Report - www.favehotels.com/en/hotel/view/142/favehotel-sorong

Report Overview

Submitted URL
www.favehotels.com/en/hotel/view/142/favehotel-sorong
IP
54.230.111.88
ASN
#16509 AMAZON-02
Submitted
2022-11-29 07:15:12
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
4

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp.sca1b.amazontrust.com	1015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	5.6 kB	16 kB	143.204.42.156
www.archipelagointernational.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	431 B	1.7 kB	143.204.55.129
cdn.denomatic.com	158974	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	392 B	1.5 kB	54.230.111.104
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	4.4 kB	23.36.76.226
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.4 kB	7.1 kB	93.184.220.29
www.google.com	7	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	1.5 kB	142.250.74.164
api.triptease.io	52496	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	623 B	367 B	35.186.195.233
www.google.no	25607	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	484 B	694 B	142.250.74.3
www.favehotels.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	866 B	8.7 kB	54.230.111.109
cdnjs.cloudflare.com	235	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	13 kB	48 kB	104.17.25.14
imageresizer.arch.software	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	470 B	167 kB	54.230.111.18
status.geotrust.com	3662	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	686 B	1.6 kB	93.184.220.29
googleads.g.doubleclick.net	42	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	731 B	1.8 kB	142.250.74.66
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	35.161.148.163
static.favehotels.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	816 B	32 kB	54.230.111.54
fonts.gstatic.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	495 B	15 kB	216.58.207.195
static.archipelagointernational.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.7 kB	23 kB	143.204.55.116
stats.g.doubleclick.net	96	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.1 kB	21 kB	142.250.150.154
www.facebook.com	99	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.2 kB	87 kB	31.13.72.36
match.prod.bidr.io	503	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.0 kB	1.4 kB	52.215.215.189
static-meta.triptease.io	106776	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	877 B	19 kB	151.101.85.182
5667404.fls.doubleclick.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	666 B	1.2 kB	142.250.74.70
cdn.onesignal.com	3015	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	425 B	49 kB	104.18.225.52
ocsp.sectigo.com	487	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	2.9 kB	104.18.32.68
connect.facebook.net	139	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	376 B	29 kB	31.13.72.12
region1.analytics.google.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	737 B	19 kB	216.239.32.36
segment.prod.bidr.io	10225	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	10 kB	9.3 kB	52.49.0.146
cdn0.favehotels.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	425 B	8.2 kB	54.230.111.54
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.8 kB	15 kB	142.250.74.3
adservice.google.com	76	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	1.8 kB	142.250.74.98
adservice.google.no	96969	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.3 kB	2.1 kB	142.250.74.34
messages.guest-experience.triptease.io	53619	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	470 B	686 B	151.101.86.133
b.triptease.io	21827	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.5 kB	81 kB	151.101.85.62
customs.affilired.com	127048	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	380 B	560 B	54.230.111.65
onboard.triptease.io	31400	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	440 B	1.5 kB	104.21.40.231
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	383 B	69 kB	142.250.74.168
www.google-analytics.com	40	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	375 B	21 kB	142.250.74.174
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.3 kB	43 kB	34.120.237.76
static.triptease.io	44692	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	946 B	33 kB	151.101.85.182

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-11-29	medium	www.favehotels.com/en/hotel/view/142/favehotel-sorong	Phishing
2022-11-29	medium	www.favehotels.com/en/hotel/view/142/favehotel-sorong	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (58)

	URL	Size	First Seen	Last Seen
	static.triptease.io/message-porter/dist/storageIframe.html	6.8 kB	2023-03-10	2023-03-11
Pretty URL static.triptease.io/message-porter/dist/storageIframe.html IP 151.101.85.182 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 20:04:07 Last Seen2023-03-11 22:18:53 Times Seen1 Hash 7cbce72db8c6893de223cbbb4847e967 9c10f41f49d861539decf13c0949126970733d73 735ecf8cdc7a212ec051cabbcb2d9036feef1d01ed03bf180bd03d873f6abe48 Loading...

	static.archipelagointernational.com/website/assets/v1/js/swiper.min.js	123 kB	2023-03-07	2024-04-18
Pretty URL static.archipelagointernational.com/website/assets/v1/js/swiper.min.js IP 143.204.55.116 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:07:22 Last Seen2024-04-18 12:00:48 Times Seen9764 Hash 317fd00903b68a157500b40495e8d74e 29ba73703d5c1d5390551e9fb230a3f1ace1437e efac6fec2ba437b6a906e249fad9de3c7d3c105a48136b0155376b5989c4d76a Loading...

	static.archipelagointernational.com/website/assets/v1/js/jquery.fancybox.min.js	62 kB	2023-03-07	2024-04-18
Pretty URL static.archipelagointernational.com/website/assets/v1/js/jquery.fancybox.min.js IP 143.204.55.116 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:11:36 Last Seen2024-04-18 08:10:04 Times Seen4061 Hash b762d7a222031899a8b3d8fa8e6a21cf 5f2927d035f3b5e99a99ca0652584bff8aa49850 4dbe2075e08dfc008a9a1290dc149f6ee360215610cc1944bdb625c0aee3b83c Loading...

	b.triptease.io/application.js	2.9 kB	2023-03-10	2023-03-26
Pretty URL b.triptease.io/application.js IP 151.101.85.62 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-10 01:23:57 Last Seen2023-03-26 06:34:30 Times Seen2 Hash 1f869b259c276f47841720aec5a2058e 6366bc8e1b2fa39017194b14b4a5504fa41b27e9 54d464dcbb274e2f142eb6e78e14dd6885edc21e72d0989717a1318c170777df Loading...

	cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons.js	1.6 kB	2023-03-11	2023-03-14
Pretty URL cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:11:44 Last Seen2023-03-14 11:44:48 Times Seen1 Hash 642b800541927b3d6cee93ad7e0f9aa0 f2e09b3389c639bf0723c0058b78a90ae20c34f2 6c41c32ecb51d0915e1f1e1295807da813ce461d851e819c3e8a8cc2d385137d Loading...

	customs.affilired.com/track/?merchant=4764	49 kB	2023-03-11	2023-03-11
Pretty URL customs.affilired.com/track/?merchant=4764 IP 54.230.111.65 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:11:43 Last Seen2023-03-11 22:18:53 Times Seen1 Hash e63d5c6b131c3f27b62f090303aa6896 62e70e72cc3ff14917663eb2c9ce8346133faeab 07465fbaa992567e6b8e3b36e99aad1f9ff11396ed0d179beb838309dfb6f37d Loading...

	cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/chunk-1ca7e569.js	935 B	2023-03-11	2023-03-14
Pretty URL cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/chunk-1ca7e569.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:11:44 Last Seen2023-03-14 11:44:47 Times Seen1 Hash 8b72051c47a55bb496191a4e8578e606 e302cabb36a58164475ba2802a947ea09519a199 91de571783718b3945297dcc2edafe5e76e1f123dee6a8f9fb88127cc3a633df Loading...

	onboard.triptease.io/integrations/v5951.65010/default.js	152 kB	2023-03-11	2023-03-11
Pretty URL onboard.triptease.io/integrations/v5951.65010/default.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:18:53 Last Seen2023-03-11 22:18:53 Times Seen1 Hash 8795c6acd5611be966a36bcdecb2a169 f90f0ba7c7a4a4affa9082cf8cf02239d9d712f9 fb2e5b4b9b20bde16c43aa8605443f10485e846f54973962fc49f724f0ac5e3e Loading...

	www.favehotels.com/en/hotel/view/142/favehotel-sorong	1.9 kB	2023-03-11	2023-03-14
Pretty URL www.favehotels.com/en/hotel/view/142/favehotel-sorong IP 54.230.111.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:11:43 Last Seen2023-03-14 11:44:47 Times Seen1 Hash 5357ff9f870737885550e2cf15baab54 ea9c800c89c200de1db925b4c9009f0424930d23 c5a2b969eac2844879596626805925b9e0070afcf38b3896c4f1696c21a711f1 Loading...

	cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/ionicons.a4dtotlf.js	16 kB	2023-03-11	2023-03-14
Pretty URL cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/ionicons.a4dtotlf.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:11:44 Last Seen2023-03-14 11:44:47 Times Seen1 Hash 6b80d3a2dfa5148467dc4f311e28c171 07ae14dbfdc450a2ab32dc8dbdb5f00bf67214f2 2a90be7d972a964c84f33ba2fb9a70c4638beef908f86c2a5d9014aa00cf89b4 Loading...

	static.archipelagointernational.com/website/assets/v1/js/bootstrap-3.3.7.min.js	37 kB	2023-03-07	2024-04-18
Pretty URL static.archipelagointernational.com/website/assets/v1/js/bootstrap-3.3.7.min.js IP 143.204.55.116 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:54 Last Seen2024-04-18 14:08:30 Times Seen54292 Hash 5869c96cc8f19086aee625d670d741f9 430a443d74830fe9be26efca431f448c1b3740f9 53964478a7c634e8dad34ecc303dd8048d00dce4993906de1bacf67f663486ef Loading...

	www.favehotels.com/en/hotel/view/142/favehotel-sorong	934 B	2023-03-11	2023-03-11
Pretty URL www.favehotels.com/en/hotel/view/142/favehotel-sorong IP 54.230.111.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:18:54 Last Seen2023-03-11 22:18:54 Times Seen1 Hash 59aee3f93edb241b77e4c54048a66e65 5b705450e259b18cff4681423993d74b8b03d9bd 091ea6e4215f13b7b99d949aebe54fa37ed4fdb2de84d7c2d5456d39f750b32b Loading...

	static.archipelagointernational.com/website/assets/v1/js/jquery-3.6.0.min.js	90 kB	2023-03-07	2024-04-18
Pretty URL static.archipelagointernational.com/website/assets/v1/js/jquery-3.6.0.min.js IP 143.204.55.116 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:02:13 Last Seen2024-04-18 14:07:34 Times Seen259670 Hash 8fb8fee4fcc3cc86ff6c724154c49c42 b82d238d4e31fdf618bae8ac11a6c812c03dd0d4 ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e Loading...

	static.archipelagointernational.com/website/assets/v1/js/vue.min.js	94 kB	2023-03-07	2024-04-15
Pretty URL static.archipelagointernational.com/website/assets/v1/js/vue.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:18:07 Last Seen2024-04-15 21:44:04 Times Seen2539 Hash 17e942ea0854bd9dce2070bae6826937 434cdec1669f2c6c7406297a72120936bc56ed52 72194d152571dd375c4365e5c3b4af9db2c06af0102ced18fcb062597d38be26 Loading...

	www.favehotels.com/en/hotel/view/142/favehotel-sorong	755 B	2023-03-11	2023-03-14
Pretty URL www.favehotels.com/en/hotel/view/142/favehotel-sorong IP 54.230.111.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:11:43 Last Seen2023-03-14 11:44:47 Times Seen1 Hash e0682d803aa1856eb249636200898a62 a1f369972e726e1e49a1762712421081e90c8461 63d1276718b3259d820363ce1cef5a47bc2eb88c000cd845ee47bac5406e307d Loading...

	www.favehotels.com/en/hotel/view/142/favehotel-sorong	423 B	2023-03-11	2023-03-14
Pretty URL www.favehotels.com/en/hotel/view/142/favehotel-sorong IP 54.230.111.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:11:44 Last Seen2023-03-14 11:44:47 Times Seen1 Hash d4c9502dacd1c44a9b1ee115547c8b17 3d96f5a7fd819c49dace74e50a5b961fa6c10569 3302798a0acb3adebf3c0f2ed5945cc790f63d7fd29674c769dc8f8844c83138 Loading...

	static.archipelagointernational.com/website/assets/v1/js/moment.min.js	53 kB	2023-03-07	2024-04-18
Pretty URL static.archipelagointernational.com/website/assets/v1/js/moment.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:01:33 Last Seen2024-04-18 13:31:23 Times Seen1834 Hash 761502841c035afcf6a9bdc5d0a20d11 69ab16ba8ca68431ab59eff286c7ed1e520bca30 e22419e8154be2a34a950dbb4c4c448413751c53ef02f00c6c56af28aa2c4964 Loading...

	static.archipelagointernational.com/website/assets/v1/js/vue-paginate.min.js	8.7 kB	2023-03-11	2023-03-14
Pretty URL static.archipelagointernational.com/website/assets/v1/js/vue-paginate.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:11:43 Last Seen2023-03-14 11:44:47 Times Seen1 Hash fcba597228ab945d1c7c43da878cec56 a2bfd05fdbada2b2bb54a499784ba755e57ce367 428995a6404a22f81bf89d5eee87aa74d8e999dd5abf89b9873a80faee0ed5cc Loading...

	static.archipelagointernational.com/website/assets/v1/js/axios.min.js	13 kB	2023-03-07	2024-03-21
Pretty URL static.archipelagointernational.com/website/assets/v1/js/axios.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:15:09 Last Seen2024-03-21 08:15:33 Times Seen549 Hash fc5ab06feef9eeba24c6f19e558e79f5 2cdd24012271ad08af4dc5a85d4059143c324391 9a99eb2790e9119664c24135660904410256ff8e8248487f493ad928e07faa83 Loading...

	www.favehotels.com/en/hotel/view/142/favehotel-sorong	867 B	2023-03-11	2023-03-14
Pretty URL www.favehotels.com/en/hotel/view/142/favehotel-sorong IP 54.230.111.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:11:44 Last Seen2023-03-14 11:44:47 Times Seen1 Hash 022d1a4dbad9dbf7676db951466b9d10 9ef9d0c9d9cd69c440fc4a512a535733f64ad8a9 c7d0d8e97a721558c12932fecbdb160780228645df8192800940abe27a1473fe Loading...

	onboard.triptease.io/bootstrap.js?integrationId=01DJT8AZV0ZKR1NFY70V5T5ARA	102 kB	2023-03-11	2023-03-11
Pretty URL onboard.triptease.io/bootstrap.js?integrationId=01DJT8AZV0ZKR1NFY70V5T5ARA IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:18:54 Last Seen2023-03-11 22:18:54 Times Seen1 Hash f7a8215d6d81376632f1994e7591b41a d2157fdbe2801e22bed4f4d64734cd092fa16045 38900c7b3924156ff67b1503fd17281e037ae760729bd108f6b16e5ebfa9e33e Loading...

	googleads.g.doubleclick.net/pagead/viewthroughconversion/1000698394/?random=1669706098892&cv=11&fst=1669706098892&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong&tiba=favehotel%20Sorong%20-%20Select%20Service%20Hotel%20In%20Sorong&auid=1948251921.1669706099&rfmt=3&fmt=4	2.0 kB	2023-03-11	2023-03-11
Pretty URL googleads.g.doubleclick.net/pagead/viewthroughconversion/1000698394/?random=1669706098892&cv=11&fst=1669706098892&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong&tiba=favehotel%20Sorong%20-%20Select%20Service%20Hotel%20In%20Sorong&auid=1948251921.1669706099&rfmt=3&fmt=4 IP 142.250.74.66 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:18:54 Last Seen2023-03-11 22:18:54 Times Seen1 Hash 872f8a666bcfa2a6d59e062335813e1e 604b3211f15ac336c71b7cfed78700d13e1f68fa e777dc8cca7d1c4fef7b2f72a592849a14f83965c1d5e62e26f9e27c78bd7bd2 Loading...

	www.googletagmanager.com/gtm.js?id=GTM-PSWPT2	184 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-PSWPT2 IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:18:54 Last Seen2023-03-11 22:18:54 Times Seen1 Hash 40b824083c9b9abdd664edabb03ec01c b5cbeb9f22e7e0d4f18ccbc6b79fadded8302db3 cae3bbbc684498c1949abe1cad8cea4ed3bcd0c85bbf85b78a0409d27033bcc0 Loading...

	www.google-analytics.com/analytics.js	50 kB	2023-03-08	2024-04-15
Pretty URL www.google-analytics.com/analytics.js IP 142.250.74.174 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 05:22:31 Last Seen2024-04-15 19:32:36 Times Seen1507 Hash fda30e8a22c9bcd954fd8d0fadd0e77c ae47cd34cbde081a48d7f92fc80aaf06a1381193 b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719 Loading...

	cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/g2o31eyc.entry.js	4.1 kB	2023-03-11	2023-03-14
Pretty URL cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/g2o31eyc.entry.js IP 104.17.25.14 ASN #13335 CLOUDFLARENET Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:11:43 Last Seen2023-03-14 11:44:47 Times Seen1 Hash 836a37d5e61c832bc3f87b946c73e11e dccdba0ac0ba7f28d9697ccf76fb7015100a06ad 847928038e796e73d4cee979adb023c8fa8b03874b71b9e672f4a701f843ebd6 Loading...

	www.favehotels.com/en/hotel/view/142/favehotel-sorong	820 B	2023-03-11	2023-03-14
Pretty URL www.favehotels.com/en/hotel/view/142/favehotel-sorong IP 54.230.111.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:11:43 Last Seen2023-03-14 11:44:47 Times Seen1 Hash e0b36375f4627a34db2da45ba2cd7b0a e8d25a9a1fcd3ffef8dc14f10ba9ddfc627c28bb d2be74996660fe83c7e0cd71880ba1b116db8c39d5f649faf65b41fda8e192fe Loading...

	www.favehotels.com/en/hotel/view/142/favehotel-sorong	6.0 kB	2023-03-11	2023-03-11
Pretty URL www.favehotels.com/en/hotel/view/142/favehotel-sorong IP 54.230.111.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:18:54 Last Seen2023-03-11 22:18:54 Times Seen1 Hash 5ccd49c11a1eaa96e26d8844299a00b3 039597735f0aa950ad26240506a4fdaa5865f3b8 03f07ea2ead0fd1d131a5342de1b6c71871268a6992cc64d827a5d0e30a5ad9b Loading...

	www.googletagmanager.com/gtag/js?id=AW-647617255	138 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=AW-647617255 IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:18:54 Last Seen2023-03-11 22:18:54 Times Seen1 Hash d06375774bd5b508c5a82b34d897150a e659eccc35645a656b1cf20263679200072751aa 3108cfbd5341cee9b4fe543d337b7062db2ce29bd287cf17ae0c80e5d5ad4f9e Loading...

	www.favehotels.com/en/hotel/view/142/favehotel-sorong	299 B	2023-03-11	2023-03-14
Pretty URL www.favehotels.com/en/hotel/view/142/favehotel-sorong IP 54.230.111.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:11:43 Last Seen2023-03-14 11:44:47 Times Seen1 Hash e54174088eb616f398446e5e279878aa 84dfd8d5c735b1b7f92c4b2054a66dfa2ea233db 1dd857243e5ab492d16a4c31cf451866d3c10eca9b38383512bb156e40c75bf3 Loading...

	www.favehotels.com/en/hotel/view/142/favehotel-sorong	1.5 kB	2023-03-11	2023-03-14
Pretty URL www.favehotels.com/en/hotel/view/142/favehotel-sorong IP 54.230.111.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:11:43 Last Seen2023-03-14 11:44:47 Times Seen1 Hash ec96a460a71bf950d9a7447911b717a2 00d9ba33536106f95ff5320fe9c6f65871baadff 292d357081cd995cd9b29c1c1908b29f5ac17ebeee390bc55b7c48f121501c99 Loading...

	www.favehotels.com/en/hotel/view/142/favehotel-sorong	3.1 kB	2023-03-11	2023-03-11
Pretty URL www.favehotels.com/en/hotel/view/142/favehotel-sorong IP 54.230.111.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:18:54 Last Seen2023-03-11 22:18:54 Times Seen1 Hash f90d7264e09388159e2a36b449fb2a28 dcc9d0efe70a3d2dddf20f3e421566ced23b1f56 be652252f8b67b3bc6870ff177a71ee3fc3c5acd7c19016fa0189fe2bf8d768e Loading...

	www.favehotels.com/en/hotel/view/142/favehotel-sorong	1.0 kB	2023-03-11	2023-03-14
Pretty URL www.favehotels.com/en/hotel/view/142/favehotel-sorong IP 54.230.111.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:11:44 Last Seen2023-03-14 11:44:47 Times Seen1 Hash f6c63eb16dfbf9ea908516e90a5ff4f6 3f1cd674bf1ab3f9c7edaa02066e42ae0703ea02 180b523f2806b58656e5fcbfb4b0ce979f11793d0d2a59ed8e2602230d7eae5f Loading...

	www.favehotels.com/en/hotel/view/142/favehotel-sorong	924 B	2023-03-11	2023-03-14
Pretty URL www.favehotels.com/en/hotel/view/142/favehotel-sorong IP 54.230.111.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:11:44 Last Seen2023-03-14 11:44:47 Times Seen1 Hash 8efa54f5340dced13db7314be4cac325 6b1d2b90843a7d7ed8b14ff4875a649afecf2814 c562872692d4bd39278a8a632688cfd10abf35090439347a1d9fe01246698320 Loading...

	onboard.triptease.io/kernel/v5951.65010/kernel-host.html?originHost=www.favehotels.com	58 kB	2023-03-07	2023-03-12
Pretty URL onboard.triptease.io/kernel/v5951.65010/kernel-host.html?originHost=www.favehotels.com IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:22:59 Last Seen2023-03-12 20:29:53 Times Seen1 Hash 0aa68d34596a1092a83908d5c5631886 c5ab0af676684efebc972a03f6b6102a89446e49 083f24c83320a10255449e12197f50e51352d87c393ec6e92db207b460a762c9 Loading...

	connect.facebook.net/en_US/fbevents.js	105 kB	2023-03-08	2023-11-28
Pretty URL connect.facebook.net/en_US/fbevents.js IP 31.13.72.12 ASN #32934 FACEBOOK Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 14:22:10 Last Seen2023-11-28 17:55:58 Times Seen32 Hash a6ef7927128284961f4cadd572969f09 57e21033749687e69de710a0be6d4244edf1fe51 d5c905d7ce4679b183eb11f7c6811682ddffbf0f037590360ae2b1a84a51ef1b Loading...

	www.favehotels.com/en/hotel/view/142/favehotel-sorong	523 B	2023-03-11	2023-03-14
Pretty URL www.favehotels.com/en/hotel/view/142/favehotel-sorong IP 54.230.111.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:11:43 Last Seen2023-03-14 11:44:47 Times Seen1 Hash 6a1e23826e72e728ae2343a525a29eb0 2244dfc97c05ae524b6919a7a97800314c94fcf9 187cfa2b293b580bb96414faaef1b78a10f4c690d1f746762a4de9931434d59e Loading...

	www.googletagmanager.com/gtag/js?id=AW-647617255&l=dataLayer&cx=c	138 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=AW-647617255&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:18:54 Last Seen2023-03-11 22:18:54 Times Seen1 Hash 60fc7be59a97682d0f1fb6570e5bd906 fe4b9cf8b51dab54bb439a49051cd81ccdcd6205 2907170a05d2e17c16a047d1078ab3b1617ebf38d93155b2ab282908370e6362 Loading...

	static.archipelagointernational.com/website/assets/v1/js/numeral.min.js	11 kB	2023-03-07	2024-02-23
Pretty URL static.archipelagointernational.com/website/assets/v1/js/numeral.min.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 14:01:50 Last Seen2024-02-23 12:56:22 Times Seen389 Hash 9a47e71ab1b7f7dd9100b32acc36f8d5 26f6e589446163bb46e4eeeb3a50bc45951c86cd 2e51d5239ad46aeb9d33965c65a0fa8473c72ab03b09279f1c79ca82afbf0197 Loading...

	www.favehotels.com/en/hotel/view/142/favehotel-sorong	3.4 kB	2023-03-11	2023-03-11
Pretty URL www.favehotels.com/en/hotel/view/142/favehotel-sorong IP 54.230.111.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:18:54 Last Seen2023-03-11 22:18:54 Times Seen1 Hash 8d7eb1ae798e01bcbfa1604d4c54195b 238c53407d738ea6b10aa8ca2ce9798ff3f3fa3c 982fb6ba1c335a9e871d37eaf133b064ff6c1e4950f8b7e6c00c92ab7243bdc5 Loading...

	www.favehotels.com/en/hotel/view/142/favehotel-sorong	294 B	2023-03-11	2023-03-14
Pretty URL www.favehotels.com/en/hotel/view/142/favehotel-sorong IP 54.230.111.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:11:44 Last Seen2023-03-14 11:44:47 Times Seen1 Hash 8c9cabbd8324b660f53bdb03c96a159e 8fb3cee9c4c706a16cdc3658397dc459063a4497 7ca1b65c812307b64055906f8b308bacbca3e3cba8820a1f78fe16106ef6fdd8 Loading...

	cdn.denomatic.com/drs/354-499a808dd30a.js?rnd=20220825	3.0 kB	2023-03-11	2023-03-14
Pretty URL cdn.denomatic.com/drs/354-499a808dd30a.js?rnd=20220825 IP 54.230.111.104 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:11:44 Last Seen2023-03-14 11:44:47 Times Seen1 Hash 2aca04d6c7aa0587ebaae12c22b380b0 c3ff1da5408420abb0086c7cbd2e53e254879af4 fb8e970505241a9d69cc0d08845351877ec97267d355fb7b5912f36894ff897a Loading...

	onboard.triptease.io/integrations/v5951.65010/cross-origin-tracking.js	56 kB	2023-03-11	2023-03-11
Pretty URL onboard.triptease.io/integrations/v5951.65010/cross-origin-tracking.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:18:54 Last Seen2023-03-11 22:18:54 Times Seen1 Hash 12ee6c9756cdb4fd75b852442db7aaaa 3a0cda0c69e3c66a0b23d39534c31c0e227ae7f8 5823ba4ae1483a07ecfed453bc08c85bf7019fa44f033af464cb3a25e9c7f7a2 Loading...

	static-meta.triptease.io/client/main.js	55 kB	2023-03-11	2023-03-11
Pretty URL static-meta.triptease.io/client/main.js IP 151.101.85.182 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:18:54 Last Seen2023-03-11 22:18:54 Times Seen1 Hash d283be60dca95d194a8ce9e89bf14548 cb495635909bf3053ae01d1079bc4993e782832e aec50e5d3951e3d5d57e6f16137dd931dc2c4e565accabe98fa1311ce25299a9 Loading...

	www.favehotels.com/en/hotel/view/142/favehotel-sorong	227 B	2023-03-11	2023-03-14
Pretty URL www.favehotels.com/en/hotel/view/142/favehotel-sorong IP 54.230.111.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:11:44 Last Seen2023-03-14 11:44:47 Times Seen1 Hash 4f1441641b47979c1023f2ada9fb95ff 5310f81b71acbffbe9a3f4e4877c408fbcfb6fcd c85627fc259d2d9b96f9fd35028c5e43a1a25d2d47cfea5dc9e3f07c8d0fde3f Loading...

	www.favehotels.com/en/hotel/view/142/favehotel-sorong	283 B	2023-03-11	2023-03-11
Pretty URL www.favehotels.com/en/hotel/view/142/favehotel-sorong IP 54.230.111.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:18:54 Last Seen2023-03-11 22:18:54 Times Seen1 Hash d79913be8020b59e71dbb8b01edc0f35 f7ff67e4c727102dee7e496397a7afb63d382231 e52792b6181a9522efaa22f576e70a56e9a95b65444821097f22bb8e4b3906c2 Loading...

	static.favehotels.com/v3/assets/js/combine_v10.js	63 kB	2023-03-11	2023-03-14
Pretty URL static.favehotels.com/v3/assets/js/combine_v10.js IP 54.230.111.54 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:11:43 Last Seen2023-03-14 11:44:47 Times Seen1 Hash 351ad05bac67765a37bcaa90e431c36d a853a9317725e3d18a43cdc6a34d67976644c99c 18dc97ff7cc25f88a0cdab3a0fe30349e9e60251a7782a5c415c245dc42e3363 Loading...

	www.favehotels.com/en/hotel/view/142/favehotel-sorong	1.6 kB	2023-03-11	2023-03-11
Pretty URL www.favehotels.com/en/hotel/view/142/favehotel-sorong IP 54.230.111.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:18:54 Last Seen2023-03-11 22:18:54 Times Seen1 Hash 18f3c59071ee7e7aababb03edf5c162b db89b74bedee593e1aa29bdaa413bb23c934469e d18ddefa306ee1ecfc9a85d6bb4a2df603f666876f1feac086dc2edfa31b22c6 Loading...

	www.favehotels.com/en/hotel/view/142/favehotel-sorong	675 B	2023-03-11	2023-03-11
Pretty URL www.favehotels.com/en/hotel/view/142/favehotel-sorong IP 54.230.111.109 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:18:54 Last Seen2023-03-11 22:18:54 Times Seen1 Hash 4d5f4b9274be65be3019489190aa2e64 b643408975914839faf30d7dcd12bbca262fe320 0b1b056978e9464f50509b1608dd16ac7d425796de116bb8a3b453dc59a19642 Loading...

	static.triptease.io/message-porter/dist/bootstrap-message-engine.js	84 kB	2023-03-11	2023-03-11
Pretty URL static.triptease.io/message-porter/dist/bootstrap-message-engine.js IP 151.101.85.182 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:18:54 Last Seen2023-03-11 22:18:54 Times Seen1 Hash d676a7b4e95291ad2289d5705e4b5851 338d82f940b7635ca5c2edd5ff4735e6255c9537 5c7b0d4c9e1be40298704f6a4da9b69113ccc8691c7cc36f92f3f7b724aec0e2 Loading...

	static.archipelagointernational.com/website/assets/v1/js/bootstrap-datepicker.min.js	34 kB	2023-03-07	2024-04-02
Pretty URL static.archipelagointernational.com/website/assets/v1/js/bootstrap-datepicker.min.js IP 143.204.55.116 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:38:25 Last Seen2024-04-02 12:03:01 Times Seen138 Hash 241a419bd65535b6569f46797779c43e fedbca6ccfe569995315c4f599c981cd8f6a503e b56e4bcc40bb423846d02880bf196c78c4ecdaa252eeedc344f6ae0e3149df3a Loading...

	static.archipelagointernational.com/website/assets/v1/js/js.cookie.min.js	1.7 kB	2023-03-07	2024-03-18
Pretty URL static.archipelagointernational.com/website/assets/v1/js/js.cookie.min.js IP 143.204.55.116 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:54:44 Last Seen2024-03-18 13:33:08 Times Seen551 Hash 77171e2314cd3ff8454b4dacd8ac5965 97f9e549e3ceac5b9fc75af34343dcd48a17c61d f4db76afeb499d277603609152f9e382c0fe112d44c6f8db8c136a89d9bd7682 Loading...

	www.googletagmanager.com/gtag/js?id=G-6S0DPJNCZH&l=dataLayer&cx=c	217 kB	2023-03-11	2023-03-11
Pretty URL www.googletagmanager.com/gtag/js?id=G-6S0DPJNCZH&l=dataLayer&cx=c IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 22:18:54 Last Seen2023-03-11 22:18:54 Times Seen1 Hash 63536be283dd8843bbc1371d9264db55 6d568ed70a212b5aa2d1e99ab359e183e5cf5ff4 518931635673357cebd440cb5465ea0acd38c4b2179594ff63663e5b322f1270 Loading...

	connect.facebook.net/signals/config/2120774411396120?v=2.9.89&r=stable	300 kB	2023-03-11	2023-03-11
Pretty URL connect.facebook.net/signals/config/2120774411396120?v=2.9.89&r=stable IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-11 20:11:44 Last Seen2023-03-11 22:18:54 Times Seen1 Hash aa711db56928fcb1435cdbdd3068b6aa afd8f32850c7dd37b052fb98852fd3a9e4ffe448 082365d3518d037e0be6c973dd0ef2936cd7a3377ab89e7b0bc6a64df2fb9f24 Loading...

		Size	First Seen	Last Seen
	#1 Write - e58638cb87a4a07d0845980ea5ccf22f	122 B	2023-03-11	2023-03-14
Pretty Observations First Seen2023-03-11 20:11:44 Last Seen2023-03-14 11:44:48 Times Seen1 Hash e58638cb87a4a07d0845980ea5ccf22f d65213a952625425e0f978ebc6d5f5ad71dd941b 1abc1f85d2403081f02faf2a73146acd93a794f01d1110b4e12fbde13c7bcdee Loading...

	#2 Write - abef92a617371c6472a20a74e4342dcb	124 B	2023-03-11	2023-03-14
Pretty Observations First Seen2023-03-11 20:11:44 Last Seen2023-03-14 11:44:48 Times Seen1 Hash abef92a617371c6472a20a74e4342dcb 60736783f67b048f05d397db49fbf82c39fbfa9e 52e65023ec47f139e83fb5e78887c310f8d89cb742845d438976ea501aa6619a Loading...

	#3 Write - 3bf634f4c6f4a591b3e8cf145b67d197	125 B	2023-03-11	2023-03-14
Pretty Observations First Seen2023-03-11 20:11:44 Last Seen2023-03-14 11:44:48 Times Seen1 Hash 3bf634f4c6f4a591b3e8cf145b67d197 61bdbc8f2073b56f83e9bdb46ff0c7351831c8e6 9c07fd5a5df86f6ed1c7f181bf4aabaa17d0b918aa6428a784558e0bf816ad8e Loading...

	#4 Write - c521ddb62684b5a566f9cf09d53271c7	126 B	2023-03-11	2023-03-14
Pretty Observations First Seen2023-03-11 20:11:44 Last Seen2023-03-14 11:44:48 Times Seen1 Hash c521ddb62684b5a566f9cf09d53271c7 b82143b95ae2ec806dd90b4e2154c99a8e21565d a31342411e35d8ae3ea4744bbbb6eb8b2444309f3eaeea88fe18fc980d7d0e51 Loading...

	#5 Write - 68a1c86c41cfc670c5a870b0fa0b35a3	131 B	2023-03-11	2023-03-14
Pretty Observations First Seen2023-03-11 20:11:44 Last Seen2023-03-14 11:44:48 Times Seen1 Hash 68a1c86c41cfc670c5a870b0fa0b35a3 983eae62dbdc3b16f73e4d937420d0b56bf3635e 164dc28a4382d3fa49ff438d85f9276c3c1e2c0d57f856528f1ddec5f5227321 Loading...

HTTP Transactions (165)

URL IP Response Size

www.favehotels.com/en/hotel/view/142/favehotel-sorong

54.230.111.109

301 Moved Permanently

167 B

URL HTTP/1.1
www.favehotels.com/en/hotel/view/142/favehotel-sorong
IP
54.230.111.109:0
ASN
#16509 AMAZON-02

File type
HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Size
167 B (167 bytes)
Hash
f5d40b7259645010f9a248858ad14178
b3051d17a6ec8c9e166bf09a62b48261ab86957b
7f5007068d2b56ea9735e2490d60cff2e72cae312024ac1f6c91158eba47d05d

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /en/hotel/view/142/favehotel-sorong HTTP/1.1
Host: www.favehotels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 301 Moved Permanently
Server: CloudFront
Date: Tue, 29 Nov 2022 07:14:57 GMT
Content-Type: text/html
Content-Length: 167
Connection: keep-alive
Location: https://www.favehotels.com/en/hotel/view/142/favehotel-sorong
X-Cache: Redirect from cloudfront
Via: 1.1 784cb0c259a6d79800d037bda4e7de86.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
Alt-Svc: h3=":443"; ma=86400
X-Amz-Cf-Id: QmlHalsE_s0gosaYBQ6x29IwHwGuPB4OUQx4Gj-_bUiT8zbRA1D-GA==
X-XSS-Protection: 1; mode=block
X-Frame-Options: SAMEORIGIN
Referrer-Policy: origin-when-cross-origin
Content-Security-Policy: frame-ancestors 'none'; frame-src 'self' https://accounts.google.com https://content-sheets.googleapis.com; block-all-mixed-content; object-src 'none'; worker-src 'self'; form-action 'self'; base-uri 'none'; report-to default;
X-Content-Type-Options: nosniff
cache-control: public, max-age=3600, stale-while-revalidate=7890000
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
Vary: Origin

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
a5daf4dc99951793ae2315d4795e8146
4427507ca4d3a5632cc8f598afbc85e2195d00bd
94fb64c1c826ed7099283c0bedb3cea7ac7e1d9526794cb9fad6e761f5989d32

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "94FB64C1C826ED7099283C0BEDB3CEA7AC7E1D9526794CB9FAD6E761F5989D32"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2912
Expires: Tue, 29 Nov 2022 08:03:29 GMT
Date: Tue, 29 Nov 2022 07:14:57 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
9408cc0694fcbea57966c3a3ba906092
fddcee1fdcf3209298e41a4b1b5560357fa165f0
6ef7120d9463f56e3ddfadd5766d02da8523f34061b13bdba54bf9ab72a1e979

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1677
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:14:57 GMT
Last-Modified: Tue, 29 Nov 2022 06:47:00 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
14cd9a0afb6ba9a763651d5112760d1e
75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 29 Nov 2022 06:19:36 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3321
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
6d9d34c96b9a826ae5676640c966469c
8052a16d41a637e420478b7de1ff5a2dc951fccd
f18ac558cb786126bb7efb159e03353d268d5f5796bcfd2691a349dfc68d863c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "F18AC558CB786126BB7EFB159E03353D268D5F5796BCFD2691A349DFC68D863C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=15620
Expires: Tue, 29 Nov 2022 11:35:17 GMT
Date: Tue, 29 Nov 2022 07:14:57 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: xxlgHIBy1PC/DgW5TyBFIXDmIxuF9Klb8NCd7zHYcM5nEWNum9fG9YEegW4HPVuVv6iQNO1h4VQ=
x-amz-request-id: NK2B1G59AYWKRSW4
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 29 Nov 2022 06:45:21 GMT
age: 1776
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Tue, 29 Nov 2022 07:14:57 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
9380d6f34bf18f1189a1faa41005d004
016bcfb1d1ea893bfd272881fd4a286ed9655305
4a1aaa7261872ffbad98fe93c90b814c798d0d551a187186f4e7e736b32d84b9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=90224
Date: Tue, 29 Nov 2022 07:14:58 GMT
Etag: "63846ee2-1d7"
Expires: Wed, 30 Nov 2022 08:18:42 GMT
Last-Modified: Mon, 28 Nov 2022 08:18:42 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: nu9l-xy16ydjKhX0hyipKBsKtaP3wbIeoqvBuXwA3e9JjnuZYN9UFA==

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 29 Nov 2022 07:08:56 GMT
cache-control: public,max-age=3600
age: 362
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
7ab2ef968cb6a3078f4b9cb2dda813d4
e669116047ca058a2c1b2999ff0ea8682719162c
6ddecf0b21c44f3851da8efeb6ecdc6c8e9b83d7681153c31952b4ec8c23c940

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5965
Cache-Control: max-age=99082
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:14:58 GMT
Etag: "63847a2f-1d7"
Expires: Wed, 30 Nov 2022 10:46:20 GMT
Last-Modified: Mon, 28 Nov 2022 09:06:55 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

cdn0.favehotels.com/v3/logo/Logo-favehotel-Sorong.svg

54.230.111.54

200 OK

7.1 kB

URL HTTP/2
cdn0.favehotels.com/v3/logo/Logo-favehotel-Sorong.svg
IP
54.230.111.54:0
ASN
#16509 AMAZON-02

File type
SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with CRLF line terminators
Size
7.1 kB (7054 bytes)
Hash
093dcfd699bd7b187b707423ed32d090
c9884b4572944fac658ad9eeeedd66122ad9f684
8a05526342211ff01ca03d36269558e769675ba9944294b97ff5fda741b7803c

HTTP Headers

GET /v3/logo/Logo-favehotel-Sorong.svg HTTP/1.1
Host: cdn0.favehotels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
content-length: 7054
date: Mon, 28 Nov 2022 11:35:06 GMT
x-amz-replication-status: FAILED
last-modified: Fri, 24 Nov 2017 07:52:28 GMT
etag: "093dcfd699bd7b187b707423ed32d090"
cache-control: public, max-age=604800, stale-while-revalidate=7890000
content-encoding: gzip
x-amz-meta-cb-modifiedtime: Fri, 24 Nov 2017 07:29:55 GMT
x-amz-version-id: c2J.mANf00tz.MazLv5xXqz.vmrjGm2Y
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: dHaYSKVRVAomhQSIogE3wUkxH0KCO01wDwjqc6tXnyRm97I6T70a-g==
age: 70793
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
vary: Origin
X-Firefox-Spdy: h2

push.services.mozilla.com/

35.161.148.163

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
35.161.148.163:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 5dMnq+3HBPkBopOr5NoeGw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 8yjz1HMFGAXNEkx2ztnbRSs8530=

static.favehotels.com/v3/assets/css/combine_v11.css

54.230.111.54

200 OK

13 kB

URL HTTP/2
static.favehotels.com/v3/assets/css/combine_v11.css
IP
54.230.111.54:0
ASN
#16509 AMAZON-02

File type
ASCII text, with very long lines (37070)
Size
13 kB (12797 bytes)
Hash
ca751ad51d38b41e200b56d44b05f695
0021adb2f34ad372b0b4443803dff578b0cadff0
4193549424a8fe85f112c76202910563d54a23885381cac232663230c37a2020

HTTP Headers

GET /v3/assets/css/combine_v11.css HTTP/1.1
Host: static.favehotels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: text/css
content-length: 12797
date: Mon, 21 Nov 2022 05:44:59 GMT
x-amz-replication-status: FAILED
last-modified: Thu, 22 Aug 2019 06:56:05 GMT
etag: "ca751ad51d38b41e200b56d44b05f695"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800, stale-while-revalidate=7890000
content-encoding: br
x-amz-version-id: xu4ewE1gOUTtHrNJbMZp3d3901MVEJfA
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: rgQsCQpeQdrfLroLG4wXH6I4N_3FMoniXSQhKHlUPfPfOOwxJ1OYhw==
age: 696600
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
vary: Origin
X-Firefox-Spdy: h2

static.favehotels.com/v3/assets/js/combine_v10.js

54.230.111.54

200 OK

17 kB

URL HTTP/2
static.favehotels.com/v3/assets/js/combine_v10.js
IP
54.230.111.54:0
ASN
#16509 AMAZON-02

File type
Unicode text, UTF-8 text, with very long lines (31929)
Size
17 kB (17258 bytes)
Hash
18ad6d69d05274311f13499a03eba0f7
f04b899ed1996e880eebcb8970e87de7ad2716a9
8a241a9ae353977b3d19aa2aa7b0cb163eda42735e1648d0fbe37dda57a773a9

HTTP Headers

GET /v3/assets/js/combine_v10.js HTTP/1.1
Host: static.favehotels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
content-length: 17258
date: Fri, 18 Nov 2022 13:20:49 GMT
x-amz-replication-status: FAILED
last-modified: Thu, 22 Aug 2019 05:55:23 GMT
etag: "18ad6d69d05274311f13499a03eba0f7"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800, stale-while-revalidate=7890000
content-encoding: br
x-amz-version-id: LGgy54r78iRBuE7TXG94g4nkpl2JUgNX
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 8bODeZOKbk3uLZu34S-LpyxrwuemiHz1Pm5dviaiRsigCr7rFHoyAQ==
age: 928450
x-xss-protection: 1; mode=block
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
vary: Origin
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
9380d6f34bf18f1189a1faa41005d004
016bcfb1d1ea893bfd272881fd4a286ed9655305
4a1aaa7261872ffbad98fe93c90b814c798d0d551a187186f4e7e736b32d84b9

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=90224
Date: Tue, 29 Nov 2022 07:14:58 GMT
Etag: "63846ee2-1d7"
Expires: Wed, 30 Nov 2022 08:18:42 GMT
Last-Modified: Mon, 28 Nov 2022 08:18:42 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: vLc-XDGa3ZD2jyAUiViM5AX23wamLfnzfjOC07Hea-aFqsApTpP-Wg==

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:14:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0b.woff2

216.58.207.195

200 OK

14 kB

URL HTTP/2
fonts.gstatic.com/s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0b.woff2
IP
216.58.207.195:0
ASN
#15169 GOOGLE

File type
Web Open Font Format (Version 2), TrueType, length 14048, version 1.0\012- data
Size
14 kB (14048 bytes)
Hash
cffb686d7d2f4682df8342bd4d276e09
2c07a9656f1e38da408f20f1cf11581a15cbd7a2
3b98b0dc3bed9d40f43e64adba5de47c76895338a96f0a5a314676cd6287eca9

HTTP Headers

GET /s/opensans/v15/mem8YaGs126MiZpBA-UFVZ0b.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 14048
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sun, 27 Nov 2022 00:51:05 GMT
expires: Mon, 27 Nov 2023 00:51:05 GMT
cache-control: public, max-age=31536000
age: 195833
last-modified: Wed, 11 Oct 2017 21:49:43 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons.js

104.17.25.14

200 OK

699 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (1634), with no line terminators
Size
699 B (699 bytes)
Hash
db978dfd36d20f54039e4fe2772092bf
1644128a62c40df5415c1893e90453bd97a3023a
bf23d43345950cfd0c8cf6b4254524d23407e0a4858d503b9613be6063d7a4f5

HTTP Headers

GET /ajax/libs/ionicons/4.5.6/ionicons.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:14:58 GMT
content-type: application/javascript; charset=utf-8
content-length: 699
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-662"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:14:58 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yNVGvlifEcYXVfaHoZN8TcpGHOYegU1ktsxvO%2BPxcByIcqF0PooHSdmjdH50d352bXsnsAbkBX8ftKUDyxZBg4WNyLhh6xcLqa4mJk3YqJpqy%2FkyR5KMfw5llymEwu8syYcnsT3c"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cad6f92b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
9f168a3dc04b8a666136a9af000c3c98
12fc00dae5ae5f3c8cdcdaa6a432ce0ffb696f13
da776ac120eab5721010343932b15386999b052ac24c3db5412bb710eabd2092

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 29 Nov 2022 07:14:58 GMT
Etag: "638414f5-1d7"
Server: ECS (dcb/7F5C)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MXlQ-oXof7qlWjMX8iGCXxheF4vXx4tW9lvBNfJ2FrV0EbhUNd0pKw==

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
49eee25f3ccd585a29e34e80cf5bb160
73eca8be91deedd049304862759a3d8084c0b07e
531e5685527861b3ed7e8e3865c5a6a40d3f92f5c9d89df3f385dab72406fb56

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:14:58 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
9f168a3dc04b8a666136a9af000c3c98
12fc00dae5ae5f3c8cdcdaa6a432ce0ffb696f13
da776ac120eab5721010343932b15386999b052ac24c3db5412bb710eabd2092

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=153623
Date: Tue, 29 Nov 2022 07:14:58 GMT
Etag: "63856689-1d7"
Expires: Thu, 01 Dec 2022 01:55:21 GMT
Last-Modified: Tue, 29 Nov 2022 01:55:21 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 5REkR_6foIDZrs0-WSjA8BF2jofPqE3w6kfWxrjbv0jAvVfXw7oyLQ==

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
9f168a3dc04b8a666136a9af000c3c98
12fc00dae5ae5f3c8cdcdaa6a432ce0ffb696f13
da776ac120eab5721010343932b15386999b052ac24c3db5412bb710eabd2092

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 29 Nov 2022 07:14:58 GMT
Etag: "638414f5-1d7"
Server: ECS (dcb/7F7F)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: djBKfx3PFazIpeE5kzwNu0shc1cdTQbD7CB-_ANoZnDbkzZSTcERRQ==

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
9f168a3dc04b8a666136a9af000c3c98
12fc00dae5ae5f3c8cdcdaa6a432ce0ffb696f13
da776ac120eab5721010343932b15386999b052ac24c3db5412bb710eabd2092

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=153623
Date: Tue, 29 Nov 2022 07:14:58 GMT
Etag: "63856689-1d7"
Expires: Thu, 01 Dec 2022 01:55:21 GMT
Last-Modified: Tue, 29 Nov 2022 01:55:21 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: hIDqtDjDcsa98t5uaowBYaTPVGDvQ40g2acqXh2GIzft7rykZwJBng==

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
9f168a3dc04b8a666136a9af000c3c98
12fc00dae5ae5f3c8cdcdaa6a432ce0ffb696f13
da776ac120eab5721010343932b15386999b052ac24c3db5412bb710eabd2092

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Tue, 29 Nov 2022 07:14:58 GMT
Server: ECS (dcb/7F18)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: CnK41wQP6c56UWF14cqL4cBjL6Rv0DxHfnohbWY0dxc-HZBnoAAZ6A==

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
9f168a3dc04b8a666136a9af000c3c98
12fc00dae5ae5f3c8cdcdaa6a432ce0ffb696f13
da776ac120eab5721010343932b15386999b052ac24c3db5412bb710eabd2092

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=153622
Date: Tue, 29 Nov 2022 07:14:59 GMT
Etag: "63856689-1d7"
Expires: Thu, 01 Dec 2022 01:55:21 GMT
Last-Modified: Tue, 29 Nov 2022 01:55:21 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: irK1cXuZAPEQRaDP8ra6XqBxh0d5WLVIUkT84ARzE5EEm8gJkL4YXw==

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f50fd635895870df33a17fe377a6a038
dd65dfbbc810b095432cfd59f971af04a9e31ab7
ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.googletagmanager.com/gtm.js?id=GTM-PSWPT2

142.250.74.168

200 OK

68 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-PSWPT2
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (6877)
Size
68 kB (67839 bytes)
Hash
5dafe92b407386ccfb8f6ba1385fc2af
8e24649522a50175f0be6a77372abf147736712a
06e9d68522996fab3c15f9a6df0737e130be3f79727371666a09aed12b322e58

HTTP Headers

GET /gtm.js?id=GTM-PSWPT2 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Tue, 29 Nov 2022 07:14:59 GMT
expires: Tue, 29 Nov 2022 07:14:59 GMT
cache-control: private, max-age=900
last-modified: Tue, 29 Nov 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 67839
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f50fd635895870df33a17fe377a6a038
dd65dfbbc810b095432cfd59f971af04a9e31ab7
ebd9b6c3f67865c297d08802839c940994424000df3bf8a3f1316b8e13666e94

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
3b02ed097ae865dee23811368d3957f5
c88b6ae62fa81f20799cb9cf7db82d489097b2a9
37cbc2dcbd5c753aaa237899506fce474a7042fa2a2c725de8370906ce3bd7c4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=93822
Date: Tue, 29 Nov 2022 07:14:59 GMT
Etag: "63847cf1-1d7"
Expires: Wed, 30 Nov 2022 09:18:41 GMT
Last-Modified: Mon, 28 Nov 2022 09:18:41 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: ltbYp7_-JOakioDTvF9Zdi54JVSPycaJtye-XBDTW3CXi4antTWhaw==

imageresizer.arch.software/favehotels/v1/FaveSorong/Gallery/faveSorong_Exterior.jpg?d=1600x1066&location=center

54.230.111.18

200 OK

166 kB

URL HTTP/2
imageresizer.arch.software/favehotels/v1/FaveSorong/Gallery/faveSorong_Exterior.jpg?d=1600x1066&location=center
IP
54.230.111.18:0
ASN
#16509 AMAZON-02

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1600x1066, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
166 kB (165920 bytes)
Hash
70039735b318c4eb5f7224b2fe7ad46e
3a301c7905312ce2c8229a6adef65efd885d9525
32fd7c8f0e5ceedee65625a2c02e49340e7e3b4133c956a917d97a76508f61a3

HTTP Headers

GET /favehotels/v1/FaveSorong/Gallery/faveSorong_Exterior.jpg?d=1600x1066&location=center HTTP/1.1
Host: imageresizer.arch.software
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: image/webp
content-length: 165920
x-amz-request-id: CVKQ37GJ44AC38N8
x-amz-id-2: eh8sNYmE/HfAb4geyiGtuzVAeeRZeZDr5H8AyfETAhAVqqCx2pyDHxs6ShUu4yre+6LKGrvhGHE=
date: Sun, 27 Nov 2022 13:10:23 GMT
server: AmazonS3
cache-control: public, max-age=31536003
x-cache: Hit from cloudfront
via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: ps5goxojdN1qnxgqfPendiWbvQcKMP81_SKFGhCU3WMdtTTPscQGhg==
age: 151468
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
vary: Origin
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/ionicons.a4dtotlf.js

104.17.25.14

200 OK

6.4 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/ionicons.a4dtotlf.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (15142)
Size
6.4 kB (6377 bytes)
Hash
62ec69315fe43303465cd0af025a98c2
06b53cd1ac183ef94f30a0b470493431681d303b
fc1751cce2185b808e7f7bd27e1553c8b13e9254a56caaf545b2a2a431ae2200

HTTP Headers

GET /ajax/libs/ionicons/4.5.6/ionicons/ionicons.a4dtotlf.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:14:59 GMT
content-type: application/javascript; charset=utf-8
content-length: 6377
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-3d97"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:14:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=7%2BOueWBhLqRswTf3JZTKJE9Wuj5tZ437%2B6Hxc8j63CgzUbVNkY1lsZBF7q6eDrIleT87BJJQVZpRj33t5UBhtCr1gwVRH0F0dCD2nimlwTNDoamSOSxhbw8EVfFHRGoRXgsbXWtD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb28c5cb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

www.google-analytics.com/analytics.js

142.250.74.174

200 OK

20 kB

URL HTTP/2
www.google-analytics.com/analytics.js
IP
142.250.74.174:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1325)
Size
20 kB (20039 bytes)
Hash
47e6f374ca946fddd5b59871b325736c
baa9282efc8785e84d247c3bff518eaa45f101c4
16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e

HTTP Headers

GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Tue, 29 Nov 2022 06:41:08 GMT
expires: Tue, 29 Nov 2022 08:41:08 GMT
cache-control: public, max-age=7200
age: 2031
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d6e2be555d55d272711d589eb5e01165
ecc7643d23c834de4c22974de35738b01b9811e1
d72187965410e6790f2916575018dea4acea7e219d8b5d0a1fc3627026022f0e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3887
Cache-Control: max-age=106391
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:14:59 GMT
Etag: "63849edb-1d7"
Expires: Wed, 30 Nov 2022 12:48:10 GMT
Last-Modified: Mon, 28 Nov 2022 11:43:23 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
3bf328fa5ead82aa5e1696c13f561831
d8e89664d692263c840b16377310b92f15649420
2159823edacf05a87566fb2f326d7b225cc28a7464383b4abe27cc2ca58d7561

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4340
Cache-Control: max-age=88123
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:14:59 GMT
Etag: "638455ba-117"
Expires: Wed, 30 Nov 2022 07:43:42 GMT
Last-Modified: Mon, 28 Nov 2022 06:31:22 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

5.5 kB

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
5.5 kB (5454 bytes)
Hash
fa80732140f50250430bc1f7fb12ff27
8381a5049d3dd07a2f47089e8b69bcf4b6418d09
370475120688a8df91f391c5c7ef20737514436c7917f49f4bad0d8340a5ca77

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

status.geotrust.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.geotrust.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cb1dfbcccf9ee70994f85a79b3e89a0d
63c0d89cc7367e3500d25dc35e9eea1f9314a0c4
d106cf1491f0c489e12a2678261256610a3bbde03737995ab368dce1f9f8fcbf

HTTP Headers

POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 59
Cache-Control: max-age=130626
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:14:59 GMT
Etag: "63850c7a-1d7"
Expires: Wed, 30 Nov 2022 19:32:05 GMT
Last-Modified: Mon, 28 Nov 2022 19:31:06 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

5667404.fls.doubleclick.net/activityi;src=5667404;type=retar0;cat=retar0;ord=7071735256535;gtm=2wgb90;auiddc=1948251921.1669706099;~oref=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong?

142.250.74.70

200 OK

251 B

URL HTTP/2
5667404.fls.doubleclick.net/activityi;src=5667404;type=retar0;cat=retar0;ord=7071735256535;gtm=2wgb90;auiddc=1948251921.1669706099;~oref=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong?
IP
142.250.74.70:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (491), with no line terminators
Size
251 B (251 bytes)
Hash
23dc3dbc2affaff026583f6965ec89c8
ff6bed00e9cd49ef9c39eedb620d7e2f928168ed
d485351e33932cebe4aaa969d7a47ad8164fe73d066c37d1cd4023e84ef7928c

HTTP Headers

GET /activityi;src=5667404;type=retar0;cat=retar0;ord=7071735256535;gtm=2wgb90;auiddc=1948251921.1669706099;~oref=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong? HTTP/1.1
Host: 5667404.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 07:14:59 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 251
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 29-Nov-2022 07:29:59 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

static.archipelagointernational.com/website/assets/v1/js/bootstrap-3.3.7.min.js

143.204.55.116

200 OK

10 kB

URL HTTP/2
static.archipelagointernational.com/website/assets/v1/js/bootstrap-3.3.7.min.js
IP
143.204.55.116:0
ASN
#16509 AMAZON-02

File type
data
Size
10 kB (9959 bytes)
Hash
1b53834d05b02625ce030c84cb99a99c
ddb9f9c1f93d7be58f2017b451958e3f96e73353
41e90728b14e374b3e06d02f579aa5deb92956e1828475dab808ee20f8cd4673

HTTP Headers

GET /website/assets/v1/js/bootstrap-3.3.7.min.js HTTP/1.1
Host: static.archipelagointernational.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
date: Sun, 06 Nov 2022 01:47:51 GMT
last-modified: Tue, 16 Nov 2021 07:16:16 GMT
etag: W/"5869c96cc8f19086aee625d670d741f9"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800, stale-while-revalidate=7890000
x-amz-meta-cb-modifiedtime: Tue, 16 Nov 2021 03:22:01 GMT
x-amz-version-id: KeJ5pmvWRPSqGB7rwDdFCH3e9bTuibeu
server: AmazonS3
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: u00xQBVce_HJWYthx70tTsOX0aMG-hgVio8clXeeNQeJv0po9SzUcw==
age: 2006828
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
3bf328fa5ead82aa5e1696c13f561831
d8e89664d692263c840b16377310b92f15649420
2159823edacf05a87566fb2f326d7b225cc28a7464383b4abe27cc2ca58d7561

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4340
Cache-Control: max-age=88123
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:14:59 GMT
Etag: "638455ba-117"
Expires: Wed, 30 Nov 2022 07:43:42 GMT
Last-Modified: Mon, 28 Nov 2022 06:31:22 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
3b02ed097ae865dee23811368d3957f5
c88b6ae62fa81f20799cb9cf7db82d489097b2a9
37cbc2dcbd5c753aaa237899506fce474a7042fa2a2c725de8370906ce3bd7c4

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=93822
Date: Tue, 29 Nov 2022 07:14:59 GMT
Etag: "63847cf1-1d7"
Expires: Wed, 30 Nov 2022 09:18:41 GMT
Last-Modified: Mon, 28 Nov 2022 09:18:41 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: eysa6p3pUqx9RZLzEQ1U_EzWnq2NKgaBCF3vVlw4Nuj8L-PJXfAj7Q==

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
30462b52571c91f089bed4de98462a46
7e2b322ea5b8f97b2fa76751bcffe2a420f872eb
c5403dfefa9d043ac501963ff09a6d3d70e21f6e6a1b9728183a3490060a4bfc

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:14:59 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
d6e2be555d55d272711d589eb5e01165
ecc7643d23c834de4c22974de35738b01b9811e1
d72187965410e6790f2916575018dea4acea7e219d8b5d0a1fc3627026022f0e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3887
Cache-Control: max-age=106391
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:14:59 GMT
Etag: "63849edb-1d7"
Expires: Wed, 30 Nov 2022 12:48:10 GMT
Last-Modified: Mon, 28 Nov 2022 11:43:23 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/g2o31eyc.entry.js

104.17.25.14

200 OK

1.4 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/g2o31eyc.entry.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (4070), with no line terminators
Size
1.4 kB (1438 bytes)
Hash
0fde9851d646e92039a3fe0e5f57259d
85c5b13959088ef17bdf6cec87364627ce9e1590
6fca4aebdac9976c791cb70c0299575916b53a22acbe5ce251bb97adc42689a2

HTTP Headers

GET /ajax/libs/ionicons/4.5.6/ionicons/g2o31eyc.entry.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cdnjs.cloudflare.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:14:59 GMT
content-type: application/javascript; charset=utf-8
content-length: 1438
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-fe6"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:14:59 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=AIxVIbW7w1yHHsCXpnxJU4D3tQXujA%2Bkir9mdabIkmlHVof4sw8AJa7GZ8VUzB7yZwe9n%2FSqUhoPbGuMrxCEUF0wnP9mmpwc6O1feUHYHD%2Fj79%2FY2%2BonxUj1%2Fo%2FESWRUiP6gF4Hw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb35d78b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

status.geotrust.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
status.geotrust.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
cb1dfbcccf9ee70994f85a79b3e89a0d
63c0d89cc7367e3500d25dc35e9eea1f9314a0c4
d106cf1491f0c489e12a2678261256610a3bbde03737995ab368dce1f9f8fcbf

HTTP Headers

POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5958
Cache-Control: max-age=136525
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:14:59 GMT
Etag: "63850c7a-1d7"
Expires: Wed, 30 Nov 2022 21:10:24 GMT
Last-Modified: Mon, 28 Nov 2022 19:31:06 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
ab111d84cd3ea973540af40187d88177
2df74aa20c76483c6b3a4c634eada12811095068
c895bc6d1f86e9f8699db318a89c824d21c8e56962abda44d861d6d363695c4b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 848
Cache-Control: max-age=89679
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:14:59 GMT
Etag: "63846972-117"
Expires: Wed, 30 Nov 2022 08:09:38 GMT
Last-Modified: Mon, 28 Nov 2022 07:55:30 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
abd55ecd24d357a9f02612558f723a90
6a1e6963864f0b53ddc6205d35225e6cf0bcbeec
195fa531e0462be58d5c62ebbe6060e147c94bdb1d38ff46c341c74e0ab2671a

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:15:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.digicert.com/

93.184.220.29

200 OK

279 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
279 B (279 bytes)
Hash
ab111d84cd3ea973540af40187d88177
2df74aa20c76483c6b3a4c634eada12811095068
c895bc6d1f86e9f8699db318a89c824d21c8e56962abda44d861d6d363695c4b

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 849
Cache-Control: max-age=89679
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:15:00 GMT
Etag: "63846972-117"
Expires: Wed, 30 Nov 2022 08:09:39 GMT
Last-Modified: Mon, 28 Nov 2022 07:55:30 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 279

adservice.google.com/ddm/fls/i/src=5667404;type=retar0;cat=retar0;ord=7071735256535;gtm=2wgb90;auiddc=1948251921.1669706099;~oref=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong

142.250.74.98

200 OK

252 B

URL HTTP/2
adservice.google.com/ddm/fls/i/src=5667404;type=retar0;cat=retar0;ord=7071735256535;gtm=2wgb90;auiddc=1948251921.1669706099;~oref=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong
IP
142.250.74.98:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (490), with no line terminators
Size
252 B (252 bytes)
Hash
d2a1e27f69a1861fc2fe3235d34bdcf4
ef7bfab64656315176f21f604039feb20cb581c0
371cd514e95246e902b97981e0250fae38ec3de6b88d6726f506899f93f6887d

HTTP Headers

GET /ddm/fls/i/src=5667404;type=retar0;cat=retar0;ord=7071735256535;gtm=2wgb90;auiddc=1948251921.1669706099;~oref=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://5667404.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 07:15:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 252
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/chunk-1ca7e569.js

104.17.25.14

200 OK

436 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/chunk-1ca7e569.js
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
ASCII text, with very long lines (935), with no line terminators
Size
436 B (436 bytes)
Hash
50e258b7621b82d2b4e29990dd94cdce
44f8ccc35338306084abdd2e37495d92464604f6
686af8c58d321de61f2a82eb2c5182c24605943afd7c24c83e5047d04ad599e6

HTTP Headers

GET /ajax/libs/ionicons/4.5.6/ionicons/chunk-1ca7e569.js HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://cdnjs.cloudflare.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: application/javascript; charset=utf-8
content-length: 436
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-3a7"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f3QBV84rP7JdfnoyisCB6CldCH42g7LKjkbodLZxKntfzWzIKCVKUvw9M3afUY6J%2BINIXMB%2FDJmQelxPvgps8jNyY1zrVJkLopqXcCTSJyv5fo%2B9MZ5CArH%2F3Vx%2FzHSg725ZNSRf"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb4ef35b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7099
Expires: Tue, 29 Nov 2022 09:13:19 GMT
Date: Tue, 29 Nov 2022 07:15:00 GMT
Connection: keep-alive

adservice.google.com/ddm/fls/i/src=11992199;type=visit0;cat=visit0;u1=visitor_fave;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17415630214655.375;~oref=https://www.favehotels.com/

142.250.74.98

200 OK

233 B

URL HTTP/2
adservice.google.com/ddm/fls/i/src=11992199;type=visit0;cat=visit0;u1=visitor_fave;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17415630214655.375;~oref=https://www.favehotels.com/
IP
142.250.74.98:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (485), with no line terminators
Size
233 B (233 bytes)
Hash
3aba4c6bbc770c06e322183ab2010164
b3b5ee35c72c9da54cd8c99e06fab55c73418a7f
5772ccc5027fdf72dc746196b7e0c736dd99d5f06d695935f548299cf77b3aae

HTTP Headers

GET /ddm/fls/i/src=11992199;type=visit0;cat=visit0;u1=visitor_fave;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17415630214655.375;~oref=https://www.favehotels.com/ HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://11992199.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 07:15:00 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 233
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7099
Expires: Tue, 29 Nov 2022 09:13:19 GMT
Date: Tue, 29 Nov 2022 07:15:00 GMT
Connection: keep-alive

www.archipelagointernational.com/api/membership/user-location

143.204.55.129

200 OK

497 B

URL HTTP/2
www.archipelagointernational.com/api/membership/user-location
IP
143.204.55.129:0
ASN
#16509 AMAZON-02

File type
data
Size
497 B (497 bytes)
Hash
00bf9dca31aa6f5287104e6cdd8091ac
d0fa59592434fb858684933fc76ba95a9454dc41
68c10db503c68e3b4ec568415ce711e05c986e145d86dc52ae59bd28139d52bc

HTTP Headers

GET /api/membership/user-location HTTP/1.1
Host: www.archipelagointernational.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/json
date: Tue, 29 Nov 2022 07:14:59 GMT
server: Apache/2.4.52 () OpenSSL/1.0.2k-fips
expires: Mon, 26 Jul 1997 05:00:00 GMT
cache-control: public, max-age=600, stale-while-revalidate=86400
pragma: no-cache
content-encoding: gzip
set-cookie: ci_session=2a571u7in6pt60megbu0u813lgi9vfef; expires=Tue, 29-Nov-2022 09:14:59 GMT; Max-Age=7200; path=/; HttpOnly
x-cache: Miss from cloudfront
via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: KgfFTkDnb1qpDas9w2dm16stDVS4o8YOcA2-HvlwCrXeqzftGytr7g==
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
access-control-allow-credentials: true
access-control-allow-origin: https://www.favehotels.com
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.36.76.226

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.36.76.226:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
ac3edd07bb0a4ebdaae6ec26e91d2079
b6efe3811dfa37cdcde1e9d411c171732ac7e12a
c5dbd471d178ae4505b28e30aee1e8eed77fffd81b9f7815ad2bda1a0d09a02c

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C5DBD471D178AE4505B28E30AEE1E8EED77FFFD81B9F7815AD2BDA1A0D09A02C"
Last-Modified: Mon, 28 Nov 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7099
Expires: Tue, 29 Nov 2022 09:13:19 GMT
Date: Tue, 29 Nov 2022 07:15:00 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9868f6d6-e29b-42b5-89c4-eec4771663b2.jpeg

34.120.237.76

200 OK

8.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9868f6d6-e29b-42b5-89c4-eec4771663b2.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
8.4 kB (8402 bytes)
Hash
faf3524970b0c3256eb5708f4ccf11ce
47295f2cf1b039c4b85cbe463d7893671a563989
ba0c2ce23eae865936caa7fb47dd1ef6346b8a7bc8340db700df6e2f5e27ec27

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9868f6d6-e29b-42b5-89c4-eec4771663b2.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 8402
x-amzn-requestid: d2d62f85-b6be-4394-9668-1d913e4120d8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYeaGbgoAMFdCA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d45c-2b6bfdcc72011cf01ddbd66b;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:07:08 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 1il1ILDPBUseZWYjae_R0BQhpdyPTqqI0GycCljovgxjqhYezCwxCA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 7022a5bbf9872d4a09d63e6cdb457dfe.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:17:21 GMT
age: 10659
etag: "47295f2cf1b039c4b85cbe463d7893671a563989"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

3.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
3.0 kB (3004 bytes)
Hash
22e7d3e11e78242383e452adb9299016
035a1b4a2a7889787532ec2637d5c21e06daf672
990f18423bafc9cc3daaa1bd1290313b6cb3d3a391f642d01fd6797ad4fc9ca8

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F51b530e0-9ee5-45ee-95e9-a687ac33f22c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 3004
x-amzn-requestid: 1e6e228a-fb73-4ed3-881b-6b0e5c8297c7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPYcrFRXoAMFUJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382d450-45059338501b45d943d7e08c;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 03:06:57 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: rmBhEB-x2sOvI7XfEpZQ0-lXEDWZ4los77q017Im-Lwb32ZLA0Zvcg==
via: 1.1 98e601970ea59f4d5f56a752787ff9fc.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Tue, 29 Nov 2022 04:45:15 GMT
age: 8985
etag: "035a1b4a2a7889787532ec2637d5c21e06daf672"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

10 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
10 kB (10176 bytes)
Hash
03014221d7f49b50ffc2d1b0a0e75457
772d86ad983042a728ee3490630a9cf1134ad0dd
81fb954fa569955907952987e9d8efd1dac80e0e4a682826abf3c5d90eb31771

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1c32283b-8309-408e-85df-cad97da6bc80.png HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 10176
x-amzn-requestid: c2231955-5c78-4073-8399-b8b90f1add78
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cMo3oHpSoAMF5Qw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6381bb63-55a1cb004ac73c8b02f2fb8d;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 07:08:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: uGocx-Lv8ieJVvICjnTGQZyzaQzjVdICX2RZaNyBTQvUKeIcNxaCJQ==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 32c16f33c8f5601364fa8229b0d74dc2.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 07:38:02 GMT
age: 85018
etag: "772d86ad983042a728ee3490630a9cf1134ad0dd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

cdn.onesignal.com/sdks/OneSignalSDKWorker.js

104.18.225.52

200 OK

49 kB

URL HTTP/2
cdn.onesignal.com/sdks/OneSignalSDKWorker.js
IP
104.18.225.52:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Size
49 kB (48651 bytes)
Hash
cae2be7d1380724c9fe539af06a86700
ef20cb2ceed5fa6e45a4e761adacba9b0030387a
9a8ac538bbcbbd16fcc492ffae4b4ced51c9248f20885459cee22bbc9bebf6a7

HTTP Headers

GET /sdks/OneSignalSDKWorker.js HTTP/1.1
Host: cdn.onesignal.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.favehotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:14:59 GMT
content-type: application/javascript
etag: W/"2c6db169c2c60079c09fc4c994322b13"
via: 1.1 google
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
cf-cache-status: HIT
age: 1050
expires: Fri, 02 Dec 2022 07:14:59 GMT
cache-control: public, max-age=259200
vary: Accept-Encoding
strict-transport-security: max-age=15552000; includeSubDomains
server: cloudflare
cf-ray: 77198cb4eb8e0af6-OSL
content-encoding: br
X-Firefox-Spdy: h2

34.120.237.76

200 OK

4.8 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.8 kB (4803 bytes)
Hash
cc0a257323f882caff067adb86d906e4
cedf2f21be7cd366bd46055b62b5513db3011dfc
c16a9296d5e840a468fef7fb2764b9f7d4b3131d7ade2ce4999de1eead5469e0

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F881a33ae-e81b-4603-85d9-a2242b17be66.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 4803
x-amzn-requestid: 80f7f1c8-0316-4181-83ac-2787b1ae825f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cOo4iFHoIAMF2-g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63828836-2c0a081b07e0785b4350c10c;Sampled=0
x-amzn-remapped-date: Sat, 26 Nov 2022 21:42:14 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9fRfgj9_S00P8fI_T-tVt7khJ1kYZux_55K_yLYUsiyVEoiWRM9QAw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 22:07:26 GMT
age: 32854
etag: "cedf2f21be7cd366bd46055b62b5513db3011dfc"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

34.120.237.76

200 OK

6.0 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b0dcfcd-38d5-4614-ad4e-405d8ad4ee91.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
6.0 kB (6037 bytes)
Hash
b5e2bc1651b37b8e0467c2a6cb860fb3
3348f081a3357490a704592d105d02e81886df89
751c601e075c9338335c05b0f430ba8065b4e97440e6630993afd943f302b253

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5b0dcfcd-38d5-4614-ad4e-405d8ad4ee91.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6037
x-amzn-requestid: eb17903e-1fd3-4a41-a6d1-8b671d890400
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cPAJjFa3oAMFcLA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6382ad70-3db95fcd1aeb9c411c55d173;Sampled=0
x-amzn-remapped-date: Sun, 27 Nov 2022 00:21:04 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: NqtaziEIRl6auIGehos7TAJfBAY3CtGJX0vC-pWhjs377L_rEyM6hg==
via: 1.1 cd48ffda04934d18865e47e99ea080bc.cloudfront.net (CloudFront), 1.1 d6a002c70d55f415107618b0750d493c.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 10:14:18 GMT
age: 75642
etag: "3348f081a3357490a704592d105d02e81886df89"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
798c6088f000b3a2464e23a92271c24d
2a53b3d3bd4a9104c79595f664276db5b32b9bad
dcccfc9bb4da634286d08301fcf23be3ae26bb429b35349fb72dde530fdb3ae4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:15:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-home.svg

104.17.25.14

200 OK

126 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-home.svg
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size
126 B (126 bytes)
Hash
58300d0a178b59debb3b90a8bdb92ee5
480933867fb2f17591a1f24ede92d7c991814675
d4df70d9c6f877587e925eaa1325366061396962ff4fb305f951b9dab4fb7106

HTTP Headers

GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-home.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 126
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-88"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NJhFcd3m9hwHi0Snj0r%2F0EBuDgu5KQQJ4lsj5UOTsh2sVJfReCL%2FeFE2jSmhWGWR7lE5paz%2FeCOlnjRN%2FDTh9DT7j7WMIM%2BBCuQyQXtfM13wve1sggYUFyVRdAiuRYLRAtR4JT6G"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb5cfdeb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-close-circle-outline.svg

104.17.25.14

200 OK

253 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-close-circle-outline.svg
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (494), with no line terminators
Size
253 B (253 bytes)
Hash
bc64a220bc4c37fa630383f1e3ea13c2
d0f093925b07c8664e4cd8d873b8cadf3ebc593c
01ef8d3728b55b547f65f92bbb857c262eb640684e030e4a3726c03112534f6b

HTTP Headers

GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-close-circle-outline.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 253
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-1ee"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=lPSlf3C7Xyny9WUq%2FsYAHMTLbRmOOUSIYRm97NzEHejJOjbYXyvzURugySeehjfc0sDuKKRwSMOI6syHnacvUJ2xxRhBdpPBtvWmkKuTCRhihnYXdIaRf%2BAKt3kpkAXmU%2BzmymAb"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb5cfe2b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-search.svg

104.17.25.14

200 OK

296 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-search.svg
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (516), with no line terminators
Size
296 B (296 bytes)
Hash
cfee5af5c3c462d879418b6e21c583d4
8fb9b8b46614de65b7294d174e1e4cd952c61d7d
65ef94fba4fe7d00cbdb2b9b63f4a7668f816874a570ca31a8474c89da68655d

HTTP Headers

GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-search.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 296
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-204"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=qbTL8VgfiSc7jLQkywEtFJ41WC16olPPTooeU%2F08fixjJ9UyxlEvOpzNjENbeGe%2F8YF%2BKuD72vy47vOJCAtytSapmmsmeOj0MJ7xcBStgG1eKrVzIeQg2%2BKMYcEJc5iqxdv3oy6H"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb5cfe1b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-arrow-round-up.svg

104.17.25.14

200 OK

212 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-arrow-round-up.svg
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (327), with no line terminators
Size
212 B (212 bytes)
Hash
8499f0db8ef1b89f2021d4f00c18ed4c
34782cb27b29f81844a7748387fb988fbf228df5
9926d74f8df575f118b926353f8b394d324c909be829f0040d8c5d1fc86e48a5

HTTP Headers

GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-arrow-round-up.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 212
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-147"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q%2F3On16S9p3aQXXmWEz7bzFvwhtj2QfLIcm20BUWt1ICSkZhWG2%2Bp8MADEAVoIkM%2FgoSIsQDAvWTTlhMHRDkF6ddwSSnjeIcJUYf%2FI%2B4BhAcTPE1MxuEPsW6YZ6HZgUapnmSRpd4"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb5dff0b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.sectigo.com/

104.18.32.68

200 OK

471 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
471 B (471 bytes)
Hash
5d3cb5816bed2c34a54d996b23672a43
0dcc8c20ecc675089b7eb25611bba35873d5552d
3072f881e32b96fdf1b05bec0be99d4a2420b6cbd28246d0cfdffd29a1cbd534

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:15:00 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 28 Nov 2022 03:18:07 GMT
Expires: Mon, 05 Dec 2022 03:18:06 GMT
Etag: "0dcc8c20ecc675089b7eb25611bba35873d5552d"
Cache-Control: max-age=503585,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77198cb60997b515-OSL

cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-arrow-dropright.svg

104.17.25.14

200 OK

104 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-arrow-dropright.svg
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size
104 B (104 bytes)
Hash
2b945168dd7bb36aefbbab7eb280d247
3c814728e4dfe4b5c2ec58700284461b6eadbd02
04d6db9393ad6eac1d0f0721a53d0e04925e51ef2951d61c61347fdad4c48eae

HTTP Headers

GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-arrow-dropright.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 104
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-69"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=guNrhyqhm0bZZH7KZzndaNa%2Bb27DrBvlyWgBqHIbStRFS20VMDCDP6RBnJw%2FdFaR5bp319XW0WTLqSuJE8JLBEKMFwIK9BF9O%2BczOXuSPstAYaR%2F3Aj7fNEtVUeap7xMOJ%2BnjyCw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb5effdb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

adservice.google.no/ddm/fls/i/src=5667404;type=retar0;cat=retar0;ord=7071735256535;gtm=2wgb90;auiddc=1948251921.1669706099;~oref=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong

142.250.74.34

200 OK

85 B

URL HTTP/2
adservice.google.no/ddm/fls/i/src=5667404;type=retar0;cat=retar0;ord=7071735256535;gtm=2wgb90;auiddc=1948251921.1669706099;~oref=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
85 B (85 bytes)
Hash
4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb

HTTP Headers

GET /ddm/fls/i/src=5667404;type=retar0;cat=retar0;ord=7071735256535;gtm=2wgb90;auiddc=1948251921.1669706099;~oref=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 07:15:00 GMT
expires: Tue, 29 Nov 2022 07:15:00 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-calendar.svg

104.17.25.14

200 OK

194 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-calendar.svg
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size
194 B (194 bytes)
Hash
364de6b0f0763dce4e57df8317f0a33d
4c5e7b1fec536711f3d90dd3a90eb4a24cc8a08c
3d5f470c010ea3213b2234b83603e19031b06f2b4ad079b9b20821bd769b627f

HTTP Headers

GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-calendar.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 194
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-12b"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=VgLFMcQ4i3M5OtwbbaS5f4I7FhUL7Lzou2goKxVTRGuDV2rCjRu4FvCrE1FHQeghUhHjjFNFFBZZUfx0Mpj3kHbFnwY2C1NH8MgNeAP%2FirK5Fzvx0A%2FiOySD1KB%2FuBeN6vVwiguW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb5f81ab500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-pin.svg

104.17.25.14

200 OK

206 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-pin.svg
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (325), with no line terminators
Size
206 B (206 bytes)
Hash
b8ccdda3bc476ab1024b8a8ec296d987
35eea6107c801fd2c2a50812899c98ebcaf7c0cc
2999607a6a4594e59450e086bb007c4d6d020efebbd1e7b17018d7b0f4c44c0e

HTTP Headers

GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-pin.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 206
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-145"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b2CLJIiQC3JsHMWR0AuHEf5rED8W1SrsbHexPdzK6vRIRyaRzxI%2FbN1YYMTog13ph9B%2F5CkALGnYB7Vg2xP%2BZBzMPHGQ1N6KCLn8T5%2F%2FBCDlIxz4oql9QuWbCBs%2FFTvVzYk31Jm3"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb60824b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-arrow-round-back.svg

104.17.25.14

200 OK

208 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-arrow-round-back.svg
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (324), with no line terminators
Size
208 B (208 bytes)
Hash
f374edee16243c4f4908d71f7dbf63ab
9b64c38d3d6ba29a5bedf10dd05b1b2a20844572
121dc6f5b536cc3f3a12893d79f6d36668a7cc2565c36e8bfc6295bfa33a711b

HTTP Headers

GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-arrow-round-back.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 208
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-144"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2Be8msAPh9V2%2B%2Fb3ZyfcXHdvTPcLHsrJ7RP9dCkGkyXsxAt75e8nAEZiqnI%2FEgqKbY%2BCt3GBIrr331W9hDmtp17CbLwmhaofZtPV9DqGGqtkb5y1S2uApukqFXYZHI7hl%2F1c0qU8s"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb61828b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/logo-twitter.svg

104.17.25.14

200 OK

339 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/logo-twitter.svg
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (621), with no line terminators
Size
339 B (339 bytes)
Hash
236176974639deaee3d735ee9ec03508
fc1b77595379f5232d04cde41162161bfc942a13
c172915f37049298c500ebcd5fe85f5d58c5e8b85b2e359d0e2fcc4b7f3e6240

HTTP Headers

GET /ajax/libs/ionicons/4.5.6/ionicons/svg/logo-twitter.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 339
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-26d"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=JILIdn3P%2FeVQYMRugmh7x8zZVKZWLKTnSLC8BL1XxaXi1h519vZbPupJSYVfN%2FI%2BluAqb4k0dVPiPb0sxo2DTOtRWFQj5DOmCi7BTx4ZozRNYkY3k53O8Mz6%2Bv4ufIr%2BkhTwv6xD"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb61831b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/logo-facebook.svg

104.17.25.14

200 OK

234 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/logo-facebook.svg
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (356), with no line terminators
Size
234 B (234 bytes)
Hash
85f273c579b848abe6baf21129194f73
ddec38b4220269278a03cf1c06d0e95525b60095
f166acc7e5746d1dd0e2bbd700483f39f21b864dcc829f74c6d2b030a899f683

HTTP Headers

GET /ajax/libs/ionicons/4.5.6/ionicons/svg/logo-facebook.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 234
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-164"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=OYoJyWI%2BcQmzjO1RsIlx50jM30H7jf4BMUe7yBrwE4vDzwiHgZroS3rTLDmL25fp9lQZUOC6fLMGKq8FuGC7VRjmTXXLy7L9dCAJGMRpqleL79wuORQ8SXLAZe9t9xehtMlS7%2B6u"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb6182ab500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-call.svg

104.17.25.14

200 OK

290 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-call.svg
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (498), with no line terminators
Size
290 B (290 bytes)
Hash
e325dc3725f6f4f1686cd211dc115580
0688d932f4e1b059b39f7d84781aa8da56219b9a
159d19eceb943ff1b45fe5606ea2566011569c5385009fa214fc9fbe1f64fe19

HTTP Headers

GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-call.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 290
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-1f2"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=cAVyZ56MTGn7r8NNkkMtpoWLASJWzQMAXGwHjtychLz9lOlYaN2AoAaydFr3dUM%2B8DhXKoKhW2gR9qts%2BsewGjKGAoA9uTIzyUaIQggHmFyQ1cMq7%2BZAjCW5HBbjdGGlNybGCTsK"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb60822b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-arrow-round-forward.svg

104.17.25.14

200 OK

210 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-arrow-round-forward.svg
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (335), with no line terminators
Size
210 B (210 bytes)
Hash
16466ad0a537c2611cac7af9a791be11
444990f6a094f824e73a84a0dbdc2790b41c0f89
cea3fb70132dde7c6ac020990c0b5c24a5e77ba7e65cff66fad0399b15d04d50

HTTP Headers

GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-arrow-round-forward.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 210
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-14f"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=b%2FqyRQrA5sqKmGrxc1NMkTyzFVMQpnvNXY5z3YJWdWjA1E5SjlwGR7%2Fo7DBOrKKcSaGJTiUVCz3CFClE7nuMbPEU9qKAfsUO0vDsl0%2FpgbYAfb%2BHCj%2BPTl2JDxoO9lMgzzwUZ%2FGx"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb61829b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-menu.svg

104.17.25.14

200 OK

132 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-menu.svg
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size
132 B (132 bytes)
Hash
c5a9203d57745afd350251a8acd36db9
0a5c9d0004558c1e54757dc70545b2c0775418e6
547121cb53bfe673efd48b8c47c3fd59b57e97e5af73156f9fcbf2c196d10dd7

HTTP Headers

GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-menu.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 132
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-a6"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=PHnZjwA5EYnES97ajIQPZGkUgQRxl4Cd5Ztz3bRgjhxKMObZNGIgQHtn31w%2BM46yuARNAHuIjxTBH5Ehker0Czm9DFlAEseg7tNIMR8JD9MuCIusWYtW63y9N9W1FkZBK5EZZiX8"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb6284db500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-gift.svg

104.17.25.14

200 OK

356 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-gift.svg
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (669), with no line terminators
Size
356 B (356 bytes)
Hash
04be1f0c8f4c5c79df80f7275664dc53
176af02a49fee1a507a9efce0dc0c2054399c5f0
2efa2f2004b8c318da32518199f7b2ddc18cea60f9b737cfb97a9df698156f29

HTTP Headers

GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-gift.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 356
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-29d"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FXQphaK9woUB382iPPW%2FUKgZplOGe%2BX9LPPOpdOkXI6USuiMbsLaVlPOxI9x7YO%2BjkebPhfQ7WHeOpFHnFCBBfirJJAW0Uw1TLLTtmIaPkXUjuYKpc6ZDWgYCRSEO8LlqCRQWmcP"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb6283ab500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

adservice.google.no/ddm/fls/i/src=11992199;type=visit0;cat=visit0;u1=visitor_fave;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17415630214655.375;~oref=https://www.favehotels.com/

142.250.74.34

200 OK

85 B

URL HTTP/2
adservice.google.no/ddm/fls/i/src=11992199;type=visit0;cat=visit0;u1=visitor_fave;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17415630214655.375;~oref=https://www.favehotels.com/
IP
142.250.74.34:0
ASN
#15169 GOOGLE

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size
85 B (85 bytes)
Hash
4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb

HTTP Headers

GET /ddm/fls/i/src=11992199;type=visit0;cat=visit0;u1=visitor_fave;u27=counter;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=17415630214655.375;~oref=https://www.favehotels.com/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 07:15:00 GMT
expires: Tue, 29 Nov 2022 07:15:00 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-card.svg

104.17.25.14

200 OK

181 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-card.svg
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size
181 B (181 bytes)
Hash
6e97db3fad913b33b09bb41db7a1876e
612cfdf8c413c90ed2831b0a80db52d4be334d1b
d9a01cf01e7b59d3331e2bfc952e16c144a2f19e0f400e73bd52848e087ccd70

HTTP Headers

GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-card.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 181
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-104"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vOKBFilagDYfX2Bwwx5c373x5p5wz%2BZN8T3u831MURqkRgQ04hiQZRSEaWJlB4TRn8RQKlrTJapQowkcunHIk5PGnj%2BZqf7KfzsU%2BUq1hgYGWF%2FBaj9ShEBrkdgtA7ahAje82yrW"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb63858b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-close.svg

104.17.25.14

200 OK

138 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-close.svg
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size
138 B (138 bytes)
Hash
de589699ee5b8740e845fc074e4e0ce6
3799a8703b209da05f5081a66f43bb4c53a41bf2
e4c6d5d60df9606bcfd59c975af8bc98534b18b7d52badca4189d8ef5f3b8e36

HTTP Headers

GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-close.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 138
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-e1"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Tfdwo5TUWTy1F2DrXrC2SK1D%2BKp8LolkSo9w4EUqYz%2BV5SelXgFJ8sPJtgYohV%2FoKllnd1dxliMRDbfG01%2FD6heu4VLG%2BWcUTAJ%2FOhVoQjOHB0z%2BKJr9itVm7IqBG26gasmfQYCj"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb5eff6b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-person.svg

104.17.25.14

200 OK

165 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-person.svg
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size
165 B (165 bytes)
Hash
27da8cb37bce1fd5b85ccf5a4ba02dfa
b8d86565d023b5d3cd3dc1ce32653577103b0702
3a504d1390c1e116eb9e27469c151477c271185c94092f84c841b8bae6d12ed1

HTTP Headers

GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-person.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 165
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-eb"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=57cJLHhKZXHVMS13fzvwXkaahafjrCmsN2pTOIb2EgkwqfbIldelNJMGzIeNFxSHOU13byQD%2FnDTngzTOEzh5z3Qv2mLbu8zIfiOL1Q1W%2FjkLiaeYFmeL6MnWi4uWIL6tvhwG4n2"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb62851b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-information-circle-outline.svg

104.17.25.14

200 OK

249 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-information-circle-outline.svg
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (418), with no line terminators
Size
249 B (249 bytes)
Hash
7ebc3a290fc374be8263adeb555b16a5
92aabd4c1d0af8d38b8b4c247615f97715a7cc60
7a5d557f74ef3dd23ec4e5e2f7b3b2c5bca338e2005759645354897caf06cc93

HTTP Headers

GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-information-circle-outline.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 249
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-1a2"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=2ANUFjsCH7lvR%2FubiDg1DqdLyjuMc7FkuDWNoj6rYUmfmyGorAzglVXaetHxJm3nj%2BE9jpZUuNBkTnZms1ho8UvoAjo4EP0FKHNR%2FRYwCny069ob4qf6LVN2CytMhNzlaAQnlQm7"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb64867b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-arrow-forward.svg

104.17.25.14

200 OK

148 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-arrow-forward.svg
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size
148 B (148 bytes)
Hash
6105b0d0ef3dfd70df9cdf79d5053517
d7b2cca4603cd4936ac3a795b95d143d93b05bf3
bb68b449bdf4c32f257e3b816f9ac3a0a0867ed549e8bf586e365e94496d1050

HTTP Headers

GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-arrow-forward.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 148
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-b3"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Zqp0W56EJb%2B3X0bt7lJRz1%2Fxw%2FZXdLWDjvlxfOWU4q3uh8%2FXBlWUIe3M%2FJZBBU6nX1ztynQv5V2WqE%2B8%2FSpjwm0pHD%2BiT21htyuHAQ%2BnVtls95KQdvMChnFJvGK8g0OLRPfYxYcw"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb5f81eb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/logo-instagram.svg

104.17.25.14

200 OK

308 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/logo-instagram.svg
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (620), with no line terminators
Size
308 B (308 bytes)
Hash
861d3a488c5ecd94c74b6d419fdb2898
92a0fca0887068ed9fbf0c119cffb049f87365c2
24de07d7c259646a93240773c87739978a1b770de30c984f9af8bbe0b044816b

HTTP Headers

GET /ajax/libs/ionicons/4.5.6/ionicons/svg/logo-instagram.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 308
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-26c"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=%2FP0aRjmcojJOpnGnoegpQIfAoHNBQy8N06JnMzkNsPvtc3OR5vCZ%2FaDYospDTfahLVcVkp1pZnSnyTNKdx4SICHSzZZIaPA14RDrPGvE%2B%2Fvj6c%2Fr1dv%2FxaOV0%2BFHTNZ2DV4zVVhA"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb62835b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-settings.svg

104.17.25.14

200 OK

485 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-settings.svg
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1145), with no line terminators
Size
485 B (485 bytes)
Hash
c69af7c8d1591198b6548bbfe505d4e5
c4683044c4d34590a1b716219312fef5898efd58
8884dcefdd23a7cdfe6181b91de6729a5f2adeb3edc98f2d50feffce757ca24d

HTTP Headers

GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-settings.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 485
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-479"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=k9RS6EspK0PEBpy%2FAMno08pQW5FSLmKahDlUah7jxumuS7M8%2ByOyYlakx1e7ukiPQBupOJgxu2hncWrMX2Ni4601ib8qOYHvpjMN8bad1e%2BLtJ866wyeWmpJpz%2Faw8GeQpCW18Hi"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb63855b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-contact.svg

104.17.25.14

200 OK

2.9 kB

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-contact.svg
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
Unicode text, UTF-8 text, with very long lines (8655)
Size
2.9 kB (2946 bytes)
Hash
6b339178056aba898997d2f5a93f0384
585a6509b6ffb6696030f1c95a4f891372c67cfc
6e02ef95b535498009382e561c18ada79ccd3465b54ccedfa8880d8cfc74d75d

HTTP Headers

GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-contact.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 209
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-175"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=hH%2FvgR2axXwgIJ4qmedsIGZTv5fTIgVhf1l5m%2FZqFra9qKF7f8SkoXLS8gFjRR6CAXfc1fbVUZ%2B9odv%2B1Onufe05%2FRCL7Y%2Bt6gKvu9giqJ0SinRUTZIPDX7%2FrY6PCEi%2FnDF49ist"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb6385bb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-phone-portrait.svg

104.17.25.14

200 OK

189 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-phone-portrait.svg
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with no line terminators
Size
189 B (189 bytes)
Hash
8bc4c4d947f8cf9836a9cc1416c254e9
e1ccb0259ae3d3fb3711d6f767b1c1e0ce1eedb2
2a1e4cdd467c0ef5d07b0677f9906017cb01d34aec5b4105dce72e8ac7af6489

HTTP Headers

GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-phone-portrait.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 189
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-11e"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=i3yPVB51feAq5K9ns0TDtw8%2Bs1TziN9rnNjZCh%2BbBF3dn%2BzUODe3CI63EEscjnHON1cdSkdaADWtMvt8AQCyUeK085Py6aBXuYrIS3K77KTuNEbleQoYmxqdZNkz0Vwb3svOory%2B"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb6385db500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdn.denomatic.com/drs/354-499a808dd30a.js?rnd=20220825

54.230.111.104

200 OK

963 B

URL HTTP/2
cdn.denomatic.com/drs/354-499a808dd30a.js?rnd=20220825
IP
54.230.111.104:0
ASN
#16509 AMAZON-02

File type
ASCII text
Size
963 B (963 bytes)
Hash
1024abb0d1161efd75366823c4506893
a41d6d3126ae186a7bec096897c552f39527dc4e
a3a590eb516c8418d4bcf84e6623363480f158e29a0be4e7c98bd4391e8c16c2

HTTP Headers

GET /drs/354-499a808dd30a.js?rnd=20220825 HTTP/1.1
Host: cdn.denomatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
content-length: 963
server: nginx
last-modified: Tue, 09 Aug 2022 11:50:19 GMT
content-encoding: gzip
jb-x-cache: EXPIRED
accept-ranges: bytes
date: Tue, 29 Nov 2022 07:15:00 GMT
cache-control: public, max-age=600, s-maxage=86400
etag: "be7-5e5cd895e9f9a-gzip"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: g1NzDKlAeQC3Af1U6qTTcLQYPAy123duSnAPRKuIOtyBbmWHK6s9aw==
age: 18708
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

471 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
471 B (471 bytes)
Hash
798c6088f000b3a2464e23a92271c24d
2a53b3d3bd4a9104c79595f664276db5b32b9bad
dcccfc9bb4da634286d08301fcf23be3ae26bb429b35349fb72dde530fdb3ae4

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:15:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-globe.svg

104.17.25.14

200 OK

966 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-globe.svg
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (2002), with no line terminators
Size
966 B (966 bytes)
Hash
070d0e0f827d3c463af0421a6941eefd
a64fd70bbcf2edc9ec5f201050c83acbd2cf3565
aff50c443b06891fcdf777eb6142c81d1f6d048df7c020a899d2faa591991d06

HTTP Headers

GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-globe.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 966
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-7d2"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=f4iQmN9TZDBCayRihtOihOCM2MeL4f2KOSQBoOOHAbXWlZXe9Je3CKl2J8jPkmC4k6%2F7XSqb3WhiXBoXQuFhjhvx9C87mByOPHXRuPLX8L8uyhhke3RnPDQ7CTSKCx0bQW9o8H2M"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb6385fb500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-mail.svg

104.17.25.14

200 OK

208 B

URL HTTP/2
cdnjs.cloudflare.com/ajax/libs/ionicons/4.5.6/ionicons/svg/md-mail.svg
IP
104.17.25.14:0
ASN
#13335 CLOUDFLARENET

File type
SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (319), with no line terminators
Size
208 B (208 bytes)
Hash
9dcf9cb92548de441649534706be4e21
19593f5efa7cd6106138943333aece8066c9506d
62f29106be1f7237f70eacf8e42c80390ba5f230d69c9462317eb9d2fda81ead

HTTP Headers

GET /ajax/libs/ionicons/4.5.6/ionicons/svg/md-mail.svg HTTP/1.1
Host: cdnjs.cloudflare.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:15:00 GMT
content-type: image/svg+xml; charset=utf-8
content-length: 208
access-control-allow-origin: *
cache-control: public, max-age=30672000
content-encoding: br
etag: "5eb03eae-13f"
last-modified: Mon, 04 May 2020 16:11:26 GMT
cf-cdnjs-via: cfworker/kv
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
x-content-type-options: nosniff
vary: Accept-Encoding
cf-cache-status: MISS
expires: Sun, 19 Nov 2023 07:15:00 GMT
accept-ranges: bytes
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nHMnkSWpvHve%2FQSwnPuRLXtRoRSWLOBCNQPNYAwYau1FKcqg%2FV%2FxraQORUiKygod5JtRqWxg4oqrqORrzzAjDb04GIiz4F%2F8W1n%2F2%2FLvadlbNKkc5r1cxId7nUrkG7CY5DF2kxt5"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
strict-transport-security: max-age=15780000
server: cloudflare
cf-ray: 77198cb5dfe9b500-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
af25abbc1f9776cf78b07837dbea38a0
1883049bac2e92f8b3107f6435f00b83d8f4c117
663a6d77de7e3c835bcbb4b567eb28053755bf50ddab14b3f668367a85efdf17

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2274
Cache-Control: max-age=103321
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:15:00 GMT
Etag: "6384992b-1d7"
Expires: Wed, 30 Nov 2022 11:57:01 GMT
Last-Modified: Mon, 28 Nov 2022 11:19:07 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f1cfa609ebdf236e2f3e3ff25dd05caf
c8117b0187d4d9021ed1a42907bd93d24ed4ebf0
7a2761aa36168d4f2c9034486777f5588aaf0fa1f7d1e55006db7320259303b3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:15:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

connect.facebook.net/en_US/fbevents.js

31.13.72.12

200 OK

27 kB

URL HTTP/2
connect.facebook.net/en_US/fbevents.js
IP
31.13.72.12:0
ASN
#32934 FACEBOOK

File type
ASCII text, with very long lines (64348)
Size
27 kB (27340 bytes)
Hash
44ecaa3c2a4929a40141edc4540aaf84
f29a573182333b2500d41bfc389d6c5232dfb348
6589fe14578dedd4df678a909afadd7e5bc7f57c7e3e24518a7f5faac7383396

HTTP Headers

GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.google.com 127.0.0.1:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net wss://*.facebook.com:* wss://*.whatsapp.com:* wss://*.fbcdn.net attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self';block-all-mixed-content;upgrade-insecure-requests;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: Bh6KhznqrlR6coK8HTWLK7HG73d1xNVGOwPUyishNAFP2FcnS3xYrBOHpmZWeKYLkzcym4O84BHiJn9HTCIWBw==
priority: u=3,i
content-length: 27340
x-fb-trip-id: 2074150462
date: Tue, 29 Nov 2022 07:15:00 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2

googleads.g.doubleclick.net/pagead/viewthroughconversion/1000698394/?random=1669706098892&cv=11&fst=1669706098892&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong&tiba=favehotel%20Sorong%20-%20Select%20Service%20Hotel%20In%20Sorong&auid=1948251921.1669706099&rfmt=3&fmt=4

142.250.74.66

200 OK

901 B

URL HTTP/2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1000698394/?random=1669706098892&cv=11&fst=1669706098892&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong&tiba=favehotel%20Sorong%20-%20Select%20Service%20Hotel%20In%20Sorong&auid=1948251921.1669706099&rfmt=3&fmt=4
IP
142.250.74.66:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (1955), with no line terminators
Size
901 B (901 bytes)
Hash
84aa80efdf67d3fb906ff51c841c7688
356914e36599649c6c9383b83022614ac2fe5af1
ccb2462481cdb93a9e4e3acc0d034d27bcd1ff06fd67cfb35824cbefd69c2910

HTTP Headers

GET /pagead/viewthroughconversion/1000698394/?random=1669706098892&cv=11&fst=1669706098892&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong&tiba=favehotel%20Sorong%20-%20Select%20Service%20Hotel%20In%20Sorong&auid=1948251921.1669706099&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 07:15:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 901
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Tue, 29-Nov-2022 07:30:00 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6S0DPJNCZH&cid=1075845428.1669706099&gtm=2oeb90&aip=1&z=663281219

142.250.74.3

200 OK

42 B

URL HTTP/2
www.google.no/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6S0DPJNCZH&cid=1075845428.1669706099&gtm=2oeb90&aip=1&z=663281219
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-6S0DPJNCZH&cid=1075845428.1669706099&gtm=2oeb90&aip=1&z=663281219 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 07:15:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-2077749-33&cid=1075845428.1669706099&jid=487690859&gjid=2120281814&_gid=2066494076.1669706099&_u=YGBAiEABBAAAAEAAI~&z=405073921

142.250.150.154

200 OK

20 kB

URL HTTP/2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-2077749-33&cid=1075845428.1669706099&jid=487690859&gjid=2120281814&_gid=2066494076.1669706099&_u=YGBAiEABBAAAAEAAI~&z=405073921
IP
142.250.150.154:0
ASN
#15169 GOOGLE

File type
data
Size
20 kB (19879 bytes)
Hash
013f5ffdd9bb1a9ef921527dcb392cbd
fe4b9af523295c168aab16d09b1f39f80cc98f29
e87f772a0f9a5e1401e7a6ceab5560047103228e2b124bc7e540d799b4ccab9e

HTTP Headers

POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-2077749-33&cid=1075845428.1669706099&jid=487690859&gjid=2120281814&_gid=2066494076.1669706099&_u=YGBAiEABBAAAAEAAI~&z=405073921 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Content-Type: text/plain
Content-Length: 0
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: https://www.favehotels.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Tue, 29 Nov 2022 07:15:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
af25abbc1f9776cf78b07837dbea38a0
1883049bac2e92f8b3107f6435f00b83d8f4c117
663a6d77de7e3c835bcbb4b567eb28053755bf50ddab14b3f668367a85efdf17

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2274
Cache-Control: max-age=103321
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:15:00 GMT
Etag: "6384992b-1d7"
Expires: Wed, 30 Nov 2022 11:57:01 GMT
Last-Modified: Mon, 28 Nov 2022 11:19:07 GMT
Server: ECS (ska/F714)
X-Cache: HIT
Content-Length: 471

stats.g.doubleclick.net/g/collect?v=2&tid=G-6S0DPJNCZH&cid=1075845428.1669706099&gtm=2oeb90&aip=1

142.250.150.154

204 No Content

0 B

URL HTTP/2
stats.g.doubleclick.net/g/collect?v=2&tid=G-6S0DPJNCZH&cid=1075845428.1669706099&gtm=2oeb90&aip=1
IP
142.250.150.154:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /g/collect?v=2&tid=G-6S0DPJNCZH&cid=1075845428.1669706099&gtm=2oeb90&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers

HTTP/2 204 No Content
access-control-allow-origin: https://www.favehotels.com
date: Tue, 29 Nov 2022 07:15:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f1cfa609ebdf236e2f3e3ff25dd05caf
c8117b0187d4d9021ed1a42907bd93d24ed4ebf0
7a2761aa36168d4f2c9034486777f5588aaf0fa1f7d1e55006db7320259303b3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:15:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

region1.analytics.google.com/g/collect?v=2&tid=G-6S0DPJNCZH&gtm=2oeb90&_p=1228318795&_gaz=1&cid=1075845428.1669706099&ul=en-us&sr=1280x1024&_s=1&sid=1669706099&sct=1&seg=0&dl=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong&dt=favehotel%20Sorong%20-%20Select%20Service%20Hotel%20In%20Sorong&en=page_view&_fv=1&_ss=1

216.239.32.36

204 No Content

18 kB

URL HTTP/2
region1.analytics.google.com/g/collect?v=2&tid=G-6S0DPJNCZH&gtm=2oeb90&_p=1228318795&_gaz=1&cid=1075845428.1669706099&ul=en-us&sr=1280x1024&_s=1&sid=1669706099&sct=1&seg=0&dl=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong&dt=favehotel%20Sorong%20-%20Select%20Service%20Hotel%20In%20Sorong&en=page_view&_fv=1&_ss=1
IP
216.239.32.36:0
ASN
#15169 GOOGLE

File type
data
Size
18 kB (18147 bytes)
Hash
c3c9d5aa599543d486b0fdf396ecc9b4
38d43c3bf7159643acba6dfdc7c2de284cb30491
8c990c7b41bb73fccdf5429dc615ec09d86430f969ef922ce505f984da82494f

HTTP Headers

POST /g/collect?v=2&tid=G-6S0DPJNCZH&gtm=2oeb90&_p=1228318795&_gaz=1&cid=1075845428.1669706099&ul=en-us&sr=1280x1024&_s=1&sid=1669706099&sct=1&seg=0&dl=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong&dt=favehotel%20Sorong%20-%20Select%20Service%20Hotel%20In%20Sorong&en=page_view&_fv=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

HTTP/2 204 No Content
access-control-allow-origin: https://www.favehotels.com
date: Tue, 29 Nov 2022 07:15:00 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
f1cfa609ebdf236e2f3e3ff25dd05caf
c8117b0187d4d9021ed1a42907bd93d24ed4ebf0
7a2761aa36168d4f2c9034486777f5588aaf0fa1f7d1e55006db7320259303b3

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:15:00 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a0fe20d41a043db700a84924cd9793f3
c0da481fef6cd00558f6e68b074acb34bef8292f
03caeb65ab9e22f6d6fe0d344d327950d20ee9ed144e2da0e5e062943a03fc56

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:15:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

ocsp.pki.goog/gts1c3

142.250.74.3

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.3:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
a0fe20d41a043db700a84924cd9793f3
c0da481fef6cd00558f6e68b074acb34bef8292f
03caeb65ab9e22f6d6fe0d344d327950d20ee9ed144e2da0e5e062943a03fc56

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Tue, 29 Nov 2022 07:15:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

www.google.com/pagead/1p-user-list/1000698394/?random=1669706098892&cv=11&fst=1669705200000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong&tiba=favehotel%20Sorong%20-%20Select%20Service%20Hotel%20In%20Sorong&fmt=3&is_vtc=1&random=2184221239&rmt_tld=0&ipr=y

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/pagead/1p-user-list/1000698394/?random=1669706098892&cv=11&fst=1669705200000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong&tiba=favehotel%20Sorong%20-%20Select%20Service%20Hotel%20In%20Sorong&fmt=3&is_vtc=1&random=2184221239&rmt_tld=0&ipr=y
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /pagead/1p-user-list/1000698394/?random=1669706098892&cv=11&fst=1669705200000&bg=ffffff&guid=ON&async=1&gtm=2wgb90&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong&tiba=favehotel%20Sorong%20-%20Select%20Service%20Hotel%20In%20Sorong&fmt=3&is_vtc=1&random=2184221239&rmt_tld=0&ipr=y HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 07:15:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2077749-33&cid=1075845428.1669706099&jid=487690859&_u=YGBAiEABBAAAAEAAI~&z=246806028

142.250.74.164

200 OK

42 B

URL HTTP/2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2077749-33&cid=1075845428.1669706099&jid=487690859&_u=YGBAiEABBAAAAEAAI~&z=246806028
IP
142.250.74.164:0
ASN
#15169 GOOGLE

File type
GIF image data, version 89a, 1 x 1\012- data
Size
42 B (42 bytes)
Hash
d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

HTTP Headers

GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-2077749-33&cid=1075845428.1669706099&jid=487690859&_u=YGBAiEABBAAAAEAAI~&z=246806028 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Tue, 29 Nov 2022 07:15:01 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

www.facebook.com/tr/

31.13.72.36

200 OK

0 B

URL HTTP/2
www.facebook.com/tr/
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /tr/ HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Content-Type: multipart/form-data; boundary=---------------------------24843625811331171753184714644
Origin: https://www.favehotels.com
Content-Length: 4806
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: https://www.favehotels.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Nov 2022 07:15:02 GMT
X-Firefox-Spdy: h2

www.facebook.com/tr/?id=2120774411396120&ev=PageView&dl=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong&rl=&if=false&ts=1669706100777&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669706100776.1201003156&it=1669706099711&coo=false&rqm=GET

31.13.72.36

200 OK

86 kB

URL HTTP/2
www.facebook.com/tr/?id=2120774411396120&ev=PageView&dl=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong&rl=&if=false&ts=1669706100777&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669706100776.1201003156&it=1669706099711&coo=false&rqm=GET
IP
31.13.72.36:0
ASN
#32934 FACEBOOK

File type
gzip compressed data, from Unix\012- data
Size
86 kB (86031 bytes)
Hash
651527a47c7103cedd3799fd904e6602
538b02ee138f1ea096eda2b9e19bc2173651ef83
6a3bda67e35c22256d5982009d50aac5f128f40b97ace6384286063277273d40

HTTP Headers

GET /tr/?id=2120774411396120&ev=PageView&dl=https%3A%2F%2Fwww.favehotels.com%2Fen%2Fhotel%2Fview%2F142%2Ffavehotel-sorong&rl=&if=false&ts=1669706100777&sw=1280&sh=1024&v=2.9.89&r=stable&ec=0&o=30&fbp=fb.1.1669706100776.1201003156&it=1669706099711&coo=false&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: 
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Tue, 29 Nov 2022 07:15:02 GMT
X-Firefox-Spdy: h2

static.triptease.io/message-porter/dist/bootstrap-message-engine.js

151.101.85.182

200 OK

28 kB

URL HTTP/2
static.triptease.io/message-porter/dist/bootstrap-message-engine.js
IP
151.101.85.182:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (58698)
Size
28 kB (28003 bytes)
Hash
9d342579f5b731749c8cd52cc69ca4cf
7bbecc83a1ad2cb0d0ad3096cd97e2b9d8b23704
7ba041586f87db7cfbd6e1809e684bd0d880ec5dbb44d080db997f6ee4a20a9b

HTTP Headers

GET /message-porter/dist/bootstrap-message-engine.js HTTP/1.1
Host: static.triptease.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycduryspMV5h2K6zSr5M0uYLyahisqW1XidxaWyLuZnQSLACa2fGgGwca4Y5ssQe9VKYe94L0EWrufZ-dENIrJRm4LAjSp85q
cache-control: no-cache, max-age=600
expires: Mon, 28 Nov 2022 15:01:32 GMT
last-modified: Mon, 28 Nov 2022 14:51:28 GMT
etag: "d676a7b4e95291ad2289d5705e4b5851"
x-goog-generation: 1669647087909159
x-goog-metageneration: 2
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 84184
x-goog-meta-goog-reserved-file-mtime: 1669647084
content-type: application/javascript
x-goog-hash: crc32c=KORqow==, md5=1nantOlSka0iidVwXktYUQ==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
server: UploadServer
content-encoding: gzip
accept-ranges: bytes
date: Tue, 29 Nov 2022 07:15:05 GMT
via: 1.1 varnish
age: 383
x-served-by: cache-bma1643-BMA
x-cache: HIT
x-cache-hits: 8
x-timer: S1669706106.715688,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
backend-url: /message-porter/dist/bootstrap-message-engine.js
pseudo-device-id: ce3678a60bdd9475e11059d534cb5581793d88c2fea0c3958c03837f5a2b18f6
pseudo-session-id: 3422e73484dc258899f9d2c47f9d208b6a9f951e9b385ee322c0d21d0d2060d7
surrogate-key-debug: message-porter message-porter-bootstrap-message-engine message-porter-js
timing-allow-origin: *
content-length: 28003
X-Firefox-Spdy: h2

b.triptease.io/application.js

151.101.85.62

200 OK

2.9 kB

URL HTTP/1.1
b.triptease.io/application.js
IP
151.101.85.62:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (2870), with no line terminators
Size
2.9 kB (2870 bytes)
Hash
1f869b259c276f47841720aec5a2058e
6366bc8e1b2fa39017194b14b4a5504fa41b27e9
54d464dcbb274e2f142eb6e78e14dd6885edc21e72d0989717a1318c170777df

HTTP Headers

GET /application.js HTTP/1.1
Host: b.triptease.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
Content-Length: 2870
cache-control: max-age=60
content-type: application/javascript
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, session-token
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
Via: 1.1 google, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 29 Nov 2022 07:15:05 GMT
Age: 1729
X-Served-By: cache-bma1678-BMA
X-Cache: HIT
X-Cache-Hits: 10
Strict-Transport-Security: max-age=300

static-meta.triptease.io/client/main.js

151.101.85.182

200 OK

17 kB

URL HTTP/2
static-meta.triptease.io/client/main.js
IP
151.101.85.182:0
ASN
#54113 FASTLY

File type
ASCII text, with very long lines (54854), with no line terminators
Size
17 kB (17417 bytes)
Hash
8cc4bee5d305008a99f66b4c9dd7fce4
ec11738f93ea513e855fca06419750332c6e122c
573f695d4b6535aadb1272de7985d1ea348266f19a59e4a4b6712b6550ad221e

HTTP Headers

GET /client/main.js HTTP/1.1
Host: static-meta.triptease.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=3600,stale-while-revalidate=1800
content-type: text/plain; charset=utf-8
x-envoy-upstream-service-time: 3
x-envoy-upstream-healthchecked-cluster: client-api.management
server: istio-envoy
via: 1.1 google, 1.1 varnish
content-encoding: gzip
accept-ranges: bytes
date: Tue, 29 Nov 2022 07:15:05 GMT
age: 0
x-served-by: cache-bma1654-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669706106.713847,VS0,VE172
vary: Origin, Accept-Encoding
content-length: 17417
X-Firefox-Spdy: h2

static.triptease.io/message-porter/dist/storageIframe.html

151.101.85.182

200 OK

2.5 kB

URL HTTP/2
static.triptease.io/message-porter/dist/storageIframe.html
IP
151.101.85.182:0
ASN
#54113 FASTLY

File type
HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (6979), with no line terminators
Size
2.5 kB (2506 bytes)
Hash
be5aab1852e2cfe6c17fadcb089a21e4
60f309b22033bb2480c749dd68a3bd4bacfaad5d
dfdbdf72998262fc2396b2c5729ae0c5fa0d58f5a1b19ceb177e5cb9040ee5a9

HTTP Headers

GET /message-porter/dist/storageIframe.html HTTP/1.1
Host: static.triptease.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-guploader-uploadid: ADPycdvU0oLCe6sQfKK-zLI4Xx76g9gy8m2oVLSiHKmQ-upYclx9DZuvwnNn_I7-zFJ7HJajmjmp-BrTKcnI75d0DDZgZr4-JXjF
x-goog-generation: 1667397055211069
x-goog-metageneration: 8
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 6979
x-goog-meta-goog-reserved-file-mtime: 1667397047
x-goog-hash: crc32c=0I3Wqw==, md5=wk7He6Vyt1LH1MzXpMh9dg==
x-goog-storage-class: STANDARD
access-control-allow-origin: *
access-control-expose-headers: Content-Type
server: UploadServer
expires: Mon, 28 Nov 2022 15:01:33 GMT
cache-control: no-cache, max-age=600
last-modified: Wed, 02 Nov 2022 13:50:55 GMT
etag: "c24ec77ba572b752c7d4ccd7a4c87d76"
content-type: text/html
content-encoding: gzip
accept-ranges: bytes
date: Tue, 29 Nov 2022 07:15:06 GMT
via: 1.1 varnish
age: 383
x-served-by: cache-bma1671-BMA
x-cache: HIT
x-cache-hits: 13
x-timer: S1669706106.004005,VS0,VE0
vary: Accept-Encoding
strict-transport-security: max-age=31557600
backend-url: /message-porter/dist/storageIframe.html
pseudo-device-id: 10d93cb908495a5a16655fc754e6677bdabe68f48e1852cb3cbce52a0ba7acc2
pseudo-session-id: f2b7e0e62112dae35c3f6cb148f0b61ddc78780d4ee936af55dab16e758256cd
surrogate-key-debug: message-porter message-porter-storageIframe message-porter-html
timing-allow-origin: *
content-length: 2506
X-Firefox-Spdy: h2

b.triptease.io/?apikey=ad3435928a7b946cc923b05f8afe0de30a228c28&bucket=1&conversion=false&clicked=false&searched=false&tripteaseUserId=01GK13TGGK1YHPXKWG6DXR4QC4

151.101.85.62

200 OK

76 kB

URL HTTP/1.1
b.triptease.io/?apikey=ad3435928a7b946cc923b05f8afe0de30a228c28&bucket=1&conversion=false&clicked=false&searched=false&tripteaseUserId=01GK13TGGK1YHPXKWG6DXR4QC4
IP
151.101.85.62:0
ASN
#54113 FASTLY

File type
data
Size
76 kB (76151 bytes)
Hash
25cf6738ace94462824212e9d35085f1
df18ddda45e4ceedc7725be3f592c1bc27748afe
a1f982c64ab62179c9ec4f2f6af35e7581ba3f0506293b24c0dfa9bb45827c86

HTTP Headers

GET /?apikey=ad3435928a7b946cc923b05f8afe0de30a228c28&bucket=1&conversion=false&clicked=false&searched=false&tripteaseUserId=01GK13TGGK1YHPXKWG6DXR4QC4 HTTP/1.1
Host: b.triptease.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
cache-control: private, no-store
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, session-token
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
Via: 1.1 google, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 29 Nov 2022 07:15:06 GMT
X-Served-By: cache-bma1675-BMA
X-Cache: MISS
X-Cache-Hits: 0
Strict-Transport-Security: max-age=300
transfer-encoding: chunked

static-meta.triptease.io/client/bundle-data/ad3435928a7b946cc923b05f8afe0de30a228c28

151.101.85.182

200 OK

288 B

URL HTTP/2
static-meta.triptease.io/client/bundle-data/ad3435928a7b946cc923b05f8afe0de30a228c28
IP
151.101.85.182:0
ASN
#54113 FASTLY

File type
JSON data\012- , ASCII text, with very long lines (406), with no line terminators
Size
288 B (288 bytes)
Hash
e23a5ebcce92c6ac62edbb141ae8152c
fb93a020fc934c215c971a1f83195eddb8966f40
1b3550b5dcdd4d3f10a14c08fea7f310a99a05adfff26091a1857057a1554558

HTTP Headers

GET /client/bundle-data/ad3435928a7b946cc923b05f8afe0de30a228c28 HTTP/1.1
Host: static-meta.triptease.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-origin: *
access-control-allow-credentials: true
cache-control: max-age=3600,stale-while-revalidate=1800
content-type: application/json; charset=utf-8
x-envoy-upstream-service-time: 118
server: istio-envoy
via: 1.1 google, 1.1 varnish
content-encoding: gzip
accept-ranges: bytes
date: Tue, 29 Nov 2022 07:15:06 GMT
age: 0
x-served-by: cache-bma1654-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1669706106.964518,VS0,VE261
vary: Origin, Accept-Encoding
content-length: 288
X-Firefox-Spdy: h2

messages.guest-experience.triptease.io/ad3435928a7b946cc923b05f8afe0de30a228c28/messages?language=en

151.101.86.133

200 OK

35 B

URL HTTP/2
messages.guest-experience.triptease.io/ad3435928a7b946cc923b05f8afe0de30a228c28/messages?language=en
IP
151.101.86.133:0
ASN
#54113 FASTLY

File type
JSON data\012- , ASCII text, with no line terminators
Size
35 B (35 bytes)
Hash
b1a86b3431b637869ac4b3d97f378062
99de8bd0579b164dc8d3bdfa15590584e75d18b5
1ec7c7dbde03b083dfc34167da0767652f122f5ed5f7d64c6cfd00172889bd06

HTTP Headers

GET /ad3435928a7b946cc923b05f8afe0de30a228c28/messages?language=en HTTP/1.1
Host: messages.guest-experience.triptease.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Origin: https://www.favehotels.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://www.favehotels.com
content-type: application/json; charset=utf-8
cache-control: no-cache,max-age=0
x-cloud-trace-context: 352a6254a087da36d433b2918f7e1b94
server: Google Frontend
accept-ranges: bytes
date: Tue, 29 Nov 2022 07:15:06 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1662-BMA
x-cache: MISS
x-cache-hits: 0
vary: Origin
access-control-expose-headers: X-Country-Code, X-Region-Code, X-City
x-city: oslo
x-country-code: NO
x-region-code: 03
tt_host: messages.guest-experience.triptease.io
content-length: 35
X-Firefox-Spdy: h2

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
c24d52282c0f26b81af0ee570ace73a2
868b57779bec79733f53bfc29c3e231b5789c284
b3fda99887d696289b23937ea86ade3932592ba9a0be31469236695c36bf97e0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=160224
Date: Tue, 29 Nov 2022 07:15:06 GMT
Etag: "63857032-1d7"
Expires: Thu, 01 Dec 2022 03:45:30 GMT
Last-Modified: Tue, 29 Nov 2022 02:36:34 GMT
Server: ECS (nyb/1D1F)
X-Cache: Miss from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 516F1qT5g3kr1yTRWCJZiTykslAAbeG3FFHLr6HE57qrBV9ki9Teug==
Age: 4136

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
c24d52282c0f26b81af0ee570ace73a2
868b57779bec79733f53bfc29c3e231b5789c284
b3fda99887d696289b23937ea86ade3932592ba9a0be31469236695c36bf97e0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=161520
Date: Tue, 29 Nov 2022 07:15:06 GMT
Etag: "63857032-1d7"
Expires: Thu, 01 Dec 2022 04:07:06 GMT
Last-Modified: Tue, 29 Nov 2022 02:36:34 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 142be88a35733307a5e7de05da0a20b8.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 4YvW31O3qmBcd8BoHfo4jmukAKa5nljza6QJ2AROUKwq5VkK4p7C_Q==
Age: 5432

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
c24d52282c0f26b81af0ee570ace73a2
868b57779bec79733f53bfc29c3e231b5789c284
b3fda99887d696289b23937ea86ade3932592ba9a0be31469236695c36bf97e0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=160817
Date: Tue, 29 Nov 2022 07:15:06 GMT
Etag: "63857032-1d7"
Expires: Thu, 01 Dec 2022 03:55:23 GMT
Last-Modified: Tue, 29 Nov 2022 02:36:34 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: c9LOM3FOn1ARyxnKYpXljReYDvcWdMKFDg3WxdSBjR_1ewpl4HPrDw==
Age: 4729

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
c24d52282c0f26b81af0ee570ace73a2
868b57779bec79733f53bfc29c3e231b5789c284
b3fda99887d696289b23937ea86ade3932592ba9a0be31469236695c36bf97e0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=159190
Date: Tue, 29 Nov 2022 07:15:06 GMT
Etag: "63857032-1d7"
Expires: Thu, 01 Dec 2022 03:28:16 GMT
Last-Modified: Tue, 29 Nov 2022 02:36:34 GMT
Server: ECS (bsa/EB13)
X-Cache: Miss from cloudfront
Via: 1.1 aa34a836095df9de9d246a53dd63f1d6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: MLtz5VdnYS1gjBPebeL1RPKLykxPSJqdQN71C3RIGmVqhz1Cyi7EeA==
Age: 3102

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
c24d52282c0f26b81af0ee570ace73a2
868b57779bec79733f53bfc29c3e231b5789c284
b3fda99887d696289b23937ea86ade3932592ba9a0be31469236695c36bf97e0

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=158528
Date: Tue, 29 Nov 2022 07:15:06 GMT
Etag: "63857032-1d7"
Expires: Thu, 01 Dec 2022 03:17:14 GMT
Last-Modified: Tue, 29 Nov 2022 02:36:34 GMT
Server: ECS (bsa/EB19)
X-Cache: Miss from cloudfront
Via: 1.1 8e6dce34fd223e0c9d89fd938d1784a2.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 3TIf2Ay3dvBzfpvdiGFn29OkZu17GjNepHnOXynDa1JBs4XaxvaKRA==
Age: 2440

segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-1&value=0.5&forward_to_cookie_sync=1

52.49.0.146

303 See Other

0 B

URL HTTP/1.1
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-1&value=0.5&forward_to_cookie_sync=1
IP
52.49.0.146:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /associate-segment?buzz_key=triptease&segment_key=triptease-1&value=0.5&forward_to_cookie_sync=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.triptease.io/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 303 See Other
Date: Tue, 29 Nov 2022 07:15:06 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-1&value=0.5&forward_to_cookie_sync=1&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Tue, 29 Nov 2022 07:25:06 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-140&value=

52.49.0.146

303 See Other

0 B

URL HTTP/1.1
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-140&value=
IP
52.49.0.146:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /associate-segment?buzz_key=triptease&segment_key=triptease-140&value= HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.triptease.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 303 See Other
Date: Tue, 29 Nov 2022 07:15:06 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-140&value=&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Tue, 29 Nov 2022 07:25:06 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-138&value=

52.49.0.146

303 See Other

0 B

URL HTTP/1.1
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-138&value=
IP
52.49.0.146:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /associate-segment?buzz_key=triptease&segment_key=triptease-138&value= HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.triptease.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 303 See Other
Date: Tue, 29 Nov 2022 07:15:06 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-138&value=&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Tue, 29 Nov 2022 07:25:06 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12203&value=1

52.49.0.146

303 See Other

0 B

URL HTTP/1.1
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12203&value=1
IP
52.49.0.146:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /associate-segment?buzz_key=triptease&segment_key=triptease-12203&value=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.triptease.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 303 See Other
Date: Tue, 29 Nov 2022 07:15:06 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12203&value=1&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Tue, 29 Nov 2022 07:25:06 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-139&value=

52.49.0.146

303 See Other

0 B

URL HTTP/1.1
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-139&value=
IP
52.49.0.146:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /associate-segment?buzz_key=triptease&segment_key=triptease-139&value= HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.triptease.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 303 See Other
Date: Tue, 29 Nov 2022 07:15:06 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-139&value=&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Tue, 29 Nov 2022 07:25:06 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12204&value=

52.49.0.146

303 See Other

0 B

URL HTTP/1.1
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12204&value=
IP
52.49.0.146:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /associate-segment?buzz_key=triptease&segment_key=triptease-12204&value= HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.triptease.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 303 See Other
Date: Tue, 29 Nov 2022 07:15:06 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12204&value=&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Tue, 29 Nov 2022 07:25:06 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-137&value=

52.49.0.146

303 See Other

0 B

URL HTTP/1.1
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-137&value=
IP
52.49.0.146:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /associate-segment?buzz_key=triptease&segment_key=triptease-137&value= HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.triptease.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 303 See Other
Date: Tue, 29 Nov 2022 07:15:06 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-137&value=&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Tue, 29 Nov 2022 07:25:06 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12205&value=1

52.49.0.146

303 See Other

0 B

URL HTTP/1.1
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12205&value=1
IP
52.49.0.146:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /associate-segment?buzz_key=triptease&segment_key=triptease-12205&value=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.triptease.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 303 See Other
Date: Tue, 29 Nov 2022 07:15:06 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12205&value=1&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Tue, 29 Nov 2022 07:25:06 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12206&value=1

52.49.0.146

303 See Other

0 B

URL HTTP/1.1
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12206&value=1
IP
52.49.0.146:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /associate-segment?buzz_key=triptease&segment_key=triptease-12206&value=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.triptease.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 303 See Other
Date: Tue, 29 Nov 2022 07:15:06 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12206&value=1&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Tue, 29 Nov 2022 07:25:06 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12207&value=1

52.49.0.146

303 See Other

0 B

URL HTTP/1.1
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12207&value=1
IP
52.49.0.146:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /associate-segment?buzz_key=triptease&segment_key=triptease-12207&value=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.triptease.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 303 See Other
Date: Tue, 29 Nov 2022 07:15:06 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12207&value=1&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Tue, 29 Nov 2022 07:25:06 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12208&value=1

52.49.0.146

303 See Other

0 B

URL HTTP/1.1
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12208&value=1
IP
52.49.0.146:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /associate-segment?buzz_key=triptease&segment_key=triptease-12208&value=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.triptease.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 303 See Other
Date: Tue, 29 Nov 2022 07:15:06 GMT
location: https://segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12208&value=1&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Tue, 29 Nov 2022 07:25:06 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

ocsp.sca1b.amazontrust.com/

143.204.42.156

200 OK

471 B

URL HTTP/1.1
ocsp.sca1b.amazontrust.com/
IP
143.204.42.156:0
ASN
#16509 AMAZON-02

File type
data
Size
471 B (471 bytes)
Hash
39964c8d7282513e839df68c89fc2ab2
0150ce500b281f01e2c7c6ccaa90b34b5128b22d
15b6e7777cb8cef82e67504a51f7f84930e103a5be3f8f9b288900eb98c9aa45

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=108074
Date: Tue, 29 Nov 2022 07:15:06 GMT
Etag: "63849be4-1d7"
Expires: Wed, 30 Nov 2022 13:16:20 GMT
Last-Modified: Mon, 28 Nov 2022 11:30:44 GMT
Server: ECS (nyb/1D0B)
X-Cache: Miss from cloudfront
Via: 1.1 e49f22f18c16784c0f42291e768d1daa.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: NuaaGZpj4zyZEzzva9LF-s3y9o4QJleTp9RgLVUSNaxfMKiU-DEvUQ==
Age: 6336

segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-1&value=0.5&forward_to_cookie_sync=1&_bee_ppp=1

52.49.0.146

303 See Other

0 B

URL HTTP/1.1
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-1&value=0.5&forward_to_cookie_sync=1&_bee_ppp=1
IP
52.49.0.146:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /associate-segment?buzz_key=triptease&segment_key=triptease-1&value=0.5&forward_to_cookie_sync=1&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.triptease.io/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 303 See Other
Date: Tue, 29 Nov 2022 07:15:06 GMT
location: https://match.prod.bidr.io/cookie-msync?buzz_key=triptease
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12203&value=1&_bee_ppp=1

52.49.0.146

200 OK

43 B

URL HTTP/1.1
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12203&value=1&_bee_ppp=1
IP
52.49.0.146:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

HTTP Headers

GET /associate-segment?buzz_key=triptease&segment_key=triptease-12203&value=1&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.triptease.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Tue, 29 Nov 2022 07:15:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-138&value=&_bee_ppp=1

52.49.0.146

200 OK

43 B

URL HTTP/1.1
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-138&value=&_bee_ppp=1
IP
52.49.0.146:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

HTTP Headers

GET /associate-segment?buzz_key=triptease&segment_key=triptease-138&value=&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.triptease.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Tue, 29 Nov 2022 07:15:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-140&value=&_bee_ppp=1

52.49.0.146

200 OK

43 B

URL HTTP/1.1
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-140&value=&_bee_ppp=1
IP
52.49.0.146:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

HTTP Headers

GET /associate-segment?buzz_key=triptease&segment_key=triptease-140&value=&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.triptease.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Tue, 29 Nov 2022 07:15:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-139&value=&_bee_ppp=1

52.49.0.146

200 OK

43 B

URL HTTP/1.1
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-139&value=&_bee_ppp=1
IP
52.49.0.146:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

HTTP Headers

GET /associate-segment?buzz_key=triptease&segment_key=triptease-139&value=&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.triptease.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Tue, 29 Nov 2022 07:15:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12204&value=&_bee_ppp=1

52.49.0.146

200 OK

43 B

URL HTTP/1.1
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12204&value=&_bee_ppp=1
IP
52.49.0.146:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

HTTP Headers

GET /associate-segment?buzz_key=triptease&segment_key=triptease-12204&value=&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.triptease.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Tue, 29 Nov 2022 07:15:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-137&value=&_bee_ppp=1

52.49.0.146

200 OK

43 B

URL HTTP/1.1
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-137&value=&_bee_ppp=1
IP
52.49.0.146:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

HTTP Headers

GET /associate-segment?buzz_key=triptease&segment_key=triptease-137&value=&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.triptease.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Tue, 29 Nov 2022 07:15:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12206&value=1&_bee_ppp=1

52.49.0.146

200 OK

43 B

URL HTTP/1.1
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12206&value=1&_bee_ppp=1
IP
52.49.0.146:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

HTTP Headers

GET /associate-segment?buzz_key=triptease&segment_key=triptease-12206&value=1&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.triptease.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Tue, 29 Nov 2022 07:15:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12205&value=1&_bee_ppp=1

52.49.0.146

200 OK

43 B

URL HTTP/1.1
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12205&value=1&_bee_ppp=1
IP
52.49.0.146:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

HTTP Headers

GET /associate-segment?buzz_key=triptease&segment_key=triptease-12205&value=1&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.triptease.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Tue, 29 Nov 2022 07:15:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

match.prod.bidr.io/cookie-sync/triptease?buyer_user_id=01GK13TGGK1YHPXKWG6DXR4QC4|ad3435928a7b946cc923b05f8afe0de30a228c28

52.215.215.189

303 See Other

0 B

URL HTTP/1.1
match.prod.bidr.io/cookie-sync/triptease?buyer_user_id=01GK13TGGK1YHPXKWG6DXR4QC4|ad3435928a7b946cc923b05f8afe0de30a228c28
IP
52.215.215.189:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cookie-sync/triptease?buyer_user_id=01GK13TGGK1YHPXKWG6DXR4QC4|ad3435928a7b946cc923b05f8afe0de30a228c28 HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://b.triptease.io/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 303 See Other
Date: Tue, 29 Nov 2022 07:15:06 GMT
location: https://match.prod.bidr.io/cookie-sync/triptease?buyer_user_id=01GK13TGGK1YHPXKWG6DXR4QC4%7Cad3435928a7b946cc923b05f8afe0de30a228c28&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Tue, 29 Nov 2022 07:25:06 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12207&value=1&_bee_ppp=1

52.49.0.146

200 OK

43 B

URL HTTP/1.1
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12207&value=1&_bee_ppp=1
IP
52.49.0.146:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

HTTP Headers

GET /associate-segment?buzz_key=triptease&segment_key=triptease-12207&value=1&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.triptease.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Tue, 29 Nov 2022 07:15:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12208&value=1&_bee_ppp=1

52.49.0.146

200 OK

43 B

URL HTTP/1.1
segment.prod.bidr.io/associate-segment?buzz_key=triptease&segment_key=triptease-12208&value=1&_bee_ppp=1
IP
52.49.0.146:0
ASN
#16509 AMAZON-02

File type
GIF image data, version 89a, 1 x 1\012- data
Size
43 B (43 bytes)
Hash
f837aa60b6fe83458f790db60d529fc9
14af87ccec7f81bb28d53c84da2fd5a9d5925cda
dcecab1355b5c2b9ecef281322bf265ac5840b4688748586e9632b473a5fe56b

HTTP Headers

GET /associate-segment?buzz_key=triptease&segment_key=triptease-12208&value=1&_bee_ppp=1 HTTP/1.1
Host: segment.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.triptease.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
cache-control: no-cache, must-revalidate
content-type: image/gif
Date: Tue, 29 Nov 2022 07:15:06 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See https://beeswax.com/privacy for more info."
pragma: no-cache
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 43
Connection: keep-alive

match.prod.bidr.io/cookie-msync?buzz_key=triptease

52.215.215.189

303 See Other

0 B

URL HTTP/1.1
match.prod.bidr.io/cookie-msync?buzz_key=triptease
IP
52.215.215.189:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cookie-msync?buzz_key=triptease HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.triptease.io/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 303 See Other
Date: Tue, 29 Nov 2022 07:15:06 GMT
location: https://match.prod.bidr.io/cookie-msync?buzz_key=triptease&_bee_ppp=1
Server: gunicorn
set-cookie: checkForPermission=ok; Domain=bidr.io; expires=Tue, 29 Nov 2022 07:25:06 GMT; Path=/; SameSite=None; Secure
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
4f72ea3be7f393b06504af31632ec7cd
49b16e426312ae37f6d3d602deba6c9cd441ea79
78b4d8d825be9b7e193340b21638ec4086baf01cee55a8d5690cf2d978b45110

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:15:06 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 04:04:06 GMT
Expires: Sun, 04 Dec 2022 04:04:05 GMT
Etag: "49b16e426312ae37f6d3d602deba6c9cd441ea79"
Cache-Control: max-age=419938,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77198cdd1a1fb515-OSL

match.prod.bidr.io/cookie-msync?buzz_key=triptease&_bee_ppp=1

52.215.215.189

204 No Content

0 B

URL HTTP/1.1
match.prod.bidr.io/cookie-msync?buzz_key=triptease&_bee_ppp=1
IP
52.215.215.189:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cookie-msync?buzz_key=triptease&_bee_ppp=1 HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.triptease.io/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

HTTP/1.1 204 No Content
Date: Tue, 29 Nov 2022 07:15:06 GMT
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Connection: keep-alive

match.prod.bidr.io/cookie-sync/triptease?buyer_user_id=01GK13TGGK1YHPXKWG6DXR4QC4%7Cad3435928a7b946cc923b05f8afe0de30a228c28&_bee_ppp=1

52.215.215.189

303 See Other

0 B

URL HTTP/1.1
match.prod.bidr.io/cookie-sync/triptease?buyer_user_id=01GK13TGGK1YHPXKWG6DXR4QC4%7Cad3435928a7b946cc923b05f8afe0de30a228c28&_bee_ppp=1
IP
52.215.215.189:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /cookie-sync/triptease?buyer_user_id=01GK13TGGK1YHPXKWG6DXR4QC4%7Cad3435928a7b946cc923b05f8afe0de30a228c28&_bee_ppp=1 HTTP/1.1
Host: match.prod.bidr.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.triptease.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 303 See Other
Date: Tue, 29 Nov 2022 07:15:06 GMT
location: https://b.triptease.io/cookie-sync?partner=beeswax&beeswax_id=&buyer_user_id=01GK13TGGK1YHPXKWG6DXR4QC4%7Cad3435928a7b946cc923b05f8afe0de30a228c28
Server: gunicorn
strict-transport-security: max-age=2592000; includeSubDomains
Content-Length: 0
Connection: keep-alive

api.triptease.io/zappy/event?eventName=propensityToConvert&eventAppName=messageEngine

35.186.195.233

200 OK

0 B

URL HTTP/2
api.triptease.io/zappy/event?eventName=propensityToConvert&eventAppName=messageEngine
IP
35.186.195.233:0
ASN
#15169 GOOGLE

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /zappy/event?eventName=propensityToConvert&eventAppName=messageEngine HTTP/1.1
Host: api.triptease.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www.favehotels.com
Content-Length: 534
Connection: keep-alive
Cookie: triptease-user-id=01GK13TGGK1YHPXKWG6DXR4QC4; triptease-session-id=01GK13TGGKYM866JV48EVJPTEG
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx/1.11.3
date: Tue, 29 Nov 2022 07:15:06 GMT
content-type: text/plain; charset=utf-8
content-length: 0
access-control-allow-origin: https://www.favehotels.com
access-control-max-age: 86400
access-control-allow-methods: GET,PUT,POST,DELETE
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2

b.triptease.io/cookie-sync?partner=beeswax&beeswax_id=&buyer_user_id=01GK13TGGK1YHPXKWG6DXR4QC4%7Cad3435928a7b946cc923b05f8afe0de30a228c28

151.101.85.62

200 OK

115 B

URL HTTP/1.1
b.triptease.io/cookie-sync?partner=beeswax&beeswax_id=&buyer_user_id=01GK13TGGK1YHPXKWG6DXR4QC4%7Cad3435928a7b946cc923b05f8afe0de30a228c28
IP
151.101.85.62:0
ASN
#54113 FASTLY

File type
JSON data\012- , ASCII text, with no line terminators
Size
115 B (115 bytes)
Hash
e726d57a0576b8384a3e3c446732c20b
008f65d2682b7a4bcdf2183db70b447f9fc67f7d
d0a84a01562984667052153dbe9783316f095b3ebc492c65521d0ae9ce80ef82

HTTP Headers

GET /cookie-sync?partner=beeswax&beeswax_id=&buyer_user_id=01GK13TGGK1YHPXKWG6DXR4QC4%7Cad3435928a7b946cc923b05f8afe0de30a228c28 HTTP/1.1
Host: b.triptease.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://b.triptease.io/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Connection: keep-alive
cache-control: private, no-store
set-cookie: tt-bee-beeswax-id=;SameSite=None;Secure;HttpOnly;Domain=.triptease.io;Expires=Wed, 29 Nov 2023 07:15:06 GMT;
access-control-allow-origin: *
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Accept, session-token
access-control-allow-methods: GET, POST, PUT, PATCH, DELETE, OPTIONS, HEAD
Via: 1.1 google, 1.1 varnish
Accept-Ranges: bytes
Date: Tue, 29 Nov 2022 07:15:06 GMT
X-Served-By: cache-bma1675-BMA
X-Cache: MISS
X-Cache-Hits: 0
Strict-Transport-Security: max-age=300
transfer-encoding: chunked

ocsp.sectigo.com/

104.18.32.68

200 OK

472 B

URL HTTP/1.1
ocsp.sectigo.com/
IP
104.18.32.68:0
ASN
#13335 CLOUDFLARENET

File type
data
Size
472 B (472 bytes)
Hash
4f72ea3be7f393b06504af31632ec7cd
49b16e426312ae37f6d3d602deba6c9cd441ea79
78b4d8d825be9b7e193340b21638ec4086baf01cee55a8d5690cf2d978b45110

HTTP Headers

POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Date: Tue, 29 Nov 2022 07:15:06 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Sun, 27 Nov 2022 04:04:06 GMT
Expires: Sun, 04 Dec 2022 04:04:05 GMT
Etag: "49b16e426312ae37f6d3d602deba6c9cd441ea79"
Cache-Control: max-age=419938,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 77198cdf5cccb515-OSL

34.120.237.76

200 OK

4.4 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
4.4 kB (4417 bytes)
Hash
a2a5c8d4113d282600462749315f2c4f
e2b4d2e15bb7c086333c0da438873e4c139ba931
9b5d0e5dd11d4cbf1c78a71730cd63544170c91ab635bf3cf917827ac84874e6

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fabddece8-6c4f-4cb5-9041-4d427b16b826.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
server: nginx
content-length: 4417
x-amzn-requestid: 01de83c2-51d2-4329-98f6-09a0edf46942
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cVNnGEcRIAMFaXA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63852960-34583b6c588a0e937fcfaa46;Sampled=0
x-amzn-remapped-date: Mon, 28 Nov 2022 21:34:24 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: wqEe45jzMOryT-E-vThc39-cLiZudKF4gn6cS3LBmeaJ2amJF5GPIA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 ce71f64ad5dca81beca846466f2d5008.cloudfront.net (CloudFront), 1.1 google
date: Mon, 28 Nov 2022 21:46:54 GMT
age: 34092
etag: "e2b4d2e15bb7c086333c0da438873e4c139ba931"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

static.archipelagointernational.com/website/assets/v1/js/swiper.min.js

143.204.55.116

200 OK

0 B

URL HTTP/2
static.archipelagointernational.com/website/assets/v1/js/swiper.min.js
IP
143.204.55.116:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /website/assets/v1/js/swiper.min.js HTTP/1.1
Host: static.archipelagointernational.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
date: Tue, 29 Nov 2022 01:15:06 GMT
last-modified: Tue, 16 Nov 2021 07:16:16 GMT
etag: W/"317fd00903b68a157500b40495e8d74e"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800, stale-while-revalidate=7890000
x-amz-meta-cb-modifiedtime: Tue, 16 Nov 2021 03:51:36 GMT
x-amz-version-id: UI9.kUQB1muOXR1dwbhSnPF61Ou.ZxjW
server: AmazonS3
content-encoding: br
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: JBR4uJAV73dOr8PwHO9V8p6cxFQQd_D5QgQ-GGWSa1iIjNMrcq5iCA==
age: 21593
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

customs.affilired.com/track/?merchant=4764

54.230.111.65

200 OK

0 B

URL HTTP/2
customs.affilired.com/track/?merchant=4764
IP
54.230.111.65:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /track/?merchant=4764 HTTP/1.1
Host: customs.affilired.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
server: nginx
date: Tue, 29 Nov 2022 07:14:08 GMT
p3p: policyref="/w3c/p3p.xml", CP="IVA SAM IND NON COR"
content-encoding: gzip
cache-control: max-age=604800
expires: Tue, 06 Dec 2022 07:12:41 GMT
jb-x-cache: HIT
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: HaqdRb8Tdfm_9UYSNaYqbfn8Ms1k5plb6Vi0qDLcye2Qvgxl79hCwQ==
age: 51
X-Firefox-Spdy: h2

static.archipelagointernational.com/website/assets/v1/css/bootstrap-3.3.7.min.css

143.204.55.116

200 OK

0 B

URL HTTP/2
static.archipelagointernational.com/website/assets/v1/css/bootstrap-3.3.7.min.css
IP
143.204.55.116:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /website/assets/v1/css/bootstrap-3.3.7.min.css HTTP/1.1
Host: static.archipelagointernational.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
last-modified: Tue, 16 Nov 2021 07:16:45 GMT
x-amz-server-side-encryption: AES256
x-amz-meta-cb-modifiedtime: Tue, 16 Nov 2021 03:18:36 GMT
x-amz-version-id: hz0nEbZivnaENvBEbUjo2MvmQFsTapS5
server: AmazonS3
content-encoding: br
date: Tue, 29 Nov 2022 07:14:58 GMT
cache-control: public, max-age=604800, stale-while-revalidate=7890000
etag: W/"ec3bb52a00e176a7181d454dffaea219"
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: AOzRG5KeEp4t01ukkDL6XdsavZsQKZugTvaoH_GYUQ7lQj9RaY0dQg==
age: 166285
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

static.archipelagointernational.com/website/assets/v1/js/jquery-3.6.0.min.js

143.204.55.116

200 OK

0 B

URL HTTP/2
static.archipelagointernational.com/website/assets/v1/js/jquery-3.6.0.min.js
IP
143.204.55.116:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /website/assets/v1/js/jquery-3.6.0.min.js HTTP/1.1
Host: static.archipelagointernational.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/x-javascript
date: Sat, 05 Nov 2022 06:52:57 GMT
last-modified: Tue, 16 Nov 2021 07:16:17 GMT
etag: W/"8fb8fee4fcc3cc86ff6c724154c49c42"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800, stale-while-revalidate=7890000
x-amz-meta-cb-modifiedtime: Tue, 16 Nov 2021 03:16:43 GMT
x-amz-version-id: vueZjaGyxui0BJQbWRYBs_K.xzBA4e.7
server: AmazonS3
content-encoding: br
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: -tQzW83zyU48rZ2BuYCd79uoUXLFntqPhxKWtKpUxJQGSKLrf_oTzw==
age: 2074923
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

static.archipelagointernational.com/website/assets/v1/css/jquery.fancybox.min.css

143.204.55.116

200 OK

0 B

URL HTTP/2
static.archipelagointernational.com/website/assets/v1/css/jquery.fancybox.min.css
IP
143.204.55.116:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /website/assets/v1/css/jquery.fancybox.min.css HTTP/1.1
Host: static.archipelagointernational.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
date: Thu, 10 Nov 2022 06:11:46 GMT
last-modified: Tue, 16 Nov 2021 07:16:45 GMT
etag: W/"1679dcd38f5d43f1ef64c0ff331af810"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800, stale-while-revalidate=7890000
x-amz-meta-cb-modifiedtime: Tue, 16 Nov 2021 03:20:07 GMT
x-amz-version-id: U1JOFUaNxMU20FUfNQy8fh2xrspU9BqQ
server: AmazonS3
content-encoding: br
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 9DtH4IZozSUw-9tsUjXVYr6eZSwT64vmuFnvSUeEpamF7ZCfq29G2Q==
age: 1645393
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

www.favehotels.com/en/hotel/view/142/favehotel-sorong

54.230.111.54

200 OK

0 B

URL HTTP/2
www.favehotels.com/en/hotel/view/142/favehotel-sorong
IP
54.230.111.54:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /en/hotel/view/142/favehotel-sorong HTTP/1.1
Host: www.favehotels.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Tue, 29 Nov 2022 07:14:58 GMT
server: Apache/2.4.52 () OpenSSL/1.0.2k-fips
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
cache-control: max-age=86400
content-encoding: gzip
vary: Accept-Encoding, Origin
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
alt-svc: h3=":443"; ma=86400
x-xss-protection: 1; mode=block
x-frame-options: DENY
referrer-policy: strict-origin-when-cross-origin
content-security-policy: frame-ancestors 'self' https://*.ampproject.org https://t.co https://twitter.com; block-all-mixed-content; default-src 'self'; script-src 'self' 'report-sample' 'unsafe-inline' 'unsafe-eval' https://*.denomatic.com https://*.glopss.com https://embed.tawk.to https://cdn.jsdelivr.net https://cdnjs.cloudflare.com https://*.favehotels.com https://*.archipelagointernational.com https://*.triptease.io https://connect.facebook.net https://*.doubleclick.net https://www.googleadservices.com https://cdn.onesignal.com https://www.google-analytics.com https://ssl.google-analytics.com https://google-analytics.com https://*.googleadservices.com https://*.google.com https://*.googlesyndication.com https://*.googletagservices.com https://graph.facebook.com https://js.facebook.com https://webchat.bookmebob.com https://onesignal.com https://cdn.ampproject.org https://translate.googleapis.com https://translate.google.com https://www.gstatic.com https://bmbuichatprod.z13.web.core.windows.net https://www.youtube.com https://m.youtube.com https://use.fontawesome.com https://kit.fontawesome.com https://ping.rapidsec.net https://platform.twitter.com https://analytics.twitter.com https://en.twitter.com https://cdn.syndication.twimg.com https://use.typekit.net https://www.googletagmanager.com https://googletagmanager.com https://tagmanager.google.com https://*.ep-mimecast.ads-twitter.com https://static.ads-twitter.com https://t.co https://*.affilired.com; style-src 'self' 'report-sample' 'unsafe-inline' *.googleapis.com *.tawk.to *.cloudflare.com *.favehotels.com *.archipelagointernational.com *.google.com *.ampproject.org *.fontawesome.com *.twimg.com *.twitter.com *.typekit.net *.googletagmanager.com; object-src 'self' *.googlesyndication.com; frame-src 'self' *.tawk.to *.google.com *.doubleclick.net *.googlesyndication.com *.facebook.com *.facebook.net *.triptease.io *.bookmebob.com *.ampproject.net *.astonhotelsinternational.com *.windows.net *.youtube.com *.youtube-nocookie.com *.twitter.com *.instagram.com *.googletagmanager.com twitter.com; child-src 'self' blob: *.google.com *.doubleclick.net *.googlesyndication.com *.facebook.com *.facebook.net *.youtube.com *.googletagmanager.com *.twitter.com; img-src 'self' data: blob: https://membershipprofileimage.s3.amazonaws.com *.gstatic.com *.tawk.to tawk.link *.jsdelivr.net *.cloudflare.com *.openstreetmap.org *.favehotels.com *.arch.software *.google.co.id *.facebook.com *.google.com *.google-analytics.com *.google.es *.google.com.pr *.google.com.mx *.google.co.uk *.google.com.br *.google.co.in *.google.de *.google.com.tr *.google.co.il *.google.ca *.google.ro *.google.nl *.google.fr *.google.ie *.google.it *.google.com.au *.google.com.ec *.google.com.ph *.google.com.sg *.google.com.pk *.google.at *.google.no *.google.cl *.google.co.kr *.google.se *.google.co.jp *.google.com.pe *.google.com.my *.google.co.th *.google.co.za *.google.com.ua *.google.sk *.google.com.ng *.google.pl *.google.be *.google.fi *.google.ae *.google.com.co *.google.co.ve *.google.com.hk *.google.com.eg *.google.com.uy *.google.com.ar *.google.ch *.google.ru *.google.co.ke *.google.pt *.google.mu *.google.com.sa *.google.com.vn *.google.com.tw *.google.gr *.google.com.bd *.google.dk *.google.com.py *.google.ee *.google.co.nz *.google.co.ma *.google.cz *.google.lk *.google.bg *.google.rs *.google.com.do *.google.hu *.google.iq *.google.co.cr *.google.al *.google.jo *.google.hr *.google.com.pa *.google.com.cy *.google.com.gh *.google.lt *.google.kz *.google.com.np *.google.by *.google.dz *.google.com.sv *.google.hn *.google.com.kw *.google.com.et *.google.mk *.google.ge *.google.cn *.google.com.jm *.google.si *.google.co.ug *.google.lv *.google.md *.google.co.mz *.google.lu *.google.am *.doubleclick.net *.googlesyndication.com *.googleadservices.com *.facebook.net *.fbcdn.net *.astonhotelsinternational.com *.ampproject.org *.googleapis.com *.archipelagointernational.com *.osm.org *.ytimg.com *.youtube.com *.apple.com t.co *.twitter.com *.twimg.com *.google.com.mm *.google.tn *.google.com.qa *.google.com.bn *.google.com.tj *.google.sn *.typekit.net *.google.az *.googletagmanager.com twitter.com; font-src 'self' data: https://*.gstatic.com https://*.googleapis.com https://*.tawk.to https://*.cloudflare.com *.archipelagointernational.com https://*.fontawesome.com https://*.typekit.net; connect-src 'self' data: https://cdnjs.cloudflare.com https://customs.affilired.com wss://*.tawk.to https://*.googleapis.com https://*.gstatic.com https://*.tawk.to https://*.triptease.io https://*.favehotels.com https://*.archipelagointernational.com https://*.arch.software https://*.google.com *.google.co.id *.facebook.com https://*.google-analytics.com https://*.doubleclick.net https://*.facebook.net https://*.googleadservices.com https://*.googlesyndication.com https://*.googletagservices.com https://*.google.com.sg *.onesignal.com *.ampproject.org *.ampproject.net *.osm.org *.openstreetmap.org *.google.co.uk *.google.com.au *.astonhotelsinternational.com *.apple.com *.google.be *.google.co.in *.bookmebob.com onesignal.com *.google.nl *.google.com.ph *.google.ie *.google.de *.google.co.nz *.google.com.my *.google.com.om *.google.se *.google.co.th *.google.co.kr *.google.co.jp *.google.lk *.fontawesome.com *.google.com.sa *.google.fr *.google.co.ke *.google.md *.google.com.tr *.google.ae *.google.si *.google.co.za *.google.ee *.google.com.bn *.google.it *.google.dk *.google.com.mx t.co *.twitter.com *.twimg.com *.google.pt *.google.at *.google.ca *.google.tn *.google.by *.google.com.mm *.google.fi *.google.com.ar *.google.com.ua *.google.es *.google.hu *.google.com.eg *.google.ro *.google.com.hk *.google.com.qa *.google.ru *.google.cz *.google.com.tj *.google.com.br *.typekit.net *.google.iq *.google.am *.google.com.ec *.google.lv https://*.googletagmanager.com https://twitter.com; manifest-src 'self' https://*.favehotels.com; base-uri 'self'; form-action 'self' https://*.google.com https://*.facebook.com https://*.facebook.net https://*.favehotels.com https://*.twitter.com; media-src 'self' https://*.tawk.to https://tawk.link https://*.google.com https://*.twimg.com; prefetch-src 'self' https://*.googlesyndication.com; worker-src 'self' blob: https://*.google.com; report-to default;
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubdomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
x-cache: Miss from cloudfront
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0qsjHFj2RvCh6D9-Unan1wLeAW8pRBzg8uKHN1NgipDNh-LnDbpXHg==
X-Firefox-Spdy: h2

static.archipelagointernational.com/v3/assets/images/homepage/archipelago-25-anniv-logo.svg

143.204.55.116

200 OK

0 B

URL HTTP/2
static.archipelagointernational.com/v3/assets/images/homepage/archipelago-25-anniv-logo.svg
IP
143.204.55.116:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /v3/assets/images/homepage/archipelago-25-anniv-logo.svg HTTP/1.1
Host: static.archipelagointernational.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: image/svg+xml
date: Tue, 08 Nov 2022 03:03:18 GMT
last-modified: Fri, 22 Jul 2022 07:57:29 GMT
etag: W/"4ac5644e8e2bd567120a31be26834fce"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800, stale-while-revalidate=7890000
x-amz-meta-cb-modifiedtime: Fri, 22 Jul 2022 07:29:09 GMT
x-amz-version-id: SRIxPtX1A9NxagxyYy3fJUCcG6PV7j5i
server: AmazonS3
content-encoding: br
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: 0CUH7MJsuDrPtCPAH5Q7jThKGVB9FACHOr5AbPVOZnPruRv7rhVGzw==
age: 1829501
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

static.archipelagointernational.com/website/assets/v1/js/bootstrap-datepicker.min.js

143.204.55.116

200 OK

0 B

URL HTTP/2
static.archipelagointernational.com/website/assets/v1/js/bootstrap-datepicker.min.js
IP
143.204.55.116:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /website/assets/v1/js/bootstrap-datepicker.min.js HTTP/1.1
Host: static.archipelagointernational.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/x-javascript
date: Sat, 05 Nov 2022 06:52:57 GMT
last-modified: Tue, 16 Nov 2021 07:16:16 GMT
etag: W/"241a419bd65535b6569f46797779c43e"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800, stale-while-revalidate=7890000
x-amz-meta-cb-modifiedtime: Tue, 16 Nov 2021 03:21:52 GMT
x-amz-version-id: sLzN3vp_2jioGYO5FURSdylGSZuJCgyf
server: AmazonS3
content-encoding: br
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: pvfDWYepOg_rqkWWV29h2jnn1V9MYVlB02BkcRS5RVNCE9S4IFbfgg==
age: 2074923
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

static.archipelagointernational.com/website/assets/v1/css/bootstrap-datepicker.min.css

143.204.55.116

200 OK

0 B

URL HTTP/2
static.archipelagointernational.com/website/assets/v1/css/bootstrap-datepicker.min.css
IP
143.204.55.116:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /website/assets/v1/css/bootstrap-datepicker.min.css HTTP/1.1
Host: static.archipelagointernational.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
date: Thu, 03 Nov 2022 05:42:16 GMT
last-modified: Tue, 16 Nov 2021 07:16:45 GMT
etag: W/"6c64af21a8a40fde79d8e92d44f8b7ce"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800, stale-while-revalidate=7890000
x-amz-meta-cb-modifiedtime: Tue, 16 Nov 2021 03:19:57 GMT
x-amz-version-id: VT_2E2V.7T.4OcvbOZYnGIvq3GQouCOO
server: AmazonS3
content-encoding: br
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: wIdsIrXW84zEAshp-IczifY8fno_7To9lEeHVkKWfNw2w6e4Ew-6gg==
age: 2251963
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

static.archipelagointernational.com/website/assets/v1/js/js.cookie.min.js

143.204.55.116

200 OK

0 B

URL HTTP/2
static.archipelagointernational.com/website/assets/v1/js/js.cookie.min.js
IP
143.204.55.116:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /website/assets/v1/js/js.cookie.min.js HTTP/1.1
Host: static.archipelagointernational.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
date: Sat, 12 Nov 2022 04:23:33 GMT
last-modified: Tue, 16 Nov 2021 07:16:17 GMT
etag: W/"77171e2314cd3ff8454b4dacd8ac5965"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800, stale-while-revalidate=7890000
x-amz-meta-cb-modifiedtime: Tue, 16 Nov 2021 03:20:59 GMT
x-amz-version-id: p1zSGQn2HBk7_w1IHjM05YuHHc0qjAtH
server: AmazonS3
content-encoding: br
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: TH60VAU4MPD7Bh1Dew6TPrezpL_LoaFXLHaah0jKWr74UX3--dGPug==
age: 1479086
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

onboard.triptease.io/bootstrap/v5951.65010/bootstrap.js

104.21.40.231

200 OK

0 B

URL HTTP/2
onboard.triptease.io/bootstrap/v5951.65010/bootstrap.js
IP
104.21.40.231:0
ASN
#13335 CLOUDFLARENET

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /bootstrap/v5951.65010/bootstrap.js HTTP/1.1
Host: onboard.triptease.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.favehotels.com
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Tue, 29 Nov 2022 07:14:59 GMT
content-type: application/javascript; charset=utf-8
cf-ray: 77198cb46cd4b4e8-OSL
access-control-allow-origin: *
cache-control: public, max-age=31536000
etag: W/"f7a8215d6d81376632f1994e7591b41a"
expires: Wed, 29 Nov 2023 06:36:23 GMT
last-modified: Mon, 28 Nov 2022 15:28:51 GMT
strict-transport-security: max-age=15552000
vary: Accept-Encoding
cf-cache-status: MISS
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-goog-generation: 1669649331091398
x-goog-hash: crc32c=KjFj/Q==, md5=96ghXW2BN2Yy8ZlOdZG0Gg==
x-goog-meta-build-version: 5951.65010
x-goog-meta-git-hash: c13dc4984d62bd3a0b5131599fed58b2d236f856
x-goog-metageneration: 1
x-goog-storage-class: MULTI_REGIONAL
x-goog-stored-content-encoding: identity
x-goog-stored-content-length: 101957
x-guploader-uploadid: ADPycdvZN09BUm5cslhjXo2u1VajaA4z3Cre-0VxA9brrh3tBHlE1FdYVmOLrgykmwFQUlqrhVAD27BcSM_o0J6P9jJHNR4q3-yz
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=REjQxIPayoU2D0nPN3WXwwF5zGQNeBSTUvema6L0CIrZ91kiYQo3%2Bg0ifrY1MSrcGMw3P%2FizQDMshpnid5ilLiDJo6m9cSXs1KaqpRlzYt8EOP3Osk8z4E9ea%2FN4SHkiheZMAxxZng%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
content-encoding: br
X-Firefox-Spdy: h2

static.archipelagointernational.com/website/assets/v1/js/jquery.fancybox.min.js

143.204.55.116

200 OK

0 B

URL HTTP/2
static.archipelagointernational.com/website/assets/v1/js/jquery.fancybox.min.js
IP
143.204.55.116:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /website/assets/v1/js/jquery.fancybox.min.js HTTP/1.1
Host: static.archipelagointernational.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/x-javascript
date: Mon, 31 Oct 2022 01:15:50 GMT
last-modified: Tue, 16 Nov 2021 07:16:16 GMT
etag: W/"b762d7a222031899a8b3d8fa8e6a21cf"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800, stale-while-revalidate=7890000
x-amz-meta-cb-modifiedtime: Tue, 16 Nov 2021 03:22:16 GMT
x-amz-version-id: JbTSIOfYBXwVfUZg6Fi4uY_CdPUVZjEN
server: AmazonS3
content-encoding: br
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: up9bmqurNStT09NaZgPtgvkc_xR5tZiSS8FS2v-nwdGSd-fYn3ApBg==
age: 2527148
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

static.archipelagointernational.com/website/assets/v1/css/swiper.min.css

143.204.55.116

200 OK

0 B

URL HTTP/2
static.archipelagointernational.com/website/assets/v1/css/swiper.min.css
IP
143.204.55.116:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /website/assets/v1/css/swiper.min.css HTTP/1.1
Host: static.archipelagointernational.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.favehotels.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
date: Wed, 09 Nov 2022 06:19:33 GMT
last-modified: Tue, 16 Nov 2021 07:16:45 GMT
etag: W/"f29b1aec530d4ecb1255894948203345"
x-amz-server-side-encryption: AES256
cache-control: public, max-age=604800, stale-while-revalidate=7890000
x-amz-meta-cb-modifiedtime: Tue, 16 Nov 2021 03:20:15 GMT
x-amz-version-id: i06bkX6H6H7dg9boMwHySTVqmyP9l5wh
server: AmazonS3
content-encoding: br
x-cache: Hit from cloudfront
via: 1.1 aac54e3fe9825ce24d51e0204433c2c0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
alt-svc: h3=":443"; ma=86400
x-amz-cf-id: OEFV3Bqkohthi5M06eIHMFaDQvRdD_d3bDAlh9lkSxWmnwbAK8xbCA==
age: 1731327
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
referrer-policy: origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
permissions-policy: geolocation=(self "https://www.google-analytics.com"), camera=(), fullscreen=(self), microphone=()
report-to: {"group":"default","max_age":31536000,"endpoints":[{"url":"https://sentec.report-uri.com/a/d/g"}],"include_subdomains":true}
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (58)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations