hoteldel.com/experience/holidays/?utm_source=SDTA&utm_medium=email&utm_campaign=TSY_HDC_FY22_BRAND_HOLIDAY&utm_content=holiday
301 Moved Permanently 162 B URL HTTP/1.1 hoteldel.com/experience/holidays/?utm_source=SDTA&utm_medium=email&utm_campaign=TSY_HDC_FY22_BRAND_HOLIDAY&utm_content=holiday
IP
ASN #209242 Cloudflare London, LLC
File type HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 4f8e702cc244ec5d4de32740c0ecbd97
3adb1f02d5b6054de0046e367c1d687b6cdf7aff
9e17cb15dd75bbbd5dbb984eda674863c3b10ab72613cf8a39a00c3e11a8492a
GET /experience/holidays/?utm_source=SDTA&utm_medium=email&utm_campaign=TSY_HDC_FY22_BRAND_HOLIDAY&utm_content=holiday HTTP/1.1
Host: hoteldel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Thu, 26 Jan 2023 23:59:46 GMT
Content-Type: text/html
Content-Length: 162
Connection: keep-alive
Location: https://hoteldel.com/experience/holidays/?utm_source=SDTA&utm_medium=email&utm_campaign=TSY_HDC_FY22_BRAND_HOLIDAY&utm_content=holiday
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=uOKsjtgksqTTeNam924gSIj%2B2%2F2jpxFce6Cq33Hw%2BSwO9VvyToLCFFpkSJkGJok%2BIu6WF0uWyKP6JIBZMZCN3NiNZGYI72BP7VDhY7SaVgK7A%2BSZGVlZvbmE1HeZgw%3D%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 78fd3449db15b517-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5fe582397f3003b225cb9058e02c2190
68174a54a8f6c4de9247ccea2dcae3c9b76bdb9f
238a2ef5b61d56353d0a5e97ec3092b8f2792cde7cecf40e1a858f8c129d3a9d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "238A2EF5B61D56353D0A5E97EC3092B8F2792CDE7CECF40E1A858F8C129D3A9D"
Last-Modified: Wed, 25 Jan 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13682
Expires: Fri, 27 Jan 2023 03:47:48 GMT
Date: Thu, 26 Jan 2023 23:59:46 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2405562765b49b2782ebd2e2994851d5
be7ac8e558f7875bb1fb86ab5ec674424a5ff269
422cfa907461cb7b93b9089d600052f9e94951e5e0c93d97651905002e48ad3e
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "422CFA907461CB7B93B9089D600052F9E94951E5E0C93D97651905002E48AD3E"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13010
Expires: Fri, 27 Jan 2023 03:36:36 GMT
Date: Thu, 26 Jan 2023 23:59:46 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash dcd75ca6daca51c5e39d431468511793
07f76d3bf23d65c9110d810fa71a994e39e085d3
73672a816da4450fe2c938b08d7ae002d9ca29fdcbd3e29cc97084d826f8b459
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Retry-After, Content-Type, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Thu, 26 Jan 2023 23:35:18 GMT
content-type: application/json
age: 1468
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 69f73ac59327cd9ad7d99816ccfcc03e
c54844f82dbee0d5ee4c8ce344eb0139373e6c6b
e81c685b2d8f0e31b89e5cfc911a2c5a99a556646830ac5a8468d991b5e871a3
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "E81C685B2D8F0E31B89E5CFC911A2C5A99A556646830AC5A8468D991B5E871A3"
Last-Modified: Thu, 26 Jan 2023 04:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5813
Expires: Fri, 27 Jan 2023 01:36:39 GMT
Date: Thu, 26 Jan 2023 23:59:46 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: MrJ4aQmk6XBQrnxA/3TEQcTh/4DhwsVJPUC2+Gc2rN6nz9bKiyDkaiiKxcPjVyll05BgXnI3IzU=
x-amz-request-id: GDYZ1NV0N26YHH9G
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 26 Jan 2023 23:49:11 GMT
age: 635
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 23:59:46 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Last-Modified, ETag, Expires, Backoff, Content-Length, Cache-Control, Alert, Retry-After, Pragma
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Thu, 26 Jan 2023 23:49:01 GMT
age: 646
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash c398b6b39d11d25b8ae9bc5cd94a1c98
640aa8c399ced71d0c2a9f5a90fbaf091b01d642
a6f07f7c6a4746acc25457c726701df33120628dfb578bc4982448d8efee5855
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A6F07F7C6A4746ACC25457C726701DF33120628DFB578BC4982448D8EFEE5855"
Last-Modified: Tue, 24 Jan 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7426
Expires: Fri, 27 Jan 2023 02:03:33 GMT
Date: Thu, 26 Jan 2023 23:59:47 GMT
Connection: keep-alive
hoteldel.com/experience/holidays/?utm_source=SDTA&utm_medium=email&utm_campaign=TSY_HDC_FY22_BRAND_HOLIDAY&utm_content=holiday
200 OK 56 kB URL HTTP/2 hoteldel.com/experience/holidays/?utm_source=SDTA&utm_medium=email&utm_campaign=TSY_HDC_FY22_BRAND_HOLIDAY&utm_content=holiday
IP
ASN #209242 Cloudflare London, LLC
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (38415)
Hash 79c4796373570be10cdee916c25b2ffb
08ffd0c992c48700072e84dc90aaeed6c8c0e730
5075086a23fe01158dccdfd86b4c8ce7a7b870bc4fcd84fd2ea3131b9c7762b8
GET /experience/holidays/?utm_source=SDTA&utm_medium=email&utm_campaign=TSY_HDC_FY22_BRAND_HOLIDAY&utm_content=holiday HTTP/1.1
Host: hoteldel.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:59:47 GMT
content-type: text/html; charset=UTF-8
vary: Accept-Encoding, Accept-Encoding, Accept-Encoding, Accept-Encoding,Cookie
link: <https://hoteldel.com/wp-json/>; rel="https://api.w.org/", <https://hoteldel.com/wp-json/wp/v2/experience/4369>; rel="alternate"; type="application/json", <https://hoteldel.com/?p=4369>; rel=shortlink
x-powered-by: WP Engine
x-cacheable: SHORT
cache-control: max-age=600, must-revalidate
x-cache: MISS
x-cache-group: normal
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
x-frame-options: sameorigin
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=mSSTPYa0IuEIyRILS77gPTq%2FUHLo11tK7LbUA7MCfFUIFzJEBk%2BGGxLawRdzUaXNq9J2VxC74dD7Zsnn2eG8q8HtkRPDUE0Wm9xezFimDpz6lvR470TTVg5NoV9szA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 78fd344c49150b4d-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
assets.adobedtm.com/launch-EN02272261e0b845508227acf3ca0c37de.min.js
200 OK 122 kB URL HTTP/2 assets.adobedtm.com/launch-EN02272261e0b845508227acf3ca0c37de.min.js
IP
File type ASCII text, with very long lines (32721)
Size 122 kB (122485 bytes)
Hash eedaa5df8121366de6d39a880135c6fc
82ae255f31d5486364f100d5f8f0f81954bab533
8ff30fe320b5b245f0d54752700a4b63a6a6551a3988492fb0a8bb167c876f3b
GET /launch-EN02272261e0b845508227acf3ca0c37de.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "54f2b9be201a96aaccf86a7e6e036793:1674168970.402456"
last-modified: Thu, 19 Jan 2023 22:56:10 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Fri, 27 Jan 2023 00:59:47 GMT
date: Thu, 26 Jan 2023 23:59:47 GMT
content-length: 122485
access-control-allow-origin: https://hoteldel.com
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 82e3abc4a7b17efedca67cf215f4bb60
e20e55d87591af7db3a4bcfc429048f85e389b85
df8901d4d87686fb11e17986f5d53cf513f675b4dd71f0a2e35c7ffbefa7fb9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:59:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 3WtLjev0rKiBfEZnCA4JfA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: ynBaoCfIWdrqQ4aR+AYCbaKrv7Y=
www.googletagmanager.com/gtm.js?id=GTM-THXPFB6
200 OK 56 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-THXPFB6
IP
File type ASCII text, with very long lines (24133)
Hash 5115b6fb78acd487715043825c1f8886
a36d49f8d7c585d1513c4728704d1b8638413a95
58ee8b925025f5f9fc5419f5bc611ffeb9b0d5c021ae40efaba227da69ad6774
GET /gtm.js?id=GTM-THXPFB6 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 26 Jan 2023 23:59:47 GMT
expires: Thu, 26 Jan 2023 23:59:47 GMT
cache-control: private, max-age=900
last-modified: Thu, 26 Jan 2023 21:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 55524
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 82e3abc4a7b17efedca67cf215f4bb60
e20e55d87591af7db3a4bcfc429048f85e389b85
df8901d4d87686fb11e17986f5d53cf513f675b4dd71f0a2e35c7ffbefa7fb9e
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:59:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 2.7 kB IP
Hash c19f0e79bbf93270f3c1996ee6dae55c
f4d68ccd4c2c5be7e15e51219af44abcb26ba67b
e5fc11134a4c6e35bcc03777a7330115e0b8db97df8d9cd6d569130e7eb5e1f0
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:59:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2013561.fls.doubleclick.net/activityi;src=2013561;type=micro372;cat=delma0;u1=SANQQQQ;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5095371333591.26?
200 OK 229 B URL HTTP/2 2013561.fls.doubleclick.net/activityi;src=2013561;type=micro372;cat=delma0;u1=SANQQQQ;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5095371333591.26?
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (462), with no line terminators
Hash a83b61fe30b0decece77d957c071b897
5beb01b117ca6e923c9d53527ed20f72f12f1a42
a95232d752f47139e067b911dcaed48bba6e5a7d5a74dc0ac11e1263791eacf3
GET /activityi;src=2013561;type=micro372;cat=delma0;u1=SANQQQQ;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5095371333591.26? HTTP/1.1
Host: 2013561.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 23:59:47 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 229
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 27-Jan-2023 00:14:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash a74494062e6a7972fc90481d1e630c64
ffe981a21eb348523070407acd3cdd38e3d2246c
d203fd0d814143acff3b5ffbe352337fb0e5d4c283b945ff74f9085b22d42840
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:59:47 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash cc8b29c355cba75d2582e11c76f0ec51
ccd644797e98c5932796ba2b9dc46b10e0c56536
745b5910a72a9c51a8dd5538d484f6922290de1769a3fed88429f1e6dc9bce0a
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 26 Jan 2023 23:59:47 GMT
Last-Modified: Thu, 26 Jan 2023 23:01:12 GMT
Server: ECS (bsa/EB11)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: XZQtzEUly-INLdxDbycMVB2uRuxnWEEdxSkI3TofTUQdCXG2awHjoA==
Age: 3515
assets.adobedtm.com/5e68f1ab8856/6f5249f15557/000ff25a67a5/EX9d85f19b2bb9438d88e8200a247afa89-libraryCode_source.min.js
200 OK 14 kB URL HTTP/2 assets.adobedtm.com/5e68f1ab8856/6f5249f15557/000ff25a67a5/EX9d85f19b2bb9438d88e8200a247afa89-libraryCode_source.min.js
IP
File type ASCII text, with very long lines (32747)
Hash 4f8958f27327b8441e17666376e63edb
846745ec17359f9e8c859d013397fda166a606e5
3803d247dc18741584676feb73add914e3fe034a9b82bb03bc245ed7216f5d46
GET /5e68f1ab8856/6f5249f15557/000ff25a67a5/EX9d85f19b2bb9438d88e8200a247afa89-libraryCode_source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "27b5941ea36dee80992801b7d8b8efaf:1674168971.208224"
last-modified: Thu, 19 Jan 2023 22:56:11 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Fri, 27 Jan 2023 00:59:48 GMT
date: Thu, 26 Jan 2023 23:59:48 GMT
content-length: 14051
access-control-allow-origin: https://hoteldel.com
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_AudienceManagement.min.js
200 OK 8.8 kB URL HTTP/2 assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_AudienceManagement.min.js
IP
File type exported SGML document, ASCII text, with very long lines (24999)
Hash 753f93d291c48425bacf2eb9b49af1b8
57addc900449e93b1ffdb17b801924ef04882423
ba0b01787fff115c87c40274a96f4df218c04625dbd64887e44c34ba4552882c
GET /extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_AudienceManagement.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "d220d501715e0484d0dddeac614f902c:1663863410.217006"
last-modified: Thu, 22 Sep 2022 16:16:50 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 8755
expires: Fri, 27 Jan 2023 00:59:48 GMT
date: Thu, 26 Jan 2023 23:59:48 GMT
cache-control: no-cache
access-control-allow-origin: https://hoteldel.com
timing-allow-origin: *
X-Firefox-Spdy: h2
consent.trustarc.com/notice?domain=hiltongdpr.com&c=teconsent>m=1&text=true&pcookie&js=nj¬iceType=bb&oc=1
200 OK 4.2 kB URL HTTP/2 consent.trustarc.com/notice?domain=hiltongdpr.com&c=teconsent>m=1&text=true&pcookie&js=nj¬iceType=bb&oc=1
IP
File type ASCII text, with very long lines (2892)
Hash 77ef05883ae47b13c8cb628c05ea0239
be5945c4c0287aa5bf5c210e8ab41c410a9d7f67
3f4f0a0784b9b65676e79740931812193a6708e6894825284358a2b7f1b1ed14
GET /notice?domain=hiltongdpr.com&c=teconsent>m=1&text=true&pcookie&js=nj¬iceType=bb&oc=1 HTTP/1.1
Host: consent.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 4164
date: Thu, 26 Jan 2023 23:40:39 GMT
content-encoding: gzip
expires: Fri, 27 Jan 2023 00:40:39 GMT
cache-control: max-age=3600
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cloudfront-viewer-country: NO
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rC95Hvi4QvCTQIlPmQwYsIUwWZU5gJvYhxbaak1ydgmiW7YtOFc2fA==
age: 1149
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash dfa9dc702504acce47cb04d6a8baca2c
1f929541d4bd86c02ab87572391767192b098c7e
d11455044effe3f1093b7655fb5ac5ef7f36bd8c71f989217d8de54066ca1b79
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5236
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:59:48 GMT
Last-Modified: Thu, 26 Jan 2023 22:32:32 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1674777587861
302 Found 0 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1674777587861
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1674777587861 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hoteldel.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-0687cfe76.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1674777587861
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=32459014742018133390744422764368673088; Max-Age=15552000; Expires=Tue, 25 Jul 2023 23:59:48 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: 6rxYpMxvSw8=
Content-Length: 0
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 97ccaa279f6ade845b71b57615d40388
5186089108dca0136feab418da66a9e027c7e427
515128c713e98c9a0546c35d9a1e0719057136509b5b2312e4af56a9acc80ec2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:59:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
consent.trustarc.com/log?domain=hiltongdpr.com&country=no&state=&behavior=expressed&c=1e52
200 OK 43 B URL HTTP/2 consent.trustarc.com/log?domain=hiltongdpr.com&country=no&state=&behavior=expressed&c=1e52
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /log?domain=hiltongdpr.com&country=no&state=&behavior=expressed&c=1e52 HTTP/1.1
Host: consent.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 43
date: Thu, 26 Jan 2023 23:59:48 GMT
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
x-cache: Miss from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WiIC8_sRZfnRCwp44L0nBacc0DLgOruQn4xc0lsqz7JEMTCsHUHj0A==
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
X-Firefox-Spdy: h2
adservice.google.com/ddm/fls/i/src=2013561;type=micro372;cat=delma0;u1=SANQQQQ;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5095371333591.26;~oref=https://hoteldel.com/
200 OK 230 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=2013561;type=micro372;cat=delma0;u1=SANQQQQ;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5095371333591.26;~oref=https://hoteldel.com/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (461), with no line terminators
Hash 4b79bb0a5981f16770478f332a0026f4
293d2add77e2bad3547c4b35ec87f95157cfbeb9
311cab63ef7ee9cfcffccff60d6649048dd342b9e097a17a801eeeadd031227d
GET /ddm/fls/i/src=2013561;type=micro372;cat=delma0;u1=SANQQQQ;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5095371333591.26;~oref=https://hoteldel.com/ HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2013561.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 23:59:48 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 230
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
assets.adobedtm.com/5e68f1ab8856/6f5249f15557/000ff25a67a5/RCe267924711084c2ea517049a0a0b2543-source.min.js
200 OK 787 B URL HTTP/2 assets.adobedtm.com/5e68f1ab8856/6f5249f15557/000ff25a67a5/RCe267924711084c2ea517049a0a0b2543-source.min.js
IP
File type ASCII text, with very long lines (1191)
Hash 7b1e7179f2af29ef28ec111675a45082
f030dcee2703fbcbeca5717f5491a76edd385d7c
690f6632691bda326958dd810af10ccd2f765ef6a1e00250dff773cb4f21e83f
GET /5e68f1ab8856/6f5249f15557/000ff25a67a5/RCe267924711084c2ea517049a0a0b2543-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "27b5941ea36dee80992801b7d8b8efaf:1674168971.208224"
last-modified: Thu, 19 Jan 2023 22:56:11 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Fri, 27 Jan 2023 00:59:48 GMT
date: Thu, 26 Jan 2023 23:59:48 GMT
content-length: 787
access-control-allow-origin: https://hoteldel.com
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 97ccaa279f6ade845b71b57615d40388
5186089108dca0136feab418da66a9e027c7e427
515128c713e98c9a0546c35d9a1e0719057136509b5b2312e4af56a9acc80ec2
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:59:48 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
consent-pref.trustarc.com/images/loading.gif
200 OK 2.6 kB URL HTTP/2 consent-pref.trustarc.com/images/loading.gif
IP
File type GIF image data, version 89a, 31 x 31\012- data
Hash 394bafc3cc4dfb3a0ee48c1f54669539
5640ea4d0eba1c390f587ec69463c9a5196b7fa2
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
GET /images/loading.gif HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 2608
server: nginx
accept-ranges: bytes
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
date: Thu, 26 Jan 2023 01:26:00 GMT
etag: W/"2608-1672991998000"
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: q28FZN_gdiY-vdY7b28jLhHW2V2F1_VCgQiiroBDJ-UqOPe_aTCLoA==
age: 81228
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Origin
X-Firefox-Spdy: h2
dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1674777587861
200 OK 124 B URL HTTP/1.1 dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1674777587861
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 1f6783349ac4177ec3b3845fd520dca6
d84e7a43a8c8ff6f1a568ad6cb4162767f5b32b7
64bc30aa6a9d9e5396bb67c6af32c31f5ca6610641f0bdea10d759281df6adca
GET /id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1674777587861 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hoteldel.com
Content-Type: application/x-www-form-urlencoded
Referer: https://hoteldel.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hoteldel.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-1-v045-03c381005.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-Error: 172
X-TID: 6bFa5TZ1QwA=
Content-Length: 124
Connection: keep-alive
consent.trustarc.com/asset/notice.js/v/v1.7-10255
200 OK 24 kB URL HTTP/2 consent.trustarc.com/asset/notice.js/v/v1.7-10255
IP
Hash 5b913e79a974b410f97e8e092594ec41
f2e048a2346d200eaa67dadf7101055436cac3a2
bdf289f1fbb70d7c84b539b4931b579320868394fa00234a76d62645b6b92334
GET /asset/notice.js/v/v1.7-10255 HTTP/1.1
Host: consent.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
last-modified: Wed, 18 Jan 2023 04:54:48 GMT
pragma: public
timing-allow-origin: *
content-encoding: gzip
date: Thu, 26 Jan 2023 23:48:37 GMT
expires: Sat, 25 Feb 2023 23:48:36 GMT
cache-control: max-age=2592000
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fuGOE0jTcoe7gpcwuNHGDfl-7qXZZGZg7FpfNn302KqNuMZgPGqblg==
age: 672
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
200 OK 4.6 kB URL HTTP/2 consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
IP
Hash 0e073132eb23cfffebcffd0266b4cac9
7d4b7a0f2d1cf98ba4338403208d2587ca847cac
edf9a23a431fb9516ada0e03dc289c11b9f31d2b7998c25eca7e41628a574fa2
GET /?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/ HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
content-encoding: gzip
date: Thu, 26 Jan 2023 22:27:57 GMT
etag: W/"5147-1672991998000"
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: U1wXjYgcLqQ2HIlfzxpcVokk_Pk4eCVTcxWgqECMMZxtjEThi8Au8A==
age: 5511
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
adservice.google.no/ddm/fls/i/src=2013561;type=micro372;cat=delma0;u1=SANQQQQ;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5095371333591.26;~oref=https://hoteldel.com/
200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=2013561;type=micro372;cat=delma0;u1=SANQQQQ;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5095371333591.26;~oref=https://hoteldel.com/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=2013561;type=micro372;cat=delma0;u1=SANQQQQ;dc_lat=;dc_rdid=;tag_for_child_directed_treatment=;ord=5095371333591.26;~oref=https://hoteldel.com/ HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 23:59:48 GMT
expires: Thu, 26 Jan 2023 23:59:48 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
js.adsrvr.org/up_loader.1.1.0.js
200 OK 1.9 kB URL HTTP/1.1 js.adsrvr.org/up_loader.1.1.0.js
IP
File type ASCII text, with very long lines (4593), with no line terminators
Hash 8dc722d27824e60548fd25752623cd07
33d66ad1a4a162e2d6c9ed732d6c9af79635fc4d
14ce9119fe06fb2d363ba3c824e9f5b3f212f1f39dfab38c836fa13a20daec1b
GET /up_loader.1.1.0.js HTTP/1.1
Host: js.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/x-javascript
Transfer-Encoding: chunked
Connection: keep-alive
Last-Modified: Thu, 24 Sep 2020 15:15:34 GMT
Server: AmazonS3
Content-Encoding: gzip
Date: Thu, 26 Jan 2023 06:03:08 GMT
ETag: W/"98d98b3499058b76d58073cf8ede2f10"
Vary: Accept-Encoding
X-Cache: Hit from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: XTaHeDUyRnmsZZZmhYp9WuS0k5fJV-7xddlZSbgPD4NhGb8YVBo7MA==
Age: 64602
dp58aslhmbcib.cloudfront.net/static/cache/css/output.34846959e9a8.css
200 OK 332 B URL HTTP/2 dp58aslhmbcib.cloudfront.net/static/cache/css/output.34846959e9a8.css
IP
File type ASCII text, with very long lines (2522), with no line terminators
Hash 001907b87e05991d1961f86f1ce7a0bb
e09fcef2012ab21ec2a1e8697bcbbcbd498084b0
bf6395a520565dc78675aa52d7d8c9f07d7e6ef37fbbb8738cc261535a60ba68
GET /static/cache/css/output.34846959e9a8.css HTTP/1.1
Host: dp58aslhmbcib.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fareharbor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
content-length: 332
date: Tue, 17 Jan 2023 01:07:51 GMT
cache-control: public
content-encoding: gzip
etag: "63c20eb1-9da"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Sat, 14 Jan 2023 02:08:49 GMT
server: nginx/1.22.1
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-fh-loadbalancer: production-appservers_docker-a-0
x-xss-protection: 1; mode=block
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -aTIEPfhRs8P8tzCawGB-e__WhshsjbgGScz1sm18vM7qlnuxWLmMg==
age: 859917
X-Firefox-Spdy: h2
consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html
200 OK 47 kB URL HTTP/2 consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html
IP
Hash 9128b1171bfb82285b0eb62f6b591e51
40989c2d250b220efd5fc52c040754029011a81e
4b7eac34c79b874386569f3c93b6b01633baf486534046c525108ce8f20c6788
GET /defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Wed, 18 Jan 2023 05:03:36 GMT
server: nginx
etag: W/"142492-1672992016000"
last-modified: Fri, 06 Jan 2023 08:00:16 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UONiYzv0GYk4mAg7-UdxEVLRooj4c1S-RjsABBSdmcK-peZgCUIsSw==
age: 759372
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
consent-st.trustarc.com/get?name=combined_static_cm_minified.js
200 OK 8.1 kB URL HTTP/2 consent-st.trustarc.com/get?name=combined_static_cm_minified.js
IP
Hash 8c91e5f6ea8edcd69a0257a78a34329f
14e8479abb397c92818297af8e7f2d46f02356b2
89041e1f1d09f7f43f80f192bf74ccf5d23c80a4c60be53c0d617074a562d75f
GET /get?name=combined_static_cm_minified.js HTTP/1.1
Host: consent-st.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
content-type: text/javascript
date: Mon, 16 Jan 2023 07:14:08 GMT
pragma: public
expires: Wed, 15 Feb 2023 07:14:08 GMT
cache-control: max-age=2592000
timing-allow-origin: *
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: C9F-rBQEC_ipjHvAcIrtr33YSzSETbKO6nHKkr9MDZeGF-raVL8pOQ==
age: 924340
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
X-Firefox-Spdy: h2
fareharbor.com/embeds/api/v1/?autolightframe=yes&ver=1
200 OK 8.7 kB URL HTTP/2 fareharbor.com/embeds/api/v1/?autolightframe=yes&ver=1
IP
Hash 6d34b2246417f009d1525e044d299683
796c544004063b99afa35f37a004c1d05d2e55eb
a6933333c7f22699e8a0b3db2591da5fe301e1a258f2e9332aa37b7f539539c7
GET /embeds/api/v1/?autolightframe=yes&ver=1 HTTP/1.1
Host: fareharbor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:59:48 GMT
content-type: text/javascript; charset=utf-8
cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-language: en-us
content-security-policy-report-only: form-action 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://content.fareharbor.me https://js.stripe.com *.adyen.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com https://js.pusher.com https://www.google.com *.googleapis.com https://ssl.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://www.googleadservices.com *.gstatic.com *.paypal.com https://translate.google.com https://*.pusher.com https://ssl.google-analytics.com https://www.google-analytics.com dp58aslhmbcib.cloudfront.net fareharbor.com; frame-src https://js.stripe.com https://hooks.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com https://www.google.com airtable.com player.vimeo.com facebook.com *.paypal.com https://bid.g.doubleclick.net fareharbor.com; default-src 'none'; base-uri 'self'; object-src 'none'; style-src 'unsafe-inline' content.fareharbor.me *.googleapis.com dp58aslhmbcib.cloudfront.net fareharbor.com; font-src 'self' data: fh-sites.imgix.net; connect-src wss://ws.pusherapp.com https://api.stripe.com https://www.google-analytics.com https://*.google-analytics.com https: fareharbor.com wss:; img-src data: image/svg+xml image/png cdn.filestackcontent.com fh-sites.imgix.net https://www.google-analytics.com www.tripadvisor.com https://www.google.com d.adroll.com facebook.com bat.bing.com www.googletagmanager.com https://googleads.g.doubleclick.net https://www.facebook.com https://www.filepicker.io https://www.gstatic.com dp58aslhmbcib.cloudfront.net d1a2dkr8rai8e2.cloudfront.net fareharbor.com; report-uri /csp-report/
expires: 0
p3p: CP="This is not a P3P policy."
pragma: no-cache
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Cookie
x-amzn-trace-id: Root=1-63d313f4-6c88b11f18f2cf17089aab6a
x-content-type-options: nosniff
x-fh-loadbalancer: production-appservers_docker-b-0
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash 217fbaa8fc7824107e8324ce82a519de
bb1e88ce595108216f37760e3539a1b51ad0a48a
954430d9a66fe55ca8fbd2d9069f6ae0cad407e6a1f096d91e1bd6ea39bf2be4
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4921
Cache-Control: max-age=127726
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:59:48 GMT
Etag: "63d250aa-118"
Expires: Sat, 28 Jan 2023 11:28:34 GMT
Last-Modified: Thu, 26 Jan 2023 10:06:34 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 280
snap.licdn.com/li.lms-analytics/insight.min.js
200 OK 4.8 kB URL HTTP/2 snap.licdn.com/li.lms-analytics/insight.min.js
IP
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (13351)
Hash 74f72658f6efd10c4c286ab07cd5e452
9fa4dfc644b6e818914f2f2c4fe4bdf791fd6d39
6681619d5962f95b3fccfa34a7f035664edb66522d237ea0c28a05851f9d295c
GET /li.lms-analytics/insight.min.js HTTP/1.1
Host: snap.licdn.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 10 Jan 2023 17:22:56 GMT
accept-ranges: bytes
content-type: application/x-javascript;charset=utf-8
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=59024
date: Thu, 26 Jan 2023 23:59:48 GMT
content-length: 4777
x-content-type-options: nosniff
x-cdn: AKAM
X-Firefox-Spdy: h2
cdn.branch.io/branch-latest.min.js
200 OK 22 kB URL HTTP/2 cdn.branch.io/branch-latest.min.js
IP
File type ASCII text, with very long lines (2646)
Hash 2a6320386437cc44ae1713f25f6ea30b
cf60f8578b16e8beddb82eb43d9b1f9db5491650
75622ee3451d62f121868396395909cd979874287141da4de39562ccf1f8f799
GET /branch-latest.min.js HTTP/1.1
Host: cdn.branch.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 22048
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 20:07:47 GMT
x-amz-version-id: LzwY9oP1_KD6QZAz0SCDQRP53VCVCZV0
server: AmazonS3
date: Thu, 26 Jan 2023 23:56:45 GMT
cache-control: max-age=300
etag: "2a6320386437cc44ae1713f25f6ea30b"
x-cache: Hit from cloudfront
via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UpgdQOvGKqgfQ4zpPcN2Q4-PCgGDzwq0UJQ_MWkA5em-4Y8fzwAkRg==
age: 184
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 58bee798660dae739b64c6c857490fff
bcfe56f00b749385ca3d2ffb7a68c4a13c186317
800396e3a57e9ebd98a56f8ebab32c3bc576310632d9ece8b282e88c6d20d8f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4379
Cache-Control: max-age=88380
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:59:48 GMT
Etag: "63d1b915-1d7"
Expires: Sat, 28 Jan 2023 00:32:48 GMT
Last-Modified: Wed, 25 Jan 2023 23:19:49 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
consent-pref.trustarc.com/defaultpreferencemanager/truste
200 OK 48 B URL HTTP/2 consent-pref.trustarc.com/defaultpreferencemanager/truste
IP
File type ASCII text, with no line terminators
Hash 4fcbd18573c1229f8b022041596c06ea
08a2b4114478d3b9a3906b4d7d1c3e0c22b258c6
8b354e1ff80d4c0b2a5157da4a732f0dc7e51db17d7bb6d126fb7dd5d36deeed
POST /defaultpreferencemanager/truste HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Content-Type: text/x-gwt-rpc; charset=utf-8
X-GWT-Permutation: 9F5DDAD4256889D2A2BB0A3140E8B74B
X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
Content-Length: 180
Origin: https://consent-pref.trustarc.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=utf-8
content-length: 48
date: Thu, 26 Jan 2023 23:59:48 GMT
server: nginx
content-disposition: attachment
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ggbFOmrpAphKWVyTsKiURdj_IiCkMhAkcexsFKc48vLn7nR1WcC3tw==
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
dp58aslhmbcib.cloudfront.net/static/cache/css/output.2a40a4d96366.css
200 OK 33 kB URL HTTP/2 dp58aslhmbcib.cloudfront.net/static/cache/css/output.2a40a4d96366.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash b1cb3b3616c68a43e6cf2f136321b8d6
5361c8229b6eb8ac6d4cb437790a667ef2c0dcd7
a9a14012c4972af7358b68fd7f375b1353ff45d29297b5a1e6f420d10b7455a7
GET /static/cache/css/output.2a40a4d96366.css HTTP/1.1
Host: dp58aslhmbcib.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fareharbor.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
date: Thu, 05 Jan 2023 21:35:54 GMT
cache-control: public
content-encoding: gzip
etag: "63b731c4-2dec0"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 05 Jan 2023 20:23:32 GMT
server: nginx/1.22.1
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-fh-loadbalancer: production-appservers_docker-a-7
x-xss-protection: 1; mode=block
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eVSiA0D5Z2nMQfkzyx5kg4fDfQv3tvcAApeBG7bUolFSmWSr_e-npg==
age: 1823034
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Thu, 26 Jan 2023 23:46:59 GMT
expires: Fri, 27 Jan 2023 01:46:59 GMT
cache-control: public, max-age=7200
age: 769
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
File type ASCII text, with very long lines (64348)
Hash 9ba458c0d3060a442f3094daf58ec05d
fc35d487d0dd81e6855f1b02367b755609d9608d
17087257ea25c2232c025f338b9f3153d35c3d953cb382b7b6e01728a643bc0b
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: VzTqJND+iW+9noLOj6DAOBwZrM6QGWeMSWiSkRl+cloVnaLvhHPeqMtMMfbvevGTYulIXoUK3SgTPHO94QsrIw==
priority: u=3,i
content-length: 27859
x-fb-trip-id: 1904183273
date: Thu, 26 Jan 2023 23:59:48 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 58bee798660dae739b64c6c857490fff
bcfe56f00b749385ca3d2ffb7a68c4a13c186317
800396e3a57e9ebd98a56f8ebab32c3bc576310632d9ece8b282e88c6d20d8f3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4379
Cache-Control: max-age=88380
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:59:48 GMT
Etag: "63d1b915-1d7"
Expires: Sat, 28 Jan 2023 00:32:48 GMT
Last-Modified: Wed, 25 Jan 2023 23:19:49 GMT
Server: ECS (ska/F712)
X-Cache: HIT
Content-Length: 471
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3943
Expires: Fri, 27 Jan 2023 01:05:31 GMT
Date: Thu, 26 Jan 2023 23:59:48 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3943
Expires: Fri, 27 Jan 2023 01:05:31 GMT
Date: Thu, 26 Jan 2023 23:59:48 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 2e21811f62c077f45a93d7c3b543998d
3e890a73bb51d9dd1021d5339271aa40833ba258
c6b77371a50390fd68d44ff05e080f064c16c3095df8856b330ab0c6685cd3d1
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C6B77371A50390FD68D44FF05E080F064C16C3095DF8856B330AB0C6685CD3D1"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3943
Expires: Fri, 27 Jan 2023 01:05:31 GMT
Date: Thu, 26 Jan 2023 23:59:48 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52fbb3f0-e394-4245-a542-f5d9aa7b93cc.jpeg
200 OK 9.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52fbb3f0-e394-4245-a542-f5d9aa7b93cc.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dc869235086902c4acc379733b6bfdb8
0170f6aa6bd83ddeb60cf1cb65e9f0443d8d4bae
e614e29b14e69209fd4b82a688290f7a3f541909833a6558cf480aca899bab6d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F52fbb3f0-e394-4245-a542-f5d9aa7b93cc.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9056
x-amzn-requestid: 81cf473d-8dc6-49e7-b012-d0b7dfaec7f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fB4COHTlIAMFtRg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca3a0e-0848461c054db5c66fde9107;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 06:51:58 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: fdefZSZfSJi1-C7ZTSahawckLN-To4P91H-n1cyPqw34f18VzTeHRg==
via: 1.1 23206a1c229d8877bdd053c4b05f9d12.cloudfront.net (CloudFront), 1.1 760139201585481b26f947c5f776103a.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 12:54:06 GMT
age: 39942
etag: "0170f6aa6bd83ddeb60cf1cb65e9f0443d8d4bae"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
app.link/_r?sdk=web2.71.0&branch_key=key_live_glXPM2Kabtb7o8tG8hg7fhohwraYrfE7&callback=branch_callback__0
200 OK 91 B URL HTTP/2 app.link/_r?sdk=web2.71.0&branch_key=key_live_glXPM2Kabtb7o8tG8hg7fhohwraYrfE7&callback=branch_callback__0
IP
File type ASCII text, with no line terminators
Hash 18d5ab89386d9cb54a2b40ffb1fbb970
6182c41eb91274ae18e8de5cae59822370243b82
8363fb55293e3c34af5772c87aff7217fc63282b0f914bd698b05ae086215e6d
GET /_r?sdk=web2.71.0&branch_key=key_live_glXPM2Kabtb7o8tG8hg7fhohwraYrfE7&callback=branch_callback__0 HTTP/1.1
Host: app.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 91
server: openresty
date: Thu, 26 Jan 2023 23:59:48 GMT
set-cookie: _s=cFCe85i9Kb1pONO8kSci788jp%2BNNJsXDzEVsNC8XRuoRbd1vdUp55Ie4fmKAINTT; Max-Age=31536000; Domain=.app.link; Path=/; Expires=Fri, 26 Jan 2024 23:59:48 GMT; Secure
x-content-type-options: nosniff
etag: W/"5b-YYLEHrkSdK4Y6N5crlmCI3AkO4I"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CQucIcXZsUBM7Y9SZx9UdFPAUY73xN8pdBM03fxHeEk01JgGViagWQ==
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feaa4a77d-7ed7-4b76-bcb0-24d1679a5359.jpeg
200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feaa4a77d-7ed7-4b76-bcb0-24d1679a5359.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2dfd3530064d405643a31fedd4fd7618
d8268771360e609892c5506f3114dc4f73c0aad0
b4790125e39e400c30d640cd0c64497256168892405511ec3d43b03dc0e5715a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Feaa4a77d-7ed7-4b76-bcb0-24d1679a5359.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10973
x-amzn-requestid: caff330a-0cc6-488d-be82-c09c2bb87408
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fLQYTEduIAMFZkg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cdfa9b-1f26b225062c8465440cf460;Sampled=0
x-amzn-remapped-date: Mon, 23 Jan 2023 03:10:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: L-i1AEFIP6AoWwjds6n7ohyz-Ls1HoF9CXNJS7RRDFApBceBZXmoxA==
via: 1.1 f13aef0c4b52f6f681401f232d03eb68.cloudfront.net (CloudFront), 1.1 9046e5a276a05e60ee34c8475e92b8e6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 12:29:15 GMT
age: 41433
etag: "d8268771360e609892c5506f3114dc4f73c0aad0"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59e67210-efa8-4704-9931-e876d7c8922b.jpeg
200 OK 8.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59e67210-efa8-4704-9931-e876d7c8922b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 262b43386e404cb3d320c47c4cf792c1
87f304f8583fe6b6e942a9dbcb5efb5ee94987f2
ca0f72005920b2b2f49c387314540f3cd2f3d7808f0365dfb1c491500e8a8714
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F59e67210-efa8-4704-9931-e876d7c8922b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8065
x-amzn-requestid: 4a4a6d4c-9c4b-418d-be96-8a0d1de4828a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fBYVuHZsoAMFmWw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ca0757-74c21aa22d11c4240019a4b3;Sampled=0
x-amzn-remapped-date: Fri, 20 Jan 2023 03:15:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: TXXkkbJHyvwrly_-5FH0EIkRm4EwlDJxGWBHcbwax2H_ccfMfs-5PQ==
via: 1.1 c7c3cdef911c9ee3c1a83a78f425dc5a.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:47:08 GMT
age: 7960
etag: "87f304f8583fe6b6e942a9dbcb5efb5ee94987f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
200 OK 7.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 131eb343c5abd61939457d69bd371348
ffb2035cf64fc83f01db5c6f26ffa264b6aac95b
8486eb9dc6325018f8721bc6f37408f260b6e652b145280f2d778d860d3ec2d5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fcb781854-72d1-4a71-a095-0416f886f570.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7538
x-amzn-requestid: 113924cc-a196-4dbd-91d9-68c213265afe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: e3fobF-ZoAMFjjA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63c61302-6b24941a642b22cf21e47dc0;Sampled=0
x-amzn-remapped-date: Tue, 17 Jan 2023 03:16:18 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: 2P09wOtKPDHjxxAuzcLFMQJwmGN1zNJcH9LA6IJpeaGiaPVRF4y-TA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 caf6806821bc479b28a6f1ce3043b8a6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 26 Jan 2023 21:59:56 GMT
age: 7192
etag: "ffb2035cf64fc83f01db5c6f26ffa264b6aac95b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
script.crazyegg.com/pages/scripts/0112/0335.js
200 OK 7.5 kB URL HTTP/2 script.crazyegg.com/pages/scripts/0112/0335.js
IP
Hash 225e09eb46a9f0bb6215e2ba660e9505
eaa14908a207d843820d21aa487dc5d19c27d0e8
6b3af77ab1025ae627fdc15b01ef5de0ab966a4c5d96f7107ba8ca5a0120b84e
GET /pages/scripts/0112/0335.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:59:48 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: CE-Version
ce-version: 11.5.21
cache-control: public, max-age=300, s-maxage=1209600
cf-bgj: minify
cf-polished: origSize=6088
last-modified: Thu, 26 Jan 2023 21:36:05 GMT
timing-allow-origin: *
cf-cache-status: HIT
age: 1148
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd34590e3cb4e8-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash 73a647c04d5952e0dc2d39d8352100c9
479c39276fce5d44cf2d68543c523e42acfcf7ea
de9f5a7c068492c83bb70ab964a425b46ff5ecdaf5283e9cd74f35a065109096
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:59:48 GMT
Etag: "63d2b774-1d7"
Server: ECS (amb/6BB7)
Content-Length: 471
fareharbor.com/static/jstranslation/en-us/djangojs.js
200 OK 998 B URL HTTP/2 fareharbor.com/static/jstranslation/en-us/djangojs.js
IP
Hash c82d91724f3a5f2c73a46fd2fe54aebf
ad55676deba66f12b7b9697769d3504ebaeedb98
a73227c3ce91ff8c6ec6877cff133277b5b0fa7ed21dd9e15157bb4b73afda93
GET /static/jstranslation/en-us/djangojs.js HTTP/1.1
Host: fareharbor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fareharbor.com/embeds/cart/?u=709a53c7-d643-43f4-b1f9-483cd1bc19d1&from-ssl=yes&g4=yes&a=yes&back=https://hoteldel.com/experience/holidays/%3Futm_source%3DSDTA%26utm_medium%3Demail%26utm_campaign%3DTSY_HDC_FY22_BRAND_HOLIDAY%26utm_content%3Dholiday
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:59:48 GMT
content-type: application/javascript
content-length: 998
cache-control: public
content-encoding: gzip
etag: "63d29c2e-d2b"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Thu, 26 Jan 2023 15:28:46 GMT
server: nginx/1.22.1
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-content-type-options: nosniff
x-fh-loadbalancer: production-appservers_docker-a-2
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
smetric.hilton.com/id?d_visid_ver=5.5.0&d_fieldgroup=MC&mcorgid=F0C120B3534685700A490D45%40AdobeOrg&ts=1674777588507
200 OK 48 B URL HTTP/2 smetric.hilton.com/id?d_visid_ver=5.5.0&d_fieldgroup=MC&mcorgid=F0C120B3534685700A490D45%40AdobeOrg&ts=1674777588507
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 2de0f6428f8129a3f2cb47856bf5ed68
d9a3f1bbeaee177a873b35be4c41f65a4edd3b17
32d9406234b71b1f03d749fa6724fd2e4ef615fad0d088fa9a34305b60d377bc
GET /id?d_visid_ver=5.5.0&d_fieldgroup=MC&mcorgid=F0C120B3534685700A490D45%40AdobeOrg&ts=1674777588507 HTTP/1.1
Host: smetric.hilton.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://hoteldel.com
access-control-allow-credentials: true
date: Thu, 26 Jan 2023 23:59:49 GMT
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=0%7CMCMID%7C56184423674011505584318171956225679387; Path=/; Domain=hilton.com; Max-Age=63072000; Expires=Sat, 25 Jan 2025 23:59:59 GMT; SameSite=None; Secure
s_ecid=MCMID%7C56184423674011505584318171956225679387; Path=/; Domain=hilton.com; Max-Age=63072000; Expires=Sat, 25 Jan 2025 23:59:59 GMT; SameSite=None; Secure
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 48
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ad.ipredictive.com/d/track/cvt/pixel?acct_id=49891&cache_buster=1674777586
200 OK 479 B URL HTTP/1.1 ad.ipredictive.com/d/track/cvt/pixel?acct_id=49891&cache_buster=1674777586
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 96x96, segment length 16, baseline, precision 8, 1x1, components 3\012- data
Hash 1f1be6721cdc096ab63cc0ab0235de0e
86c01db3df78bcd14371ef2b859c27b883c3791e
6899ed8fa010014f8b8f04d0bcdfa68e082df93f022a331d362d0b5a94dc3b15
GET /d/track/cvt/pixel?acct_id=49891&cache_buster=1674777586 HTTP/1.1
Host: ad.ipredictive.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Encoding: gzip
Content-Type: image/jpeg
Date: Thu, 26 Jan 2023 23:59:49 GMT
Set-Cookie: cu=1d01d217-8549-4c95-9707-9dd2137bc0d2|1674777589001; Path=/; Domain=ipredictive.com; Expires=Fri, 26 Jan 2024 23:59:49 GMT; Max-Age=31536000; SameSite=None; Secure
X-CI-RTID: 5b545441-7e94-4055-8f59-31b0807315b5
Content-Length: 479
Connection: keep-alive
dp58aslhmbcib.cloudfront.net/static/cache/js/output.6c3f8bd811f4.js
200 OK 173 kB URL HTTP/2 dp58aslhmbcib.cloudfront.net/static/cache/js/output.6c3f8bd811f4.js
IP
Size 173 kB (173081 bytes)
Hash 744e745e11249643eb16e2d42556a1c2
b5c5fbee387c4e3a2827974e8537abe5176677f9
1cc6d4d1b08a67064e7aec5c333476d1da087eabc440c8f673427bf9856298ef
GET /static/cache/js/output.6c3f8bd811f4.js HTTP/1.1
Host: dp58aslhmbcib.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fareharbor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Wed, 25 Jan 2023 14:43:38 GMT
cache-control: public
content-encoding: gzip
etag: "63d13d4b-9ce83"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 25 Jan 2023 14:31:39 GMT
server: nginx/1.22.1
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-fh-loadbalancer: production-appservers_docker-a-9
x-xss-protection: 1; mode=block
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OD9ZO6BeQOMtZePzVxP6V_r-aAc_pZQER4B6GnF_L4IaHX4nB3jw4g==
age: 119770
X-Firefox-Spdy: h2
script.crazyegg.com/pages/data-scripts/0112/0335/site/hoteldel.com.json?t=1
200 OK 1.9 kB URL HTTP/2 script.crazyegg.com/pages/data-scripts/0112/0335/site/hoteldel.com.json?t=1
IP
File type JSON data\012- , ASCII text, with very long lines (6729), with no line terminators
Hash c578453ed33b36ddd3d4a06c9d29c744
9cc178d832e7d6961dc65a244c38c8140b398acd
58f94386ed89e8d734e65cf7800768fc82301bcb1b01462b8624e725a65a7a50
GET /pages/data-scripts/0112/0335/site/hoteldel.com.json?t=1 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:59:49 GMT
content-type: application/json
content-length: 1917
access-control-expose-headers: CE-Version
ce-version: 11.5.21
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Thu, 26 Jan 2023 23:40:41 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 1148
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd345bfc59b50f-OSL
X-Firefox-Spdy: h2
cdn.linkedin.oribi.io/partner/3860260/domain/hoteldel.com/token
200 OK 534 B URL HTTP/2 cdn.linkedin.oribi.io/partner/3860260/domain/hoteldel.com/token
IP
Hash 3ed56e6539be6ede2c32ec8ec4a56d16
9eb41788a2c5799a9342698595b16928ae18eb35
31107255145256852250bfa6a942727f57764c21c4eff3f6295aac5712c84cab
GET /partner/3860260/domain/hoteldel.com/token HTTP/1.1
Host: cdn.linkedin.oribi.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: *
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
date: Thu, 26 Jan 2023 23:51:55 GMT
access-control-allow-origin: *
cache-control: public, max-age=3600
content-encoding: gzip
vary: accept-encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gKI1eVHIHY1sqtMs1xRoEMb_YiFgagJLUahUNYKhAHi-23W7dMqPNg==
age: 474
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1f4c8e17a668764556ab61c7c31e53c7
ada5ee5917ab9faf3d55a6da1d5bfc3077e42de2
8ac89ed8b6650ea140c2eac1b1dd61f8498e97e278e6bd6debfd803a588e2468
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-25841763-1&cid=1628001951.1674777589&jid=1188087528&gjid=490410027&_gid=1493897585.1674777589&_u=YGBAiEABBAAAAEAAI~&z=586350959
200 OK 4 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-25841763-1&cid=1628001951.1674777589&jid=1188087528&gjid=490410027&_gid=1493897585.1674777589&_u=YGBAiEABBAAAAEAAI~&z=586350959
IP
File type ASCII text, with no line terminators
Hash 48c0473b7821185d937e685216e2168b
3743e47f8a429a5e87b86cb582d78940733d9d2e
570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-25841763-1&cid=1628001951.1674777589&jid=1188087528&gjid=490410027&_gid=1493897585.1674777589&_u=YGBAiEABBAAAAEAAI~&z=586350959 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://hoteldel.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 26 Jan 2023 23:59:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-25841763-5&cid=1628001951.1674777589&jid=1051799026&gjid=348479140&_gid=1493897585.1674777589&_u=YGDAiEABBAAAAEAAI~&z=1028901324
200 OK 1 B URL HTTP/2 stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-25841763-5&cid=1628001951.1674777589&jid=1051799026&gjid=348479140&_gid=1493897585.1674777589&_u=YGDAiEABBAAAAEAAI~&z=1028901324
IP
File type very short file (no magic)
Hash c4ca4238a0b923820dcc509a6f75849b
356a192b7913b04c54574d18c28d46e6395428ab
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-25841763-5&cid=1628001951.1674777589&jid=1051799026&gjid=348479140&_gid=1493897585.1674777589&_u=YGDAiEABBAAAAEAAI~&z=1028901324 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://hoteldel.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 26 Jan 2023 23:59:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 1
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 1f4c8e17a668764556ab61c7c31e53c7
ada5ee5917ab9faf3d55a6da1d5bfc3077e42de2
8ac89ed8b6650ea140c2eac1b1dd61f8498e97e278e6bd6debfd803a588e2468
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
px.ads.linkedin.com/collect?v=2&fmt=js&pid=3860260&time=1674777588571&url=https%3A%2F%2Fhoteldel.com%2Fexperience%2Fholidays%2F%3Futm_source%3DSDTA%26utm_medium%3Demail%26utm_campaign%3DTSY_HDC_FY22_BRAND_HOLIDAY%26utm_content%3Dholiday
302 Found 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=3860260&time=1674777588571&url=https%3A%2F%2Fhoteldel.com%2Fexperience%2Fholidays%2F%3Futm_source%3DSDTA%26utm_medium%3Demail%26utm_campaign%3DTSY_HDC_FY22_BRAND_HOLIDAY%26utm_content%3Dholiday
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=3860260&time=1674777588571&url=https%3A%2F%2Fhoteldel.com%2Fexperience%2Fholidays%2F%3Futm_source%3DSDTA%26utm_medium%3Demail%26utm_campaign%3DTSY_HDC_FY22_BRAND_HOLIDAY%26utm_content%3Dholiday HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
location: https://www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3860260%26time%3D1674777588571%26url%3Dhttps%253A%252F%252Fhoteldel.com%252Fexperience%252Fholidays%252F%253Futm_source%253DSDTA%2526utm_medium%253Demail%2526utm_campaign%253DTSY_HDC_FY22_BRAND_HOLIDAY%2526utm_content%253Dholiday%26liSync%3Dtrue
set-cookie: UserMatchHistory=AQK-7GwGbq303AAAAYXwhfW_aOMZLjAmmHYqW1iOAm9L_jq_gOZKK1i_xv6-RUMz7N0WV5WD2wc7fg; Max-Age=2592000; Expires=Sat, 25 Feb 2023 23:59:49 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
AnalyticsSyncHistory=AQJgUcXm_8mnmQAAAYXwhfW_S_oqP5aENiE4Kr0vnrCspEX70SRrcEZ-eFMsYHWG6udLc1zLhTKSWcTSKoi5DA; Max-Age=2592000; Expires=Sat, 25 Feb 2023 23:59:49 GMT; SameSite=None; Path=/; Domain=.linkedin.com; Secure
lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&bf7818cc-1048-4a7f-8a71-4c9dbd3317f2"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 26-Jan-2024 23:59:49 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2422:u=1:x=1:i=1674777589:t=1674863989:v=2:sig=AQHrMdDtAUM4SdvP4XRGAYybOHHZbgeY"; Expires=Fri, 27 Jan 2023 23:59:49 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXzM4tH4GJu2aXfDza//g==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: D03D5182BEF344F2AE1578497CEDA973 Ref B: OSL30EDGE0116 Ref C: 2023-01-26T23:59:49Z
date: Thu, 26 Jan 2023 23:59:48 GMT
content-length: 0
X-Firefox-Spdy: h2
api2.branch.io/v1/open
200 OK 272 B IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 50f0aab1114dccf2e3d4357ac958b289
fb24de39d947a48393a564e7d5c7b71a21918490
2146c3aca166853dcc4350398e3346b7a0dc42c9ecd80059e4cc2ac2551f2c55
POST /v1/open HTTP/1.1
Host: api2.branch.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 336
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-length: 272
access-control-allow-origin: *
cache-control: no-cache
date: Thu, 26 Jan 2023 23:59:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZffaItnM58bjS_Zga9c3gv4tV7Nfy8AYLfF-C7ix7FDztR_j9zQ2og==
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=184626848574372&ev=PageView&dl=https%3A%2F%2Fhoteldel.com%2Fexperience%2Fholidays%2F%3Futm_source%3DSDTA%26utm_medium%3Demail%26utm_campaign%3DTSY_HDC_FY22_BRAND_HOLIDAY%26utm_content%3Dholiday&rl=&if=false&ts=1674777589233&sw=1280&sh=1024&v=2.9.94&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1674777589232.1215442537&it=1674777588744&coo=false&exp=b3&rqm=GET
200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=184626848574372&ev=PageView&dl=https%3A%2F%2Fhoteldel.com%2Fexperience%2Fholidays%2F%3Futm_source%3DSDTA%26utm_medium%3Demail%26utm_campaign%3DTSY_HDC_FY22_BRAND_HOLIDAY%26utm_content%3Dholiday&rl=&if=false&ts=1674777589233&sw=1280&sh=1024&v=2.9.94&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1674777589232.1215442537&it=1674777588744&coo=false&exp=b3&rqm=GET
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=184626848574372&ev=PageView&dl=https%3A%2F%2Fhoteldel.com%2Fexperience%2Fholidays%2F%3Futm_source%3DSDTA%26utm_medium%3Demail%26utm_campaign%3DTSY_HDC_FY22_BRAND_HOLIDAY%26utm_content%3Dholiday&rl=&if=false&ts=1674777589233&sw=1280&sh=1024&v=2.9.94&r=stable&ec=0&o=30&cs_est=true&fbp=fb.1.1674777589232.1215442537&it=1674777588744&coo=false&exp=b3&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin: https://hoteldel.com
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Thu, 26 Jan 2023 23:59:49 GMT
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash f2460c8c41af24f0be92e6cbc1feaaf9
18fa4a8f80df7b8ddadc8948ee1e8ecf446feee9
b0c5e7085cbf1845cfb8b8ca208096281c6bb3a412a000f6bf2a85bf8c49395d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C5E7085CBF1845CFB8B8CA208096281C6BB3A412A000F6BF2A85BF8C49395D"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8291
Expires: Fri, 27 Jan 2023 02:18:00 GMT
Date: Thu, 26 Jan 2023 23:59:49 GMT
Connection: keep-alive
o10963.ingest.sentry.io/api/5933789/envelope/?sentry_key=3c9ece80fbdf4edfaf944d2be20b4532&sentry_version=7
200 OK 2 B URL HTTP/2 o10963.ingest.sentry.io/api/5933789/envelope/?sentry_key=3c9ece80fbdf4edfaf944d2be20b4532&sentry_version=7
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/5933789/envelope/?sentry_key=3c9ece80fbdf4edfaf944d2be20b4532&sentry_version=7 HTTP/1.1
Host: o10963.ingest.sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fareharbor.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://fareharbor.com
Content-Length: 459
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 23:59:49 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: https://fareharbor.com
access-control-expose-headers: x-sentry-error, x-sentry-rate-limits, retry-after
vary: Origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
fh-sites.imgix.net/fonts/roboto/roboto-v20-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2
200 OK 51 kB URL HTTP/2 fh-sites.imgix.net/fonts/roboto/roboto-v20-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 51116, version 1.0\012- data
Hash 9549360090baf2eb8b25d3a9708fc19d
3229ae839d33696d39c89dc0d3e193fe985f1da4
a7bf1f115e60e0c8f3b335df66d4d77baaae4eb11d2cea2cf7c5b4693403a46f
GET /fonts/roboto/roboto-v20-vietnamese_latin-ext_latin_greek-ext_greek_cyrillic-ext_cyrillic-regular.woff2 HTTP/1.1
Host: fh-sites.imgix.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://fareharbor.com
Connection: keep-alive
Referer: https://dp58aslhmbcib.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: public, max-age=315360000
last-modified: Thu, 24 Sep 2020 23:44:49 GMT
server: imgix
x-imgix-id: 4c8dac6ea6a85c8c41b67aee30211153f2529382
x-imgix-render-farm: 01.584
date: Thu, 26 Jan 2023 23:59:49 GMT
age: 4797538
accept-ranges: bytes
content-type: application/octet-stream
access-control-allow-origin: *
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
x-served-by: cache-sjc10078-SJC, cache-hel1410024-HEL
x-cache: HIT, HIT
content-length: 51116
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 4.8 kB IP
ASN #20940 Akamai International B.V.
Hash 0cfb980a2647c28cb3f1b24b89b0b43e
540c9c69238b453895da8b3c2cb4f85a5818b4ce
d7df4fea40672452946f3477628846a76514da3d3e91a853f49327b531da9673
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "B0C5E7085CBF1845CFB8B8CA208096281C6BB3A412A000F6BF2A85BF8C49395D"
Last-Modified: Thu, 26 Jan 2023 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8291
Expires: Fri, 27 Jan 2023 02:18:00 GMT
Date: Thu, 26 Jan 2023 23:59:49 GMT
Connection: keep-alive
o10963.ingest.sentry.io/api/5933789/envelope/?sentry_key=3c9ece80fbdf4edfaf944d2be20b4532&sentry_version=7
200 OK 2 B URL HTTP/2 o10963.ingest.sentry.io/api/5933789/envelope/?sentry_key=3c9ece80fbdf4edfaf944d2be20b4532&sentry_version=7
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/5933789/envelope/?sentry_key=3c9ece80fbdf4edfaf944d2be20b4532&sentry_version=7 HTTP/1.1
Host: o10963.ingest.sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fareharbor.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://fareharbor.com
Content-Length: 464
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 23:59:49 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: https://fareharbor.com
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
vary: Origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
o10963.ingest.sentry.io/api/5933789/envelope/?sentry_key=3c9ece80fbdf4edfaf944d2be20b4532&sentry_version=7
200 OK 2 B URL HTTP/2 o10963.ingest.sentry.io/api/5933789/envelope/?sentry_key=3c9ece80fbdf4edfaf944d2be20b4532&sentry_version=7
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /api/5933789/envelope/?sentry_key=3c9ece80fbdf4edfaf944d2be20b4532&sentry_version=7 HTTP/1.1
Host: o10963.ingest.sentry.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://fareharbor.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://fareharbor.com
Content-Length: 459
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Thu, 26 Jan 2023 23:59:49 GMT
content-type: application/json
content-length: 2
access-control-allow-origin: https://fareharbor.com
access-control-expose-headers: x-sentry-rate-limits, retry-after, x-sentry-error
vary: Origin
x-envoy-upstream-service-time: 0
strict-transport-security: max-age=31536000; includeSubDomains; preload
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 280 B IP
Hash c4f7419edd9aa1d1626534e2345b297a
0d72a162560fe6bf39529d2cb85ceb89b5361e43
e0177f93922f32423fa90aa470d4a739e8c540267ecda45bc0be7e5ff21e8110
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 485
Cache-Control: max-age=130852
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:59:49 GMT
Etag: "63d26e34-118"
Expires: Sat, 28 Jan 2023 12:20:41 GMT
Last-Modified: Thu, 26 Jan 2023 12:12:36 GMT
Server: ECS (amb/6BB7)
X-Cache: HIT
Content-Length: 280
www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3860260%26time%3D1674777588571%26url%3Dhttps%253A%252F%252Fhoteldel.com%252Fexperience%252Fholidays%252F%253Futm_source%253DSDTA%2526utm_medium%253Demail%2526utm_campaign%253DTSY_HDC_FY22_BRAND_HOLIDAY%2526utm_content%253Dholiday%26liSync%3Dtrue
302 Found 111 kB URL HTTP/2 www.linkedin.com/px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3860260%26time%3D1674777588571%26url%3Dhttps%253A%252F%252Fhoteldel.com%252Fexperience%252Fholidays%252F%253Futm_source%253DSDTA%2526utm_medium%253Demail%2526utm_campaign%253DTSY_HDC_FY22_BRAND_HOLIDAY%2526utm_content%253Dholiday%26liSync%3Dtrue
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Size 111 kB (110589 bytes)
Hash 3f8caaa17bbc19535d5bb08d64640d15
effc68cd5684c4187fe48b252ee04a06b13750da
11913633ebd42b873239fa0e15be6c9b2bdb6f0e2639db405a1fef66f01cda28
GET /px/li_sync?redirect=https%3A%2F%2Fpx.ads.linkedin.com%2Fcollect%3Fv%3D2%26fmt%3Djs%26pid%3D3860260%26time%3D1674777588571%26url%3Dhttps%253A%252F%252Fhoteldel.com%252Fexperience%252Fholidays%252F%253Futm_source%253DSDTA%2526utm_medium%253Demail%2526utm_campaign%253DTSY_HDC_FY22_BRAND_HOLIDAY%2526utm_content%253Dholiday%26liSync%3Dtrue HTTP/1.1
Host: www.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hoteldel.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
cache-control: no-cache, no-store
pragma: no-cache
expires: Thu, 01 Jan 1970 00:00:00 GMT
location: https://px.ads.linkedin.com/collect?v=2&fmt=js&pid=3860260&time=1674777588571&url=https%3A%2F%2Fhoteldel.com%2Fexperience%2Fholidays%2F%3Futm_source%3DSDTA%26utm_medium%3Demail%26utm_campaign%3DTSY_HDC_FY22_BRAND_HOLIDAY%26utm_content%3Dholiday&liSync=true
set-cookie: lang=v=2&lang=en-us; Domain=linkedin.com; Path=/; Secure; SameSite=None
bcookie="v=2&e51c298e-9ef3-482c-8fe9-9a8eac292858"; Domain=.linkedin.com; Expires=Fri, 26-Jan-2024 23:59:49 GMT; Path=/; Secure; SameSite=None
bscookie="v=1&20230126235949a6646159-0c59-4aa1-8c13-7f65b99c2af2AQFNCVqnecjaPJgftwgkpZeQZMyolvq0"; Domain=.www.linkedin.com; Expires=Fri, 26-Jan-2024 23:59:49 GMT; Path=/; HttpOnly; Secure; SameSite=None
li_gc=MTswOzE2NzQ3Nzc1ODk7MjswMjF72NQneK4i9Uldddp84GW4wesZaySG0yur3SczPnJTCw==; Domain=.linkedin.com; Expires=Tue, 25 Jul 2023 23:59:49 GMT; Path=/; Secure; SameSite=None
lidc="b=VGST09:s=V:r=V:a=V:p=V:g=2478:u=1:x=1:i=1674777589:t=1674863989:v=2:sig=AQGjlgMLYoCSwDdq9RoFFYEonh-4CMYr"; Expires=Fri, 27 Jan 2023 23:59:49 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
content-security-policy: default-src *; connect-src 'self' *.licdn.com *.linkedin.com wss://*.linkedin.com dpm.demdex.net/id lnkd.demdex.net blob: accounts.google.com/gsi/ linkedin.sc.omtrdc.net/b/ss/ *.qualtrics.com *.adyen.com *.microsoft.com; img-src data: blob: *; font-src data: *; style-src 'unsafe-inline' 'self' static-src.linkedin.com *.licdn.com; script-src 'unsafe-inline' 'unsafe-eval' 'self' spdy.linkedin.com static-src.linkedin.com *.ads.linkedin.com *.licdn.com static.chartbeat.com bcvipva02.rightnowtech.com www.bizographics.com sjs.bizographics.com js.bizographics.com d.la4-c1-was.salesforceliveagent.com platform.linkedin.com platform-akam.linkedin.com platform-ecst.linkedin.com platform-azur.linkedin.com; object-src 'none'; media-src blob: *; worker-src blob: 'self'; frame-src blob: lnkd-communities: voyager: *; frame-ancestors 'self' *.linkedin.com teams.microsoft.com client.learningapp.microsoft.com; report-uri /security/csp?e=p&f=t
x-frame-options: sameorigin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000
expect-ct: max-age=86400, report-uri="https://www.linkedin.com/platform-telemetry/ct"
x-li-fabric: prod-lva1
report-to: {"group":"network-errors","max_age":2592000,"endpoints":[{"url":"https://www.linkedin.com/li/rep"}],"include_subdomains":true}
nel: {"report_to":"network-errors","max_age":1296000,"success_fraction":0.00066,"failure_fraction":1,"include_subdomains":true}
x-li-pop: afd-prod-lva1-x
x-li-proto: http/2
x-li-uuid: AAXzM4tNpP8zLQGN75ggVQ==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 852E488EAFFC44D9B282C05A97230C76 Ref B: OSL30EDGE0116 Ref C: 2023-01-26T23:59:49Z
date: Thu, 26 Jan 2023 23:59:49 GMT
content-length: 0
X-Firefox-Spdy: h2
geoip-js.com/geoip/v2.1/country/me?referrer=https%3A%2F%2Ffareharbor.com
200 OK 683 B URL HTTP/2 geoip-js.com/geoip/v2.1/country/me?referrer=https%3A%2F%2Ffareharbor.com
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (609), with no line terminators
Hash eddb393a25242a01fe176cccbd24a4e8
6da61b97900bbf9ad1acf20336276395d89629f4
ab30f84c0953022159fb8eaee5e3fe290ee2052756b3c727956cf9e4e9bfae0b
GET /geoip/v2.1/country/me?referrer=https%3A%2F%2Ffareharbor.com HTTP/1.1
Host: geoip-js.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://fareharbor.com
Connection: keep-alive
Referer: https://fareharbor.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:59:49 GMT
content-type: application/vnd.maxmind.com-country+json; charset=UTF-8; version=2.1
content-length: 683
access-control-allow-origin: *
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 78fd345ed9b0b512-OSL
X-Firefox-Spdy: h2
dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&d_mid=56184423674011505584318171956225679387&ts=1674777589485
200 OK 1.7 kB URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&d_mid=56184423674011505584318171956225679387&ts=1674777589485
IP
File type JSON data\012- , ASCII text, with very long lines (5444), with no line terminators
Hash d4e47f233b412d2cd4db33a339b9edfe
8a1fca86ff5bb66812b928c9315aed17217d0e12
7b78379ab515ae733ed9b270aa75ec25ada2ea50dfbbf1e14af6592dfe43ddf1
GET /id?d_visid_ver=5.5.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&d_mid=56184423674011505584318171956225679387&ts=1674777589485 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://hoteldel.com
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v045-000256d3c.edge-irl1.demdex.com 3 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=56160066948349770414316028745229750612; Max-Age=15552000; Expires=Tue, 25 Jul 2023 23:59:49 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: N9L2vKaURIQ=
Content-Length: 1715
Connection: keep-alive
fareharbor.com/api/v1/persistence/709a53c7-d643-43f4-b1f9-483cd1bc19d1/
200 OK 24 B URL HTTP/2 fareharbor.com/api/v1/persistence/709a53c7-d643-43f4-b1f9-483cd1bc19d1/
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 309b2178203de5a131d3de57b8833209
d303aadfd5a6a760b2fa533758dc5322806fd147
665dfdc1859f43c9f0626d980a4efe4647c5a5d42c12020ac8d136e42c1b0fb7
GET /api/v1/persistence/709a53c7-d643-43f4-b1f9-483cd1bc19d1/ HTTP/1.1
Host: fareharbor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-FH-Target-Language: en-us
X-Requested-With: XMLHttpRequest
X-CSRFToken: qyhKXhDKD3ijz5BVtyq3pqNcr6GWWvMbLn0qwFVTy1Qq4rf7NTlFP87vEgZ5bHTj
sentry-trace: a5c602084b264e0798f1026c384c9add-94c4267a68509b99-0
Connection: keep-alive
Referer: https://fareharbor.com/embeds/cart/?u=709a53c7-d643-43f4-b1f9-483cd1bc19d1&from-ssl=yes&g4=yes&a=yes&back=https://hoteldel.com/experience/holidays/%3Futm_source%3DSDTA%26utm_medium%3Demail%26utm_campaign%3DTSY_HDC_FY22_BRAND_HOLIDAY%26utm_content%3Dholiday
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:59:49 GMT
content-type: application/json
content-length: 24
content-language: en-us
p3p: CP="This is not a P3P policy."
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Cookie
x-amzn-trace-id: Root=1-63d313f5-2176519b77911e9b272ecd57
x-content-type-options: nosniff
x-fh-loadbalancer: production-appservers_docker-a-7
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
smetric.hilton.com/b/ss/hiltonglobalprod/10/JS-2.21.0-LCXS/s17601726374678?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=26%2F0%2F2023%2023%3A59%3A49%204%200&d.&nsid=0&jsonv=1&.d&mid=56184423674011505584318171956225679387&aamlh=6&ce=UTF-8&pageName=hotel-del-coronado%3Aexperience%3Aholidays&g=https%3A%2F%2Fhoteldel.com%2Fexperience%2Fholidays%2F%3Futm_source%3DSDTA%26utm_medium%3Demail%26utm_campaign%3DTSY_HDC_FY22_BRAND_HOLIDAY%26utm_content%3Dholiday&c.&getQueryParam=4.0&getPreviousValue=3.0&.c&cc=USD&ch=experience&products=%3BSANQQQQ&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&c1=SANQQQQ&c2=D%3Dv59&c3=D%3Dv24&c4=Logged-out&c6=images%2Ctext&c8=hotel-del-coronado&c9=D%3Dv46&v10=%2B1&c11=D%3Dv40&c12=D%3Dv63&c13=D%3Dv150&c14=Winter%20At%20The%20Del%20%7C%20Celebrate%20at%20Hotel%20del%20Coronado&c15=R&c16=D%3Dv49&c17=experience%3Aholidays&v17=D%3Dv18&c24=hoteldel.com&v24=en&v25=Logged-out&v27=hotel-del-coronado%3Aexperience%3Aholidays&c28=D%3Dv9&c35=D%3Dv135&c37=D%3Dv24&c38=D%3Dv59&c39=D%3Dv46&v43=D%3Dc8&v46=experience&v47=D%3Dc15&v49=L&c52=core.page-bottom%7C%7Cundefined%7CGW%20-%20Global%20Standard%20%28AT%29&c53=2023-1-26%2023%3A59%3A49&v59=qq&v81=USA&v111=Control%20Group&v131=Not%20Available&v135=old%20hilton&v150=https%3A%2F%2Fhoteldel.com%2Fexperience%2Fholidays%2F&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F0C120B3534685700A490D45%40AdobeOrg&AQE=1
200 OK 5.9 kB URL HTTP/2 smetric.hilton.com/b/ss/hiltonglobalprod/10/JS-2.21.0-LCXS/s17601726374678?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=26%2F0%2F2023%2023%3A59%3A49%204%200&d.&nsid=0&jsonv=1&.d&mid=56184423674011505584318171956225679387&aamlh=6&ce=UTF-8&pageName=hotel-del-coronado%3Aexperience%3Aholidays&g=https%3A%2F%2Fhoteldel.com%2Fexperience%2Fholidays%2F%3Futm_source%3DSDTA%26utm_medium%3Demail%26utm_campaign%3DTSY_HDC_FY22_BRAND_HOLIDAY%26utm_content%3Dholiday&c.&getQueryParam=4.0&getPreviousValue=3.0&.c&cc=USD&ch=experience&products=%3BSANQQQQ&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&c1=SANQQQQ&c2=D%3Dv59&c3=D%3Dv24&c4=Logged-out&c6=images%2Ctext&c8=hotel-del-coronado&c9=D%3Dv46&v10=%2B1&c11=D%3Dv40&c12=D%3Dv63&c13=D%3Dv150&c14=Winter%20At%20The%20Del%20%7C%20Celebrate%20at%20Hotel%20del%20Coronado&c15=R&c16=D%3Dv49&c17=experience%3Aholidays&v17=D%3Dv18&c24=hoteldel.com&v24=en&v25=Logged-out&v27=hotel-del-coronado%3Aexperience%3Aholidays&c28=D%3Dv9&c35=D%3Dv135&c37=D%3Dv24&c38=D%3Dv59&c39=D%3Dv46&v43=D%3Dc8&v46=experience&v47=D%3Dc15&v49=L&c52=core.page-bottom%7C%7Cundefined%7CGW%20-%20Global%20Standard%20%28AT%29&c53=2023-1-26%2023%3A59%3A49&v59=qq&v81=USA&v111=Control%20Group&v131=Not%20Available&v135=old%20hilton&v150=https%3A%2F%2Fhoteldel.com%2Fexperience%2Fholidays%2F&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F0C120B3534685700A490D45%40AdobeOrg&AQE=1
IP
File type ASCII text, with very long lines (5887)
Hash 7628816c9a3a389e4ee9dd8bc7d49d33
42b8c4968f1daf1ba9d2fd47ed183edde62a51f4
45f035d0130ce32f8a99cc5eebeb25823bce8fdf949268c2b2869d91e6351314
GET /b/ss/hiltonglobalprod/10/JS-2.21.0-LCXS/s17601726374678?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=26%2F0%2F2023%2023%3A59%3A49%204%200&d.&nsid=0&jsonv=1&.d&mid=56184423674011505584318171956225679387&aamlh=6&ce=UTF-8&pageName=hotel-del-coronado%3Aexperience%3Aholidays&g=https%3A%2F%2Fhoteldel.com%2Fexperience%2Fholidays%2F%3Futm_source%3DSDTA%26utm_medium%3Demail%26utm_campaign%3DTSY_HDC_FY22_BRAND_HOLIDAY%26utm_content%3Dholiday&c.&getQueryParam=4.0&getPreviousValue=3.0&.c&cc=USD&ch=experience&products=%3BSANQQQQ&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&c1=SANQQQQ&c2=D%3Dv59&c3=D%3Dv24&c4=Logged-out&c6=images%2Ctext&c8=hotel-del-coronado&c9=D%3Dv46&v10=%2B1&c11=D%3Dv40&c12=D%3Dv63&c13=D%3Dv150&c14=Winter%20At%20The%20Del%20%7C%20Celebrate%20at%20Hotel%20del%20Coronado&c15=R&c16=D%3Dv49&c17=experience%3Aholidays&v17=D%3Dv18&c24=hoteldel.com&v24=en&v25=Logged-out&v27=hotel-del-coronado%3Aexperience%3Aholidays&c28=D%3Dv9&c35=D%3Dv135&c37=D%3Dv24&c38=D%3Dv59&c39=D%3Dv46&v43=D%3Dc8&v46=experience&v47=D%3Dc15&v49=L&c52=core.page-bottom%7C%7Cundefined%7CGW%20-%20Global%20Standard%20%28AT%29&c53=2023-1-26%2023%3A59%3A49&v59=qq&v81=USA&v111=Control%20Group&v131=Not%20Available&v135=old%20hilton&v150=https%3A%2F%2Fhoteldel.com%2Fexperience%2Fholidays%2F&s=1280x1024&c=24&j=1.6&v=N&k=Y&bw=1280&bh=939&mcorgid=F0C120B3534685700A490D45%40AdobeOrg&AQE=1 HTTP/1.1
Host: smetric.hilton.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=0%7CMCMID%7C56184423674011505584318171956225679387; s_ecid=MCMID%7C56184423674011505584318171956225679387
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Thu, 26 Jan 2023 23:59:49 GMT
expires: Wed, 25 Jan 2023 23:59:49 GMT
last-modified: Fri, 27 Jan 2023 23:59:49 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_ecid=MCMID%7C56184423674011505584318171956225679387; Path=/; Domain=hilton.com; Max-Age=63072000; Expires=Sat, 25 Jan 2025 23:59:59 GMT; SameSite=None; Secure
etag: 3596557488104505344-4619772096833828402
vary: *
dcs: dcs-prod-irl1-1-v045-0078c8bc4.edge-irl1.demdex.com 6 ms
x-aam-tid: GQdAHaBkTG0=
content-type: application/x-javascript;charset=utf-8
content-length: 5888
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
consent-pref.trustarc.com/defaultpreferencemanager/truste
200 OK 398 B URL HTTP/2 consent-pref.trustarc.com/defaultpreferencemanager/truste
IP
File type ASCII text, with very long lines (910), with no line terminators
Hash 92aa447af9ce924e41b5a6c94d6d3c28
1e11097fdbe90ee9ec08d36ea2ee346f1b53decb
c225af078d467139e8e84986ef37ed7109b4379cc65881cd967abb61e1cc433f
POST /defaultpreferencemanager/truste HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Content-Type: text/x-gwt-rpc; charset=utf-8
X-GWT-Permutation: 9F5DDAD4256889D2A2BB0A3140E8B74B
X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
Content-Length: 246
Origin: https://consent-pref.trustarc.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=utf-8
content-length: 398
date: Thu, 26 Jan 2023 23:59:49 GMT
server: nginx
content-encoding: gzip
content-disposition: attachment
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Xak-Po39KrFAdrk4bdegbhj7pZWmfKefixcFOUqzdroIaLRkdY4BqA==
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
script.crazyegg.com/pages/versioned/common-scripts/a71ff47379fe64aec2ec12080229caf0.js
200 OK 27 kB URL HTTP/2 script.crazyegg.com/pages/versioned/common-scripts/a71ff47379fe64aec2ec12080229caf0.js
IP
File type ASCII text, with very long lines (63889)
Hash 3049aeefed95bc075d6055d1c9d07fd3
977b8ffb472e03f7cc58c68265ed21dea9e5991a
f470ab12c1d63a86564518602ae7b82bb327eb5b6fe85b54126190b98273847a
GET /pages/versioned/common-scripts/a71ff47379fe64aec2ec12080229caf0.js HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:59:49 GMT
content-type: text/javascript
content-length: 26918
cache-control: public, max-age=31536000, s-maxage=31536000
timing-allow-origin: *
last-modified: Tue, 24 Jan 2023 13:05:04 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 8956
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd34609b97b4e8-OSL
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 3ebf9d7211aba4c70b84fb470a61b414
28fe29a24e47d6abda88eeeb5e22eddda03c7fca
a8276e099d9d8452b65b70d161a459fae25afb37cea7eff9cc5563b7de972acc
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:59:49 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-25841763-1&cid=1628001951.1674777589&jid=1188087528&_u=YGBAiEABBAAAAEAAI~&z=439125281
200 OK 42 B URL HTTP/2 www.google.no/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-25841763-1&cid=1628001951.1674777589&jid=1188087528&_u=YGBAiEABBAAAAEAAI~&z=439125281
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-25841763-1&cid=1628001951.1674777589&jid=1188087528&_u=YGBAiEABBAAAAEAAI~&z=439125281 HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 23:59:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
consent-pref.trustarc.com/EuPreferenceManager.css
200 OK 6.8 kB URL HTTP/2 consent-pref.trustarc.com/EuPreferenceManager.css
IP
Hash 09321bff280a5ef7fd02aede2c4a1738
d11bdea0b93fc8de543b60a494f02454e11d930d
01e7ac8f70251e010ca0f59a7e831fa5e4e4fe8c51f7ede821be35fb43c452f4
GET /EuPreferenceManager.css HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
server: nginx
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
content-encoding: gzip
date: Thu, 26 Jan 2023 23:59:49 GMT
expires: Thu, 26 Jan 2023 23:59:48 GMT
cache-control: no-cache
etag: W/"29043-1672991998000"
x-cache: RefreshHit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YivgR7eLC8WswyS-JnB3yrZwD-T0KQGvUTgXO7_E8pGFE4nTDSTBvg==
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
consent-pref.trustarc.com/defaultpreferencemanager/truste
200 OK 4.2 kB URL HTTP/2 consent-pref.trustarc.com/defaultpreferencemanager/truste
IP
File type Unicode text, UTF-8 text, with very long lines (14340), with no line terminators
Hash 1deb666082635f0fb442a7a5cffb8339
74619d472d1660e0e88435bc88b78286e26cae45
a6d979849655dc494eaf6b27f6cf6bb14e6fa3c02b2039938c69f4931f1c4108
POST /defaultpreferencemanager/truste HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Content-Type: text/x-gwt-rpc; charset=utf-8
X-GWT-Permutation: 9F5DDAD4256889D2A2BB0A3140E8B74B
X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
Content-Length: 240
Origin: https://consent-pref.trustarc.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=utf-8
content-length: 4172
date: Thu, 26 Jan 2023 23:59:49 GMT
server: nginx
content-encoding: gzip
content-disposition: attachment
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0LKvTB4il-L7WQ6K0yXDDny6mbs8sEJWRDUUNbx9mtjKuHYCT4l6CQ==
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
script.crazyegg.com/pages/data-scripts/0112/0335/sampling/hoteldel.com.json?t=465215
200 OK 146 B URL HTTP/2 script.crazyegg.com/pages/data-scripts/0112/0335/sampling/hoteldel.com.json?t=465215
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 734170ba8fff89eb369247fea9ef956d
e7436dec2cca31dd8291cb89bfda3bdc77b5d570
a34ace74f3e8892d024b8939c6b3509255ea32d5b522dc0f2cf8470dfaca4702
GET /pages/data-scripts/0112/0335/sampling/hoteldel.com.json?t=465215 HTTP/1.1
Host: script.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:59:49 GMT
content-type: application/json
content-length: 146
access-control-expose-headers: CE-Version
ce-version: 11.5.21
cache-control: public, max-age=300, s-maxage=1209600
timing-allow-origin: *
last-modified: Thu, 26 Jan 2023 23:40:41 GMT
content-encoding: gzip
access-control-allow-origin: *
cf-cache-status: HIT
age: 1148
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 78fd34613fdfb50f-OSL
X-Firefox-Spdy: h2
www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-25841763-1&cid=1628001951.1674777589&jid=1765410277&_u=YGDACEABBAAAAGAAI~&z=1895633197
200 OK 42 B URL HTTP/2 www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-25841763-1&cid=1628001951.1674777589&jid=1765410277&_u=YGDACEABBAAAAGAAI~&z=1895633197
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-25841763-1&cid=1628001951.1674777589&jid=1765410277&_u=YGDACEABBAAAAGAAI~&z=1895633197 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 23:59:49 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 828fff395e93f7be2544b97ca2a81e09
2d9b76b7bb7e4505707e6fa30cdaaf80ae05fb88
90d1e5a199f990e517064222bb83c7bb7db1217300c25b14637df3c74f4029d1
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 26 Jan 2023 23:59:49 GMT
Last-Modified: Thu, 26 Jan 2023 23:45:40 GMT
Server: ECS (nyb/1D32)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 4jvjPzXT-3FpOSQUPQONpGhb-hw5RiJ2VEIWY_T1T5J1owjYnlRPbQ==
Age: 849
api2.branch.io/v1/pageview
200 OK 110 kB URL HTTP/2 api2.branch.io/v1/pageview
IP
File type gzip compressed data, from Unix\012- data
Size 110 kB (110225 bytes)
Hash 9c58e192cf235ccd05f3e2752584bfd6
bae35347bd88eed02f2732b5f9c56267674e8671
eca00b595a65bd15406da9a56068a62bf14fb3c06cc0f03cbcaebdc4fb9644cf
POST /v1/pageview HTTP/1.1
Host: api2.branch.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 2340
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-length: 29
access-control-allow-origin: *
date: Thu, 26 Jan 2023 23:59:49 GMT
etag: W/"1d-0Z1F50chJJpy5srE0HvlOYosSzw"
strict-transport-security: max-age=31536000; includeSubDomains
x-branch-request-id: 72c59d6041444e3b81e023e103fb0966-2023012623
x-powered-by: Express
x-cache: Miss from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5Nrk6MKqSZ78IvHWLVSbEXQQv-SPwIL-Y5Q92mKvK4wxJDiJ0IFaEg==
X-Firefox-Spdy: h2
consent-pref.trustarc.com/images/trustarc-logo-small.png
200 OK 4.2 kB URL HTTP/2 consent-pref.trustarc.com/images/trustarc-logo-small.png
IP
File type PNG image data, 198 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash 01e1b7108fa9f6b54f403309a1616588
e3328418159b7371b64a6cff199b2812c4d0b9c1
91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004
GET /images/trustarc-logo-small.png HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 4197
server: nginx
accept-ranges: bytes
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
date: Thu, 26 Jan 2023 23:30:57 GMT
etag: W/"4197-1672991998000"
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GQuH3hkYpZ1dcHXox-ZAJvdjFkWVbAXmV0k8qR_MIi5Lzp8VomIN8w==
age: 1738
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Origin
X-Firefox-Spdy: h2
px.ads.linkedin.com/collect?v=2&fmt=js&pid=3860260&time=1674777588571&url=https%3A%2F%2Fhoteldel.com%2Fexperience%2Fholidays%2F%3Futm_source%3DSDTA%26utm_medium%3Demail%26utm_campaign%3DTSY_HDC_FY22_BRAND_HOLIDAY%26utm_content%3Dholiday&liSync=true
200 OK 0 B URL HTTP/2 px.ads.linkedin.com/collect?v=2&fmt=js&pid=3860260&time=1674777588571&url=https%3A%2F%2Fhoteldel.com%2Fexperience%2Fholidays%2F%3Futm_source%3DSDTA%26utm_medium%3Demail%26utm_campaign%3DTSY_HDC_FY22_BRAND_HOLIDAY%26utm_content%3Dholiday&liSync=true
IP
ASN #8068 MICROSOFT-CORP-MSN-AS-BLOCK
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /collect?v=2&fmt=js&pid=3860260&time=1674777588571&url=https%3A%2F%2Fhoteldel.com%2Fexperience%2Fholidays%2F%3Futm_source%3DSDTA%26utm_medium%3Demail%26utm_campaign%3DTSY_HDC_FY22_BRAND_HOLIDAY%26utm_content%3Dholiday&liSync=true HTTP/1.1
Host: px.ads.linkedin.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hoteldel.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
set-cookie: lang=v=2&lang=en-us; SameSite=None; Path=/; Domain=ads.linkedin.com; Secure
bcookie="v=2&b9dddf0b-6753-4a7c-8a81-30f400d12233"; domain=.linkedin.com; Path=/; Secure; Expires=Fri, 26-Jan-2024 23:59:49 GMT; SameSite=None
lidc="b=OGST09:s=O:r=O:a=O:p=O:g=2422:u=1:x=1:i=1674777589:t=1674863989:v=2:sig=AQHrMdDtAUM4SdvP4XRGAYybOHHZbgeY"; Expires=Fri, 27 Jan 2023 23:59:49 GMT; domain=.linkedin.com; Path=/; SameSite=None; Secure
linkedin-action: 1
x-li-fabric: prod-lor1
x-li-pop: afd-prod-lor1-x
x-li-proto: http/2
x-li-uuid: AAXzM4tToL7JO93beSsmdw==
x-cache: CONFIG_NOCACHE
x-msedge-ref: Ref A: 01E3D153CE60440AA485656D1F5150D8 Ref B: OSL30EDGE0116 Ref C: 2023-01-26T23:59:49Z
date: Thu, 26 Jan 2023 23:59:49 GMT
content-length: 0
X-Firefox-Spdy: h2
cdn9.forter.com/vchk2
301 Moved Permanently 2.8 kB IP
File type gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /vchk2 HTTP/1.1
Host: cdn9.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: eyJyIjowLjA1Mjg1MDQyNzE0NjU5OTcxLCJ1IjoiNTRkODhkMTBmMjY0NDNjN2I4NmI3MjA1Yzc0Nzg5MWEiLCJzIjoiNGRjMmFhODJiYzVlIn0=
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://cdn9.forter.com/vchk2/v1/7bbb0e93341e2d7b6b26b41e18ad55b8a2bb9859298a4660ebe16558b7cdc345ac7f4bc9671050e0dcf840d3a475
date: Thu, 26 Jan 2023 23:59:49 GMT
access-control-allow-origin: *
timing-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gegsfmnnM4p_-2SFRx1YnzMhBhm9rx_FRcoMexnpCFruDW6HkNBJ5g==
X-Firefox-Spdy: h2
cdn9.forter.com/vchk2/v1/7bbb0e93341e2d7b6b26b41e18ad55b8a2bb9859298a4660ebe16558b7cdc345ac7f4bc9671050e0dcf840d3a475
200 OK 0 B URL HTTP/2 cdn9.forter.com/vchk2/v1/7bbb0e93341e2d7b6b26b41e18ad55b8a2bb9859298a4660ebe16558b7cdc345ac7f4bc9671050e0dcf840d3a475
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /vchk2/v1/7bbb0e93341e2d7b6b26b41e18ad55b8a2bb9859298a4660ebe16558b7cdc345ac7f4bc9671050e0dcf840d3a475 HTTP/1.1
Host: cdn9.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: eyJyIjowLjA1Mjg1MDQyNzE0NjU5OTcxLCJ1IjoiNTRkODhkMTBmMjY0NDNjN2I4NmI3MjA1Yzc0Nzg5MWEiLCJzIjoiNGRjMmFhODJiYzVlIn0=
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hoteldel.com
Referer: https://hoteldel.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:59:49 GMT
access-control-allow-origin: *
timing-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 76VNz5jPdZYkULqX5AE4F6vXoW4mz2FTHCaFl0__IzA993LS5C6zoQ==
X-Firefox-Spdy: h2
assets-tracking.crazyegg.com/healthcheck
200 OK 19 B URL HTTP/2 assets-tracking.crazyegg.com/healthcheck
IP
File type JSON data\012- , ASCII text
Hash d06f04fccf68d0b228a5923187ce1afd
5de9df9fdd66a91eed06e31981553d4ab9ccf490
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
GET /healthcheck HTTP/1.1
Host: assets-tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 19
date: Tue, 06 Dec 2022 01:51:14 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UFvu4QTtX3sYMOD2wLP9cjkMXML03mJn6Np8ZNJg2I2F7QFhTwT_eA==
age: 4486116
X-Firefox-Spdy: h2
pagestates-tracking.crazyegg.com/healthcheck
200 OK 19 B URL HTTP/2 pagestates-tracking.crazyegg.com/healthcheck
IP
File type JSON data\012- , ASCII text
Hash d06f04fccf68d0b228a5923187ce1afd
5de9df9fdd66a91eed06e31981553d4ab9ccf490
830e67bda2532cd5880ee86e3b33e69721082f8458bb0df0cd4edbb1577fd375
GET /healthcheck HTTP/1.1
Host: pagestates-tracking.crazyegg.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json
content-length: 19
date: Mon, 14 Nov 2022 03:38:26 GMT
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: Access-Control-Allow-Origin
access-control-max-age: 31536000
last-modified: Fri, 08 Jul 2022 22:25:51 GMT
etag: "d06f04fccf68d0b228a5923187ce1afd"
accept-ranges: bytes
server: AmazonS3
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DRZGNUo8_tCDeWYNRfuBtzWLZG__iRyrYauHGD916F0zD-6k2oqRVg==
age: 6380485
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 1dc05c88799ee988b2cdc246d5926984
38db2c3f9579bc366f39e64a554b45863548a652
cbeca4448d2d91f72b4a2c33a800f93adfc4d60c9d749b5b079cd8bf11bb1d83
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Thu, 26 Jan 2023 23:59:50 GMT
Last-Modified: Thu, 26 Jan 2023 22:11:28 GMT
Server: ECS (bsa/EB1D)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: X7fIEpYC3FOaoBDOPsMFn0BdHX5FaOLJGEcRIy6-8iwheSRfyk7LNg==
Age: 6502
dpm.demdex.net/ibs:dpid=411&dpuuid=Y9MT9gAAAE6d7QMx
302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y9MT9gAAAE6d7QMx
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y9MT9gAAAE6d7QMx HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hoteldel.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-0449b668e.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y9MT9gAAAE6d7QMx
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=17044046237740074621226389509484873243; Max-Age=15552000; Expires=Tue, 25 Jul 2023 23:59:50 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: cNDU0Hh2RaI=
Content-Length: 0
Connection: keep-alive
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y9MT9gAAAE6d7QMx
200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y9MT9gAAAE6d7QMx
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y9MT9gAAAE6d7QMx HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hoteldel.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-0b398da67.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: 5AOvi1H4Tik=
Content-Length: 59
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7b8dcc42710b2f68c0ec782d2b2a3ae3
b865da423aa26e774270b8e3942b6fbe76793133
2da0fcf67d020f7c563946fca7ade89803cbe7cfe484f123640f8a9950b3f2b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:59:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/1005930085/?value=0&guid=ON&script=0&data=23583573
302 Found 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1005930085/?value=0&guid=ON&script=0&data=23583573
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/1005930085/?value=0&guid=ON&script=0&data=23583573 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hilton.demdex.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 26 Jan 2023 23:59:50 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-user-list/1005930085/?value=0&guid=ON&script=0&data=23583573&is_vtc=1&random=2595412989
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 27-Jan-2023 00:14:50 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7b8dcc42710b2f68c0ec782d2b2a3ae3
b865da423aa26e774270b8e3942b6fbe76793133
2da0fcf67d020f7c563946fca7ade89803cbe7cfe484f123640f8a9950b3f2b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:59:50 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
status.geotrust.com/
200 OK 471 B IP
Hash bf845e156d42101d4adc9b4a56f3601e
148dc2ba194a61e73626375fb37c0fda12df8799
5a4291d85508850b72d9486ac90d45ddb988eabc9d693ddbd61c79f1969b95b3
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 723
Cache-Control: max-age=158458
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:59:50 GMT
Etag: "63d2d91d-1d7"
Expires: Sat, 28 Jan 2023 20:00:48 GMT
Last-Modified: Thu, 26 Jan 2023 19:48:45 GMT
Server: ECS (ska/F705)
X-Cache: HIT
Content-Length: 471
consent-pref.trustarc.com/defaultpreferencemanager/truste
200 OK 748 B URL HTTP/2 consent-pref.trustarc.com/defaultpreferencemanager/truste
IP
File type ASCII text, with very long lines (1711), with no line terminators
Hash b04129cf6cadac989a6fca95b165af4e
3eef793b7ef65ed3f529f221d773892f989c4a5b
39b2fae4ba5fbb9e4a6a8480364a70c0f6a5f4f3d85fce449892347ae5c4aaee
POST /defaultpreferencemanager/truste HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Content-Type: text/x-gwt-rpc; charset=utf-8
X-GWT-Permutation: 9F5DDAD4256889D2A2BB0A3140E8B74B
X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
Content-Length: 274
Origin: https://consent-pref.trustarc.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=utf-8
content-length: 748
date: Thu, 26 Jan 2023 23:59:50 GMT
server: nginx
content-encoding: gzip
content-disposition: attachment
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Tzx7Ps-l5InkzUiyMdY5y8nZfXM2Yhtpvt3eONskFjmjDlOrsZ38Gg==
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 88a45a6c1b10e860d4eb38ba441d00b5
f172559db9b8a6f08d13745e49530d02eb3ce85e
2eb69bcab5afc1edbd95ef4ae3c9ec4eb21f01f6f07ba6ae04c5c60d91caa2c5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=145209
Date: Thu, 26 Jan 2023 23:59:50 GMT
Etag: "63d2970c-1d7"
Expires: Sat, 28 Jan 2023 16:19:59 GMT
Last-Modified: Thu, 26 Jan 2023 15:06:52 GMT
Server: ECS (bsa/EB14)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: ufsXOKxaZdYJPuySFg7HJD8Se1yWCZEdmG29cmbTFkmnWuukKGW5Ag==
Age: 4387
54d88d10f26443c7b86b7205c747891a-4dc2aa82bc5e.cdn.forter.com/prop.json
200 OK 2 B URL HTTP/1.1 54d88d10f26443c7b86b7205c747891a-4dc2aa82bc5e.cdn.forter.com/prop.json
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /prop.json HTTP/1.1
Host: 54d88d10f26443c7b86b7205c747891a-4dc2aa82bc5e.cdn.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Thu, 26 Jan 2023 23:59:50 GMT
Server: Apache
Last-Modified: Thu, 26 Jan 2023 12:08:49 GMT
ETag: "2-5f3299c8a4dd5"
Accept-Ranges: bytes
Content-Length: 2
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Access-Control-Allow-Origin: https://hoteldel.com
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type, x-csrf-token
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Connection: close
Content-Type: application/json
consent-pref.trustarc.com/images/loader.gif
200 OK 1.7 kB URL HTTP/2 consent-pref.trustarc.com/images/loader.gif
IP
File type GIF image data, version 89a, 16 x 16\012- data
Hash e059607cc5e3ff4a629d51ae66b995ff
8608a5a355aa2906eed6cbc9524686301d2f670f
ee53ada617f2674cbd706e3b24fc6738c7f53f2f7a3a959e71f611aa850dc946
GET /images/loader.gif HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 1737
server: nginx
accept-ranges: bytes
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
date: Thu, 26 Jan 2023 23:06:12 GMT
etag: W/"1737-1672991998000"
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: U5z-k3LO_04nzlHd3yWPM_Qi2pZi0rYff74JfBqJKn2FHo40rp18wA==
age: 3234
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Origin
X-Firefox-Spdy: h2
consent-pref.trustarc.com/images/switchbg.png
200 OK 1.1 kB URL HTTP/2 consent-pref.trustarc.com/images/switchbg.png
IP
File type PNG image data, 2 x 40, 8-bit/color RGB, non-interlaced\012- data
Hash 8270777231f19af8d977d10eeba04bbf
f4c6cb629a1b31a1480191377be81c3b12f3154b
1ffe0083c43292aaba8148fe6d7286bd27381ea13fef76b9e545a22d8bbd8af5
GET /images/switchbg.png HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/EuPreferenceManager.css
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1068
server: nginx
accept-ranges: bytes
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
date: Thu, 26 Jan 2023 08:37:03 GMT
etag: W/"1068-1672991998000"
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eS-gHd1Qq84ZVDKL5EiNVpQKoQo5yiNlN2Ewqd28VjUZZLU3yG6q7A==
age: 55368
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Origin
X-Firefox-Spdy: h2
insight.adsrvr.org/track/up?adv=v996jfo&ref=https%3A%2F%2Fhoteldel.com%2Fexperience%2Fholidays%2F%3Futm_source%3DSDTA%26utm_medium%3Demail%26utm_campaign%3DTSY_HDC_FY22_BRAND_HOLIDAY%26utm_content%3Dholiday&upid=ii0k48p&upv=1.1.0
200 OK 26 B URL HTTP/2 insight.adsrvr.org/track/up?adv=v996jfo&ref=https%3A%2F%2Fhoteldel.com%2Fexperience%2Fholidays%2F%3Futm_source%3DSDTA%26utm_medium%3Demail%26utm_campaign%3DTSY_HDC_FY22_BRAND_HOLIDAY%26utm_content%3Dholiday&upid=ii0k48p&upv=1.1.0
IP
File type ASCII text, with no line terminators
Hash 2ba7557a4aeb76ebefdc7bf913da9df2
1026a001771fa2d97fc0527927ab2e2d73dc8164
6c665bc467f4d2e82b04f0b9e1b06727117401de05cb3b57f51b033929e0e907
GET /track/up?adv=v996jfo&ref=https%3A%2F%2Fhoteldel.com%2Fexperience%2Fholidays%2F%3Futm_source%3DSDTA%26utm_medium%3Demail%26utm_campaign%3DTSY_HDC_FY22_BRAND_HOLIDAY%26utm_content%3Dholiday&upid=ii0k48p&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:59:50 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
consent-pref.trustarc.com/defaultpreferencemanager/truste
200 OK 136 kB URL HTTP/2 consent-pref.trustarc.com/defaultpreferencemanager/truste
IP
File type ASCII text, with very long lines (65536), with no line terminators
Size 136 kB (136312 bytes)
Hash b8af628604bd45f0512e8fa559f01d89
26b10bb447a45476de56e603cceda260b64b6b38
f3e0eaf7e69e2f4c4d5688717fccf6cfe889637cf20d6c01818df750d6121cd0
POST /defaultpreferencemanager/truste HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Content-Type: text/x-gwt-rpc; charset=utf-8
X-GWT-Permutation: 9F5DDAD4256889D2A2BB0A3140E8B74B
X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
Content-Length: 379
Origin: https://consent-pref.trustarc.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=utf-8
content-length: 136312
date: Thu, 26 Jan 2023 23:59:50 GMT
server: nginx
content-encoding: gzip
content-disposition: attachment
x-cache: Miss from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: N8o0O3qumQZNlGWMtl_ee87YlpQxLGuHh1ZFYUXGIePxmSFIZNrwGw==
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
status.geotrust.com/
200 OK 471 B IP
Hash 187b3be61986cd2c61703717c451cbd1
8dd9ddca318f75f3db8644814f5ed6602c43fdf0
ab233a4af2c1cc44257f86a21ac843828c67a29eefc5fb5e54b6afe906d90cec
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5694
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Thu, 26 Jan 2023 23:59:51 GMT
Last-Modified: Thu, 26 Jan 2023 22:24:58 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
cdn0.forter.com/4dc2aa82bc5e/54d88d10f26443c7b86b7205c747891a/prop.json?_=1674777591075
200 OK 20 B URL HTTP/1.1 cdn0.forter.com/4dc2aa82bc5e/54d88d10f26443c7b86b7205c747891a/prop.json?_=1674777591075
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 5820854f62a6eb3d38ba7ba0d1b3ea75
639df0b84fe699b4a290a713fd6b9a94bd4deb95
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
GET /4dc2aa82bc5e/54d88d10f26443c7b86b7205c747891a/prop.json?_=1674777591075 HTTP/1.1
Host: cdn0.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: https://hoteldel.com
Vary: Origin
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cache-Control: no-cache
Expires: -1
Pragma: no-cache
Content-Type: application/json
Connection: keep-alive
Date: Thu, 26 Jan 2023 23:59:51 GMT
Transfer-Encoding: chunked
cdn0.forter.com/4dc2aa82bc5e/54d88d10f26443c7b86b7205c747891a/prop.json?_=1674777591661
200 OK 20 B URL HTTP/1.1 cdn0.forter.com/4dc2aa82bc5e/54d88d10f26443c7b86b7205c747891a/prop.json?_=1674777591661
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 5820854f62a6eb3d38ba7ba0d1b3ea75
639df0b84fe699b4a290a713fd6b9a94bd4deb95
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
GET /4dc2aa82bc5e/54d88d10f26443c7b86b7205c747891a/prop.json?_=1674777591661 HTTP/1.1
Host: cdn0.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: https://hoteldel.com
Vary: Origin
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cache-Control: no-cache
Expires: -1
Pragma: no-cache
Content-Type: application/json
Connection: keep-alive
Date: Thu, 26 Jan 2023 23:59:51 GMT
Transfer-Encoding: chunked
cdn0.forter.com/4dc2aa82bc5e/54d88d10f26443c7b86b7205c747891a/prop.json?_=1674777591895
200 OK 20 B URL HTTP/1.1 cdn0.forter.com/4dc2aa82bc5e/54d88d10f26443c7b86b7205c747891a/prop.json?_=1674777591895
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 5820854f62a6eb3d38ba7ba0d1b3ea75
639df0b84fe699b4a290a713fd6b9a94bd4deb95
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
GET /4dc2aa82bc5e/54d88d10f26443c7b86b7205c747891a/prop.json?_=1674777591895 HTTP/1.1
Host: cdn0.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: https://hoteldel.com
Vary: Origin
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cache-Control: no-cache
Expires: -1
Pragma: no-cache
Content-Type: application/json
Connection: keep-alive
Date: Thu, 26 Jan 2023 23:59:52 GMT
Transfer-Encoding: chunked
cdn0.forter.com/4dc2aa82bc5e/54d88d10f26443c7b86b7205c747891a/wpt.json
204 No Content 0 B URL HTTP/1.1 cdn0.forter.com/4dc2aa82bc5e/54d88d10f26443c7b86b7205c747891a/wpt.json
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /4dc2aa82bc5e/54d88d10f26443c7b86b7205c747891a/wpt.json HTTP/1.1
Host: cdn0.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://hoteldel.com/
Origin: https://hoteldel.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Vary: Access-Control-Request-Headers
Access-Control-Allow-Headers: content-type
Content-Length: 0
Date: Thu, 26 Jan 2023 23:59:52 GMT
Connection: keep-alive
cdn0.forter.com/4dc2aa82bc5e/54d88d10f26443c7b86b7205c747891a/wpt.json
200 OK 20 B URL HTTP/1.1 cdn0.forter.com/4dc2aa82bc5e/54d88d10f26443c7b86b7205c747891a/wpt.json
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 5820854f62a6eb3d38ba7ba0d1b3ea75
639df0b84fe699b4a290a713fd6b9a94bd4deb95
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
POST /4dc2aa82bc5e/54d88d10f26443c7b86b7205c747891a/wpt.json HTTP/1.1
Host: cdn0.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json; charset=utf-8
Content-Length: 26
Origin: https://hoteldel.com
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Origin: https://hoteldel.com
Vary: Origin
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Cache-Control: private, no-cache, no-store
Expires: -1
Pragma: no-cache
Content-Type: application/json; charset=utf-8
Content-Length: 20
ETag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Date: Thu, 26 Jan 2023 23:59:52 GMT
Connection: keep-alive
consent.trustarc.com/get?name=HiltonLogo_Black_HR250.png
200 OK 0 B URL HTTP/2 consent.trustarc.com/get?name=HiltonLogo_Black_HR250.png
IP
GET /get?name=HiltonLogo_Black_HR250.png HTTP/1.1
Host: consent.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
date: Thu, 26 Jan 2023 23:14:52 GMT
pragma: public
expires: Sat, 25 Feb 2023 23:14:52 GMT
cache-control: max-age=2592000
timing-allow-origin: *
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Zu0Tzllc5O6kSKLiETY1xG2zgcywleRw7vJUZqZU96mWzJKbXlvCiA==
age: 2698
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
X-Firefox-Spdy: h2
dp58aslhmbcib.cloudfront.net/static/cache/js/output.c60a9d853c69.js
200 OK 0 B URL HTTP/2 dp58aslhmbcib.cloudfront.net/static/cache/js/output.c60a9d853c69.js
IP
GET /static/cache/js/output.c60a9d853c69.js HTTP/1.1
Host: dp58aslhmbcib.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://fareharbor.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
date: Fri, 16 Dec 2022 15:01:53 GMT
cache-control: public
content-encoding: gzip
etag: "639c7866-16fcae"
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 16 Dec 2022 13:53:42 GMT
server: nginx/1.22.1
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-fh-loadbalancer: production-appservers_docker-a-5
x-xss-protection: 1; mode=block
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 02GxvZsq3Nev0aAm8oJm20uulcO2TZpnomH71U2K9aBARCEgOuSbEA==
age: 3574674
X-Firefox-Spdy: h2
fareharbor.com/embeds/cart/?u=709a53c7-d643-43f4-b1f9-483cd1bc19d1&from-ssl=yes&g4=yes&a=yes&back=https://hoteldel.com/experience/holidays/%3Futm_source%3DSDTA%26utm_medium%3Demail%26utm_campaign%3DTSY_HDC_FY22_BRAND_HOLIDAY%26utm_content%3Dholiday
200 OK 0 B URL HTTP/2 fareharbor.com/embeds/cart/?u=709a53c7-d643-43f4-b1f9-483cd1bc19d1&from-ssl=yes&g4=yes&a=yes&back=https://hoteldel.com/experience/holidays/%3Futm_source%3DSDTA%26utm_medium%3Demail%26utm_campaign%3DTSY_HDC_FY22_BRAND_HOLIDAY%26utm_content%3Dholiday
IP
GET /embeds/cart/?u=709a53c7-d643-43f4-b1f9-483cd1bc19d1&from-ssl=yes&g4=yes&a=yes&back=https://hoteldel.com/experience/holidays/%3Futm_source%3DSDTA%26utm_medium%3Demail%26utm_campaign%3DTSY_HDC_FY22_BRAND_HOLIDAY%26utm_content%3Dholiday HTTP/1.1
Host: fareharbor.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:59:48 GMT
content-type: text/html; charset=utf-8
content-encoding: gzip
content-language: en-us
content-security-policy-report-only: form-action 'self'; script-src 'unsafe-inline' 'unsafe-eval' https://content.fareharbor.me https://js.stripe.com *.adyen.com *.mxpnl.com cdn.mxpnl.com *.filestackapi.com https://js.pusher.com https://www.google.com *.googleapis.com https://ssl.google-analytics.com https://www.google-analytics.com *.adroll.com *.adroll.mgr.consensu.org *.facebook.net *.facebook.com *.cloudflare.com *.hotjar.com https://www.googletagmanager.com https://googleads.g.doubleclick.net https://www.googleadservices.com *.gstatic.com *.paypal.com https://translate.google.com https://*.pusher.com https://ssl.google-analytics.com https://www.google-analytics.com dp58aslhmbcib.cloudfront.net fareharbor.com; frame-src https://js.stripe.com https://hooks.stripe.com *.adyen.com *.filestackapi.com *.googletagmanager.com *.hotjar.com https://www.google.com airtable.com player.vimeo.com facebook.com *.paypal.com https://bid.g.doubleclick.net fareharbor.com; default-src 'none'; base-uri 'self'; object-src 'none'; style-src 'unsafe-inline' content.fareharbor.me *.googleapis.com dp58aslhmbcib.cloudfront.net fareharbor.com; font-src 'self' data: fh-sites.imgix.net; connect-src wss://ws.pusherapp.com https://api.stripe.com https://www.google-analytics.com https://*.google-analytics.com https: fareharbor.com wss:; img-src data: image/svg+xml image/png cdn.filestackcontent.com fh-sites.imgix.net https://www.google-analytics.com www.tripadvisor.com https://www.google.com d.adroll.com facebook.com bat.bing.com www.googletagmanager.com https://googleads.g.doubleclick.net https://www.facebook.com https://www.filepicker.io https://www.gstatic.com dp58aslhmbcib.cloudfront.net d1a2dkr8rai8e2.cloudfront.net fareharbor.com; report-uri /csp-report/
p3p: CP="This is not a P3P policy."
set-cookie: csrftoken=GhgvmP7lrcKPSGTYQV77fQGFdFSA9PgL16ZbVdpumaiWn2xaag2JFy0YqPbJo1nT; expires=Thu, 25 Jan 2024 23:59:48 GMT; Max-Age=31449600; Path=/; SameSite=Strict; Secure
strict-transport-security: max-age=31536000
vary: Accept-Encoding, Cookie
x-amzn-trace-id: Root=1-63d313f4-246d49ef76bacf0c761ab372
x-content-type-options: nosniff
x-fh-loadbalancer: production-appservers_docker-a-4
x-xss-protection: 1; mode=block
X-Firefox-Spdy: h2
4dc2aa82bc5e.cdn4.forter.com/sn/4dc2aa82bc5e/script.js
200 OK 0 B URL HTTP/2 4dc2aa82bc5e.cdn4.forter.com/sn/4dc2aa82bc5e/script.js
IP
GET /sn/4dc2aa82bc5e/script.js HTTP/1.1
Host: 4dc2aa82bc5e.cdn4.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Wed, 25 Jan 2023 17:26:51 GMT
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-origin: *
timing-allow-origin: *
last-modified: Wed, 25 Jan 2023 17:26:50 GMT
expires: Wed, 25 Jan 2023 17:31:50 GMT
cache-control: private, max-age=300
x-sourcemap: https://cdn4.forter.com/map/suid/4dc2aa82bc5e/56016159838
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bUWDGnKcmZfH6y0oE2a1Lyb77PVFRCnGQz4AaylG-rtp3Y10aep2Ag==
age: 109977
X-Firefox-Spdy: h2
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/4.cache.js
200 OK 0 B URL HTTP/2 consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/4.cache.js
IP
GET /defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/4.cache.js HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Wed, 18 Jan 2023 05:03:30 GMT
server: nginx
etag: W/"44335-1672992016000"
last-modified: Fri, 06 Jan 2023 08:00:16 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oYjXImv-ICToqRJ06Fv6MtmIK-fnOfpC4VgKAnqxIl9Tcm6ywbXh6w==
age: 759380
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
consent-pref.trustarc.com/cookie_inneriframe.html
200 OK 0 B URL HTTP/2 consent-pref.trustarc.com/cookie_inneriframe.html
IP
GET /cookie_inneriframe.html HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://prefmgr-cookie.truste-svc.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
content-encoding: gzip
date: Thu, 26 Jan 2023 22:51:55 GMT
etag: W/"2008-1672991998000"
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2T6VRGj0pw3KKUZSgoeVSqp0lCx6gXek_9JJq4MCjmEiDarhkF4H5A==
age: 4087
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/10.cache.js
200 OK 0 B URL HTTP/2 consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/10.cache.js
IP
GET /defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/10.cache.js HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Wed, 18 Jan 2023 05:02:59 GMT
server: nginx
etag: W/"259669-1672992016000"
last-modified: Fri, 06 Jan 2023 08:00:16 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RCgVOp8xnyZREPJtEcO5UPrkRFHRZ5P-9laz439k4UUlaI5BObug2w==
age: 759410
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
insight.adsrvr.org/track/up?adv=sv8v2lx&ref=https%3A%2F%2Fhoteldel.com%2Fexperience%2Fholidays%2F%3Futm_source%3DSDTA%26utm_medium%3Demail%26utm_campaign%3DTSY_HDC_FY22_BRAND_HOLIDAY%26utm_content%3Dholiday&upid=94dwe1r&upv=1.1.0
200 OK 0 B URL HTTP/2 insight.adsrvr.org/track/up?adv=sv8v2lx&ref=https%3A%2F%2Fhoteldel.com%2Fexperience%2Fholidays%2F%3Futm_source%3DSDTA%26utm_medium%3Demail%26utm_campaign%3DTSY_HDC_FY22_BRAND_HOLIDAY%26utm_content%3Dholiday&upid=94dwe1r&upv=1.1.0
IP
GET /track/up?adv=sv8v2lx&ref=https%3A%2F%2Fhoteldel.com%2Fexperience%2Fholidays%2F%3Futm_source%3DSDTA%26utm_medium%3Demail%26utm_campaign%3DTSY_HDC_FY22_BRAND_HOLIDAY%26utm_content%3Dholiday&upid=94dwe1r&upv=1.1.0 HTTP/1.1
Host: insight.adsrvr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hoteldel.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Thu, 26 Jan 2023 23:59:50 GMT
content-type: text/html
cache-control: private,no-cache, must-revalidate
pragma: no-cache
x-aspnet-version: 4.0.30319
p3p: CP="NOI DSP COR CUR ADMo DEVo PSAo PSDo OUR SAMo BUS UNI NAV"
X-Firefox-Spdy: h2
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/1.cache.js
200 OK 0 B URL HTTP/2 consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/1.cache.js
IP
GET /defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/1.cache.js HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Wed, 18 Jan 2023 05:03:11 GMT
server: nginx
etag: W/"19787-1672992016000"
last-modified: Fri, 06 Jan 2023 08:00:16 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 b053873243f91b1bb6dc406ce0c67db4.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ESXUxxpj9-yh1uPwhn4toGqgJJJNC3oOOachtcplPs4MxoqhDl1VNw==
age: 759398
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
141.193.213.11
93.184.220.29
52.51.133.63
151.101.246.208
2.18.172.233
15.236.125.10
104.18.18.68
31.13.72.36