI63EEscjnHON1cdSkdaADWtMvt8AQCyUeK085Py6aBXuYrIS3K77KTuNEbleQoYmxqdZNkz0Vwb3svOory%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb6385db500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdn.denomatic.com/drs/354-499a808dd30a.js?rnd=20220825
54.230.111.104200 OK 963 B URL HTTP/2 cdn.denomatic.com/drs/354-499a808dd30a.js?rnd=20220825
IP 54.230.111.104:0
Hash 1024abb0d1161efd75366823c4506893
a41d6d3126ae186a7bec096897c552f39527dc4e
a3a590eb516c8418d4bcf84e6623363480f158e29a0be4e7c98bd4391e8c16c2
GET /drs/354-499a808dd30a.js?rnd=20220825 HTTP/1.1
Host: cdn.denomatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 963
server: nginx
last-modified: Tue, 09 Aug 2022 11:50:19 GMT
content-encoding: gzip
jb-x-cache: EXPIRED
accept-ranges: bytes
date: Tue, 29 Nov 2022 07:15:00 GMT
cache-control: public, max-age=600, s-maxage=86400
etag: "be7-5e5cd895e9f9a-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: g1NzDKlAeQC3Af1U6qTTcLQYPAy123duSnAPRKuIOtyBbmWHK6s9aw==
age: 18708
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 471 B IP 142.250.74.3:0
Hash 798c6088f000b3a2464e23a92271c24d
2a53b3d3bd4a9104c79595f664276db5b32b9bad
dcccfc9bb4da634286d08301fcf23be3ae26bb429b35349fb72dde530fdb3ae4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:15:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-globe.svg
104.17.25.14200 OK 966 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-globe.svg
IP 104.17.25.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2002), with no line terminators
Hash 070d0e0f827d3c463af0421a6941eefd
a64fd70bbcf2edc9ec5f201050c83acbd2cf3565
aff50c443b06891fcdf777eb6142c81d1f6d048df7c020a899d2faa591991d06
GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-globe.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 966
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-7d2"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4iQmN9TZDBCayRihtOihOCM2MeL4f2KOSQBoOOHAbXWlZXe9Je3CKl2J8jPkmC4k6%2F7XSqb3WhiXBoXQuFhjhvx9C87mByOPHXRuPLX8L8uyhhke3RnPDQ7CTSKCx0bQW9o8H2M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb6385fb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-mail.svg
104.17.25.14200 OK 208 B URL HTTP/2 cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-mail.svg
IP 104.17.25.14:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (319), with no line terminators
Hash 9dcf9cb92548de441649534706be4e21
19593f5efa7cd6106138943333aece8066c9506d
62f29106be1f7237f70eacf8e42c80390ba5f230d69c9462317eb9d2fda81ead
GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-mail.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 208
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-13f"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nHMnkSWpvHve%2FQSwnPuRLXtRoRSWLOBCNQPNYAwYau1FKcqg%2FV%2FxraQORUiKygod5JtRqWxg4oqrqORrzzAjDb04GIiz4F%2F8W1n%2F2%2FLvadlbNKkc5r1cxId7nUrkG7CY5DF2kxt5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb5dfe9b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af25abbc1f9776cf78b07837dbea38a0
1883049bac2e92f8b3107f6435f00b83d8f4c117
663a6d77de7e3c835bcbb4b567eb28053755bf50ddab14b3f668367a85efdf17
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2274
Cache-Control: max-age=103321
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:15:00 GMT
Etag: "6384992b-1d7"
Expires: Wed, 30 Nov 2022 11:57:01 GMT
Last-Modified: Mon, 28 Nov 2022 11:19:07 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f1cfa609ebdf236e2f3e3ff25dd05caf
c8117b0187d4d9021ed1a42907bd93d24ed4ebf0
7a2761aa36168d4f2c9034486777f5588aaf0fa1f7d1e55006db7320259303b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:15:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
connect.facebook.net/en_US/fbevents.js
31.13.72.12200 OK 27 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 31.13.72.12:0
File type ASCII text, with very long lines (64348)
Hash 44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: Bh6KhznqrlR6coK8HTWLK7HG73d1xNVGOwPUyishNAFP2FcnS3xYrBOHpmZWeKYLkzcym4O84BHiJn9HTCIWBw==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 2074150462
date: Tue, 29 Nov 2022 07:15:00 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1000698394/?random=1669706098892&cv=11&fst=1669706098892&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong&tiba=favehotel%20Sorong%20-%20Select%20Service%20Hotel%20In%20Sorong&auid=1948251921.1669706099&rfmt=3&fmt=4
142.250.74.66200 OK 901 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1000698394/?random=1669706098892&cv=11&fst=1669706098892&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong&tiba=favehotel%20Sorong%20-%20Select%20Service%20Hotel%20In%20Sorong&auid=1948251921.1669706099&rfmt=3&fmt=4
IP 142.250.74.66:0
File type ASCII text, with very long lines (1955), with no line terminators
Hash 84aa80efdf67d3fb906ff51c841c7688
356914e36599649c6c9383b83022614ac2fe5af1
ccb2462481cdb93a9e4e3acc0d034d27bcd1ff06fd67cfb35824cbefd69c2910
GET /pagead/viewthroughconversion/1000698394/?random=1669706098892&cv=11&fst=1669706098892&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong&tiba=favehotel%20Sorong%20-%20Select%20Service%20Hotel%20In%20Sorong&auid=1948251921.1669706099&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 07:15:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 901
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 29-Nov-2022 07:30:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6S0DPJNCZH&cid=1075845428.1669706099>m=2oeb90&aip=1&z=663281219
142.250.74.3200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6S0DPJNCZH&cid=1075845428.1669706099>m=2oeb90&aip=1&z=663281219
IP 142.250.74.3:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6S0DPJNCZH&cid=1075845428.1669706099>m=2oeb90&aip=1&z=663281219 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 07:15:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-2077749-33&cid=1075845428.1669706099&jid=487690859&gjid=2120281814&_gid=2066494076.1669706099&_u=YGBAiEABBAAAAEAAI~&z=405073921
142.250.150.154200 OK 20 kB URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-2077749-33&cid=1075845428.1669706099&jid=487690859&gjid=2120281814&_gid=2066494076.1669706099&_u=YGBAiEABBAAAAEAAI~&z=405073921
IP 142.250.150.154:0
Hash 013f5ffdd9bb1a9ef921527dcb392cbd
fe4b9af523295c168aab16d09b1f39f80cc98f29
e87f772a0f9a5e1401e7a6ceab5560047103228e2b124bc7e540d799b4ccab9e
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-2077749-33&cid=1075845428.1669706099&jid=487690859&gjid=2120281814&_gid=2066494076.1669706099&_u=YGBAiEABBAAAAEAAI~&z=405073921 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Content-Type: text/plain
Content-Length: 0
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://www.favehotels.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 29 Nov 2022 07:15:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash af25abbc1f9776cf78b07837dbea38a0
1883049bac2e92f8b3107f6435f00b83d8f4c117
663a6d77de7e3c835bcbb4b567eb28053755bf50ddab14b3f668367a85efdf17
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2274
Cache-Control: max-age=103321
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:15:00 GMT
Etag: "6384992b-1d7"
Expires: Wed, 30 Nov 2022 11:57:01 GMT
Last-Modified: Mon, 28 Nov 2022 11:19:07 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471
stats.g.doubleclick.net/g/collect?v=2&tid=G-6S0DPJNCZH&cid=1075845428.1669706099>m=2oeb90&aip=1
142.250.150.154204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-6S0DPJNCZH&cid=1075845428.1669706099>m=2oeb90&aip=1
IP 142.250.150.154:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-6S0DPJNCZH&cid=1075845428.1669706099>m=2oeb90&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://www.favehotels.com
date: Tue, 29 Nov 2022 07:15:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f1cfa609ebdf236e2f3e3ff25dd05caf
c8117b0187d4d9021ed1a42907bd93d24ed4ebf0
7a2761aa36168d4f2c9034486777f5588aaf0fa1f7d1e55006db7320259303b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:15:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
region1.analytics.google.com/g/collect?v=2&tid=G-6S0DPJNCZH>m=2oeb90&_p=1228318795&_gaz=1&cid=1075845428.1669706099&ul=en-us&sr=1280x1024&_s=1&sid=1669706099&sct=1&seg=0&dl=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong&dt=favehotel%20Sorong%20-%20Select%20Service%20Hotel%20In%20Sorong&en=page_view&_fv=1&_ss=1
216.239.32.36204 No Content 18 kB URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-6S0DPJNCZH>m=2oeb90&_p=1228318795&_gaz=1&cid=1075845428.1669706099&ul=en-us&sr=1280x1024&_s=1&sid=1669706099&sct=1&seg=0&dl=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong&dt=favehotel%20Sorong%20-%20Select%20Service%20Hotel%20In%20Sorong&en=page_view&_fv=1&_ss=1
IP 216.239.32.36:0
Hash c3c9d5aa599543d486b0fdf396ecc9b4
38d43c3bf7159643acba6dfdc7c2de284cb30491
8c990c7b41bb73fccdf5429dc615ec09d86430f969ef922ce505f984da82494f
POST /g/collect?v=2&tid=G-6S0DPJNCZH>m=2oeb90&_p=1228318795&_gaz=1&cid=1075845428.1669706099&ul=en-us&sr=1280x1024&_s=1&sid=1669706099&sct=1&seg=0&dl=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong&dt=favehotel%20Sorong%20-%20Select%20Service%20Hotel%20In%20Sorong&en=page_view&_fv=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://www.favehotels.com
date: Tue, 29 Nov 2022 07:15:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash f1cfa609ebdf236e2f3e3ff25dd05caf
c8117b0187d4d9021ed1a42907bd93d24ed4ebf0
7a2761aa36168d4f2c9034486777f5588aaf0fa1f7d1e55006db7320259303b3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:15:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a0fe20d41a043db700a84924cd9793f3
c0da481fef6cd00558f6e68b074acb34bef8292f
03caeb65ab9e22f6d6fe0d344d327950d20ee9ed144e2da0e5e062943a03fc56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:15:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.3200 OK 472 B IP 142.250.74.3:0
Hash a0fe20d41a043db700a84924cd9793f3
c0da481fef6cd00558f6e68b074acb34bef8292f
03caeb65ab9e22f6d6fe0d344d327950d20ee9ed144e2da0e5e062943a03fc56
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:15:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.com/pagead/1p-user-list/1000698394/?random=1669706098892&cv=11&fst=1669705200000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong&tiba=favehotel%20Sorong%20-%20Select%20Service%20Hotel%20In%20Sorong&fmt=3&is_vtc=1&random=2184221239&rmt_tld=0&ipr=y
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1000698394/?random=1669706098892&cv=11&fst=1669705200000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong&tiba=favehotel%20Sorong%20-%20Select%20Service%20Hotel%20In%20Sorong&fmt=3&is_vtc=1&random=2184221239&rmt_tld=0&ipr=y
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1000698394/?random=1669706098892&cv=11&fst=1669705200000&bg=ffffff&guid=ON&async=1>m=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong&tiba=favehotel%20Sorong%20-%20Select%20Service%20Hotel%20In%20Sorong&fmt=3&is_vtc=1&random=2184221239&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 07:15:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2077749-33&cid=1075845428.1669706099&jid=487690859&_u=YGBAiEABBAAAAEAAI~&z=246806028
142.250.74.164200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2077749-33&cid=1075845428.1669706099&jid=487690859&_u=YGBAiEABBAAAAEAAI~&z=246806028
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2077749-33&cid=1075845428.1669706099&jid=487690859&_u=YGBAiEABBAAAAEAAI~&z=246806028 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 07:15:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.facebook.com/tr/
31.13.72.36200 OK 0 B IP 31.13.72.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /tr/ HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Content-Type: multipart/form-data; boundary=---------------------------24843625811331171753184714644
Origin: https://www.favehotels.com
Content-Length: 4806
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: https://www.favehotels.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Nov 2022 07:15:02 GMT
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=2120774411396120&ev=PageView&dl=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong&rl=&if=false&ts=1669706100777&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669706100776.1201003156&it=1669706099711&coo=false&rqm=GET
31.13.72.36200 OK 86 kB URL HTTP/2 www.facebook.com/tr/?id=2120774411396120&ev=PageView&dl=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong&rl=&if=false&ts=1669706100777&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669706100776.1201003156&it=1669706099711&coo=false&rqm=GET
IP 31.13.72.36:0
File type gzip compressed data, from Unix\012- data
Hash 651527a47c7103cedd3799fd904e6602
538b02ee138f1ea096eda2b9e19bc2173651ef83
6a3bda67e35c22256d5982009d50aac5f128f40b97ace6384286063277273d40
GET /tr/?id=2120774411396120&ev=PageView&dl=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong&rl=&if=false&ts=1669706100777&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669706100776.1201003156&it=1669706099711&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Nov 2022 07:15:02 GMT
X-Firefox-Spdy: h2
static.triptease.io/message-porter/dist/bootstrap-message-engine.js
151.101.85.182200 OK 28 kB URL HTTP/2 static.triptease.io/message-porter/dist/bootstrap-message-engine.js
IP 151.101.85.182:0
File type Unicode text, UTF-8 text, with very long lines (58698)
Hash 9d342579f5b731749c8cd52cc69ca4cf
7bbecc83a1ad2cb0d0ad3096cd97e2b9d8b23704
7ba041586f87db7cfbd6e1809e684bd0d880ec5dbb44d080db997f6ee4a20a9b
GET /message-porter/dist/bootstrap-message-engine.js HTTP/1.1
Host: static.triptease.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycduryspMV5h2K6zSr5M0uYLyahisqW1XidxaWyLuZnQSLACa2fGgGwca4Y5ssQe9VKYe94L0EWrufZ-dENIrJRm4LAjSp85q
cache-control: no-cache, max-age=600
expires: Mon, 28 Nov 2022 15:01:32 GMT
last-modified: Mon, 28 Nov 2022 14:51:28 GMT
etag: "d676a7b4e95291ad2289d5705e4b5851"
x-goog-generation: 1669647087909159
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 84184
x-goog-meta-goog-reserved-file-mtime: 1669647084
content-type: application/javascript
x-goog-hash: crc32c=KORqow==, md5=1nantOlSka0iidVwXktYUQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
content-encoding: gzip
accept-ranges: bytes
date: Tue, 29 Nov 2022 07:15:05 GMT
via: 1.1 varnish
age: 383
x-served-by: cache-bma1643-BMA
x-cache: HIT
x-cache-hits: 8
x-timer: S1669706106.715688,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
backend-url: /message-porter/dist/bootstrap-message-engine.js
pseudo-device-id: ce3678a60bdd9475e11059d534cb5581793d88c2fea0c3958c03837f5a2b18f6
pseudo-session-id: 3422e73484dc258899f9d2c47f9d208b6a9f951e9b385ee322c0d21d0d2060d7
surrogate-key-debug: message-porter message-porter-bootstrap-message-engine message-porter-js
timing-allow-origin: *
content-length: 28003
X-Firefox-Spdy: h2
b.triptease.io/application.js
151.101.85.62200 OK 2.9 kB URL HTTP/1.1 b.triptease.io/application.js
IP 151.101.85.62:0
File type ASCII text, with very long lines (2870), with no line terminators
Hash 1f869b259c276f47841720aec5a2058e
6366bc8e1b2fa39017194b14b4a5504fa41b27e9
54d464dcbb274e2f142eb6e78e14dd6885edc21e72d0989717a1318c170777df
GET /application.js HTTP/1.1
Host: b.triptease.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 2870
cache-control: max-age=60
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, session-token
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
Via: 1.1 google, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 29 Nov 2022 07:15:05 GMT
Age: 1729
X-Served-By: cache-bma1678-BMA
X-Cache: HIT
X-Cache-Hits: 10
Strict-Transport-Security: max-age=300
static-meta.triptease.io/client/main.js
151.101.85.182200 OK 17 kB URL HTTP/2 static-meta.triptease.io/client/main.js
IP 151.101.85.182:0
File type ASCII text, with very long lines (54854), with no line terminators
Hash 8cc4bee5d305008a99f66b4c9dd7fce4
ec11738f93ea513e855fca06419750332c6e122c
573f695d4b6535aadb1272de7985d1ea348266f19a59e4a4b6712b6550ad221e
GET /client/main.js HTTP/1.1
Host: static-meta.triptease.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=3600,stale-while-revalidate=1800
content-type: text/plain; charset=utf-8
x-envoy-upstream-service-time: 3
x-envoy-upstream-healthchecked-cluster: client-api.management
server: istio-envoy
via: 1.1 google, 1.1 varnish
content-encoding: gzip
accept-ranges: bytes
date: Tue, 29 Nov 2022 07:15:05 GMT
age: 0
x-served-by: cache-bma1654-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669706106.713847,VS0,VE172
vary: Origin, Accept-Encoding
content-length: 17417
X-Firefox-Spdy: h2
static.triptease.io/message-porter/dist/storageIframe.html
151.101.85.182200 OK 2.5 kB URL HTTP/2 static.triptease.io/message-porter/dist/storageIframe.html
IP 151.101.85.182:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6979), with no line terminators
Hash be5aab1852e2cfe6c17fadcb089a21e4
60f309b22033bb2480c749dd68a3bd4bacfaad5d
dfdbdf72998262fc2396b2c5729ae0c5fa0d58f5a1b19ceb177e5cb9040ee5a9
GET /message-porter/dist/storageIframe.html HTTP/1.1
Host: static.triptease.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-guploader-uploadid: ADPycdvU0oLCe6sQfKK-zLI4Xx76g9gy8m2oVLSiHKmQ-upYclx9DZuvwnNn_I7-zFJ7HJajmjmp-BrTKcnI75d0DDZgZr4-JXjF
x-goog-generation: 1667397055211069
x-goog-metageneration: 8
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 6979
x-goog-meta-goog-reserved-file-mtime: 1667397047
x-goog-hash: crc32c=0I3Wqw==, md5=wk7He6Vyt1LH1MzXpMh9dg==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
expires: Mon, 28 Nov 2022 15:01:33 GMT
cache-control: no-cache, max-age=600
last-modified: Wed, 02 Nov 2022 13:50:55 GMT
etag: "c24ec77ba572b752c7d4ccd7a4c87d76"
content-type: text/html
content-encoding: gzip
accept-ranges: bytes
date: Tue, 29 Nov 2022 07:15:06 GMT
via: 1.1 varnish
age: 383
x-served-by: cache-bma1671-BMA
x-cache: HIT
x-cache-hits: 13
x-timer: S1669706106.004005,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
backend-url: /message-porter/dist/storageIframe.html
pseudo-device-id: 10d93cb908495a5a16655fc754e6677bdabe68f48e1852cb3cbce52a0ba7acc2
pseudo-session-id: f2b7e0e62112dae35c3f6cb148f0b61ddc78780d4ee936af55dab16e758256cd
surrogate-key-debug: message-porter message-porter-storageIframe message-porter-html
timing-allow-origin: *
content-length: 2506
X-Firefox-Spdy: h2
b.triptease.io/?apikey=ad3435928a7b946cc923b05f8afe0de30a228c28&bucket=1&conversion=false&clicked=false&searched=false&tripteaseUserId=01GK13TGGK1YHPXKWG6DXR4QC4
151.101.85.62200 OK 76 kB URL HTTP/1.1 b.triptease.io/?apikey=ad3435928a7b946cc923b05f8afe0de30a228c28&bucket=1&conversion=false&clicked=false&searched=false&tripteaseUserId=01GK13TGGK1YHPXKWG6DXR4QC4
IP 151.101.85.62:0
Hash 25cf6738ace94462824212e9d35085f1
df18ddda45e4ceedc7725be3f592c1bc27748afe
a1f982c64ab62179c9ec4f2f6af35e7581ba3f0506293b24c0dfa9bb45827c86
GET /?apikey=ad3435928a7b946cc923b05f8afe0de30a228c28&bucket=1&conversion=false&clicked=false&searched=false&tripteaseUserId=01GK13TGGK1YHPXKWG6DXR4QC4 HTTP/1.1
Host: b.triptease.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
cache-control: private, no-store
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, session-token
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
Via: 1.1 google, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 29 Nov 2022 07:15:06 GMT
X-Served-By: cache-bma1675-BMA
X-Cache: MISS
X-Cache-Hits: 0
Strict-Transport-Security: max-age=300
transfer-encoding: chunked
static-meta.triptease.io/client/bundle-data/ad3435928a7b946cc923b05f8afe0de30a228c28
151.101.85.182200 OK 288 B URL HTTP/2 static-meta.triptease.io/client/bundle-data/ad3435928a7b946cc923b05f8afe0de30a228c28
IP 151.101.85.182:0
File type JSON data\012- , ASCII text, with very long lines (406), with no line terminators
Hash e23a5ebcce92c6ac62edbb141ae8152c
fb93a020fc934c215c971a1f83195eddb8966f40
1b3550b5dcdd4d3f10a14c08fea7f310a99a05adfff26091a1857057a1554558
GET /client/bundle-data/ad3435928a7b946cc923b05f8afe0de30a228c28 HTTP/1.1
Host: static-meta.triptease.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=3600,stale-while-revalidate=1800
content-type: application/json; charset=utf-8
x-envoy-upstream-service-time: 118
server: istio-envoy
via: 1.1 google, 1.1 varnish
content-encoding: gzip
accept-ranges: bytes
date: Tue, 29 Nov 2022 07:15:06 GMT
age: 0
x-served-by: cache-bma1654-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669706106.964518,VS0,VE261
vary: Origin, Accept-Encoding
content-length: 288
X-Firefox-Spdy: h2
messages.guest-experience.triptease.io/ad3435928a7b946cc923b05f8afe0de30a228c28/messages?language=en
151.101.86.133200 OK 35 B URL HTTP/2 messages.guest-experience.triptease.io/ad3435928a7b946cc923b05f8afe0de30a228c28/messages?language=en
IP 151.101.86.133:0
File type JSON data\012- , ASCII text, with no line terminators
Hash b1a86b3431b637869ac4b3d97f378062
99de8bd0579b164dc8d3bdfa15590584e75d18b5
1ec7c7dbde03b083dfc34167da0767652f122f5ed5f7d64c6cfd00172889bd06
GET /ad3435928a7b946cc923b05f8afe0de30a228c28/messages?language=en HTTP/1.1
Host: messages.guest-experience.triptease.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://www.favehotels.com
content-type: application/json; charset=utf-8
cache-control: no-cache,max-age=0
x-cloud-trace-context: 352a6254a087da36d433b2918f7e1b94
server: Google Frontend
accept-ranges: bytes
date: Tue, 29 Nov 2022 07:15:06 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1662-BMA
x-cache: MISS
x-cache-hits: 0
vary: Origin
access-control-expose-headers: X-Country-Code, X-Region-Code, X-City
x-city: oslo
x-country-code: NO
x-region-code: 03
tt_host: messages.guest-experience.triptease.io
content-length: 35
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash c24d52282c0f26b81af0ee570ace73a2
868b57779bec79733f53bfc29c3e231b5789c284
b3fda99887d696289b23937ea86ade3932592ba9a0be31469236695c36bf97e0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=160224
Date: Tue, 29 Nov 2022 07:15:06 GMT
Etag: "63857032-1d7"
Expires: Thu, 01 Dec 2022 03:45:30 GMT
Last-Modified: Tue, 29 Nov 2022 02:36:34 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 516F1qT5g3kr1yTRWCJZiTykslAAbeG3FFHLr6HE57qrBV9ki9Teug==
Age: 4136
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash c24d52282c0f26b81af0ee570ace73a2
868b57779bec79733f53bfc29c3e231b5789c284
b3fda99887d696289b23937ea86ade3932592ba9a0be31469236695c36bf97e0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=161520
Date: Tue, 29 Nov 2022 07:15:06 GMT
Etag: "63857032-1d7"
Expires: Thu, 01 Dec 2022 04:07:06 GMT
Last-Modified: Tue, 29 Nov 2022 02:36:34 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4YvW31O3qmBcd8BoHfo4jmukAKa5nljza6QJ2AROUKwq5VkK4p7C_Q==
Age: 5432
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash c24d52282c0f26b81af0ee570ace73a2
868b57779bec79733f53bfc29c3e231b5789c284
b3fda99887d696289b23937ea86ade3932592ba9a0be31469236695c36bf97e0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=160817
Date: Tue, 29 Nov 2022 07:15:06 GMT
Etag: "63857032-1d7"
Expires: Thu, 01 Dec 2022 03:55:23 GMT
Last-Modified: Tue, 29 Nov 2022 02:36:34 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: c9LOM3FOn1ARyxnKYpXljReYDvcWdMKFDg3WxdSBjR_1ewpl4HPrDw==
Age: 4729
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash c24d52282c0f26b81af0ee570ace73a2
868b57779bec79733f53bfc29c3e231b5789c284
b3fda99887d696289b23937ea86ade3932592ba9a0be31469236695c36bf97e0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=159190
Date: Tue, 29 Nov 2022 07:15:06 GMT
Etag: "63857032-1d7"
Expires: Thu, 01 Dec 2022 03:28:16 GMT
Last-Modified: Tue, 29 Nov 2022 02:36:34 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MLtz5VdnYS1gjBPebeL1RPKLykxPSJqdQN71C3RIGmVqhz1Cyi7EeA==
Age: 3102
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash c24d52282c0f26b81af0ee570ace73a2
868b57779bec79733f53bfc29c3e231b5789c284
b3fda99887d696289b23937ea86ade3932592ba9a0be31469236695c36bf97e0
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=158528
Date: Tue, 29 Nov 2022 07:15:06 GMT
Etag: "63857032-1d7"
Expires: Thu, 01 Dec 2022 03:17:14 GMT
Last-Modified: Tue, 29 Nov 2022 02:36:34 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3TIf2Ay3dvBzfpvdiGFn29OkZu17GjNepHnOXynDa1JBs4XaxvaKRA==
Age: 2440
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-1&value=0.5&forward_to_cookie_sync=1
52.49.0.146303 See Other 0 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-1&value=0.5&forward_to_cookie_sync=1
IP 52.49.0.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /associate-segment?buzz_key=triptease&segment_key=triptease-1&value=0.5&forward_to_cookie_sync=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.triptease.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Tue, 29 Nov 2022 07:15:06 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-1&value=0.5&forward_to_cookie_sync=1&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Tue, 29 Nov 2022 07:25:06 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-140&value=
52.49.0.146303 See Other 0 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-140&value=
IP 52.49.0.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /associate-segment?buzz_key=triptease&segment_key=triptease-140&value= HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.triptease.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Tue, 29 Nov 2022 07:15:06 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-140&value=&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Tue, 29 Nov 2022 07:25:06 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-138&value=
52.49.0.146303 See Other 0 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-138&value=
IP 52.49.0.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /associate-segment?buzz_key=triptease&segment_key=triptease-138&value= HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.triptease.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Tue, 29 Nov 2022 07:15:06 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-138&value=&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Tue, 29 Nov 2022 07:25:06 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12203&value=1
52.49.0.146303 See Other 0 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12203&value=1
IP 52.49.0.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /associate-segment?buzz_key=triptease&segment_key=triptease-12203&value=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.triptease.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Tue, 29 Nov 2022 07:15:06 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12203&value=1&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Tue, 29 Nov 2022 07:25:06 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-139&value=
52.49.0.146303 See Other 0 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-139&value=
IP 52.49.0.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /associate-segment?buzz_key=triptease&segment_key=triptease-139&value= HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.triptease.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Tue, 29 Nov 2022 07:15:06 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-139&value=&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Tue, 29 Nov 2022 07:25:06 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12204&value=
52.49.0.146303 See Other 0 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12204&value=
IP 52.49.0.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /associate-segment?buzz_key=triptease&segment_key=triptease-12204&value= HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.triptease.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Tue, 29 Nov 2022 07:15:06 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12204&value=&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Tue, 29 Nov 2022 07:25:06 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-137&value=
52.49.0.146303 See Other 0 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-137&value=
IP 52.49.0.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /associate-segment?buzz_key=triptease&segment_key=triptease-137&value= HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.triptease.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Tue, 29 Nov 2022 07:15:06 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-137&value=&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Tue, 29 Nov 2022 07:25:06 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12205&value=1
52.49.0.146303 See Other 0 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12205&value=1
IP 52.49.0.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /associate-segment?buzz_key=triptease&segment_key=triptease-12205&value=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.triptease.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Tue, 29 Nov 2022 07:15:06 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12205&value=1&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Tue, 29 Nov 2022 07:25:06 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12206&value=1
52.49.0.146303 See Other 0 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12206&value=1
IP 52.49.0.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /associate-segment?buzz_key=triptease&segment_key=triptease-12206&value=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.triptease.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Tue, 29 Nov 2022 07:15:06 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12206&value=1&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Tue, 29 Nov 2022 07:25:06 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12207&value=1
52.49.0.146303 See Other 0 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12207&value=1
IP 52.49.0.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /associate-segment?buzz_key=triptease&segment_key=triptease-12207&value=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.triptease.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Tue, 29 Nov 2022 07:15:06 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12207&value=1&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Tue, 29 Nov 2022 07:25:06 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12208&value=1
52.49.0.146303 See Other 0 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12208&value=1
IP 52.49.0.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /associate-segment?buzz_key=triptease&segment_key=triptease-12208&value=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.triptease.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Tue, 29 Nov 2022 07:15:06 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12208&value=1&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Tue, 29 Nov 2022 07:25:06 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.156200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.156:0
Hash 39964c8d7282513e839df68c89fc2ab2
0150ce500b281f01e2c7c6ccaa90b34b5128b22d
15b6e7777cb8cef82e67504a51f7f84930e103a5be3f8f9b288900eb98c9aa45
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=108074
Date: Tue, 29 Nov 2022 07:15:06 GMT
Etag: "63849be4-1d7"
Expires: Wed, 30 Nov 2022 13:16:20 GMT
Last-Modified: Mon, 28 Nov 2022 11:30:44 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NuaaGZpj4zyZEzzva9LF-s3y9o4QJleTp9RgLVUSNaxfMKiU-DEvUQ==
Age: 6336
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-1&value=0.5&forward_to_cookie_sync=1&_bee_ppp=1
52.49.0.146303 See Other 0 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-1&value=0.5&forward_to_cookie_sync=1&_bee_ppp=1
IP 52.49.0.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /associate-segment?buzz_key=triptease&segment_key=triptease-1&value=0.5&forward_to_cookie_sync=1&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.triptease.io/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Tue, 29 Nov 2022 07:15:06 GMT
location: https://match.prod.bidr.io/cookie-msync?buzz_key=triptease
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12203&value=1&_bee_ppp=1
52.49.0.146200 OK 43 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12203&value=1&_bee_ppp=1
IP 52.49.0.146:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /associate-segment?buzz_key=triptease&segment_key=triptease-12203&value=1&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.triptease.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Tue, 29 Nov 2022 07:15:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-138&value=&_bee_ppp=1
52.49.0.146200 OK 43 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-138&value=&_bee_ppp=1
IP 52.49.0.146:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /associate-segment?buzz_key=triptease&segment_key=triptease-138&value=&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.triptease.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Tue, 29 Nov 2022 07:15:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-140&value=&_bee_ppp=1
52.49.0.146200 OK 43 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-140&value=&_bee_ppp=1
IP 52.49.0.146:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /associate-segment?buzz_key=triptease&segment_key=triptease-140&value=&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.triptease.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Tue, 29 Nov 2022 07:15:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-139&value=&_bee_ppp=1
52.49.0.146200 OK 43 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-139&value=&_bee_ppp=1
IP 52.49.0.146:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /associate-segment?buzz_key=triptease&segment_key=triptease-139&value=&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.triptease.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Tue, 29 Nov 2022 07:15:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12204&value=&_bee_ppp=1
52.49.0.146200 OK 43 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12204&value=&_bee_ppp=1
IP 52.49.0.146:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /associate-segment?buzz_key=triptease&segment_key=triptease-12204&value=&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.triptease.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Tue, 29 Nov 2022 07:15:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-137&value=&_bee_ppp=1
52.49.0.146200 OK 43 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-137&value=&_bee_ppp=1
IP 52.49.0.146:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /associate-segment?buzz_key=triptease&segment_key=triptease-137&value=&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.triptease.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Tue, 29 Nov 2022 07:15:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12206&value=1&_bee_ppp=1
52.49.0.146200 OK 43 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12206&value=1&_bee_ppp=1
IP 52.49.0.146:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /associate-segment?buzz_key=triptease&segment_key=triptease-12206&value=1&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.triptease.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Tue, 29 Nov 2022 07:15:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12205&value=1&_bee_ppp=1
52.49.0.146200 OK 43 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12205&value=1&_bee_ppp=1
IP 52.49.0.146:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /associate-segment?buzz_key=triptease&segment_key=triptease-12205&value=1&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.triptease.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Tue, 29 Nov 2022 07:15:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive
match.prod.bidr.io/cookie-sync/triptease?buyer_user_id=01GK13TGGK1YHPXKWG6DXR4QC4|ad3435928a7b946cc923b05f8afe0de30a228c28
52.215.215.189303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/triptease?buyer_user_id=01GK13TGGK1YHPXKWG6DXR4QC4|ad3435928a7b946cc923b05f8afe0de30a228c28
IP 52.215.215.189:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/triptease?buyer_user_id=01GK13TGGK1YHPXKWG6DXR4QC4|ad3435928a7b946cc923b05f8afe0de30a228c28 HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.triptease.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Tue, 29 Nov 2022 07:15:06 GMT
location: https://match.prod.bidr.io/cookie-sync/triptease?buyer_user_id=01GK13TGGK1YHPXKWG6DXR4QC4%7Cad3435928a7b946cc923b05f8afe0de30a228c28&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Tue, 29 Nov 2022 07:25:06 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12207&value=1&_bee_ppp=1
52.49.0.146200 OK 43 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12207&value=1&_bee_ppp=1
IP 52.49.0.146:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /associate-segment?buzz_key=triptease&segment_key=triptease-12207&value=1&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.triptease.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Tue, 29 Nov 2022 07:15:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12208&value=1&_bee_ppp=1
52.49.0.146200 OK 43 B URL HTTP/1.1 segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12208&value=1&_bee_ppp=1
IP 52.49.0.146:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b
GET /associate-segment?buzz_key=triptease&segment_key=triptease-12208&value=1&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.triptease.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Tue, 29 Nov 2022 07:15:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive
match.prod.bidr.io/cookie-msync?buzz_key=triptease
52.215.215.189303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-msync?buzz_key=triptease
IP 52.215.215.189:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-msync?buzz_key=triptease HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.triptease.io/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Tue, 29 Nov 2022 07:15:06 GMT
location: https://match.prod.bidr.io/cookie-msync?buzz_key=triptease&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Tue, 29 Nov 2022 07:25:06 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 4f72ea3be7f393b06504af31632ec7cd
49b16e426312ae37f6d3d602deba6c9cd441ea79
78b4d8d825be9b7e193340b21638ec4086baf01cee55a8d5690cf2d978b45110
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:15:06 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 04:04:06 GMT
Expires: Sun, 04 Dec 2022 04:04:05 GMT
Etag: "49b16e426312ae37f6d3d602deba6c9cd441ea79"
Cache-Control: max-age=419938,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77198cdd1a1fb515-OSL
match.prod.bidr.io/cookie-msync?buzz_key=triptease&_bee_ppp=1
52.215.215.189204 No Content 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-msync?buzz_key=triptease&_bee_ppp=1
IP 52.215.215.189:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-msync?buzz_key=triptease&_bee_ppp=1 HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.triptease.io/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Date: Tue, 29 Nov 2022 07:15:06 GMT
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Connection: keep-alive
match.prod.bidr.io/cookie-sync/triptease?buyer_user_id=01GK13TGGK1YHPXKWG6DXR4QC4%7Cad3435928a7b946cc923b05f8afe0de30a228c28&_bee_ppp=1
52.215.215.189303 See Other 0 B URL HTTP/1.1 match.prod.bidr.io/cookie-sync/triptease?buyer_user_id=01GK13TGGK1YHPXKWG6DXR4QC4%7Cad3435928a7b946cc923b05f8afe0de30a228c28&_bee_ppp=1
IP 52.215.215.189:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cookie-sync/triptease?buyer_user_id=01GK13TGGK1YHPXKWG6DXR4QC4%7Cad3435928a7b946cc923b05f8afe0de30a228c28&_bee_ppp=1 HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.triptease.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 303 See Other
Date: Tue, 29 Nov 2022 07:15:06 GMT
location: https://b.triptease.io/cookie-sync?partner=beeswax&beeswax_id=&buyer_user_id=01GK13TGGK1YHPXKWG6DXR4QC4%7Cad3435928a7b946cc923b05f8afe0de30a228c28
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive
api.triptease.io/zappy/event?eventName=propensityToConvert&eventAppName=messageEngine
35.186.195.233200 OK 0 B URL HTTP/2 api.triptease.io/zappy/event?eventName=propensityToConvert&eventAppName=messageEngine
IP 35.186.195.233:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /zappy/event?eventName=propensityToConvert&eventAppName=messageEngine HTTP/1.1
Host: api.triptease.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www.favehotels.com
Content-Length: 534
Connection: keep-alive
Cookie: triptease-user-id=01GK13TGGK1YHPXKWG6DXR4QC4; triptease-session-id=01GK13TGGKYM866JV48EVJPTEG
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx/1.11.3
date: Tue, 29 Nov 2022 07:15:06 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.favehotels.com
access-control-max-age: 86400
access-control-allow-methods: GET,PUT,POST,DELETE
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
b.triptease.io/cookie-sync?partner=beeswax&beeswax_id=&buyer_user_id=01GK13TGGK1YHPXKWG6DXR4QC4%7Cad3435928a7b946cc923b05f8afe0de30a228c28
151.101.85.62200 OK 115 B URL HTTP/1.1 b.triptease.io/cookie-sync?partner=beeswax&beeswax_id=&buyer_user_id=01GK13TGGK1YHPXKWG6DXR4QC4%7Cad3435928a7b946cc923b05f8afe0de30a228c28
IP 151.101.85.62:0
File type JSON data\012- , ASCII text, with no line terminators
Hash e726d57a0576b8384a3e3c446732c20b
008f65d2682b7a4bcdf2183db70b447f9fc67f7d
d0a84a01562984667052153dbe9783316f095b3ebc492c65521d0ae9ce80ef82
GET /cookie-sync?partner=beeswax&beeswax_id=&buyer_user_id=01GK13TGGK1YHPXKWG6DXR4QC4%7Cad3435928a7b946cc923b05f8afe0de30a228c28 HTTP/1.1
Host: b.triptease.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.triptease.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Connection: keep-alive
cache-control: private, no-store
set-cookie: tt-bee-beeswax-id=;SameSite=None;Secure;HttpOnly;Domain=.triptease.io;Expires=Wed, 29 Nov 2023 07:15:06 GMT;
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, session-token
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
Via: 1.1 google, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 29 Nov 2022 07:15:06 GMT
X-Served-By: cache-bma1675-BMA
X-Cache: MISS
X-Cache-Hits: 0
Strict-Transport-Security: max-age=300
transfer-encoding: chunked
ocsp.sectigo.com/
104.18.32.68200 OK 472 B IP 104.18.32.68:0
Hash 4f72ea3be7f393b06504af31632ec7cd
49b16e426312ae37f6d3d602deba6c9cd441ea79
78b4d8d825be9b7e193340b21638ec4086baf01cee55a8d5690cf2d978b45110
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:15:06 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 04:04:06 GMT
Expires: Sun, 04 Dec 2022 04:04:05 GMT
Etag: "49b16e426312ae37f6d3d602deba6c9cd441ea79"
Cache-Control: max-age=419938,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77198cdf5cccb515-OSL
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
34.120.237.76200 OK 4.4 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash a2a5c8d4113d282600462749315f2c4f
e2b4d2e15bb7c086333c0da438873e4c139ba931
9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wqEe45jzMOryT-E-vThc39-cLiZudKF4gn6cS3LBmeaJ2amJF5GPIA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:54 GMT
age: 34092
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
static.archipelagointernational.com/website/assets/v1/js/swiper.min.js
143.204.55.116200 OK 0 B URL HTTP/2 static.archipelagointernational.com/website/assets/v1/js/swiper.min.js
IP 143.204.55.116:0
GET /website/assets/v1/js/swiper.min.js HTTP/1.1
Host: static.archipelagointernational.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
date: Tue, 29 Nov 2022 01:15:06 GMT
last-modified: Tue, 16 Nov 2021 07:16:16 GMT
etag: W/"317fd00903b68a157500b40495e8d74e"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800, stale-while-revalidate=7890000
x-amz-meta-cb-modifiedtime: Tue, 16 Nov 2021 03:51:36 GMT
x-amz-version-id: UI9.kUQB1muOXR1dwbhSnPF61Ou.ZxjW
server: AmazonS3
content-encoding: br
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: JBR4uJAV73dOr8PwHO9V8p6cxFQQd_D5QgQ-GGWSa1iIjNMrcq5iCA==
age: 21593
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
customs.affilired.com/track/?merchant=4764
54.230.111.65200 OK 0 B URL HTTP/2 customs.affilired.com/track/?merchant=4764
IP 54.230.111.65:0
GET /track/?merchant=4764 HTTP/1.1
Host: customs.affilired.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
server: nginx
date: Tue, 29 Nov 2022 07:14:08 GMT
p3p: policyref="/w3c/p3p.xml", CP="IVA SAM IND NON COR"
content-encoding: gzip
cache-control: max-age=604800
expires: Tue, 06 Dec 2022 07:12:41 GMT
jb-x-cache: HIT
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: HaqdRb8Tdfm_9UYSNaYqbfn8Ms1k5plb6Vi0qDLcye2Qvgxl79hCwQ==
age: 51
X-Firefox-Spdy: h2
static.archipelagointernational.com/website/assets/v1/css/bootstrap-3.3.7.min.css
143.204.55.116200 OK 0 B URL HTTP/2 static.archipelagointernational.com/website/assets/v1/css/bootstrap-3.3.7.min.css
IP 143.204.55.116:0
GET /website/assets/v1/css/bootstrap-3.3.7.min.css HTTP/1.1
Host: static.archipelagointernational.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 16 Nov 2021 07:16:45 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-cb-modifiedtime: Tue, 16 Nov 2021 03:18:36 GMT
x-amz-version-id: hz0nEbZivnaENvBEbUjo2MvmQFsTapS5
server: AmazonS3
content-encoding: br
date: Tue, 29 Nov 2022 07:14:58 GMT
cache-control: public, max-age=604800, stale-while-revalidate=7890000
etag: W/"ec3bb52a00e176a7181d454dffaea219"
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: AOzRG5KeEp4t01ukkDL6XdsavZsQKZugTvaoH_GYUQ7lQj9RaY0dQg==
age: 166285
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
static.archipelagointernational.com/website/assets/v1/js/jquery-3.6.0.min.js
143.204.55.116200 OK 0 B URL HTTP/2 static.archipelagointernational.com/website/assets/v1/js/jquery-3.6.0.min.js
IP 143.204.55.116:0
GET /website/assets/v1/js/jquery-3.6.0.min.js HTTP/1.1
Host: static.archipelagointernational.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
date: Sat, 05 Nov 2022 06:52:57 GMT
last-modified: Tue, 16 Nov 2021 07:16:17 GMT
etag: W/"8fb8fee4fcc3cc86ff6c724154c49c42"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800, stale-while-revalidate=7890000
x-amz-meta-cb-modifiedtime: Tue, 16 Nov 2021 03:16:43 GMT
x-amz-version-id: vueZjaGyxui0BJQbWRYBs_K.xzBA4e.7
server: AmazonS3
content-encoding: br
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: -tQzW83zyU48rZ2BuYCd79uoUXLFntqPhxKWtKpUxJQGSKLrf_oTzw==
age: 2074923
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
static.archipelagointernational.com/website/assets/v1/css/jquery.fancybox.min.css
143.204.55.116200 OK 0 B URL HTTP/2 static.archipelagointernational.com/website/assets/v1/css/jquery.fancybox.min.css
IP 143.204.55.116:0
GET /website/assets/v1/css/jquery.fancybox.min.css HTTP/1.1
Host: static.archipelagointernational.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
date: Thu, 10 Nov 2022 06:11:46 GMT
last-modified: Tue, 16 Nov 2021 07:16:45 GMT
etag: W/"1679dcd38f5d43f1ef64c0ff331af810"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800, stale-while-revalidate=7890000
x-amz-meta-cb-modifiedtime: Tue, 16 Nov 2021 03:20:07 GMT
x-amz-version-id: U1JOFUaNxMU20FUfNQy8fh2xrspU9BqQ
server: AmazonS3
content-encoding: br
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 9DtH4IZozSUw-9tsUjXVYr6eZSwT64vmuFnvSUeEpamF7ZCfq29G2Q==
age: 1645393
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
www.favehotels.com/en/hotel/view/142/favehotel-sorong
54.230.111.54200 OK 0 B URL HTTP/2 www.favehotels.com/en/hotel/view/142/favehotel-sorong
IP 54.230.111.54:0
Analyzer Verdict Alert fortinet Phishing
GET /en/hotel/view/142/favehotel-sorong HTTP/1.1
Host: www.favehotels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Tue, 29 Nov 2022 07:14:58 GMT
server: Apache/2.4.52 () OpenSSL/1.0.2k-fips
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding, Origin
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-frame-options: DENY
referrer-policy: strict-origin-when-cross-origin
content-security-policy: frame-ancestors 'self' https://*.ampproject.org https://t.co https://twitter.com; block-all-mixed-content; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*.denomatic.com https://*.glopss.com https://embed.tawk.to https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://*.favehotels.com https://*.archipelagointernational.com https://*.triptease.io https://connect.facebook.net https://*.doubleclick.net https://www.googleadservices.com https://cdn.onesignal.com https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://*.googleadservices.com https://*.google.com https://*.googlesyndication.com https://*.googletagservices.com https://graph.facebook.com https://js.facebook.com https://webchat.bookmebob.com https://onesignal.com https://cdn.ampproject.org https://translate.googleapis.com https://translate.google.com https://www.gstatic.com https://bmbuichatprod.z13.web.core.windows.net https://www.youtube.com https://m.youtube.com https://use.fontawesome.com https://kit.fontawesome.com https://ping.rapidsec.net https://platform.twitter.com https://analytics.twitter.com https://en.twitter.com https://cdn.syndication.twimg.com https://use.typekit.net https://www.googletagmanager.com https://googletagmanager.com https://tagmanager.google.com https://*.ep-mimecast.ads-twitter.com https://static.ads-twitter.com https://t.co https://*.affilired.com; style-src 'self' 'report-sample' 'unsafe-inline' *.googleapis.com *.tawk.to *.cloudflare.com *.favehotels.com *.archipelagointernational.com *.google.com *.ampproject.org *.fontawesome.com *.twimg.com *.twitter.com *.typekit.net *.googletagmanager.com; object-src 'self' *.googlesyndication.com; frame-src 'self' *.tawk.to *.google.com *.doubleclick.net *.googlesyndication.com *.facebook.com *.facebook.net *.triptease.io *.bookmebob.com *.ampproject.net *.astonhotelsinternational.com *.windows.net *.youtube.com *.youtube-nocookie.com *.twitter.com *.instagram.com *.googletagmanager.com twitter.com; child-src 'self' blob: *.google.com *.doubleclick.net *.googlesyndication.com *.facebook.com *.facebook.net *.youtube.com *.googletagmanager.com *.twitter.com; img-src 'self' data: blob: https://membershipprofileimage.s3.amazonaws.com *.gstatic.com *.tawk.to tawk.link *.jsdelivr.net *.cloudflare.com *.openstreetmap.org *.favehotels.com *.arch.software *.google.co.id *.facebook.com *.google.com *.google-analytics.com *.google.es *.google.com.pr *.google.com.mx *.google.co.uk *.google.com.br *.google.co.in *.google.de *.google.com.tr *.google.co.il *.google.ca *.google.ro *.google.nl *.google.fr *.google.ie *.google.it *.google.com.au *.google.com.ec *.google.com.ph *.google.com.sg *.google.com.pk *.google.at *.google.no *.google.cl *.google.co.kr *.google.se *.google.co.jp *.google.com.pe *.google.com.my *.google.co.th *.google.co.za *.google.com.ua *.google.sk *.google.com.ng *.google.pl *.google.be *.google.fi *.google.ae *.google.com.co *.google.co.ve *.google.com.hk *.google.com.eg *.google.com.uy *.google.com.ar *.google.ch *.google.ru *.google.co.ke *.google.pt *.google.mu *.google.com.sa *.google.com.vn *.google.com.tw *.google.gr *.google.com.bd *.google.dk *.google.com.py *.google.ee *.google.co.nz *.google.co.ma *.google.cz *.google.lk *.google.bg *.google.rs *.google.com.do *.google.hu *.google.iq *.google.co.cr *.google.al *.google.jo *.google.hr *.google.com.pa *.google.com.cy *.google.com.gh *.google.lt *.google.kz *.google.com.np *.google.by *.google.dz *.google.com.sv *.google.hn *.google.com.kw *.google.com.et *.google.mk *.google.ge *.google.cn *.google.com.jm *.google.si *.google.co.ug *.google.lv *.google.md *.google.co.mz *.google.lu *.google.am *.doubleclick.net *.googlesyndication.com *.googleadservices.com *.facebook.net *.fbcdn.net *.astonhotelsinternational.com *.ampproject.org *.googleapis.com *.archipelagointernational.com *.osm.org *.ytimg.com *.youtube.com *.apple.com t.co *.twitter.com *.twimg.com *.google.com.mm *.google.tn *.google.com.qa *.google.com.bn *.google.com.tj *.google.sn *.typekit.net *.google.az *.googletagmanager.com twitter.com; font-src 'self' data: https://*.gstatic.com https://*.googleapis.com https://*.tawk.to https://*.cloudflare.com *.archipelagointernational.com https://*.fontawesome.com https://*.typekit.net; connect-src 'self' data: https://cdnjs.cloudflare.com https://customs.affilired.com wss://*.tawk.to https://*.googleapis.com https://*.gstatic.com https://*.tawk.to https://*.triptease.io https://*.favehotels.com https://*.archipelagointernational.com https://*.arch.software https://*.google.com *.google.co.id *.facebook.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.googleadservices.com https://*.googlesyndication.com https://*.googletagservices.com https://*.google.com.sg *.onesignal.com *.ampproject.org *.ampproject.net *.osm.org *.openstreetmap.org *.google.co.uk *.google.com.au *.astonhotelsinternational.com *.apple.com *.google.be *.google.co.in *.bookmebob.com onesignal.com *.google.nl *.google.com.ph *.google.ie *.google.de *.google.co.nz *.google.com.my *.google.com.om *.google.se *.google.co.th *.google.co.kr *.google.co.jp *.google.lk *.fontawesome.com *.google.com.sa *.google.fr *.google.co.ke *.google.md *.google.com.tr *.google.ae *.google.si *.google.co.za *.google.ee *.google.com.bn *.google.it *.google.dk *.google.com.mx t.co *.twitter.com *.twimg.com *.google.pt *.google.at *.google.ca *.google.tn *.google.by *.google.com.mm *.google.fi *.google.com.ar *.google.com.ua *.google.es *.google.hu *.google.com.eg *.google.ro *.google.com.hk *.google.com.qa *.google.ru *.google.cz *.google.com.tj *.google.com.br *.typekit.net *.google.iq *.google.am *.google.com.ec *.google.lv https://*.googletagmanager.com https://twitter.com; manifest-src 'self' https://*.favehotels.com; base-uri 'self'; form-action 'self' https://*.google.com https://*.facebook.com https://*.facebook.net https://*.favehotels.com https://*.twitter.com; media-src 'self' https://*.tawk.to https://tawk.link https://*.google.com https://*.twimg.com; prefetch-src 'self' https://*.googlesyndication.com; worker-src 'self' blob: https://*.google.com; report-to default;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0qsjHFj2RvCh6D9-Unan1wLeAW8pRBzg8uKHN1NgipDNh-LnDbpXHg==
X-Firefox-Spdy: h2
static.archipelagointernational.com/v3/assets/images/homepage/archipelago-25-anniv-logo.svg
143.204.55.116200 OK 0 B URL HTTP/2 static.archipelagointernational.com/v3/assets/images/homepage/archipelago-25-anniv-logo.svg
IP 143.204.55.116:0
GET /v3/assets/images/homepage/archipelago-25-anniv-logo.svg HTTP/1.1
Host: static.archipelagointernational.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 08 Nov 2022 03:03:18 GMT
last-modified: Fri, 22 Jul 2022 07:57:29 GMT
etag: W/"4ac5644e8e2bd567120a31be26834fce"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800, stale-while-revalidate=7890000
x-amz-meta-cb-modifiedtime: Fri, 22 Jul 2022 07:29:09 GMT
x-amz-version-id: SRIxPtX1A9NxagxyYy3fJUCcG6PV7j5i
server: AmazonS3
content-encoding: br
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 0CUH7MJsuDrPtCPAH5Q7jThKGVB9FACHOr5AbPVOZnPruRv7rhVGzw==
age: 1829501
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
static.archipelagointernational.com/website/assets/v1/js/bootstrap-datepicker.min.js
143.204.55.116200 OK 0 B URL HTTP/2 static.archipelagointernational.com/website/assets/v1/js/bootstrap-datepicker.min.js
IP 143.204.55.116:0
GET /website/assets/v1/js/bootstrap-datepicker.min.js HTTP/1.1
Host: static.archipelagointernational.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
date: Sat, 05 Nov 2022 06:52:57 GMT
last-modified: Tue, 16 Nov 2021 07:16:16 GMT
etag: W/"241a419bd65535b6569f46797779c43e"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800, stale-while-revalidate=7890000
x-amz-meta-cb-modifiedtime: Tue, 16 Nov 2021 03:21:52 GMT
x-amz-version-id: sLzN3vp_2jioGYO5FURSdylGSZuJCgyf
server: AmazonS3
content-encoding: br
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: pvfDWYepOg_rqkWWV29h2jnn1V9MYVlB02BkcRS5RVNCE9S4IFbfgg==
age: 2074923
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
static.archipelagointernational.com/website/assets/v1/css/bootstrap-datepicker.min.css
143.204.55.116200 OK 0 B URL HTTP/2 static.archipelagointernational.com/website/assets/v1/css/bootstrap-datepicker.min.css
IP 143.204.55.116:0
GET /website/assets/v1/css/bootstrap-datepicker.min.css HTTP/1.1
Host: static.archipelagointernational.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
date: Thu, 03 Nov 2022 05:42:16 GMT
last-modified: Tue, 16 Nov 2021 07:16:45 GMT
etag: W/"6c64af21a8a40fde79d8e92d44f8b7ce"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800, stale-while-revalidate=7890000
x-amz-meta-cb-modifiedtime: Tue, 16 Nov 2021 03:19:57 GMT
x-amz-version-id: VT_2E2V.7T.4OcvbOZYnGIvq3GQouCOO
server: AmazonS3
content-encoding: br
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: wIdsIrXW84zEAshp-IczifY8fno_7To9lEeHVkKWfNw2w6e4Ew-6gg==
age: 2251963
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
static.archipelagointernational.com/website/assets/v1/js/js.cookie.min.js
143.204.55.116200 OK 0 B URL HTTP/2 static.archipelagointernational.com/website/assets/v1/js/js.cookie.min.js
IP 143.204.55.116:0
GET /website/assets/v1/js/js.cookie.min.js HTTP/1.1
Host: static.archipelagointernational.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
date: Sat, 12 Nov 2022 04:23:33 GMT
last-modified: Tue, 16 Nov 2021 07:16:17 GMT
etag: W/"77171e2314cd3ff8454b4dacd8ac5965"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800, stale-while-revalidate=7890000
x-amz-meta-cb-modifiedtime: Tue, 16 Nov 2021 03:20:59 GMT
x-amz-version-id: p1zSGQn2HBk7_w1IHjM05YuHHc0qjAtH
server: AmazonS3
content-encoding: br
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: TH60VAU4MPD7Bh1Dew6TPrezpL_LoaFXLHaah0jKWr74UX3--dGPug==
age: 1479086
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
onboard.triptease.io/bootstrap/v5951.65010/bootstrap.js
104.21.40.231200 OK 0 B URL HTTP/2 onboard.triptease.io/bootstrap/v5951.65010/bootstrap.js
IP 104.21.40.231:0
GET /bootstrap/v5951.65010/bootstrap.js HTTP/1.1
Host: onboard.triptease.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.favehotels.com
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:14:59 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 77198cb46cd4b4e8-OSL
access-control-allow-origin: *
cache-control: public, max-age=31536000
etag: W/"f7a8215d6d81376632f1994e7591b41a"
expires: Wed, 29 Nov 2023 06:36:23 GMT
last-modified: Mon, 28 Nov 2022 15:28:51 GMT
strict-transport-security: max-age=15552000
vary: Accept-Encoding
cf-cache-status: MISS
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-goog-generation: 1669649331091398
x-goog-hash: crc32c=KjFj/Q==, md5=96ghXW2BN2Yy8ZlOdZG0Gg==
x-goog-meta-build-version: 5951.65010
x-goog-meta-git-hash: c13dc4984d62bd3a0b5131599fed58b2d236f856
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 101957
x-guploader-uploadid: ADPycdvZN09BUm5cslhjXo2u1VajaA4z3Cre-0VxA9brrh3tBHlE1FdYVmOLrgykmwFQUlqrhVAD27BcSM_o0J6P9jJHNR4q3-yz
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=REjQxIPayoU2D0nPN3WXwwF5zGQNeBSTUvema6L0CIrZ91kiYQo3%2Bg0ifrY1MSrcGMw3P%2FizQDMshpnid5ilLiDJo6m9cSXs1KaqpRlzYt8EOP3Osk8z4E9ea%2FN4SHkiheZMAxxZng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2
static.archipelagointernational.com/website/assets/v1/js/jquery.fancybox.min.js
143.204.55.116200 OK 0 B URL HTTP/2 static.archipelagointernational.com/website/assets/v1/js/jquery.fancybox.min.js
IP 143.204.55.116:0
GET /website/assets/v1/js/jquery.fancybox.min.js HTTP/1.1
Host: static.archipelagointernational.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
date: Mon, 31 Oct 2022 01:15:50 GMT
last-modified: Tue, 16 Nov 2021 07:16:16 GMT
etag: W/"b762d7a222031899a8b3d8fa8e6a21cf"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800, stale-while-revalidate=7890000
x-amz-meta-cb-modifiedtime: Tue, 16 Nov 2021 03:22:16 GMT
x-amz-version-id: JbTSIOfYBXwVfUZg6Fi4uY_CdPUVZjEN
server: AmazonS3
content-encoding: br
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: up9bmqurNStT09NaZgPtgvkc_xR5tZiSS8FS2v-nwdGSd-fYn3ApBg==
age: 2527148
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
static.archipelagointernational.com/website/assets/v1/css/swiper.min.css
143.204.55.116200 OK 0 B URL HTTP/2 static.archipelagointernational.com/website/assets/v1/css/swiper.min.css
IP 143.204.55.116:0
GET /website/assets/v1/css/swiper.min.css HTTP/1.1
Host: static.archipelagointernational.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
date: Wed, 09 Nov 2022 06:19:33 GMT
last-modified: Tue, 16 Nov 2021 07:16:45 GMT
etag: W/"f29b1aec530d4ecb1255894948203345"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800, stale-while-revalidate=7890000
x-amz-meta-cb-modifiedtime: Tue, 16 Nov 2021 03:20:15 GMT
x-amz-version-id: i06bkX6H6H7dg9boMwHySTVqmyP9l5wh
server: AmazonS3
content-encoding: br
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: OEFV3Bqkohthi5M06eIHMFaDQvRdD_d3bDAlh9lkSxWmnwbAK8xbCA==
age: 1731327
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2