conrad-osaka.hiltonjapan.co.jp/plans/restaurants/plan-cat/afternoon
104.22.3.74301 Moved Permanently 0 B URL HTTP/1.1 conrad-osaka.hiltonjapan.co.jp/plans/restaurants/plan-cat/afternoon
IP 104.22.3.74:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /plans/restaurants/plan-cat/afternoon HTTP/1.1
Host: conrad-osaka.hiltonjapan.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Sun, 05 Feb 2023 00:57:24 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: max-age=3600
Expires: Sun, 05 Feb 2023 01:57:24 GMT
Location: https://conrad-osaka.hiltonjapan.co.jp/plans/restaurants/plan-cat/afternoon
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7947b1185e431c12-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3034
Expires: Sun, 05 Feb 2023 01:47:58 GMT
Date: Sun, 05 Feb 2023 00:57:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11693
Expires: Sun, 05 Feb 2023 04:12:17 GMT
Date: Sun, 05 Feb 2023 00:57:24 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=19319
Expires: Sun, 05 Feb 2023 06:19:23 GMT
Date: Sun, 05 Feb 2023 00:57:24 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash ff250d3ef3fa45322bf05039a0122a9f
b3e7a2c383bce1bab807dbe1a03c375258b51f1d
d07f109a96e0ae6ec7b1d46ce8761b3f06fe845769ce65d69e053dd40aa561ba
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Retry-After, Backoff, Content-Type, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 00:43:39 GMT
content-type: application/json
age: 825
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: EgHfxq393219/peoeLt86hc5HMtE1vg3mmK0/im45pXcXaxVkgaIIXsoCRvn99iaaSRvSLKe8jU=
x-amz-request-id: Q7VEVFRKJPYG39S2
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 00:53:03 GMT
age: 261
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ca58c078f26f7e3d76b706f1c2802473
de977180ead331bbe1a547f3e775fe0bb03c69f0
2b07e937ab36949ea2aef34c1bf5ed2001dd3d1db29b5626597157680b52d117
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=160419
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:24 GMT
Etag: "63dece97-117"
Expires: Mon, 06 Feb 2023 21:31:03 GMT
Last-Modified: Sat, 04 Feb 2023 21:31:03 GMT
Server: nginx
Content-Length: 279
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:57:24 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Pragma, Backoff, Retry-After, Content-Length, Last-Modified, Expires, Cache-Control, ETag, Alert, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 00:07:19 GMT
age: 3006
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2296
Expires: Sun, 05 Feb 2023 01:35:41 GMT
Date: Sun, 05 Feb 2023 00:57:25 GMT
Connection: keep-alive
push.services.mozilla.com/
35.82.221.194101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 35.82.221.194:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: 8AMOP/XHfjHD9pQB2YwFlA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: o5M+NgG8pY8wj4xaKn+BnB2Twl4=
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash ca58c078f26f7e3d76b706f1c2802473
de977180ead331bbe1a547f3e775fe0bb03c69f0
2b07e937ab36949ea2aef34c1bf5ed2001dd3d1db29b5626597157680b52d117
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2
Cache-Control: max-age=160419
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:26 GMT
Etag: "63dece97-117"
Expires: Mon, 06 Feb 2023 21:31:05 GMT
Last-Modified: Sat, 04 Feb 2023 21:31:03 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 279
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
assets.adobedtm.com/launch-EN02272261e0b845508227acf3ca0c37de.min.js
2.18.172.233200 OK 123 kB URL HTTP/2 assets.adobedtm.com/launch-EN02272261e0b845508227acf3ca0c37de.min.js
IP 2.18.172.233:0
File type ASCII text, with very long lines (32759)
Size 123 kB (122576 bytes)
Hash c870cd2aa8349b6cfa0262d72c4ce1a0
bede7f45b36358ea5faef3fa9fc0b3def1e3186a
42e4b338ed0e5f36ea2934064a208de85731a4d94b281e439c472e443db795e6
GET /launch-EN02272261e0b845508227acf3ca0c37de.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "ea4d3f7755579ae4c41bc40a9cbaef6c:1675445165.613338"
last-modified: Fri, 03 Feb 2023 17:26:05 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Sun, 05 Feb 2023 01:57:26 GMT
date: Sun, 05 Feb 2023 00:57:26 GMT
content-length: 122576
access-control-allow-origin: https://conrad-osaka.hiltonjapan.co.jp
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jqueryui/1/jquery-ui.min.js
142.250.74.170200 OK 61 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1/jquery-ui.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (64560)
Hash 45eb5ca2675d433e4b1bd361b684cdca
3194791975f93e8be941a6dd6f5828a437677b72
09e90ed27d9f5bedc2992c1c2e5ed7ccce4fe7f86a1f39ffd32e2dbfa00b40b9
GET /ajax/libs/jqueryui/1/jquery-ui.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 61441
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 02 Feb 2023 03:18:16 GMT
expires: Fri, 02 Feb 2024 03:18:16 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 250750
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
142.250.74.170200 OK 34 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jquery/1.8.3/jquery.min.js
IP 142.250.74.170:0
File type ASCII text, with very long lines (65483)
Hash a54a444f20643b131117dc2112cca05f
074964746b12ff1d30f7656310d6154ae1cc98b5
aa3ca8485dd777d4d880b38c1cf3bc2fc290d28a79ba3e3e43cba1f653132830
GET /ajax/libs/jquery/1.8.3/jquery.min.js HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 33593
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Fri, 03 Feb 2023 05:51:43 GMT
expires: Sat, 03 Feb 2024 05:51:43 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
age: 155143
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 153d0de36959c722c00df71ba86daca2
305f56a3134879ebf0828e169e903e560540c070
0cf533a798d42d1e97fb6619a411afadf9a68c92302ba852869b0c0555a47987
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 98be7fe21d059e46146a43d20c4eea92
1ec58129fea75085588be7b8baec05b0874b5274
7bb2eb5ffcd88a3b6ba7b210bdbcd4469134c9708f06befb6c616beebf8dae46
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ajax.googleapis.com/ajax/libs/jqueryui/1/themes/ui-darkness/jquery-ui.css
142.250.74.170200 OK 6.1 kB URL HTTP/2 ajax.googleapis.com/ajax/libs/jqueryui/1/themes/ui-darkness/jquery-ui.css
IP 142.250.74.170:0
File type ASCII text, with very long lines (1358)
Hash 8edaa57b45b066d927407ac42afa07e9
4038a6c4a26daae2dd5800e9b499f594866e68cc
e8fc3603a92412e52c7680625e493c6b178064f9efe325c7471035c35dd4e0f0
GET /ajax/libs/jqueryui/1/themes/ui-darkness/jquery-ui.css HTTP/1.1
Host: ajax.googleapis.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/css; charset=UTF-8
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 6093
date: Sun, 05 Feb 2023 00:57:26 GMT
expires: Mon, 05 Feb 2024 00:57:26 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-PH6546C
142.250.74.168200 OK 50 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-PH6546C
IP 142.250.74.168:0
File type ASCII text, with very long lines (5425)
Hash 7c7253ac0877f23d9eb1d1795559cc7b
f18302dd0b9371f53471e5eafc940e9ed7e8f7c8
62ef2da94a3179dfa9f7572816c896a529d4fa3cca068fdca63e3fb62f323b67
GET /gtm.js?id=GTM-PH6546C HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 Feb 2023 00:57:26 GMT
expires: Sun, 05 Feb 2023 00:57:26 GMT
cache-control: private, max-age=900
last-modified: Sun, 05 Feb 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50407
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-NZVWW7Z
142.250.74.168200 OK 50 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-NZVWW7Z
IP 142.250.74.168:0
File type ASCII text, with very long lines (5757)
Hash 95ce40a88720faa45083ccdb5fb441e1
1af0fa7f9d200da89878fcc9d266e85db0857bfa
6d48e0a4345413b8e67366cc1ec245e156dd60e4876ee923ff9024ce8eedeb83
GET /gtm.js?id=GTM-NZVWW7Z HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 Feb 2023 00:57:26 GMT
expires: Sun, 05 Feb 2023 00:57:26 GMT
cache-control: private, max-age=900
last-modified: Sun, 05 Feb 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50116
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-56476B
142.250.74.168200 OK 58 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-56476B
IP 142.250.74.168:0
File type Unicode text, UTF-8 text, with very long lines (16453)
Hash a0029256b16684fd2d08aae2ff6ed425
4b2957bcbb3183ac1aa4d0a305e0e14c9e662c44
4fa69c4b0b53531c78a1ceb8b8eba46a557d855482df14c40fc077d593040a74
GET /gtm.js?id=GTM-56476B HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 Feb 2023 00:57:26 GMT
expires: Sun, 05 Feb 2023 00:57:26 GMT
cache-control: private, max-age=900
last-modified: Sun, 05 Feb 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 57992
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googletagmanager.com/gtm.js?id=GTM-5C7N6ZG
142.250.74.168200 OK 73 kB URL HTTP/2 www.googletagmanager.com/gtm.js?id=GTM-5C7N6ZG
IP 142.250.74.168:0
File type ASCII text, with very long lines (11065)
Hash 0faf31ec9f676151cf9221dad3baee79
f6689bf610cd674ecbd55860897b390a78bce56b
e220fa9448de936355664d461f897832f16adfc23d8e01b945ef2fd543595e4c
GET /gtm.js?id=GTM-5C7N6ZG HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 Feb 2023 00:57:26 GMT
expires: Sun, 05 Feb 2023 00:57:26 GMT
cache-control: private, max-age=900
last-modified: Sun, 05 Feb 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 72871
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googleoptimize.com/optimize.js?id=OPT-MMXWR7J
142.250.74.78200 OK 44 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-MMXWR7J
IP 142.250.74.78:0
File type ASCII text, with very long lines (1759)
Hash 9beba945a2c0830db6e2bf622d49a28f
b0ebec8e7a1f395a28ccf92f353f1962966cae7a
c7ca1fc1dca8824989904d885dc87eeabe18e7ba735513b739aa6765c685ece6
GET /optimize.js?id=OPT-MMXWR7J HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 Feb 2023 00:57:26 GMT
expires: Sun, 05 Feb 2023 00:57:26 GMT
cache-control: private, max-age=900
last-modified: Sun, 05 Feb 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44266
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.googleoptimize.com/optimize.js?id=OPT-5WF339T
142.250.74.78200 OK 44 kB URL HTTP/2 www.googleoptimize.com/optimize.js?id=OPT-5WF339T
IP 142.250.74.78:0
File type ASCII text, with very long lines (1759)
Hash 951c2d15a1301f7fecde04e50815a39a
847f88b7541413b96bd91a2935952e48b750b699
c1baf303146ca1ccfaa60691fa923a1db7769ccfd7b00cd5d7f1c590eaf2e6c6
GET /optimize.js?id=OPT-5WF339T HTTP/1.1
Host: www.googleoptimize.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 05 Feb 2023 00:57:26 GMT
expires: Sun, 05 Feb 2023 00:57:26 GMT
cache-control: private, max-age=900
last-modified: Sun, 05 Feb 2023 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 44266
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 185b62fe607d5d833cc1717b68f3f7b7
ab6b571fdfcd1d1cdb923c48f53df4ecd74d85c2
656d98d306ebfcdea0dff590c34a6ce1496faa95ba05fb86f72a5e57e295f61b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
2013561.fls.doubleclick.net/activityi;src=2013561;type=apacd0;cat=2019a001;ord=6538210808495;gtm=45He3210;auiddc=1190167174.1675558684;u30=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon;~oref=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon?
142.250.74.134200 OK 276 B URL HTTP/2 2013561.fls.doubleclick.net/activityi;src=2013561;type=apacd0;cat=2019a001;ord=6538210808495;gtm=45He3210;auiddc=1190167174.1675558684;u30=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon;~oref=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon?
IP 142.250.74.134:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (601), with no line terminators
Hash 66d48f01ec4b07b2839a287a63b901ef
e223a04a7a6f1fc206afa9852b498e47140bc74d
991f77d02d720415e714dc2e7e07e7b6f8bf706fb6ef3d9415f657a84d228ea4
GET /activityi;src=2013561;type=apacd0;cat=2019a001;ord=6538210808495;gtm=45He3210;auiddc=1190167174.1675558684;u30=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon;~oref=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon? HTTP/1.1
Host: 2013561.fls.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 00:57:26 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
strict-transport-security: max-age=21600
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 276
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 05-Feb-2023 01:12:26 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 185b62fe607d5d833cc1717b68f3f7b7
ab6b571fdfcd1d1cdb923c48f53df4ecd74d85c2
656d98d306ebfcdea0dff590c34a6ce1496faa95ba05fb86f72a5e57e295f61b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7d887fc3e3b7a68b7872c76802085c0
eb26f820776e7d87a00489eb14f918e5f6945835
915e873e95d8f0276f4763e5596b03cac487f6f8a36c65577c6622fc8560d929
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.com/ddm/fls/i/src=2013561;type=apacd0;cat=2019a001;ord=6538210808495;gtm=45He3210;auiddc=1190167174.1675558684;u30=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon;~oref=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon
142.250.74.98200 OK 280 B URL HTTP/2 adservice.google.com/ddm/fls/i/src=2013561;type=apacd0;cat=2019a001;ord=6538210808495;gtm=45He3210;auiddc=1190167174.1675558684;u30=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon;~oref=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (600), with no line terminators
Hash a0aa152ef1b9b674799a539e9b16847b
ff58b366785199a5690abe637649a3689423fa92
b398c3ba15995d431fd32825147022b705bad39e04744a79548b03b72ef95ac1
GET /ddm/fls/i/src=2013561;type=apacd0;cat=2019a001;ord=6538210808495;gtm=45He3210;auiddc=1190167174.1675558684;u30=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon;~oref=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon HTTP/1.1
Host: adservice.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://2013561.fls.doubleclick.net/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 00:57:26 GMT
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/html; charset=UTF-8
pragma: no-cache
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 280
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash c7d887fc3e3b7a68b7872c76802085c0
eb26f820776e7d87a00489eb14f918e5f6945835
915e873e95d8f0276f4763e5596b03cac487f6f8a36c65577c6622fc8560d929
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6026
Expires: Sun, 05 Feb 2023 02:37:52 GMT
Date: Sun, 05 Feb 2023 00:57:26 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c14d3cf8ade0150a711f094be32ac474
11e7fb5487d364c5392e1594e09f5b49831043ea
2a98ce39894b7d9befdba3916467bc95962376d0b308103e0a1eea36c0bc2302
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "2A98CE39894B7D9BEFDBA3916467BC95962376D0B308103E0A1EEA36C0BC2302"
Last-Modified: Fri, 03 Feb 2023 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6026
Expires: Sun, 05 Feb 2023 02:37:52 GMT
Date: Sun, 05 Feb 2023 00:57:26 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef803fc0-c789-4c2b-8cb2-33bef88abc9c.jpeg
34.120.237.76200 OK 8.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef803fc0-c789-4c2b-8cb2-33bef88abc9c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash bbb38d805862a1b3081eebf256e0dae0
4a5cb01390d897be8721cd4551c74d0452aff640
02443891d0533f37fe38b16febafc86fa64c457dc1827b97ec535d623486d549
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fef803fc0-c789-4c2b-8cb2-33bef88abc9c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8691
x-amzn-requestid: 51bb839e-c32c-4be9-9f38-7f8044160e70
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fVsLgFPqIAMFfww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d22716-3794126b47a79aed27e1aac4;Sampled=0
x-amzn-remapped-date: Thu, 26 Jan 2023 07:09:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 9du1ien5j1WSLplBzT5AAV-xIPKNgg4-8tdjux_iEGXNGaCcj29Xog==
via: 1.1 2afae0d44e2540f472c0635ab62c232a.cloudfront.net (CloudFront), 1.1 112d82578d402a38d8d02e8b857617e0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 03:37:50 GMT
age: 76776
etag: "4a5cb01390d897be8721cd4551c74d0452aff640"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7a466d89c75ff3459b7328591db52cf
c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb
e73243be3d01d12a224c4e9826c4f52610cf7722eee69f62755278d7550705f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3474
x-amzn-requestid: 5846c080-9f25-4590-863c-8af2126cdbe1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WXEEbnoAMFRdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded0f9-1bd490125feadc14366e7ca0;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:41:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: d8aQmkW-aqLFpb79RynlJG2vY1GTDbjLNY0Qukgg_WIjdI6cmbVKFw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:10:58 GMT
etag: "c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb"
content-type: image/jpeg
age: 9988
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b593b5-5093-4504-8ab7-492c62b14ca7.jpeg
34.120.237.76200 OK 5.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b593b5-5093-4504-8ab7-492c62b14ca7.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash c1f3df5bbad5048923e29c0767d703d3
48c408d37a7bd7f96653174359178eed46ddf298
c8bae041c3d64334964b2aa771a07bc2709ced4c497e1795f864d9416fed728f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F88b593b5-5093-4504-8ab7-492c62b14ca7.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5801
x-amzn-requestid: 441284a8-923a-4b22-b39f-95dec713c292
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fjj9jHu_IAMFZ-w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d7b389-788174a773fcd695540cc95e;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 12:09:45 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: DgvqiQwdytO2caPNzg2OhGcv8ly9N_YeQTzpuf6iwAVt8AQZEXRLqw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 324a68a6c25ee50d774953f3e15a611c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:52 GMT
age: 11614
etag: "48c408d37a7bd7f96653174359178eed46ddf298"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a38348b-ed70-4e2f-80ce-d13e44fefcfc.webp
34.120.237.76200 OK 14 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a38348b-ed70-4e2f-80ce-d13e44fefcfc.webp
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 7b596a8e984911df703e15c72d25d513
a1fa1355f4de6f246d35bed9f128e13fc9dc4e72
aba708124199ec6b0ce86ac14c6c18d233ff405071a7f22522217c2fcb0aa9b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4a38348b-ed70-4e2f-80ce-d13e44fefcfc.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 13557
x-amzn-requestid: 981a0f31-e874-4392-a81d-12d667020700
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fH8-JGEsoAMFhZA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63cca85a-7398031f2676734c65447e5b;Sampled=0
x-amzn-remapped-date: Sun, 22 Jan 2023 03:07:06 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 3dw5Oj2su-_kCvpC1jDJsyAEUPzaexgTzhAC9yAYSyXTFRVge2FR6Q==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:10:43 GMT
age: 10003
etag: "a1fa1355f4de6f246d35bed9f128e13fc9dc4e72"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6e4dfe8-8de0-4ffd-85a4-544a7e82f052.jpeg
34.120.237.76200 OK 5.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6e4dfe8-8de0-4ffd-85a4-544a7e82f052.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5d907b978dc107f6e95182eee954462a
29a73442173f75b4f3413e2c6459e8448b1cc33f
8268fb8aa86182e7c2113709cce8f559ac8cc831e12cfd7a75c67f30c69808a5
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6e4dfe8-8de0-4ffd-85a4-544a7e82f052.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5652
x-amzn-requestid: a9d8e72b-b943-4c6d-a01c-7b7b65da6ee4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fzXDqG-eIAMFbTQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63de054a-778199ce1db9fa1b73a9d4ec;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 07:12:10 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: CyZUnEQ1l6j1CZCVM63GYbV6mAnhjW3kh4E5M07jH6d3t4mwhSK4hw==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:04:01 GMT
age: 10405
etag: "29a73442173f75b4f3413e2c6459e8448b1cc33f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 062e186a259eda97173695240a492c63
9b476a4ec219667f560b88199a3a4e4b0a93b579
d18570d3c4ada689b5c2a99b0783ce41c629bd125e6683cf225e01b7032f14a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12256
x-amzn-requestid: 1b959eb9-cf69-414c-b57b-4a63277d709c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fvgx-EhgoAMF2wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc7b3f-2c58e8ac2aee8a8f409a93a0;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 03:10:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: dvxlk1iSyNfjmNRI_8HcmhG9_xe0ZlaZ0Pzj0H9EBR6wwXKg0L7YVQ==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 05:55:27 GMT
age: 68519
etag: "9b476a4ec219667f560b88199a3a4e4b0a93b579"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8077210062c315b98902cb06c74d485b
808e94ac31f1b45185103ce25c1bc2afd056b17a
78871f45de0c58bffa6a86b50f6bd0db61932bf6a2b7d8191dba0f0eaab628b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
adservice.google.no/ddm/fls/i/src=2013561;type=apacd0;cat=2019a001;ord=6538210808495;gtm=45He3210;auiddc=1190167174.1675558684;u30=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon;~oref=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon
142.250.74.2200 OK 85 B URL HTTP/2 adservice.google.no/ddm/fls/i/src=2013561;type=apacd0;cat=2019a001;ord=6538210808495;gtm=45He3210;auiddc=1190167174.1675558684;u30=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon;~oref=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon
IP 142.250.74.2:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Hash 4a3b3637744caa4a0b08fabbd76cc830
755e5626762ecf38f55012da892a227bf50f15f1
6a12009f3d99f10dd5acb27389beefed79eddd7fa55ddcc591baf92861d51bfb
GET /ddm/fls/i/src=2013561;type=apacd0;cat=2019a001;ord=6538210808495;gtm=45He3210;auiddc=1190167174.1675558684;u30=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon;~oref=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon HTTP/1.1
Host: adservice.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://adservice.google.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 00:57:26 GMT
expires: Sun, 05 Feb 2023 00:57:26 GMT
cache-control: private, max-age=0
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
server: cafe
content-length: 85
x-xss-protection: 0
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash 8077210062c315b98902cb06c74d485b
808e94ac31f1b45185103ce25c1bc2afd056b17a
78871f45de0c58bffa6a86b50f6bd0db61932bf6a2b7d8191dba0f0eaab628b1
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 430bdfdc89a9a121d85c360c8ea1ce5b
af1cd08ef9fe25be8d773483577ecfb930ed33b5
f9119a89410a2ff22ff004fb68b0e543d67da4380e153fae04b6ef0672bb8522
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 05 Feb 2023 00:57:26 GMT
Last-Modified: Sun, 05 Feb 2023 00:35:03 GMT
Server: ECS (nyb/1D1B)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Ri1R80G3CwfBgZyMVK14jth5_2yGh85VWj5maRzTMhlCBc_XZd1iPA==
Age: 1343
region1.analytics.google.com/g/collect?v=2&tid=G-Y1T2ZMPF96>m=45je3210&_p=1675522914&_gaz=1&cid=1927204556.1675558684&ul=en-us&sr=1280x1024&ir=1&uaW=1&_eu=EA&_s=1&sid=1675558684&sct=1&seg=0&dl=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon&dt=%E3%80%90%E5%85%AC%E5%BC%8F%E3%80%91%E3%83%AC%E3%82%B9%E3%83%88%E3%83%A9%E3%83%B3%E3%83%97%E3%83%A9%E3%83%B3%E3%81%AE%E3%81%94%E6%A1%88%E5%86%85%EF%BD%9C%E3%82%B3%E3%83%B3%E3%83%A9%E3%83%83%E3%83%89%E5%A4%A7%E9%98%AA%EF%BD%9C%E4%B8%AD%E4%B9%8B%E5%B3%B6%E3%81%AE%E3%83%A9%E3%82%B0%E3%82%B8%E3%83%A5%E3%82%A2%E3%83%AA%E3%83%BC%E3%83%9B%E3%83%86%E3%83%AB&en=page_view&_fv=1&_nsi=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-Y1T2ZMPF96>m=45je3210&_p=1675522914&_gaz=1&cid=1927204556.1675558684&ul=en-us&sr=1280x1024&ir=1&uaW=1&_eu=EA&_s=1&sid=1675558684&sct=1&seg=0&dl=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon&dt=%E3%80%90%E5%85%AC%E5%BC%8F%E3%80%91%E3%83%AC%E3%82%B9%E3%83%88%E3%83%A9%E3%83%B3%E3%83%97%E3%83%A9%E3%83%B3%E3%81%AE%E3%81%94%E6%A1%88%E5%86%85%EF%BD%9C%E3%82%B3%E3%83%B3%E3%83%A9%E3%83%83%E3%83%89%E5%A4%A7%E9%98%AA%EF%BD%9C%E4%B8%AD%E4%B9%8B%E5%B3%B6%E3%81%AE%E3%83%A9%E3%82%B0%E3%82%B8%E3%83%A5%E3%82%A2%E3%83%AA%E3%83%BC%E3%83%9B%E3%83%86%E3%83%AB&en=page_view&_fv=1&_nsi=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-Y1T2ZMPF96>m=45je3210&_p=1675522914&_gaz=1&cid=1927204556.1675558684&ul=en-us&sr=1280x1024&ir=1&uaW=1&_eu=EA&_s=1&sid=1675558684&sct=1&seg=0&dl=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon&dt=%E3%80%90%E5%85%AC%E5%BC%8F%E3%80%91%E3%83%AC%E3%82%B9%E3%83%88%E3%83%A9%E3%83%B3%E3%83%97%E3%83%A9%E3%83%B3%E3%81%AE%E3%81%94%E6%A1%88%E5%86%85%EF%BD%9C%E3%82%B3%E3%83%B3%E3%83%A9%E3%83%83%E3%83%89%E5%A4%A7%E9%98%AA%EF%BD%9C%E4%B8%AD%E4%B9%8B%E5%B3%B6%E3%81%AE%E3%83%A9%E3%82%B0%E3%82%B8%E3%83%A5%E3%82%A2%E3%83%AA%E3%83%BC%E3%83%9B%E3%83%86%E3%83%AB&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://conrad-osaka.hiltonjapan.co.jp
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://conrad-osaka.hiltonjapan.co.jp
date: Sun, 05 Feb 2023 00:57:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
region1.analytics.google.com/g/collect?v=2&tid=G-5NDS0DP1DE>m=45je3210&_p=1675522914&_gaz=1&cid=1927204556.1675558684&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675558684&sct=1&seg=0&dl=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon&dt=%E3%80%90%E5%85%AC%E5%BC%8F%E3%80%91%E3%83%AC%E3%82%B9%E3%83%88%E3%83%A9%E3%83%B3%E3%83%97%E3%83%A9%E3%83%B3%E3%81%AE%E3%81%94%E6%A1%88%E5%86%85%EF%BD%9C%E3%82%B3%E3%83%B3%E3%83%A9%E3%83%83%E3%83%89%E5%A4%A7%E9%98%AA%EF%BD%9C%E4%B8%AD%E4%B9%8B%E5%B3%B6%E3%81%AE%E3%83%A9%E3%82%B0%E3%82%B8%E3%83%A5%E3%82%A2%E3%83%AA%E3%83%BC%E3%83%9B%E3%83%86%E3%83%AB&en=page_view&_fv=1&_ss=1
216.239.32.36204 No Content 0 B URL HTTP/2 region1.analytics.google.com/g/collect?v=2&tid=G-5NDS0DP1DE>m=45je3210&_p=1675522914&_gaz=1&cid=1927204556.1675558684&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675558684&sct=1&seg=0&dl=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon&dt=%E3%80%90%E5%85%AC%E5%BC%8F%E3%80%91%E3%83%AC%E3%82%B9%E3%83%88%E3%83%A9%E3%83%B3%E3%83%97%E3%83%A9%E3%83%B3%E3%81%AE%E3%81%94%E6%A1%88%E5%86%85%EF%BD%9C%E3%82%B3%E3%83%B3%E3%83%A9%E3%83%83%E3%83%89%E5%A4%A7%E9%98%AA%EF%BD%9C%E4%B8%AD%E4%B9%8B%E5%B3%B6%E3%81%AE%E3%83%A9%E3%82%B0%E3%82%B8%E3%83%A5%E3%82%A2%E3%83%AA%E3%83%BC%E3%83%9B%E3%83%86%E3%83%AB&en=page_view&_fv=1&_ss=1
IP 216.239.32.36:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-5NDS0DP1DE>m=45je3210&_p=1675522914&_gaz=1&cid=1927204556.1675558684&ul=en-us&sr=1280x1024&uaW=1&_s=1&sid=1675558684&sct=1&seg=0&dl=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon&dt=%E3%80%90%E5%85%AC%E5%BC%8F%E3%80%91%E3%83%AC%E3%82%B9%E3%83%88%E3%83%A9%E3%83%B3%E3%83%97%E3%83%A9%E3%83%B3%E3%81%AE%E3%81%94%E6%A1%88%E5%86%85%EF%BD%9C%E3%82%B3%E3%83%B3%E3%83%A9%E3%83%83%E3%83%89%E5%A4%A7%E9%98%AA%EF%BD%9C%E4%B8%AD%E4%B9%8B%E5%B3%B6%E3%81%AE%E3%83%A9%E3%82%B0%E3%82%B8%E3%83%A5%E3%82%A2%E3%83%AA%E3%83%BC%E3%83%9B%E3%83%86%E3%83%AB&en=page_view&_fv=1&_ss=1 HTTP/1.1
Host: region1.analytics.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://conrad-osaka.hiltonjapan.co.jp
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
TE: trailers
HTTP/2 204 No Content
access-control-allow-origin: https://conrad-osaka.hiltonjapan.co.jp
date: Sun, 05 Feb 2023 00:57:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
stats.g.doubleclick.net/g/collect?v=2&tid=G-Y1T2ZMPF96&cid=1927204556.1675558684>m=45je3210&aip=1
64.233.165.155204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-Y1T2ZMPF96&cid=1927204556.1675558684>m=45je3210&aip=1
IP 64.233.165.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-Y1T2ZMPF96&cid=1927204556.1675558684>m=45je3210&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://conrad-osaka.hiltonjapan.co.jp
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://conrad-osaka.hiltonjapan.co.jp
date: Sun, 05 Feb 2023 00:57:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
stats.g.doubleclick.net/g/collect?v=2&tid=G-5NDS0DP1DE&cid=1927204556.1675558684>m=45je3210&aip=1
64.233.165.155204 No Content 0 B URL HTTP/2 stats.g.doubleclick.net/g/collect?v=2&tid=G-5NDS0DP1DE&cid=1927204556.1675558684>m=45je3210&aip=1
IP 64.233.165.155:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /g/collect?v=2&tid=G-5NDS0DP1DE&cid=1927204556.1675558684>m=45je3210&aip=1 HTTP/1.1
Host: stats.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://conrad-osaka.hiltonjapan.co.jp
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0
HTTP/2 204 No Content
access-control-allow-origin: https://conrad-osaka.hiltonjapan.co.jp
date: Sun, 05 Feb 2023 00:57:27 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
content-type: text/plain
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 472 B IP 142.250.74.131:0
Hash 5ac5aaa2dd1a2ab697244f3c0fe3b5b5
bb8a9aeb28cc645435760f3a9a57d85e295de419
d42327bb295e41a2b04efa1c2ad6094a3480d0010de10bb32600f4d17fe9f0d4
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:27 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 0802777552f52156b18a41dee214b713
a454c01b8e51417713dafe6b6d985f711a168e2b
8a85511688c6730ade5ca5197fccebb20c65db88cd84b1703c4ac4ad3cc2e560
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:27 GMT
Server: ECS (amb/6BB2)
Content-Length: 280
assets.adobedtm.com/5e68f1ab8856/6f5249f15557/aea07ab0138d/EX9d85f19b2bb9438d88e8200a247afa89-libraryCode_source.min.js
2.18.172.233200 OK 14 kB URL HTTP/2 assets.adobedtm.com/5e68f1ab8856/6f5249f15557/aea07ab0138d/EX9d85f19b2bb9438d88e8200a247afa89-libraryCode_source.min.js
IP 2.18.172.233:0
File type ASCII text, with very long lines (32747)
Hash 7dcf4bc38f5fedc59b257c5d4f9c46fe
ef737ed2c2d6f07d3db0309b661a758d0742e359
2eefb54c680b19c7f87fd861c58f4d0b68b5726c61793baab5ddb18e0f60c8e1
GET /5e68f1ab8856/6f5249f15557/aea07ab0138d/EX9d85f19b2bb9438d88e8200a247afa89-libraryCode_source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "12259a399dc775b3c45a34db1338347c:1675445166.361051"
last-modified: Fri, 03 Feb 2023 17:26:06 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Sun, 05 Feb 2023 01:57:28 GMT
date: Sun, 05 Feb 2023 00:57:28 GMT
content-length: 14049
access-control-allow-origin: https://conrad-osaka.hiltonjapan.co.jp
timing-allow-origin: *
X-Firefox-Spdy: h2
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_AudienceManagement.min.js
2.18.172.233200 OK 11 kB URL HTTP/2 assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_AudienceManagement.min.js
IP 2.18.172.233:0
File type Unicode text, UTF-8 text, with very long lines (24999)
Hash 202e95737e48e5074d805d01f583fab5
e3dca11bb50587362a1e657873a88b419db61846
29afe0524fd4c56bd28bf2970025a3d47b56d55f1d73935578e179b6988e0c10
GET /extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_AudienceManagement.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "d220d501715e0484d0dddeac614f902c:1663863410.217006"
last-modified: Thu, 22 Sep 2022 16:16:50 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
content-length: 8755
expires: Sun, 05 Feb 2023 01:57:28 GMT
date: Sun, 05 Feb 2023 00:57:28 GMT
cache-control: no-cache
access-control-allow-origin: https://conrad-osaka.hiltonjapan.co.jp
timing-allow-origin: *
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 3a8f191b6804fc7779af2631165a23cb
d64c7ccd78c831820e1fbe0f96f012bd8a1ea7f8
3d1128de7ff22ad54dc569850cff7895140ead9c34009a0be3a7872694f03869
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6376
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:28 GMT
Last-Modified: Sat, 04 Feb 2023 23:11:12 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
consent.trustarc.com/notice?domain=hiltongdpr.com&c=teconsent>m=1&text=true&pcookie&js=nj¬iceType=bb&oc=1
143.204.55.33200 OK 4.2 kB URL HTTP/2 consent.trustarc.com/notice?domain=hiltongdpr.com&c=teconsent>m=1&text=true&pcookie&js=nj¬iceType=bb&oc=1
IP 143.204.55.33:0
File type ASCII text, with very long lines (2892)
Hash 54ed5033df8fde5c656c6eca1f82e84c
02e89c02a4416e312b3bea0e9ab4090bc1dcc1d0
8cc5c3ecbd81c54a77a44cddae501bd8fbf557791f9efd9091d821a50fbcf420
GET /notice?domain=hiltongdpr.com&c=teconsent>m=1&text=true&pcookie&js=nj¬iceType=bb&oc=1 HTTP/1.1
Host: consent.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript;charset=UTF-8
content-length: 4163
date: Sun, 05 Feb 2023 00:57:28 GMT
content-encoding: gzip
expires: Sun, 05 Feb 2023 01:57:28 GMT
cache-control: max-age=3600
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cloudfront-viewer-country: NO
cloudfront-viewer-country-region: 03
timing-allow-origin: *
x-cache: Miss from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AWP4sp6RJNKNdNz73pzUY3JEzAVIq5MwsjFRYFt9bXgz7G6ixqxISg==
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1675558686113
52.17.182.43302 Found 0 B URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1675558686113
IP 52.17.182.43:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1675558686113 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://conrad-osaka.hiltonjapan.co.jp
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://conrad-osaka.hiltonjapan.co.jp
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-1-v045-0ba4161da.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1675558686113
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=61624036531916823811048559420513307868; Max-Age=15552000; Expires=Fri, 04 Aug 2023 00:57:28 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: ODyyIvejQrg=
Content-Length: 0
Connection: keep-alive
d.line-scdn.net/n/line_tag/public/release/v1/lt.js
23.38.201.100200 OK 9.9 kB URL HTTP/2 d.line-scdn.net/n/line_tag/public/release/v1/lt.js
IP 23.38.201.100:0
File type ASCII text, with very long lines (17280)
Hash 92dadbd5e536f7d141bb26fd725d1cb9
7cc6ef8431ceb7f21eba2911bc9b42d3076bb7c6
366ab7f187bc33cbab51de629348dca3e918066a1869cc8d53aed86d191ac5e0
GET /n/line_tag/public/release/v1/lt.js HTTP/1.1
Host: d.line-scdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: VOS
content-type: application/javascript
accept-ranges: bytes
last-modified: Wed, 30 Nov 2022 03:10:52 GMT
x-amz-version-id: QeOsX9koaYaEVSwhu6Vgw7qS-9HmTwX
x-rgw-object-type: Normal
etag: "d3d2564cc3580b0de15d9c80b04c8c6a"
x-amz-request-id: tx000006e64eda90ecbe754-006386ca0e-10fb8222-jp2
strict-transport-security: max-age=15768000
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1476862
expires: Wed, 22 Feb 2023 03:11:50 GMT
date: Sun, 05 Feb 2023 00:57:28 GMT
content-length: 9943
X-Firefox-Spdy: h2
assets.adobedtm.com/5e68f1ab8856/6f5249f15557/aea07ab0138d/RCe267924711084c2ea517049a0a0b2543-source.min.js
2.18.172.233200 OK 785 B URL HTTP/2 assets.adobedtm.com/5e68f1ab8856/6f5249f15557/aea07ab0138d/RCe267924711084c2ea517049a0a0b2543-source.min.js
IP 2.18.172.233:0
File type ASCII text, with very long lines (1191)
Hash e651c195743dbcf24857862f22299a54
ddff12e9e76bff84d3539cfba8c88bc5c5a6da09
b2bdaa91bc01586fd3402c0740dbb12cc01c4f9596fb26d801ba24ab8c880377
GET /5e68f1ab8856/6f5249f15557/aea07ab0138d/RCe267924711084c2ea517049a0a0b2543-source.min.js HTTP/1.1
Host: assets.adobedtm.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
accept-ranges: bytes
content-type: application/x-javascript
etag: "12259a399dc775b3c45a34db1338347c:1675445166.361051"
last-modified: Fri, 03 Feb 2023 17:26:06 GMT
server: AkamaiNetStorage
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=3600
expires: Sun, 05 Feb 2023 01:57:28 GMT
date: Sun, 05 Feb 2023 00:57:28 GMT
content-length: 785
access-control-allow-origin: https://conrad-osaka.hiltonjapan.co.jp
timing-allow-origin: *
X-Firefox-Spdy: h2
consent.trustarc.com/log?domain=hiltongdpr.com&country=no&state=&behavior=expressed&c=5e3f
143.204.55.33200 OK 43 B URL HTTP/2 consent.trustarc.com/log?domain=hiltongdpr.com&country=no&state=&behavior=expressed&c=5e3f
IP 143.204.55.33:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /log?domain=hiltongdpr.com&country=no&state=&behavior=expressed&c=5e3f HTTP/1.1
Host: consent.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 43
date: Sun, 05 Feb 2023 00:57:28 GMT
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
x-cache: Miss from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wDOiDVciyZQuNwsuJBuFbHtHIJFLR96WjdF4XEGU2zugQufjqVKjUQ==
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
X-Firefox-Spdy: h2
dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1675558686113
52.17.182.43200 OK 124 B URL HTTP/1.1 dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1675558686113
IP 52.17.182.43:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 1f6783349ac4177ec3b3845fd520dca6
d84e7a43a8c8ff6f1a568ad6cb4162767f5b32b7
64bc30aa6a9d9e5396bb67c6af32c31f5ca6610641f0bdea10d759281df6adca
GET /id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1675558686113 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://conrad-osaka.hiltonjapan.co.jp
Content-Type: application/x-www-form-urlencoded
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://conrad-osaka.hiltonjapan.co.jp
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v045-093807daf.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-Error: 172
X-TID: nJb5nQcvR4c=
Content-Length: 124
Connection: keep-alive
consent-pref.trustarc.com/images/loading.gif
143.204.55.57200 OK 2.6 kB URL HTTP/2 consent-pref.trustarc.com/images/loading.gif
IP 143.204.55.57:0
File type GIF image data, version 89a, 31 x 31\012- data
Hash 394bafc3cc4dfb3a0ee48c1f54669539
5640ea4d0eba1c390f587ec69463c9a5196b7fa2
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
GET /images/loading.gif HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 2608
server: nginx
accept-ranges: bytes
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
date: Sat, 04 Feb 2023 08:59:33 GMT
etag: W/"2608-1672991998000"
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FE7rwHEQ45aocSrPRPdXcDVCMmHZDQXyLVWfinp6QYfS0hjlzb4xcA==
age: 57475
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Origin
X-Firefox-Spdy: h2
consent.trustarc.com/noticemsg?action=consent&domain=hiltongdpr.com&behavior=expressed&country=no&language=en&rand=0.23614691493034057
143.204.55.33200 OK 43 B URL HTTP/2 consent.trustarc.com/noticemsg?action=consent&domain=hiltongdpr.com&behavior=expressed&country=no&language=en&rand=0.23614691493034057
IP 143.204.55.33:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash db04c7b378cb2db912c3ba8a5a774ee3
dee34bd86c3484d31002182aa2b7caa4699126b8
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
GET /noticemsg?action=consent&domain=hiltongdpr.com&behavior=expressed&country=no&language=en&rand=0.23614691493034057 HTTP/1.1
Host: consent.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 43
date: Sun, 05 Feb 2023 00:57:28 GMT
cache-control: max-age=3600
pragma: no-cache
expires: Sun, 05 Feb 2023 01:57:28 GMT
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cloudfront-viewer-country: NO
cloudfront-viewer-country-region: 03
timing-allow-origin: *
x-cache: Miss from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zCJoCZm55-Jzx0mIMn36Ju2l5k_EaX1qC5NHWLgPTh_-fsSpqXHe6Q==
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
X-Firefox-Spdy: h2
d2cli4kgl5uxre.cloudfront.net/js/h/val.html?a0v5la7bquf89=&acid=&trackingid=
54.230.111.119200 OK 15 kB URL HTTP/2 d2cli4kgl5uxre.cloudfront.net/js/h/val.html?a0v5la7bquf89=&acid=&trackingid=
IP 54.230.111.119:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (14955), with no line terminators
Hash 4fe9088bce7cb730680b930054492124
64bfeb16f1c1631b24cdc391d5f01a031d4b4a38
3f50141fb42d9e30dbc525e2acf111e27f40e0957303144909c1c8d3885e6ee0
GET /js/h/val.html?a0v5la7bquf89=&acid=&trackingid= HTTP/1.1
Host: d2cli4kgl5uxre.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html
content-length: 14955
last-modified: Mon, 10 Oct 2022 09:17:12 GMT
x-amz-version-id: 5H82oy8DzGfPgn50RaNmMTQosnA7YxRG
accept-ranges: bytes
server: AmazonS3
date: Sat, 04 Feb 2023 07:16:06 GMT
etag: "4fe9088bce7cb730680b930054492124"
x-cache: Hit from cloudfront
via: 1.1 227a1815a1677b9cf6dd587e443000b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KSV3ZeJT33ExPcnhRaLuP2ApP6dsZIcxDPhYvVlFm3kt0pw5d60RSw==
age: 63909
vary: Origin
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsgccr3dvtlsca2020
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsgccr3dvtlsca2020
IP 104.18.21.226:0
Hash 2e811ee225311f7d94b1166a08f7f53d
63ff0cde629c1023ceb0b1c74dfeac27464ee726
aa6743e5c256dc52c3e413179e23d77ab9fe29cbe7f0b741b6261a2969b37041
POST /gsgccr3dvtlsca2020 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 00:57:28 GMT
Content-Type: application/ocsp-response
Content-Length: 1414
Connection: keep-alive
Expires: Wed, 08 Feb 2023 21:33:03 GMT
ETag: "63ff0cde629c1023ceb0b1c74dfeac27464ee726"
Last-Modified: Sat, 04 Feb 2023 21:33:04 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 3197
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7947b13368510b59-OSL
consent-pref.trustarc.com/defaultpreferencemanager/truste
143.204.55.57200 OK 469 B URL HTTP/2 consent-pref.trustarc.com/defaultpreferencemanager/truste
IP 143.204.55.57:0
File type ASCII text, with very long lines (969), with no line terminators
Hash 01064096d38fe642f21364057c6ed847
93bb118ec04f1206a3a139ab402928d84da3547b
d4115f3236400bed58337b4590edec46d1306237a78f8f652ea57cc8af9c048f
POST /defaultpreferencemanager/truste HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Content-Type: text/x-gwt-rpc; charset=utf-8
X-GWT-Permutation: 9F5DDAD4256889D2A2BB0A3140E8B74B
X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
Content-Length: 181
Origin: https://consent-pref.trustarc.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=utf-8
content-length: 469
date: Sun, 05 Feb 2023 00:57:28 GMT
server: nginx
content-encoding: gzip
content-disposition: attachment
x-cache: Miss from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 23zux_tlfLnu2bzoAQJq0CTFsb60MIOcrPERj3F-oUqgZG3a7kbGGw==
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
consent-pref.trustarc.com/defaultpreferencemanager/truste
143.204.55.57200 OK 48 B URL HTTP/2 consent-pref.trustarc.com/defaultpreferencemanager/truste
IP 143.204.55.57:0
File type ASCII text, with no line terminators
Hash 9587670fc6b51e344311644fbcf4850c
01b81e5c6edeaefd9368372a93d33d974862a391
b811590df8e711b64ef5c645bc79c6d417bba0b8d6d002a148a0a08c76241096
POST /defaultpreferencemanager/truste HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Content-Type: text/x-gwt-rpc; charset=utf-8
X-GWT-Permutation: 9F5DDAD4256889D2A2BB0A3140E8B74B
X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
Content-Length: 180
Origin: https://consent-pref.trustarc.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=utf-8
content-length: 48
date: Sun, 05 Feb 2023 00:57:28 GMT
server: nginx
content-disposition: attachment
x-cache: Miss from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 3od1XXBo3xJ5q7hg7TDx_gcx_hdOGDsW_IrUdL_1qChbwngMkv9Ylw==
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
trace.mediago.io/api/log/track?tn=f9f2b1ef23fe2759c2cad0953029a94b&winloss=1&fe=2&pixel_funnel=101&random_t=1675558686563_75
35.208.249.213200 OK 0 B URL HTTP/2 trace.mediago.io/api/log/track?tn=f9f2b1ef23fe2759c2cad0953029a94b&winloss=1&fe=2&pixel_funnel=101&random_t=1675558686563_75
IP 35.208.249.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/log/track?tn=f9f2b1ef23fe2759c2cad0953029a94b&winloss=1&fe=2&pixel_funnel=101&random_t=1675558686563_75 HTTP/1.1
Host: trace.mediago.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
set-cookie: __mguid_=6e456d52ccd2c25ff4ddac8161bd710f; Path=/; Domain=mediago.io; Max-Age=31536000; Secure; SameSite=None
date: Sun, 05 Feb 2023 00:57:28 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
trace.mediago.io/api/log/track?tn=f9f2b1ef23fe2759c2cad0953029a94b&winloss=1&fe=2&pixel_funnel=103&random_t=1675558686767_6
35.208.249.213200 OK 0 B URL HTTP/2 trace.mediago.io/api/log/track?tn=f9f2b1ef23fe2759c2cad0953029a94b&winloss=1&fe=2&pixel_funnel=103&random_t=1675558686767_6
IP 35.208.249.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/log/track?tn=f9f2b1ef23fe2759c2cad0953029a94b&winloss=1&fe=2&pixel_funnel=103&random_t=1675558686767_6 HTTP/1.1
Host: trace.mediago.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
set-cookie: __mguid_=6e456d52ccd2c25ff4ddac8161bd710f; Path=/; Domain=mediago.io; Max-Age=31536000; Secure; SameSite=None
date: Sun, 05 Feb 2023 00:57:28 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
trace.mediago.io/api/log/track?tn=f9f2b1ef23fe2759c2cad0953029a94b&winloss=1&fe=2&pixel_funnel=105&iframeAcid=undefined&trueAcid=null&configResource=undefined&random_t=1675558686768_8
35.208.249.213200 OK 0 B URL HTTP/2 trace.mediago.io/api/log/track?tn=f9f2b1ef23fe2759c2cad0953029a94b&winloss=1&fe=2&pixel_funnel=105&iframeAcid=undefined&trueAcid=null&configResource=undefined&random_t=1675558686768_8
IP 35.208.249.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/log/track?tn=f9f2b1ef23fe2759c2cad0953029a94b&winloss=1&fe=2&pixel_funnel=105&iframeAcid=undefined&trueAcid=null&configResource=undefined&random_t=1675558686768_8 HTTP/1.1
Host: trace.mediago.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
set-cookie: __mguid_=6e456d52ccd2c25ff4ddac8161bd710f; Path=/; Domain=mediago.io; Max-Age=31536000; Secure; SameSite=None
date: Sun, 05 Feb 2023 00:57:28 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
trace.mediago.io/api/log/track?tn=f9f2b1ef23fe2759c2cad0953029a94b&winloss=1&fe=2&pixel_funnel=104&random_t=1675558686767_36
35.208.249.213200 OK 0 B URL HTTP/2 trace.mediago.io/api/log/track?tn=f9f2b1ef23fe2759c2cad0953029a94b&winloss=1&fe=2&pixel_funnel=104&random_t=1675558686767_36
IP 35.208.249.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/log/track?tn=f9f2b1ef23fe2759c2cad0953029a94b&winloss=1&fe=2&pixel_funnel=104&random_t=1675558686767_36 HTTP/1.1
Host: trace.mediago.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
set-cookie: __mguid_=6e456d52ccd2c25ff4ddac8161bd710f; Path=/; Domain=mediago.io; Max-Age=31536000; Secure; SameSite=None
date: Sun, 05 Feb 2023 00:57:28 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
trace.mediago.io/api/log/track?tn=f9f2b1ef23fe2759c2cad0953029a94b&winloss=1&fe=2&pixel_funnel=102&random_t=1675558686721_34
35.208.249.213200 OK 0 B URL HTTP/2 trace.mediago.io/api/log/track?tn=f9f2b1ef23fe2759c2cad0953029a94b&winloss=1&fe=2&pixel_funnel=102&random_t=1675558686721_34
IP 35.208.249.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/log/track?tn=f9f2b1ef23fe2759c2cad0953029a94b&winloss=1&fe=2&pixel_funnel=102&random_t=1675558686721_34 HTTP/1.1
Host: trace.mediago.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
set-cookie: __mguid_=6e456d52ccd2c25ff4ddac8161bd710f; Path=/; Domain=mediago.io; Max-Age=31536000; Secure; SameSite=None
date: Sun, 05 Feb 2023 00:57:28 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
trace.mediago.io/api/log/track?tn=f9f2b1ef23fe2759c2cad0953029a94b&winloss=1&fe=2&pixel_funnel=106&random_t=1675558686768_17
35.208.249.213200 OK 0 B URL HTTP/2 trace.mediago.io/api/log/track?tn=f9f2b1ef23fe2759c2cad0953029a94b&winloss=1&fe=2&pixel_funnel=106&random_t=1675558686768_17
IP 35.208.249.213:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/log/track?tn=f9f2b1ef23fe2759c2cad0953029a94b&winloss=1&fe=2&pixel_funnel=106&random_t=1675558686768_17 HTTP/1.1
Host: trace.mediago.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
set-cookie: __mguid_=6e456d52ccd2c25ff4ddac8161bd710f; Path=/; Domain=mediago.io; Max-Age=31536000; Secure; SameSite=None
date: Sun, 05 Feb 2023 00:57:28 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 8fdf9a6c4331f07c0f07844103808bfe
fcae031f2472194100927eafe22484034c16fa96
16d643cea12f0f6302c6ec315e7be9e28cfd3c8156f3d7ee2bc1f10e3db27075
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 00:57:29 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 19:57:34 GMT
Expires: Sat, 11 Feb 2023 19:57:33 GMT
Etag: "fcae031f2472194100927eafe22484034c16fa96"
Cache-Control: max-age=586204,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb4
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7947b1331e381c16-OSL
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash 5a8778f34573ab5cc8e892aca75f2dab
0688c4541a6d7d61b12ced24e361463e61106c03
4520879318855f356c43adef2b3908d5c5b2260b17dcfcd988b2b93c968fcbcc
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 00:57:29 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 08 Feb 2023 23:00:05 GMT
ETag: "0688c4541a6d7d61b12ced24e361463e61106c03"
Last-Modified: Sat, 04 Feb 2023 23:00:06 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 2014
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7947b13468f30b59-OSL
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 221154e2839fc5e247a29cdbadfe63a5
23ab4354f9473e510370b49d6b25b3931e521523
bac67369015324dcdc806b9848dd8fd14615f46a2843aae0e7466b4a20047a0f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:29 GMT
Etag: "63dd436f-1d7"
Server: ECS (amb/6BA3)
Content-Length: 471
smetric.hilton.com/id?d_visid_ver=5.5.0&d_fieldgroup=MC&mcorgid=F0C120B3534685700A490D45%40AdobeOrg&ts=1675558686844
13.37.25.97200 OK 48 B URL HTTP/2 smetric.hilton.com/id?d_visid_ver=5.5.0&d_fieldgroup=MC&mcorgid=F0C120B3534685700A490D45%40AdobeOrg&ts=1675558686844
IP 13.37.25.97:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ec26ac18548549973530281808f5988b
75a48dd9b2e9a8187c4c5ff67911ca06411108bb
7613661fd4360891bc8f0da00946ec7f0221e89f3d895ac6b4cef80f852277ba
GET /id?d_visid_ver=5.5.0&d_fieldgroup=MC&mcorgid=F0C120B3534685700A490D45%40AdobeOrg&ts=1675558686844 HTTP/1.1
Host: smetric.hilton.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://conrad-osaka.hiltonjapan.co.jp
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: https://conrad-osaka.hiltonjapan.co.jp
access-control-allow-credentials: true
date: Sun, 05 Feb 2023 00:57:29 GMT
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=0%7CMCMID%7C05159772485232401742393190965700454428; Path=/; Domain=hilton.com; Max-Age=63072000; Expires=Tue, 04 Feb 2025 00:57:57 GMT; SameSite=None; Secure
s_ecid=MCMID%7C05159772485232401742393190965700454428; Path=/; Domain=hilton.com; Max-Age=63072000; Expires=Tue, 04 Feb 2025 00:57:57 GMT; SameSite=None; Secure
vary: Origin
content-type: application/x-javascript;charset=utf-8
content-length: 48
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 1f66e2126f907d21a8696d8688477fa1
2e7017efb0fb22cbf63bfcaae4c46b09a2f96b4e
411133daa8d9893dfe4e47f6260c70ac66f4eda68ea146831b2dc34c3dcd4bfe
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=157140
Date: Sun, 05 Feb 2023 00:57:29 GMT
Etag: "63dec1cd-1d7"
Expires: Mon, 06 Feb 2023 20:36:29 GMT
Last-Modified: Sat, 04 Feb 2023 20:36:29 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: jDie08rvxJpac7chvjFstENI1ul0GDn9qLbph9yRPdbti1ZbUwenCQ==
consent-pref.trustarc.com/EuPreferenceManager.css
143.204.55.57200 OK 7.2 kB URL HTTP/2 consent-pref.trustarc.com/EuPreferenceManager.css
IP 143.204.55.57:0
Hash be356fa9c6214ae0f3bcd7da0b5db713
fe1edfc3bf3f02b12b5ff2e43134a654925f75fd
06361af36ac44d24b0fddd9843fe04a12d1cc3c4ee485b77ef63b340f10d9bc7
GET /EuPreferenceManager.css HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Connection: keep-alive
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
server: nginx
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
content-encoding: gzip
date: Sun, 05 Feb 2023 00:57:28 GMT
expires: Sun, 05 Feb 2023 00:57:27 GMT
cache-control: no-cache
etag: W/"29043-1672991998000"
x-cache: RefreshHit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: M3aS9DxBkDP0w155guDB6kefxQWVPFgdiMMI49V-LIZIVuTsJJxWmQ==
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 1f66e2126f907d21a8696d8688477fa1
2e7017efb0fb22cbf63bfcaae4c46b09a2f96b4e
411133daa8d9893dfe4e47f6260c70ac66f4eda68ea146831b2dc34c3dcd4bfe
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=157140
Date: Sun, 05 Feb 2023 00:57:29 GMT
Etag: "63dec1cd-1d7"
Expires: Mon, 06 Feb 2023 20:36:29 GMT
Last-Modified: Sat, 04 Feb 2023 20:36:29 GMT
Server: nginx
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: VL0quuLPPv9KK8xhkbRXmjLC-bQMNJ3Xnp76MIS2065O0aDwsdrm8A==
dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&d_mid=05159772485232401742393190965700454428&ts=1675558687212
52.17.182.43200 OK 1.7 kB URL HTTP/1.1 dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&d_mid=05159772485232401742393190965700454428&ts=1675558687212
IP 52.17.182.43:0
File type JSON data\012- , ASCII text, with very long lines (5444), with no line terminators
Hash 1f75ac443f9757bf9f65a6023264e51f
dd2fd26b3c1787852670489a51271a86975bb139
9e9c1dcea2d7f28a26b770e3e2de5d12b36a1ccc07a11b741afb38ebb95fe66b
GET /id?d_visid_ver=5.5.0&d_fieldgroup=AAM&d_rtbd=json&d_ver=2&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&d_mid=05159772485232401742393190965700454428&ts=1675558687212 HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Origin: https://conrad-osaka.hiltonjapan.co.jp
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: https://conrad-osaka.hiltonjapan.co.jp
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: application/json;charset=utf-8
DCS: dcs-prod-irl1-2-v045-0a4852727.edge-irl1.demdex.com 2 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=05138956195054683212395621732000340307; Max-Age=15552000; Expires=Fri, 04 Aug 2023 00:57:29 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
Vary: Origin
X-TID: bavd3M/qTSc=
Content-Length: 1711
Connection: keep-alive
consent-pref.trustarc.com/defaultpreferencemanager/truste
143.204.55.57200 OK 398 B URL HTTP/2 consent-pref.trustarc.com/defaultpreferencemanager/truste
IP 143.204.55.57:0
File type ASCII text, with very long lines (910), with no line terminators
Hash 92aa447af9ce924e41b5a6c94d6d3c28
1e11097fdbe90ee9ec08d36ea2ee346f1b53decb
c225af078d467139e8e84986ef37ed7109b4379cc65881cd967abb61e1cc433f
POST /defaultpreferencemanager/truste HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Content-Type: text/x-gwt-rpc; charset=utf-8
X-GWT-Permutation: 9F5DDAD4256889D2A2BB0A3140E8B74B
X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
Content-Length: 246
Origin: https://consent-pref.trustarc.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=utf-8
content-length: 398
date: Sun, 05 Feb 2023 00:57:29 GMT
server: nginx
content-encoding: gzip
content-disposition: attachment
x-cache: Miss from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: tdq4YVMNT8mkA-8cUiEv-yZBxkMVS3PZBVAjtsegqChibunUnWtIKA==
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
cdn9.forter.com/vchk2/v1/7bea59cd3d1c287f3d25ba1918fc02eda2e1975f2d894e6cb8b4375ab8929740ac7f4bc9661252efdff441dca571
143.204.55.38200 OK 4.2 kB URL HTTP/2 cdn9.forter.com/vchk2/v1/7bea59cd3d1c287f3d25ba1918fc02eda2e1975f2d894e6cb8b4375ab8929740ac7f4bc9661252efdff441dca571
IP 143.204.55.38:0
File type gzip compressed data, from FAT filesystem (MS-DOS, OS/2, NT)\012- data
Hash 1deb666082635f0fb442a7a5cffb8339
74619d472d1660e0e88435bc88b78286e26cae45
a6d979849655dc494eaf6b27f6cf6bb14e6fa3c02b2039938c69f4931f1c4108
GET /vchk2/v1/7bea59cd3d1c287f3d25ba1918fc02eda2e1975f2d894e6cb8b4375ab8929740ac7f4bc9661252efdff441dca571 HTTP/1.1
Host: cdn9.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: eyJyIjowLjc4ODY0NjUzMjU0ODA4MTQsInUiOiI1ZTNmMWY0NDAxODM0YjRiYmI5ZDMxODkwYmY1N2ZlZCIsInMiOiI0ZGMyYWE4MmJjNWUifQ==
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://conrad-osaka.hiltonjapan.co.jp
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:57:29 GMT
access-control-allow-origin: *
timing-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kTsjANApfw3VALqf2h3Y7D9zvWsqNa52gx1lLrFr9iGR9xIBswIYBg==
X-Firefox-Spdy: h2
tm.r-ad.ne.jp/54/rardm_prd_b97fbbcc-672f-46df-9f5c-b09ab8e62fe1.js
54.92.102.2200 OK 6.6 kB URL HTTP/2 tm.r-ad.ne.jp/54/rardm_prd_b97fbbcc-672f-46df-9f5c-b09ab8e62fe1.js
IP 54.92.102.2:0
File type Unicode text, UTF-8 text, with very long lines (18800)
Hash bae5e8a3813834319c1650aa0f7e77c8
36ed17f3a7c20cfec3803295661350acb2560e8a
a1a9e28f5722efd0886a06a9baf06329b4ffce51097312943164bee41cb09d14
GET /54/rardm_prd_b97fbbcc-672f-46df-9f5c-b09ab8e62fe1.js HTTP/1.1
Host: tm.r-ad.ne.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:57:29 GMT
content-type: text/javascript; charset=utf-8
content-length: 6576
server: nginx
p3p: CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
content-encoding: gzip
etag: "a1a9e28f5722efd0886a06a9baf06329b4ffce51097312943164bee41cb09d14"
vary: Accept-Encoding,Cookie
cache-control: max-age=300
X-Firefox-Spdy: h2
smetric.hilton.com/b/ss/hiltonglobalprod/10/JS-2.21.0-LCXS/s47862690430133?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=5%2F1%2F2023%200%3A58%3A7%200%200&d.&nsid=0&jsonv=1&.d&mid=05159772485232401742393190965700454428&aamlh=6&ce=UTF-8&pageName=ConradOsaka%3Aplans%3Arestaurants%3Aplan-cat%3Aafternoon&g=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon&c.&getQueryParam=4.0&getPreviousValue=3.0&.c&cc=USD&ch=plans&products=%3BOSACICI&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&c1=OSACICI&c2=D%3Dv59&c3=D%3Dv24&c4=Logged-out&c6=images%2Ctext&c8=ConradOsaka&c9=D%3Dv46&v10=%2B1&c11=D%3Dv40&c12=D%3Dv63&c13=D%3Dv150&c14=%E3%83%AC%E3%82%B9%E3%83%88%E3%83%A9%E3%83%B3%E3%83%97%E3%83%A9%E3%83%B3%E3%81%AE%E3%81%94%E6%A1%88%E5%86%85%EF%BD%9C%E3%82%B3%E3%83%B3%E3%83%A9%E3%83%83%E3%83%89%E5%A4%A7%E9%98%AA%EF%BD%9C%E4%B8%AD%E4%B9%8B%E5%B3%B6%E3%81%AE%E3%83%A9%E3%82%B0%E3%82%B8%E3%83%A5%E3%82%A2%E3%83%AA%E3%83%BC%E3%83%9B%E3%83%86%E3%83%AB&c15=R&c16=D%3Dv49&c17=restaurants&v17=D%3Dv18&c18=plan-cat&c24=conrad-osaka.hiltonjapan.co.jp&v24=ja&v25=Logged-out&v27=ConradOsaka%3Aplans%3Arestaurants%3Aplan-cat%3Aafternoon&c28=D%3Dv9&c35=D%3Dv135&c37=D%3Dv24&c38=D%3Dv59&c39=D%3Dv46&v43=D%3Dc8&v46=plans&v47=D%3Dc15&v49=L&c52=core.page-bottom%7C%7Cundefined%7CGW%20-%20Global%20Standard%20%28AT%29&c53=2023-2-5%200%3A58%3A7&v59=ch&v111=Control%20Group&v135=old%20hilton&v150=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&mcorgid=F0C120B3534685700A490D45%40AdobeOrg&AQE=1
13.37.25.97200 OK 5.9 kB URL HTTP/2 smetric.hilton.com/b/ss/hiltonglobalprod/10/JS-2.21.0-LCXS/s47862690430133?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=5%2F1%2F2023%200%3A58%3A7%200%200&d.&nsid=0&jsonv=1&.d&mid=05159772485232401742393190965700454428&aamlh=6&ce=UTF-8&pageName=ConradOsaka%3Aplans%3Arestaurants%3Aplan-cat%3Aafternoon&g=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon&c.&getQueryParam=4.0&getPreviousValue=3.0&.c&cc=USD&ch=plans&products=%3BOSACICI&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&c1=OSACICI&c2=D%3Dv59&c3=D%3Dv24&c4=Logged-out&c6=images%2Ctext&c8=ConradOsaka&c9=D%3Dv46&v10=%2B1&c11=D%3Dv40&c12=D%3Dv63&c13=D%3Dv150&c14=%E3%83%AC%E3%82%B9%E3%83%88%E3%83%A9%E3%83%B3%E3%83%97%E3%83%A9%E3%83%B3%E3%81%AE%E3%81%94%E6%A1%88%E5%86%85%EF%BD%9C%E3%82%B3%E3%83%B3%E3%83%A9%E3%83%83%E3%83%89%E5%A4%A7%E9%98%AA%EF%BD%9C%E4%B8%AD%E4%B9%8B%E5%B3%B6%E3%81%AE%E3%83%A9%E3%82%B0%E3%82%B8%E3%83%A5%E3%82%A2%E3%83%AA%E3%83%BC%E3%83%9B%E3%83%86%E3%83%AB&c15=R&c16=D%3Dv49&c17=restaurants&v17=D%3Dv18&c18=plan-cat&c24=conrad-osaka.hiltonjapan.co.jp&v24=ja&v25=Logged-out&v27=ConradOsaka%3Aplans%3Arestaurants%3Aplan-cat%3Aafternoon&c28=D%3Dv9&c35=D%3Dv135&c37=D%3Dv24&c38=D%3Dv59&c39=D%3Dv46&v43=D%3Dc8&v46=plans&v47=D%3Dc15&v49=L&c52=core.page-bottom%7C%7Cundefined%7CGW%20-%20Global%20Standard%20%28AT%29&c53=2023-2-5%200%3A58%3A7&v59=ch&v111=Control%20Group&v135=old%20hilton&v150=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&mcorgid=F0C120B3534685700A490D45%40AdobeOrg&AQE=1
IP 13.37.25.97:0
File type ASCII text, with very long lines (5887)
Hash aefd53e9c5afa418156c5dc8bf92de38
73b0fafb8a1194f4bcd2f63d7e2a60a01683f94c
25ed5e199806a59fb9a7becdb1fecba14514a841b135daa76ade3bde54703a88
GET /b/ss/hiltonglobalprod/10/JS-2.21.0-LCXS/s47862690430133?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=5%2F1%2F2023%200%3A58%3A7%200%200&d.&nsid=0&jsonv=1&.d&mid=05159772485232401742393190965700454428&aamlh=6&ce=UTF-8&pageName=ConradOsaka%3Aplans%3Arestaurants%3Aplan-cat%3Aafternoon&g=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon&c.&getQueryParam=4.0&getPreviousValue=3.0&.c&cc=USD&ch=plans&products=%3BOSACICI&aamb=j8Odv6LonN4r3an7LhD3WZrU1bUpAkFkkiY1ncBR96t2PTI&c1=OSACICI&c2=D%3Dv59&c3=D%3Dv24&c4=Logged-out&c6=images%2Ctext&c8=ConradOsaka&c9=D%3Dv46&v10=%2B1&c11=D%3Dv40&c12=D%3Dv63&c13=D%3Dv150&c14=%E3%83%AC%E3%82%B9%E3%83%88%E3%83%A9%E3%83%B3%E3%83%97%E3%83%A9%E3%83%B3%E3%81%AE%E3%81%94%E6%A1%88%E5%86%85%EF%BD%9C%E3%82%B3%E3%83%B3%E3%83%A9%E3%83%83%E3%83%89%E5%A4%A7%E9%98%AA%EF%BD%9C%E4%B8%AD%E4%B9%8B%E5%B3%B6%E3%81%AE%E3%83%A9%E3%82%B0%E3%82%B8%E3%83%A5%E3%82%A2%E3%83%AA%E3%83%BC%E3%83%9B%E3%83%86%E3%83%AB&c15=R&c16=D%3Dv49&c17=restaurants&v17=D%3Dv18&c18=plan-cat&c24=conrad-osaka.hiltonjapan.co.jp&v24=ja&v25=Logged-out&v27=ConradOsaka%3Aplans%3Arestaurants%3Aplan-cat%3Aafternoon&c28=D%3Dv9&c35=D%3Dv135&c37=D%3Dv24&c38=D%3Dv59&c39=D%3Dv46&v43=D%3Dc8&v46=plans&v47=D%3Dc15&v49=L&c52=core.page-bottom%7C%7Cundefined%7CGW%20-%20Global%20Standard%20%28AT%29&c53=2023-2-5%200%3A58%3A7&v59=ch&v111=Control%20Group&v135=old%20hilton&v150=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon&s=1280x1024&c=24&j=1.6&v=N&k=N&bw=1280&bh=939&mcorgid=F0C120B3534685700A490D45%40AdobeOrg&AQE=1 HTTP/1.1
Host: smetric.hilton.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Cookie: AMCV_F0C120B3534685700A490D45%40AdobeOrg=0%7CMCMID%7C05159772485232401742393190965700454428; s_ecid=MCMID%7C05159772485232401742393190965700454428
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
access-control-allow-origin: *
date: Sun, 05 Feb 2023 00:57:29 GMT
expires: Sat, 04 Feb 2023 00:57:29 GMT
last-modified: Mon, 06 Feb 2023 00:57:29 GMT
pragma: no-cache
p3p: CP="This is not a P3P policy"
server: jag
set-cookie: s_ecid=MCMID%7C05159772485232401742393190965700454428; Path=/; Domain=hilton.com; Max-Age=63072000; Expires=Tue, 04 Feb 2025 00:57:57 GMT; SameSite=None; Secure
etag: 3598234800528719872-4619617905820060538
vary: *
dcs: dcs-prod-irl1-2-v045-00fcfd78a.edge-irl1.demdex.com 6 ms
x-aam-tid: A8itEYUaQqA=
content-type: application/x-javascript;charset=utf-8
content-length: 5888
strict-transport-security: max-age=31536000; includeSubDomains
cache-control: no-cache, no-store, max-age=0, no-transform, private
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
X-Firefox-Spdy: h2
consent-pref.trustarc.com/images/trustarc-logo-small.png
143.204.55.57200 OK 4.2 kB URL HTTP/2 consent-pref.trustarc.com/images/trustarc-logo-small.png
IP 143.204.55.57:0
File type PNG image data, 198 x 34, 8-bit/color RGBA, non-interlaced\012- data
Hash 01e1b7108fa9f6b54f403309a1616588
e3328418159b7371b64a6cff199b2812c4d0b9c1
91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004
GET /images/trustarc-logo-small.png HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 4197
server: nginx
accept-ranges: bytes
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
date: Sat, 04 Feb 2023 07:45:18 GMT
etag: W/"4197-1672991998000"
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AHCTi-iHGir29yO0I9ZyoHEvtjC2nnK5Czl6sBBlpq78nRrZByh2IQ==
age: 61953
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Origin
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 280 B IP 93.184.220.29:0
Hash 0802777552f52156b18a41dee214b713
a454c01b8e51417713dafe6b6d985f711a168e2b
8a85511688c6730ade5ca5197fccebb20c65db88cd84b1703c4ac4ad3cc2e560
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:29 GMT
Server: ECS (amb/6BAC)
Content-Length: 280
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 3f28170eb3d1aa3ccf2d0b76d8fd152b
135ef7cdb654085d2d4779b917a09020cdea06e0
db147bcda2e2d5e77e93d44c297ad6ce38ad0707ed9ebf57a542d9270e6677f5
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 05 Feb 2023 00:57:29 GMT
Last-Modified: Sat, 04 Feb 2023 23:59:36 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: t2G1i-hXZkkFPyFqIvxnqzUq9tdYvBW9VAKEucNnJDFco_PTaAYoyQ==
Age: 3473
www.tablecheck.com/en/widget/chains/58dba87d342fc4b22c004657.json
54.199.91.54200 OK 0 B URL HTTP/1.1 www.tablecheck.com/en/widget/chains/58dba87d342fc4b22c004657.json
IP 54.199.91.54:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /en/widget/chains/58dba87d342fc4b22c004657.json HTTP/1.1
Host: www.tablecheck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: GET
Access-Control-Request-Headers: content-type
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Origin: https://conrad-osaka.hiltonjapan.co.jp
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers:
Access-Control-Max-Age: 7200
Date: Sun, 05 Feb 2023 00:57:29 GMT
Content-Length: 0
Connection: keep-alive
consent.trustarc.com/asset/notice.js/v/v1.7-10255
143.204.55.33200 OK 24 kB URL HTTP/2 consent.trustarc.com/asset/notice.js/v/v1.7-10255
IP 143.204.55.33:0
Hash 3e23f6e2cb8b620a1ad0fbe265dcc2d9
859c0b5d3c0f7c35d4f6d7c2cf56d0234081db79
97e45dc8a27015eb2dda3be309043d919153f6594c0973a0b4645dd23a110100
GET /asset/notice.js/v/v1.7-10255 HTTP/1.1
Host: consent.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://conrad-osaka.hiltonjapan.co.jp
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
last-modified: Wed, 18 Jan 2023 04:54:48 GMT
pragma: public
timing-allow-origin: *
content-encoding: gzip
date: Sun, 05 Feb 2023 00:12:44 GMT
expires: Tue, 07 Mar 2023 00:12:44 GMT
cache-control: max-age=2592000
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SFR3blKsC8zXzYAxiV00E4PQ6vczOdQg6TZS1eQjbgs2wqzYxnYuMw==
age: 2684
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
hilton.demdex.net/dest5.html?d_nsid=0
34.251.134.200200 OK 2.8 kB URL HTTP/1.1 hilton.demdex.net/dest5.html?d_nsid=0
IP 34.251.134.200:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (550)
Hash ccbdcb1e84c241950763ec4cd516cdfc
55dfa8d4b09c5c3a80fcd101152f6ebed3d27a2c
de9ccb9b168945a24f20edc28c39be4135b328129ba8ee378401a7aedc925d12
GET /dest5.html?d_nsid=0 HTTP/1.1
Host: hilton.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: text/html;charset=UTF-8
date: Sun, 5 Feb 2023 00:57:29 GMT
DCS: dcs-prod-irl1-1-v045-0078884aa.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
last-modified: Fri, 28 Oct 2022 11:02:56 GMT
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
vary: accept-encoding
X-TID: kqBWH7FxSs8=
transfer-encoding: chunked
Connection: keep-alive
ocsp.pki.goog/s/gts1d4/M6TVPIuGmA4
142.250.74.131200 OK 471 B URL HTTP/1.1 ocsp.pki.goog/s/gts1d4/M6TVPIuGmA4
IP 142.250.74.131:0
Hash 4d274dffb2984440858e621f776e11a0
f67df26289a7389c8ff59c72d28458e653a10931
4b501f4a578cc32b941b562b95fbc8ba1413937bcebe5ecf4b6d82e0708b4276
POST /s/gts1d4/M6TVPIuGmA4 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:29 GMT
Cache-Control: public, max-age=14400
Server: scaffolding on HTTPServer2
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ac85d3e0a8ec2827b2e3f0eca3336919
4b630e134dcb05e77c44e313f22f2214b51841a2
d1747dfa46c4ca2dcc3239bd1376ae7401b4b3e7b8d260dc4162b9b8208cd6f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3387
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:29 GMT
Last-Modified: Sun, 05 Feb 2023 00:01:02 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
www.facebook.com/tr/?id=967617709996912&ev=Adobe-Audience-Manager-Segment&cd[segID]=15300019,22365141&noscript=1
157.240.221.35200 OK 0 B URL HTTP/2 www.facebook.com/tr/?id=967617709996912&ev=Adobe-Audience-Manager-Segment&cd[segID]=15300019,22365141&noscript=1
IP 157.240.221.35:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tr/?id=967617709996912&ev=Adobe-Audience-Manager-Segment&cd[segID]=15300019,22365141&noscript=1 HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hilton.demdex.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400
date: Sun, 05 Feb 2023 00:57:29 GMT
X-Firefox-Spdy: h2
googleads.g.doubleclick.net/pagead/viewthroughconversion/1005930085/?value=0&guid=ON&script=0&data=23583573
142.250.74.162302 Found 42 B URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/1005930085/?value=0&guid=ON&script=0&data=23583573
IP 142.250.74.162:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/viewthroughconversion/1005930085/?value=0&guid=ON&script=0&data=23583573 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://hilton.demdex.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 00:57:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
location: https://www.google.com/pagead/1p-user-list/1005930085/?value=0&guid=ON&script=0&data=23583573&is_vtc=1&random=2190428592
content-type: image/gif
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 05-Feb-2023 01:12:29 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash ac85d3e0a8ec2827b2e3f0eca3336919
4b630e134dcb05e77c44e313f22f2214b51841a2
d1747dfa46c4ca2dcc3239bd1376ae7401b4b3e7b8d260dc4162b9b8208cd6f7
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3387
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:29 GMT
Last-Modified: Sun, 05 Feb 2023 00:01:02 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
142.250.74.131200 OK 471 B IP 142.250.74.131:0
Hash a78b06ca527ce7542b24b349e0485d8b
6f5e5126c1c9d40c9ba09d58e1755d2ca39d02ab
bc7dc156ab8b2b33422fff0922e219246eb1d12469d10ac8007416fed41ac473
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:29 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.tablecheck.com/en/widget/chains/58dba87d342fc4b22c004657.json
54.199.91.54200 OK 538 B URL HTTP/1.1 www.tablecheck.com/en/widget/chains/58dba87d342fc4b22c004657.json
IP 54.199.91.54:0
File type JSON data\012- , ASCII text, with very long lines (538), with no line terminators
Hash 7a4470f10f9bfdfc07c7cecaabbc1df5
d31c7ebaec25e46e242c295d89afa213d6735f0e
12fa8fb6a8ec1ac7b1d3d9ac2282ac22139ad5dee207d48c756a5ebddc2e885a
GET /en/widget/chains/58dba87d342fc4b22c004657.json HTTP/1.1
Host: www.tablecheck.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Origin: https://conrad-osaka.hiltonjapan.co.jp
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Access-Control-Allow-Credentials: false
Access-Control-Allow-Headers: Origin, Authorization, Accept, Content-Type
Access-Control-Allow-Methods: GET, OPTIONS
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers:
Access-Control-Max-Age: 1728000
Access-Control-Request-Method: *
Cache-Control: max-age=43200, public
Content-Type: application/json; charset=utf-8
Date: Sun, 05 Feb 2023 00:57:29 GMT
ETag: W/"12fa8fb6a8ec1ac7b1d3d9ac2282ac22"
Referrer-Policy: strict-origin-when-cross-origin
Vary: Origin
X-Content-Type-Options: nosniff
X-Download-Options: noopen
X-Frame-Options: SAMEORIGIN
X-Permitted-Cross-Domain-Policies: none
X-Request-Id: 72dae3d492a1e40c24edebddd36619c7
X-Runtime: 0.011365
X-XSS-Protection: 0
Content-Length: 538
Connection: keep-alive
www.google.com/pagead/1p-user-list/1005930085/?value=0&guid=ON&script=0&data=23583573&is_vtc=1&random=2190428592
142.250.74.164302 Found 42 B URL HTTP/2 www.google.com/pagead/1p-user-list/1005930085/?value=0&guid=ON&script=0&data=23583573&is_vtc=1&random=2190428592
IP 142.250.74.164:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1005930085/?value=0&guid=ON&script=0&data=23583573&is_vtc=1&random=2190428592 HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hilton.demdex.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 00:57:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
location: https://www.google.no/pagead/1p-user-list/1005930085/?value=0&guid=ON&script=0&data=23583573&is_vtc=1&random=2190428592&ipr=y
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.google.no/pagead/1p-user-list/1005930085/?value=0&guid=ON&script=0&data=23583573&is_vtc=1&random=2190428592&ipr=y
142.250.74.163200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/1005930085/?value=0&guid=ON&script=0&data=23583573&is_vtc=1&random=2190428592&ipr=y
IP 142.250.74.163:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/1005930085/?value=0&guid=ON&script=0&data=23583573&is_vtc=1&random=2190428592&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://hilton.demdex.net/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 05 Feb 2023 00:57:29 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
trace.popin.cc/api/bidder/track/pixel/pageview?tn=f9f2b1ef23fe2759c2cad0953029a94b&spd=&mgd=&ptd=&tkd=&acd=&v=20220803_1
35.213.89.133200 OK 0 B URL HTTP/2 trace.popin.cc/api/bidder/track/pixel/pageview?tn=f9f2b1ef23fe2759c2cad0953029a94b&spd=&mgd=&ptd=&tkd=&acd=&v=20220803_1
IP 35.213.89.133:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /api/bidder/track/pixel/pageview?tn=f9f2b1ef23fe2759c2cad0953029a94b&spd=&mgd=&ptd=&tkd=&acd=&v=20220803_1 HTTP/1.1
Host: trace.popin.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/plain; charset=utf-8
date: Sun, 05 Feb 2023 00:57:29 GMT
content-length: 0
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
b92.yahoo.co.jp/js/s_retargeting.js
182.22.31.252403 Forbidden 14 kB URL HTTP/2 b92.yahoo.co.jp/js/s_retargeting.js
IP 182.22.31.252:0
ASN #23816 Yahoo Japan Corporation
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (486)
Hash e986e7a04549f3bef16fe1bb24e61acd
b3ec35460824fae12cf6342ae42d27597ec94fb7
e8b72fe96bc96ffcfef2cdf8ebb503ac854e5c2997ae389b96d04bf78f478edd
GET /js/s_retargeting.js HTTP/1.1
Host: b92.yahoo.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 403 Forbidden
date: Sun, 05 Feb 2023 00:57:29 GMT
server: ATS
x-z-chihaya: r=1
x-frame-options: SAMEORIGIN
content-length: 14275
content-type: text/html
X-Firefox-Spdy: h2
cdn9.forter.com/vchk2
143.204.55.38301 Moved Permanently 42 B IP 143.204.55.38:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /vchk2 HTTP/1.1
Host: cdn9.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: eyJyIjowLjc4ODY0NjUzMjU0ODA4MTQsInUiOiI1ZTNmMWY0NDAxODM0YjRiYmI5ZDMxODkwYmY1N2ZlZCIsInMiOiI0ZGMyYWE4MmJjNWUifQ==
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://conrad-osaka.hiltonjapan.co.jp
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
location: https://cdn9.forter.com/vchk2/v1/7bea59cd3d1c287f3d25ba1918fc02eda2e1975f2d894e6cb8b4375ab8929740ac7f4bc9661252efdff441dca571
date: Sun, 05 Feb 2023 00:57:28 GMT
access-control-allow-origin: *
timing-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
strict-transport-security: max-age=86400; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 b9f0050ca4d212d7c855e005be54b1ac.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: ThSwYRaYiz2HzNy-nI3e4ms0D9eZ6TZ0iHz2891pPhY71XWFlmkT5w==
X-Firefox-Spdy: h2
amplify.outbrain.com/cp/obtp.js
2.18.173.74200 OK 5.9 kB URL HTTP/1.1 amplify.outbrain.com/cp/obtp.js
IP 2.18.173.74:0
File type ASCII text, with very long lines (17769), with no line terminators
Hash 939f95ffc91ae8a9eacb6998ec5a635f
e122fe07195821f6abf871cc65f315c6b9e27f4a
49462b3c223095ac3fc223f11a29e4bceed96feba62e167d444e9a082626fc17
GET /cp/obtp.js HTTP/1.1
Host: amplify.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Accept-Ranges: bytes
Content-Type: application/x-javascript
ETag: "b07048fb19f7c325242e254218118e14:1675339769.124179"
Last-Modified: Thu, 02 Feb 2023 09:48:30 GMT
Server: AkamaiNetStorage
Vary: Accept-Encoding
Content-Encoding: gzip
Cache-Control: max-age=1200
Expires: Sun, 05 Feb 2023 01:17:29 GMT
Date: Sun, 05 Feb 2023 00:57:29 GMT
Content-Length: 5911
Connection: keep-alive
cdn.branch.io/branch-latest.min.js
143.204.55.52200 OK 22 kB URL HTTP/2 cdn.branch.io/branch-latest.min.js
IP 143.204.55.52:0
File type ASCII text, with very long lines (2646)
Hash 2a6320386437cc44ae1713f25f6ea30b
cf60f8578b16e8beddb82eb43d9b1f9db5491650
75622ee3451d62f121868396395909cd979874287141da4de39562ccf1f8f799
GET /branch-latest.min.js HTTP/1.1
Host: cdn.branch.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript
content-length: 22048
content-encoding: gzip
last-modified: Thu, 17 Nov 2022 20:07:47 GMT
x-amz-version-id: LzwY9oP1_KD6QZAz0SCDQRP53VCVCZV0
server: AmazonS3
date: Sun, 05 Feb 2023 00:54:35 GMT
cache-control: max-age=300
etag: "2a6320386437cc44ae1713f25f6ea30b"
x-cache: Hit from cloudfront
via: 1.1 50584ad285d5f627ddebae74efdd0770.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: VjY78aL1PdHQYUuWe2VTEHpggyXp23mVQCKo3WVaBle_7JRpTg1I_A==
age: 190
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
216.239.32.178200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP 216.239.32.178:0
File type ASCII text, with very long lines (1490)
Hash ca7fbbfd120e3e329633044190bbf134
d17f81e03dd827554ddd207ea081fb46b3415445
847004cefb32f85a9cc16b0b1eb77529ff5753680c145bfcb23f651d214737db
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20085
date: Sat, 04 Feb 2023 23:44:08 GMT
expires: Sun, 05 Feb 2023 01:44:08 GMT
cache-control: public, max-age=7200
age: 4402
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 122d09f3c0e479664f7ed8ed3d4dbe74
91a4554bb5ba6a763ba9acbb712e2b57d1a1bd46
fca4655dd725b3d54840da0ab81bb7fafd628b82c56a897a1cd7f647fc4b8200
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5861
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:30 GMT
Last-Modified: Sat, 04 Feb 2023 23:19:49 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 313
connect.facebook.net/en_US/fbevents.js
157.240.221.16200 OK 28 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP 157.240.221.16:0
File type ASCII text, with very long lines (64348)
Hash dd1f85cc598419df61e254e53f9ec1ef
f86c0ee563f5b7a01e1d40b566f2bc184a32380f
c06f52b233c835b03292f39cb847507a03bb971066bf91341b58a580244398c0
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: ywtu4Ba+A9wKw4S419K0JXXsNs+lasD+ELS/Maqa5FuJRY3TU8KAtmKY5D6H6ROcJR3w7m1xdzFB0R5bBPVQAw==
priority: u=3,i
content-length: 27843
x-fb-trip-id: 1679558926
date: Sun, 05 Feb 2023 00:57:30 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
connect.facebook.net/en_US/sdk.js
157.240.221.16200 OK 1.7 kB URL HTTP/2 connect.facebook.net/en_US/sdk.js
IP 157.240.221.16:0
File type ASCII text, with very long lines (1957)
Hash ba65a1d338c86d5393fabc71a6e56be6
d21cbc81c7ffb2811cbf5024607ca30a52caac46
c6a030753bc3cbee0bd0a232c9f7c5174c5ea183c2656f81c65b8d43fb356a48
GET /en_US/sdk.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
access-control-expose-headers: X-FB-Content-MD5
x-fb-content-md5: 433d9f4fadf5f7c9b044e150f2901848
etag: "5b4b356e9b99c50fd90f1f7f9b71dc33"
content-type: application/x-javascript; charset=utf-8
timing-allow-origin: *
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
expires: Sun, 05 Feb 2023 01:12:29 GMT
cache-control: public,max-age=1200,stale-while-revalidate=3600
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
x-content-type-options: nosniff
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
content-md5: umWh0zjIbVOT+rxxpuVr5g==
x-fb-debug: 9DXWmrH3E2FA0dPVfKlDfSNLQ3ppkGzkm7LjvBqTi4JRYo+euA5mrq4EtPoq9leZx+CN9d9xPDSdTvk95fKDaA==
content-length: 1686
x-fb-trip-id: 1679558926
date: Sun, 05 Feb 2023 00:57:30 GMT
alt-svc: h3=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 0d7bf1dd02dbcbee5beadae06bb776c8
6af719afe7dd51caf308c41faf324c6f1d18209c
0cf617ea6cd878b09c899e69043558cea823f1537fb0aad51e0af74b2ecca4d8
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 05 Feb 2023 00:57:30 GMT
Last-Modified: Sun, 05 Feb 2023 00:23:48 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: sUVOzjylCGjvHrLLeDx4jiN28bI9sm-8V76b8ZYML9Ma1EtORiJklA==
Age: 2022
cm.everesttech.net/cm/dd?d_uuid=05138956195054683212395621732000340307
18.201.4.185302 0 B URL HTTP/1.1 cm.everesttech.net/cm/dd?d_uuid=05138956195054683212395621732000340307
IP 18.201.4.185:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /cm/dd?d_uuid=05138956195054683212395621732000340307 HTTP/1.1
Host: cm.everesttech.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302
Date: Sun, 05 Feb 2023 00:57:30 GMT
Content-Length: 0
Connection: keep-alive
Set-Cookie: everest_g_v2=g_surferid~Y97__gAAAMzmdgN-; Domain=.everesttech.net; Expires=Mon, 05-Feb-2024 00:57:30 GMT; Path=/
everest_session_v2="Y97@@gAAAMzmdwN-"; Version=1; Domain=.everesttech.net; Path=/
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"
Cache-Control: no-cache
Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y97__gAAAMzmdgN-
Server: AMO-cookiemap/1.1
cdn.taboola.com/libtrc/unip/1489970/tfa.js
151.101.129.44200 OK 18 kB URL HTTP/2 cdn.taboola.com/libtrc/unip/1489970/tfa.js
IP 151.101.129.44:0
File type ASCII text, with very long lines (59692)
Hash 3ee86dad35729459039a5c8bea4d5b71
282e00bf9f59eb7446d5dbd7a6b312fc959d8b7f
966aa437095f1ef6e1514e6f32ae77c47e624db8c603eebba221ee042b8a21b4
GET /libtrc/unip/1489970/tfa.js HTTP/1.1
Host: cdn.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: blQm8zft64px6rCdGpgqD/eCaT42CjJcFEXK1r8DHT06+sCSkAU2eQO6xpac5HzLuIM0GvBn3IU=
x-amz-request-id: 5DN0ETT2CS3ES45Z
x-amz-replication-status: COMPLETED
last-modified: Sun, 29 Jan 2023 11:06:35 GMT
etag: "a8b0141ec3f05e2a759ed3b395da0068"
x-amz-version-id: kAX2okWhZbSCiHYSK8HSoYTyqq9Psv78
content-type: application/javascript; charset=utf-8
server: AmazonS3
content-encoding: gzip
accept-ranges: bytes
date: Sun, 05 Feb 2023 00:57:30 GMT
via: 1.1 varnish
age: 0
x-served-by: cache-bma1671-BMA
x-cache: HIT
x-cache-hits: 1
x-timer: S1675558650.053102,VS0,VE192
cache-control: private,max-age=14401
vary: Accept-Encoding
abp: 47
content-length: 18373
X-Firefox-Spdy: h2
tm.r-ad.ne.jp/cv?k=&k2=&h=conrad-osaka.hiltonjapan.co.jp&s=1&p=%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon&r=none&t=%E3%80%90%E5%85%AC%E5%BC%8F%E3%80%91%E3%83%AC%E3%82%B9%E3%83%88%E3%83%A9%E3%83%B3%E3%83%97%E3%83%A9%E3%83%B3%E3%81%AE%E3%81%94%E6%A1%88%E5%86%85%EF%BD%9C%E3%82%B3%E3%83%B3%E3%83%A9%E3%83%83%E3%83%89%E5%A4%A7%E9%98%AA%EF%BD%9C%E4%B8%AD%E4%B9%8B%E5%B3%B6%E3%81%AE%E3%83%A9%E3%82%B0%E3%82%B8%E3%83%A5%E3%82%A2%E3%83%AA%E3%83%BC%E3%83%9B%E3%83%86%E3%83%AB&x=1675558581298&u=&y=&j=ld&d=54&c=rdm_prd_b97fbbcc-672f-46df-9f5c-b09ab8e62fe1&ex=&z=&w=0&_r=959
54.92.102.2200 OK 59 B URL HTTP/2 tm.r-ad.ne.jp/cv?k=&k2=&h=conrad-osaka.hiltonjapan.co.jp&s=1&p=%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon&r=none&t=%E3%80%90%E5%85%AC%E5%BC%8F%E3%80%91%E3%83%AC%E3%82%B9%E3%83%88%E3%83%A9%E3%83%B3%E3%83%97%E3%83%A9%E3%83%B3%E3%81%AE%E3%81%94%E6%A1%88%E5%86%85%EF%BD%9C%E3%82%B3%E3%83%B3%E3%83%A9%E3%83%83%E3%83%89%E5%A4%A7%E9%98%AA%EF%BD%9C%E4%B8%AD%E4%B9%8B%E5%B3%B6%E3%81%AE%E3%83%A9%E3%82%B0%E3%82%B8%E3%83%A5%E3%82%A2%E3%83%AA%E3%83%BC%E3%83%9B%E3%83%86%E3%83%AB&x=1675558581298&u=&y=&j=ld&d=54&c=rdm_prd_b97fbbcc-672f-46df-9f5c-b09ab8e62fe1&ex=&z=&w=0&_r=959
IP 54.92.102.2:0
Hash d50b39aff4cf8be39fde4a5b7c6134ef
e8fc6d6c474c6c69a2d79d1841d5b3e0f2780216
ce8343c1fd4042d26969df40de37fcfb1f96c11076515cea3528ceb7ddbce51e
GET /cv?k=&k2=&h=conrad-osaka.hiltonjapan.co.jp&s=1&p=%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon&r=none&t=%E3%80%90%E5%85%AC%E5%BC%8F%E3%80%91%E3%83%AC%E3%82%B9%E3%83%88%E3%83%A9%E3%83%B3%E3%83%97%E3%83%A9%E3%83%B3%E3%81%AE%E3%81%94%E6%A1%88%E5%86%85%EF%BD%9C%E3%82%B3%E3%83%B3%E3%83%A9%E3%83%83%E3%83%89%E5%A4%A7%E9%98%AA%EF%BD%9C%E4%B8%AD%E4%B9%8B%E5%B3%B6%E3%81%AE%E3%83%A9%E3%82%B0%E3%82%B8%E3%83%A5%E3%82%A2%E3%83%AA%E3%83%BC%E3%83%9B%E3%83%86%E3%83%AB&x=1675558581298&u=&y=&j=ld&d=54&c=rdm_prd_b97fbbcc-672f-46df-9f5c-b09ab8e62fe1&ex=&z=&w=0&_r=959 HTTP/1.1
Host: tm.r-ad.ne.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:57:30 GMT
content-type: text/javascript; charset=utf-8
content-length: 59
server: nginx
p3p: CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: r_ad_token=52n0vU002A176001WXEx; expires=Fri, 04-Aug-2023 00:57:03 GMT; path=/; domain=.r-ad.ne.jp; HttpOnly; SameSite=None; Secure
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 482952c319f6b341719e70726729734d
d562869196fe45ede7cf9d7b83643c020eae68b2
052ed0f05af6fa66b55a1e883536b6fc2743d32d56aa4b7c58f0b8202b67ee9b
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6376
Cache-Control: max-age=132234
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:30 GMT
Etag: "63de479c-139"
Expires: Mon, 06 Feb 2023 13:41:24 GMT
Last-Modified: Sat, 04 Feb 2023 11:55:08 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 313
app.link/_r?sdk=web2.71.0&branch_key=key_live_glXPM2Kabtb7o8tG8hg7fhohwraYrfE7&callback=branch_callback__0
54.230.111.23200 OK 91 B URL HTTP/2 app.link/_r?sdk=web2.71.0&branch_key=key_live_glXPM2Kabtb7o8tG8hg7fhohwraYrfE7&callback=branch_callback__0
IP 54.230.111.23:0
File type ASCII text, with no line terminators
Hash fa5fb07c943cd5b1354149f95fe8ad02
d92177b2c20bdaf01a21821a907561b3aa2b0282
2b4686e040977cd551043e7dfdbc7b3198ffcbb163a7c3afa883dbff0f9bf0c4
GET /_r?sdk=web2.71.0&branch_key=key_live_glXPM2Kabtb7o8tG8hg7fhohwraYrfE7&callback=branch_callback__0 HTTP/1.1
Host: app.link
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
content-length: 91
server: openresty
date: Sun, 05 Feb 2023 00:57:30 GMT
set-cookie: _s=anf8LPf20irxj2V9LrkSvBUJeNZhGNpSyZaC9cEaGgxMFH47c8qSp7Ur51BX0RYU; Max-Age=31536000; Domain=.app.link; Path=/; Expires=Mon, 05 Feb 2024 00:57:30 GMT; Secure
x-content-type-options: nosniff
etag: W/"5b-2SF3ssIL2vAaIYIakHVhs6orAoI"
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: r780MDbWI7gaSF4bJN_SIWg_DgOWfnhar5kMvZyqxHhnxVamLlRY6Q==
X-Firefox-Spdy: h2
consent-pref.trustarc.com/defaultpreferencemanager/truste
143.204.55.57200 OK 748 B URL HTTP/2 consent-pref.trustarc.com/defaultpreferencemanager/truste
IP 143.204.55.57:0
File type ASCII text, with very long lines (1711), with no line terminators
Hash b04129cf6cadac989a6fca95b165af4e
3eef793b7ef65ed3f529f221d773892f989c4a5b
39b2fae4ba5fbb9e4a6a8480364a70c0f6a5f4f3d85fce449892347ae5c4aaee
POST /defaultpreferencemanager/truste HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Content-Type: text/x-gwt-rpc; charset=utf-8
X-GWT-Permutation: 9F5DDAD4256889D2A2BB0A3140E8B74B
X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
Content-Length: 274
Origin: https://consent-pref.trustarc.com
Connection: keep-alive
Cookie: token_test=Sun Feb 05 2023 00:58:07 GMT+0000 (Coordinated Universal Time)
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=utf-8
content-length: 748
date: Sun, 05 Feb 2023 00:57:30 GMT
server: nginx
content-encoding: gzip
content-disposition: attachment
x-cache: Miss from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: dbSO5S2p4UCGHB5Tv5uZ2NION-_caTn6jEHvPDauV7CUTdJcYVLmAw==
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
consent-pref.trustarc.com/images/loader.gif
143.204.55.57200 OK 1.7 kB URL HTTP/2 consent-pref.trustarc.com/images/loader.gif
IP 143.204.55.57:0
File type GIF image data, version 89a, 16 x 16\012- data
Hash e059607cc5e3ff4a629d51ae66b995ff
8608a5a355aa2906eed6cbc9524686301d2f670f
ee53ada617f2674cbd706e3b24fc6738c7f53f2f7a3a959e71f611aa850dc946
GET /images/loader.gif HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Connection: keep-alive
Cookie: token_test=Sun Feb 05 2023 00:58:07 GMT+0000 (Coordinated Universal Time)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 1737
server: nginx
accept-ranges: bytes
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
date: Sat, 04 Feb 2023 08:15:20 GMT
etag: W/"1737-1672991998000"
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Elo9ZXNQwC31HrrB369-eQGbmH9x4d2rAJ8rEkgIrV7N44FHObVV4g==
age: 60130
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Origin
X-Firefox-Spdy: h2
consent-pref.trustarc.com/images/switchbg.png
143.204.55.57200 OK 1.1 kB URL HTTP/2 consent-pref.trustarc.com/images/switchbg.png
IP 143.204.55.57:0
File type PNG image data, 2 x 40, 8-bit/color RGB, non-interlaced\012- data
Hash 8270777231f19af8d977d10eeba04bbf
f4c6cb629a1b31a1480191377be81c3b12f3154b
1ffe0083c43292aaba8148fe6d7286bd27381ea13fef76b9e545a22d8bbd8af5
GET /images/switchbg.png HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/EuPreferenceManager.css
Connection: keep-alive
Cookie: token_test=Sun Feb 05 2023 00:58:07 GMT+0000 (Coordinated Universal Time)
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1068
server: nginx
accept-ranges: bytes
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
date: Sat, 04 Feb 2023 12:57:35 GMT
etag: W/"1068-1672991998000"
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: UGm4flOgYeU0r-2z-SFSrg2J3enYs7nwhtJx0mDPTet-J-fg__GNyQ==
age: 43195
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Origin
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 2521dc6dc015025c26c7a1b08b3060a1
f5c7abc50c9229a4b198a5c0d5f6dfa8ac528b9f
6671bc387c8011ec55a9d023502189b997adeb18fc2f199747dec7d688f85bd3
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4871
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:30 GMT
Last-Modified: Sat, 04 Feb 2023 23:36:21 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 313
gum.criteo.com/syncframe?topUrl=conrad-osaka.hiltonjapan.co.jp&origin=onetag
178.250.2.146200 OK 5.1 kB URL HTTP/2 gum.criteo.com/syncframe?topUrl=conrad-osaka.hiltonjapan.co.jp&origin=onetag
IP 178.250.2.146:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (13465)
Hash 67a3e5b530c149bbea754c73dabb6efe
fca17bf91d0b3efc8f172a6505ec35066d19f20b
67f7ef3fce1d71182f1d353eeae09867092e7fde7690adcc384121fff17f8070
GET /syncframe?topUrl=conrad-osaka.hiltonjapan.co.jp&origin=onetag HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:57:30 GMT
content-type: text/html; charset=utf-8
server: Kestrel
cache-control: private, max-age=3600
set-cookie: optout=0; expires=Thu, 01 Jan 1970 00:00:00 GMT; domain=.criteo.com; path=/
uid=344b2a27-2482-45da-b2d3-d31b71bd522c; expires=Fri, 01 Mar 2024 00:57:30 GMT; domain=.criteo.com; path=/; secure; samesite=none
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 676481
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 590 B IP 93.184.220.29:0
File type gzip compressed data, from Unix\012- data
Hash 7fadd7e050ef5e9b5996203cb2c4a883
f955450459d335fbf016aabc1d5a965189bd3046
f3587aa69de7432f91afcabcd8abf9cb8eb40f3dee5539d6265569e668db693f
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4757
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:30 GMT
Last-Modified: Sat, 04 Feb 2023 23:38:13 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 312 B IP 93.184.220.29:0
Hash 6521d1238a4ed164bc6fe76707f28b96
cb61b728667d4cbaa6b8c237cc3149dd1b1e5347
879378a93eb2c9cb965791e7fd17de8568210fec4c8269f9c19aa28d28c2eec5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4803
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:30 GMT
Last-Modified: Sat, 04 Feb 2023 23:37:27 GMT
Server: ECS (ska/F711)
X-Cache: HIT
Content-Length: 312
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 6e50cebc0a0d370fc28f113be55cb617
b5a630f245f1f36c16f7d7c08a0fa8024296fcc2
1dc4a93d181b6e92942843ecfb366064a8fa62ebb8843268461fa6f81214a96c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4139
Cache-Control: max-age=104814
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:30 GMT
Etag: "63dde53d-1d7"
Expires: Mon, 06 Feb 2023 06:04:24 GMT
Last-Modified: Sat, 04 Feb 2023 04:55:25 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
tm.r-ad.ne.jp/rcor/12548/52n0vU002A176001WXEx/
54.92.102.2200 OK 43 B URL HTTP/2 tm.r-ad.ne.jp/rcor/12548/52n0vU002A176001WXEx/
IP 54.92.102.2:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rcor/12548/52n0vU002A176001WXEx/ HTTP/1.1
Host: tm.r-ad.ne.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Cookie: r_ad_token=52n0vU002A176001WXEx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:57:30 GMT
content-type: image/gif
content-length: 43
server: nginx
p3p: CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: r_ad_token=52n0vU002A176001WXEx; expires=Fri, 04-Aug-2023 00:57:12 GMT; path=/; domain=.r-ad.ne.jp; HttpOnly; SameSite=None; Secure
X-Firefox-Spdy: h2
tm.r-ad.ne.jp/rcor/6363/52n0vU002A176001WXEx/
54.92.102.2200 OK 43 B URL HTTP/2 tm.r-ad.ne.jp/rcor/6363/52n0vU002A176001WXEx/
IP 54.92.102.2:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rcor/6363/52n0vU002A176001WXEx/ HTTP/1.1
Host: tm.r-ad.ne.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Cookie: r_ad_token=52n0vU002A176001WXEx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:57:30 GMT
content-type: image/gif
content-length: 43
server: nginx
p3p: CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: r_ad_token=52n0vU002A176001WXEx; expires=Fri, 04-Aug-2023 00:57:15 GMT; path=/; domain=.r-ad.ne.jp; HttpOnly; SameSite=None; Secure
X-Firefox-Spdy: h2
tm.r-ad.ne.jp/rcor/36732/52n0vU002A176001WXEx/
54.92.102.2200 OK 43 B URL HTTP/2 tm.r-ad.ne.jp/rcor/36732/52n0vU002A176001WXEx/
IP 54.92.102.2:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rcor/36732/52n0vU002A176001WXEx/ HTTP/1.1
Host: tm.r-ad.ne.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Cookie: r_ad_token=52n0vU002A176001WXEx
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:57:30 GMT
content-type: image/gif
content-length: 43
server: nginx
p3p: CP="NON DSP COR CURa ADMa DEVa CUSo TAIa PSDo OUR BUS UNI COM NAV STA"
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: r_ad_token=52n0vU002A176001WXEx; expires=Fri, 04-Aug-2023 00:57:18 GMT; path=/; domain=.r-ad.ne.jp; HttpOnly; SameSite=None; Secure
X-Firefox-Spdy: h2
consent-pref.trustarc.com/defaultpreferencemanager/truste
143.204.55.57200 OK 136 kB URL HTTP/2 consent-pref.trustarc.com/defaultpreferencemanager/truste
IP 143.204.55.57:0
File type ASCII text, with very long lines (65536), with no line terminators
Size 136 kB (136312 bytes)
Hash b8af628604bd45f0512e8fa559f01d89
26b10bb447a45476de56e603cceda260b64b6b38
f3e0eaf7e69e2f4c4d5688717fccf6cfe889637cf20d6c01818df750d6121cd0
POST /defaultpreferencemanager/truste HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Content-Type: text/x-gwt-rpc; charset=utf-8
X-GWT-Permutation: 9F5DDAD4256889D2A2BB0A3140E8B74B
X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
Content-Length: 379
Origin: https://consent-pref.trustarc.com
Connection: keep-alive
Cookie: token_test=Sun Feb 05 2023 00:58:07 GMT+0000 (Coordinated Universal Time)
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json;charset=utf-8
content-length: 136312
date: Sun, 05 Feb 2023 00:57:30 GMT
server: nginx
content-encoding: gzip
content-disposition: attachment
x-cache: Miss from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FYWJyu9Labj6WOQkpT5Nq6fO05ODKHXab3PK9Z2y_p9VKwOHKDt3VQ==
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2
ag.gbc.criteo.com/newidsd
185.235.84.90200 OK 43 B URL HTTP/2 ag.gbc.criteo.com/newidsd
IP 185.235.84.90:0
Hash 1e5bcf8fcf10486a22d3b9b46cfe06f1
82c1929c732a28dd105e47654f79711f64db4464
394fe3ddca636ab13c2336bd3b50c9e1e416323087b349f1c771d62540f51d60
GET /newidsd HTTP/1.1
Host: ag.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:57:29 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 85225
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
dpm.demdex.net/ibs:dpid=411&dpuuid=Y97__gAAAMzmdgN-
52.17.182.43302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=411&dpuuid=Y97__gAAAMzmdgN-
IP 52.17.182.43:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=411&dpuuid=Y97__gAAAMzmdgN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-0fb9f79b9.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y97__gAAAMzmdgN-
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=65355533869573937361435882690516103044; Max-Age=15552000; Expires=Fri, 04 Aug 2023 00:57:30 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: Lc2FVVaaTeQ=
Content-Length: 0
Connection: keep-alive
sslwidget.criteo.com/event?a=53358&v=5.13.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=6vsEaF85SG5KSko0ZHVic0RpbDBacU1wT0JCQVglMkYlMkJMejNYMFpyM2R4TU4wSmJXcnNUbUZTZ1pCVWlKb1hyVWtSdmpMaEgwMDB3NUZQNmRscmt4N0ZKTldFRHl0enJNRWJEN1VhRDllSWlPc2I1Y2hSJTJCRk14eXI4bmFrblBnbVBnMU9iRDEzSktIaE9SVmglMkZ5NEdzS1h4NXElMkJBJTNEJTNE&tld=hiltonjapan.co.jp&fu=https%253A%252F%252Fconrad-osaka.hiltonjapan.co.jp%252Fplans%252Frestaurants%252Fplan-cat%252Fafternoon&dtycbr=88652
178.250.0.163302 Found 0 B URL HTTP/2 sslwidget.criteo.com/event?a=53358&v=5.13.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=6vsEaF85SG5KSko0ZHVic0RpbDBacU1wT0JCQVglMkYlMkJMejNYMFpyM2R4TU4wSmJXcnNUbUZTZ1pCVWlKb1hyVWtSdmpMaEgwMDB3NUZQNmRscmt4N0ZKTldFRHl0enJNRWJEN1VhRDllSWlPc2I1Y2hSJTJCRk14eXI4bmFrblBnbVBnMU9iRDEzSktIaE9SVmglMkZ5NEdzS1h4NXElMkJBJTNEJTNE&tld=hiltonjapan.co.jp&fu=https%253A%252F%252Fconrad-osaka.hiltonjapan.co.jp%252Fplans%252Frestaurants%252Fplan-cat%252Fafternoon&dtycbr=88652
IP 178.250.0.163:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /event?a=53358&v=5.13.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=6vsEaF85SG5KSko0ZHVic0RpbDBacU1wT0JCQVglMkYlMkJMejNYMFpyM2R4TU4wSmJXcnNUbUZTZ1pCVWlKb1hyVWtSdmpMaEgwMDB3NUZQNmRscmt4N0ZKTldFRHl0enJNRWJEN1VhRDllSWlPc2I1Y2hSJTJCRk14eXI4bmFrblBnbVBnMU9iRDEzSktIaE9SVmglMkZ5NEdzS1h4NXElMkJBJTNEJTNE&tld=hiltonjapan.co.jp&fu=https%253A%252F%252Fconrad-osaka.hiltonjapan.co.jp%252Fplans%252Frestaurants%252Fplan-cat%252Fafternoon&dtycbr=88652 HTTP/1.1
Host: sslwidget.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 05 Feb 2023 00:57:30 GMT
server: Kestrel
content-length: 0
cache-control: no-cache
pragma: no-cache
content-encoding: gzip
expires: 0
location: https://widget.as.criteo.com/event?a=53358&v=5.13.0&p0=e%3Dce%26m%3D%255B%255D&p1=e%3Dexd%26site_type%3Dd&p2=e%3Dvh&p3=e%3Ddis&adce=1&bundle=6vsEaF85SG5KSko0ZHVic0RpbDBacU1wT0JCQVglMkYlMkJMejNYMFpyM2R4TU4wSmJXcnNUbUZTZ1pCVWlKb1hyVWtSdmpMaEgwMDB3NUZQNmRscmt4N0ZKTldFRHl0enJNRWJEN1VhRDllSWlPc2I1Y2hSJTJCRk14eXI4bmFrblBnbVBnMU9iRDEzSktIaE9SVmglMkZ5NEdzS1h4NXElMkJBJTNEJTNE&tld=hiltonjapan.co.jp&fu=https%253A%252F%252Fconrad-osaka.hiltonjapan.co.jp%252Fplans%252Frestaurants%252Fplan-cat%252Fafternoon&dtycbr=88652
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
server-processing-duration-in-ticks: 9911372
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
api2.branch.io/v1/open
143.204.55.28200 OK 272 B IP 143.204.55.28:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 3ec62b3da14eb363852e13002650f7d0
8f0934fd5884301b0a0f1e7286934a5d9c9dc9e4
9ec8a04b5f26ae5520b9ffaad453598a3e3871ad21c1a6994a4b847367d99fcb
POST /v1/open HTTP/1.1
Host: api2.branch.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 263
Origin: https://conrad-osaka.hiltonjapan.co.jp
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-length: 272
access-control-allow-origin: *
cache-control: no-cache
date: Sun, 05 Feb 2023 00:57:30 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-cache: Miss from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: guhvBvTkbn5FHeMeEVzQ9ANk8-BWrKUWoNHqsIGD4roSldMvmMAA6w==
X-Firefox-Spdy: h2
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y97__gAAAMzmdgN-
52.17.182.43200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y97__gAAAMzmdgN-
IP 52.17.182.43:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=411&dpuuid=Y97__gAAAMzmdgN- HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-2-v045-08dd6474c.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: LSxAQz7/RC0=
Content-Length: 59
Connection: keep-alive
tr.outbrain.com/cachedClickId?marketerId=undefined
64.202.112.159200 OK 35 B URL HTTP/1.1 tr.outbrain.com/cachedClickId?marketerId=undefined
IP 64.202.112.159:0
File type ASCII text, with no line terminators
Hash 75c843c7b717e7b722777907475c67a3
983d1c9a05b315288039b9d4694ce3b402259240
1d348f9f803c95305f63def9d75fd50e79e54a375e1a4a888edbbea366845580
GET /cachedClickId?marketerId=undefined HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 00:57:31 GMT
Content-Type: application/javascript
Content-Length: 35
X-TraceId: 37f315d6dddfad3a4ef55bd9a8617396
tr.outbrain.com/unifiedPixel?marketerId=000a31f008a1f337d5d0370a2a2a331130&obApiVersion=1.0-gtm&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon&g=1&optOut=false&bust=05231257961880853&referrer=
64.202.112.159200 OK 53 B URL HTTP/1.1 tr.outbrain.com/unifiedPixel?marketerId=000a31f008a1f337d5d0370a2a2a331130&obApiVersion=1.0-gtm&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon&g=1&optOut=false&bust=05231257961880853&referrer=
IP 64.202.112.159:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 414bd2a5161db03fdd910327b42c6daa
65d4cf50496813c5f1a34eddd5c50dc67d44ff47
b51f3497b0a65f1e1e87e75f5e7e823d871c23bcf76a5ee4101783c8f939e553
GET /unifiedPixel?marketerId=000a31f008a1f337d5d0370a2a2a331130&obApiVersion=1.0-gtm&obtpVersion=2.0.5&name=PAGE_VIEW&dl=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon&g=1&optOut=false&bust=05231257961880853&referrer= HTTP/1.1
Host: tr.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 00:57:31 GMT
Content-Type: image/gif;
Content-Length: 53
Cache-Control: no-cache
X-TraceId: 2a5e188ff6d790db34a43b75a06b1587
dmp.im-apps.net/sdk/im-uid.js
23.36.79.43200 OK 2.4 kB URL HTTP/1.1 dmp.im-apps.net/sdk/im-uid.js
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type ASCII text, with very long lines (6291), with no line terminators
Hash 88bffc3e03dab71281a09bd6d6c0f1f8
4816102bbb0591460ffaf71fb1a9bc4a0545b66a
cf55269199e7c2a3330de29a26af3423351e4816baf198f08f39adecb5554131
GET /sdk/im-uid.js HTTP/1.1
Host: dmp.im-apps.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-replication-status: COMPLETED
Last-Modified: Tue, 13 Sep 2022 05:29:25 GMT
ETag: "484902e01849ef7afab23dd06d623c25"
x-amz-version-id: GqMhJUeqm2nlsAjQPEaS4RkVkn9zD3Zz
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Encoding: gzip
Content-Length: 2442
Cache-Control: max-age=10800
Date: Sun, 05 Feb 2023 00:57:31 GMT
Connection: keep-alive
Vary: Accept-Encoding
P3P: CP="NOI PSD OTR"
cdn.microad.jp/js/track.js
14.0.43.163200 OK 4.0 kB URL HTTP/2 cdn.microad.jp/js/track.js
IP 14.0.43.163:0
ASN #54994 QUANTILNETWORKS
File type ASCII text, with very long lines (14589), with no line terminators
Hash d74ef1adc5bc2d94741ff474cfad1eec
5a000f45cc040777ead491c312a4cd3057d15a66
301ad8b60ac9cc6a465f496c8504f88d8f8d1fc489d063cde08f6c5621b9f17a
GET /js/track.js HTTP/1.1
Host: cdn.microad.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:57:30 GMT
content-type: application/javascript
x-amz-id-2: bWyNVATQ2yv3vSYhPsvPzhpAVHjZwBQLSc2J/CmUh2/zJMGyGc26zoR5x491V+lR9+8SHeNiM5g=
x-amz-request-id: YACPN9S9CT3BK97J
last-modified: Mon, 27 Jun 2022 04:04:09 GMT
etag: "9bda49a62f7b70f4e31f69f57c270c29"
x-amz-version-id: vvtWkS2yhggQaU1.n5MzszG7pB6WmxAF
accept-ranges: bytes
server: PWS/8.3.1.0.8
cache-control: max-age=604800
content-encoding: gzip
via: 1.1 dj136:6 (W), 1.1 PSrbdbOSA2ig100:4 (W)
x-px: ht PSrbdbOSA2ig100KIX
x-ws-request-id: 63defefa_PSrbdbOSA2fy102_21724-15661
X-Firefox-Spdy: h2
4dc2aa82bc5e.cdn4.forter.com/sn/4dc2aa82bc5e/script.js
143.204.55.87200 OK 98 kB URL HTTP/2 4dc2aa82bc5e.cdn4.forter.com/sn/4dc2aa82bc5e/script.js
IP 143.204.55.87:0
Hash 48cf68049b680aa12200f3015b83c269
9727082d10b0b6e556eafbdc4eff9fe07aedf873
e20c4002799567d8eaad9ac8582470183252e480d811fddd19d220ed1ca49e42
GET /sn/4dc2aa82bc5e/script.js HTTP/1.1
Host: 4dc2aa82bc5e.cdn4.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
date: Wed, 01 Feb 2023 00:10:53 GMT
strict-transport-security: max-age=86400; includeSubDomains
access-control-allow-origin: *
timing-allow-origin: *
last-modified: Wed, 01 Feb 2023 00:10:53 GMT
expires: Wed, 01 Feb 2023 00:15:53 GMT
cache-control: private, max-age=300
x-sourcemap: https://cdn4.forter.com/map/suid/4dc2aa82bc5e/67048076198
content-encoding: br
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a9120cc3ff449047c990e82a4d5566ba.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: uOpRsi--gegdf-S4H7VxThzgYRcu2U-YxcjmTmTjWqP7GgiM7VyPJQ==
age: 348395
X-Firefox-Spdy: h2
audiencedata.im-apps.net/imuid/get?cid=1011503&vid=01GRFH96DW7JAY38T7HS7AKZDZ
23.36.79.43200 OK 10 B URL HTTP/1.1 audiencedata.im-apps.net/imuid/get?cid=1011503&vid=01GRFH96DW7JAY38T7HS7AKZDZ
IP 23.36.79.43:0
ASN #20940 Akamai International B.V.
File type JSON data\012- , ASCII text, with no line terminators
Hash 190f0ca90ef9d8f401ed505b8e377411
12ad51bbdfcc081a984bbff898a0d47cc29a61dc
bb54369234516c2f2469a9989fce0f73145879defec57a2b276b5b1e0bf92336
GET /imuid/get?cid=1011503&vid=01GRFH96DW7JAY38T7HS7AKZDZ HTTP/1.1
Host: audiencedata.im-apps.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://conrad-osaka.hiltonjapan.co.jp
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 10
Access-Control-Allow-Origin: https://conrad-osaka.hiltonjapan.co.jp
Access-Control-Allow-Credentials: true
Date: Sun, 05 Feb 2023 00:57:31 GMT
Connection: keep-alive
api2.branch.io/v1/pageview
143.204.55.28200 OK 29 B URL HTTP/2 api2.branch.io/v1/pageview
IP 143.204.55.28:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 18a4bc16dccf570435a215e0ce99f30e
d19d45e74721249a72e6cac4d07be5398a2c4b3c
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa
POST /v1/pageview HTTP/1.1
Host: api2.branch.io
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-www-form-urlencoded
Content-Length: 5708
Origin: https://conrad-osaka.hiltonjapan.co.jp
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-length: 29
access-control-allow-origin: *
date: Sun, 05 Feb 2023 00:57:31 GMT
etag: W/"1d-0Z1F50chJJpy5srE0HvlOYosSzw"
strict-transport-security: max-age=31536000; includeSubDomains
x-branch-request-id: 5936ab0f296549189bd7bfd44d02f81d-2023020500
x-powered-by: Express
x-cache: Miss from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: m4pw3bmS799c1JE8n-kNloxQVKWMjiAkLYq_YCGgQ208lvbU1LyZJw==
X-Firefox-Spdy: h2
ocsp.globalsign.com/gsrsaovsslca2018
104.18.21.226200 OK 1.4 kB URL HTTP/1.1 ocsp.globalsign.com/gsrsaovsslca2018
IP 104.18.21.226:0
Hash d851493a20f6107e7121e3e0374dd81c
fba26f3f150c0debb8af3dffa2301fc82892c2ea
e2c7dc90c9584c327081b2f15a86222b26d854c8acc84868b203551f7f428670
POST /gsrsaovsslca2018 HTTP/1.1
Host: ocsp.globalsign.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 00:57:31 GMT
Content-Type: application/ocsp-response
Content-Length: 1432
Connection: keep-alive
Expires: Wed, 08 Feb 2023 21:03:49 GMT
ETag: "fba26f3f150c0debb8af3dffa2301fc82892c2ea"
Last-Modified: Sat, 04 Feb 2023 21:03:50 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 1994
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7947b145992d0b59-OSL
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 23b8f101b7f7ce2cd427d0995f216c8f
3a129717405e1345359a5b4ccda78de57db9ce70
7414c848f9f6e78d3a6795b08a405869d34e156a4b3b922c577b90f7cac270d6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 2397
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:31 GMT
Last-Modified: Sun, 05 Feb 2023 00:17:34 GMT
Server: ECS (amb/6BA3)
X-Cache: HIT
Content-Length: 313
trc-events.taboola.com/1489970/log/3/unip?en=pre_d_eng_tb&tos=1570&scd=0&ssd=1&est=1675558688233&ver=36&isls=true&src=i&invt=1500&msa=1596&rv=1&tim=1675558689804&vi=1675558688231&ri=bac41af9d99ed544ae6e956819567c15&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon
141.226.228.48204 No Content 0 B URL HTTP/2 trc-events.taboola.com/1489970/log/3/unip?en=pre_d_eng_tb&tos=1570&scd=0&ssd=1&est=1675558688233&ver=36&isls=true&src=i&invt=1500&msa=1596&rv=1&tim=1675558689804&vi=1675558688231&ri=bac41af9d99ed544ae6e956819567c15&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /1489970/log/3/unip?en=pre_d_eng_tb&tos=1570&scd=0&ssd=1&est=1675558688233&ver=36&isls=true&src=i&invt=1500&msa=1596&rv=1&tim=1675558689804&vi=1675558688231&ri=bac41af9d99ed544ae6e956819567c15&ref=null&cv=20230129-6-RELEASE&item-url=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon HTTP/1.1
Host: trc-events.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://conrad-osaka.hiltonjapan.co.jp
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
server: nginx
date: Sun, 05 Feb 2023 00:57:31 GMT
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: https://conrad-osaka.hiltonjapan.co.jp
access-control-allow-credentials: true
cache-control: no-cache
pragma: no-cache
X-Firefox-Spdy: h2
universe.send.microad.jp/tr?service_id=4183&url=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon&cbt=1571675558689087&kv_set=%5B%5D
202.233.84.7200 OK 43 B URL HTTP/2 universe.send.microad.jp/tr?service_id=4183&url=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon&cbt=1571675558689087&kv_set=%5B%5D
IP 202.233.84.7:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /tr?service_id=4183&url=https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon&cbt=1571675558689087&kv_set=%5B%5D HTTP/1.1
Host: universe.send.microad.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:57:31 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache
set-cookie: TR=350d27436fa26a3d9dfdb9deed570411; Max-Age=7776000; Expires=Sat, 06-May-2023 00:57:31 GMT; Domain=.send.microad.jp; Path=/; Secure; SameSite=None
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
p3p: policyref="http://www.microad.jp/w3c/p3p.xml",CP="NOI DSP COR NID DEVo PSAo OUR STP STA PRE
timing-allow-origin: *
access-control-allow-origin: *
access-control-allow-headers: origin, x-requested-with, If-Modified-Since, content-type, Pragma, Cache-Control
strict-transport-security: max-age=86400;
X-Firefox-Spdy: h2
dnacdn.net/dna
178.250.0.157200 OK 2.0 kB IP 178.250.0.157:0
Hash ca4e715d275b5e347637841e72b61d27
ea67c52bb6269b0072a958687bf9193b1ccdc0b2
3525eb4ee24b07994bd2bfba2f24d2e481e87066dd8a4fc29b3376a8773d5a11
GET /dna HTTP/1.1
Host: dnacdn.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Cookie: browser_data=nY3IOl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czRCcnp6Wk10QU9INHE4b0J4MTM0enpSQ3VySiUyQlNFRHJjZlFrTkVIUlRGUw
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:57:30 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
set-cookie: browser_data=UmSUsl80M0RITmhlJTJCZkMwOUJGQlhaMUN2czRCcnp6Wk10QU9INHE4b0J4MTM0end4ZDlvaUdjVGhBeDNuaE42c2s5SG4; expires=Fri, 01 Mar 2024 00:57:30 GMT; domain=dnacdn.net; path=/; secure; samesite=none
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 348984
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
cs.nakanohito.jp/b3/bi.js
203.114.55.134200 OK 19 kB URL HTTP/1.1 cs.nakanohito.jp/b3/bi.js
IP 203.114.55.134:0
ASN #2519 ARTERIA Networks Corporation
File type ASCII text, with very long lines (32026)
Hash d2d4628638fae968fd5c07ea2d17debc
9ea2395ad81da1cf6cc9658a4c16ab98fbd35140
dcc4715c5250e200afa14c0bab58c0205efa7efa198861801e6e20dfbefb2827
GET /b3/bi.js HTTP/1.1
Host: cs.nakanohito.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Server: nginx
Date: Sun, 05 Feb 2023 00:57:31 GMT
Content-Type: application/javascript
Last-Modified: Wed, 01 Feb 2023 09:16:01 GMT
Transfer-Encoding: chunked
Connection: close
ETag: W/"63da2dd1-dc34"
Expires: Sun, 05 Feb 2023 03:57:31 GMT
Cache-Control: max-age=10800
P3P: policyref="http://b.nakanohito.jp/w3c/p3p.xml", CP="NOI DSP COR ADM DEV PSA OUR IND UNI COM NAV INT STA"
Cache_Control: public
Content-Encoding: gzip
trc.taboola.com/1489970/trc/3/json?tim=1675558688240&data=%7B%22id%22%3A558%2C%22ii%22%3A%22%2Frestaurants%2Fplan-cat%2Fafternoon%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1675558688231%2C%22cv%22%3A%2220230129-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jpplans%2Frestaurants%2Fplan-cat%2Fafternoon%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Ddigitalidentity-hiltonworldwideinternationaljapan-hpcj-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1675558688239%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon%22%2C%22tos%22%3A5%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
151.101.129.44200 OK 5.5 kB URL HTTP/2 trc.taboola.com/1489970/trc/3/json?tim=1675558688240&data=%7B%22id%22%3A558%2C%22ii%22%3A%22%2Frestaurants%2Fplan-cat%2Fafternoon%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1675558688231%2C%22cv%22%3A%2220230129-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jpplans%2Frestaurants%2Fplan-cat%2Fafternoon%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Ddigitalidentity-hiltonworldwideinternationaljapan-hpcj-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1675558688239%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon%22%2C%22tos%22%3A5%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i
IP 151.101.129.44:0
File type HTML document text\012- HTML document text\012- exported SGML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5839)
Hash ad95630c0973c6a12b010cf0fc5bed53
d95f895561a8d7002f17c6830c92f684b6691868
b80ddc0dd525a9570847d93381fd5efa74052af5087569b6b5617618fc8e031e
GET /1489970/trc/3/json?tim=1675558688240&data=%7B%22id%22%3A558%2C%22ii%22%3A%22%2Frestaurants%2Fplan-cat%2Fafternoon%22%2C%22it%22%3A%22video%22%2C%22sd%22%3Anull%2C%22ui%22%3Anull%2C%22vi%22%3A1675558688231%2C%22cv%22%3A%2220230129-6-RELEASE%22%2C%22uiv%22%3A%22default%22%2C%22u%22%3A%22https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jpplans%2Frestaurants%2Fplan-cat%2Fafternoon%22%2C%22e%22%3Anull%2C%22cb%22%3A%22TFASC.trkCallback%22%2C%22qs%22%3A%22%22%2C%22r%22%3A%5B%7B%22li%22%3A%22rbox-tracking%22%2C%22s%22%3A0%2C%22uim%22%3A%22rbox-tracking%3Apub%3Ddigitalidentity-hiltonworldwideinternationaljapan-hpcj-sc%3Aabp%3D0%22%2C%22uip%22%3A%22rbox-tracking%22%2C%22orig_uip%22%3A%22rbox-tracking%22%7D%5D%2C%22mpv%22%3Atrue%2C%22supv%22%3Atrue%2C%22mpvd%22%3A%7B%22en%22%3A%22page_view%22%2C%22tim%22%3A1675558688239%2C%22ref%22%3Anull%2C%22item-url%22%3A%22https%3A%2F%2Fconrad-osaka.hiltonjapan.co.jp%2Fplans%2Frestaurants%2Fplan-cat%2Fafternoon%22%2C%22tos%22%3A5%2C%22ssd%22%3A1%2C%22scd%22%3A0%2C%22supv%22%3Atrue%7D%7D&pubit=i HTTP/1.1
Host: trc.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript; charset=utf-8
p3p: policyref="http://trc.taboola.com/p3p.xml", CP="NOI DSP COR LAW NID CURa ADMa DEVa PSAa PSDa OUR BUS IND UNI COM NAV INT DEM"
access-control-allow-origin: *
access-control-allow-credentials: true
content-encoding: gzip
accept-ranges: bytes
date: Sun, 05 Feb 2023 00:57:30 GMT
via: 1.1 varnish
x-served-by: cache-bma1671-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675558651.737884,VS0,VE104
vary: Accept-Encoding
x-vcl-time-ms: 104
X-Firefox-Spdy: h2
ov.g4.ocsp.pubcert.jprs.jp/
113.52.156.18200 OK 1.6 kB URL HTTP/1.1 ov.g4.ocsp.pubcert.jprs.jp/
IP 113.52.156.18:0
ASN #10006 SECOM Trust Systems Co.,Ltd.
Hash fda058b61026627f8dec4e47277e5eb4
2f6ecd5da673093cdb22f4cd200e36bffaf9c96f
03c3a96b62c824c2225233a434d136902ad0dd6758b70b5e75dd13c926ac9d32
POST / HTTP/1.1
Host: ov.g4.ocsp.pubcert.jprs.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 00:57:31 GMT
Server: Apache
Cache-Control: max-age=86400
Content-Type: application/ocsp-response
Expires: Wed, 08 Feb 2023 20:19:03 GMT
Last-Modified: Sat, 04 Feb 2023 20:19:03 GMT
ETag: "fda058b61026627f8dec4e47277e5eb4"
X-Powered-By: ASP.NET
Content-Length: 1573
Connection: close
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2b7809e9767b229a3f03b4edf7a0d9bf
be1cbc9231b659c78ac08af47205391dd400de90
c1fb51c2ddb50176dd8070e4820a0508dff37428b4aee895d8b4f4e3c2f9763a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C1FB51C2DDB50176DD8070E4820A0508DFF37428B4AEE895D8B4F4E3C2F9763A"
Last-Modified: Fri, 03 Feb 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2529
Expires: Sun, 05 Feb 2023 01:39:41 GMT
Date: Sun, 05 Feb 2023 00:57:32 GMT
Connection: keep-alive
matching.ivitrack.com/sync?realm=criteo&uid=k-63JDAj1SJ_GbIeI3ky0UyOLJKlZMyqG7CMVSOQ
34.117.157.22200 OK 42 B URL HTTP/2 matching.ivitrack.com/sync?realm=criteo&uid=k-63JDAj1SJ_GbIeI3ky0UyOLJKlZMyqG7CMVSOQ
IP 34.117.157.22:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /sync?realm=criteo&uid=k-63JDAj1SJ_GbIeI3ky0UyOLJKlZMyqG7CMVSOQ HTTP/1.1
Host: matching.ivitrack.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: istio-envoy
date: Sun, 05 Feb 2023 00:57:31 GMT
content-type: image/gif
content-length: 42
cache-control: public, max-age=86400
x-envoy-upstream-service-time: 0
x-envoy-decorator-operation: tag-manager.programmatic.svc.cluster.local:3000/*
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 2b7809e9767b229a3f03b4edf7a0d9bf
be1cbc9231b659c78ac08af47205391dd400de90
c1fb51c2ddb50176dd8070e4820a0508dff37428b4aee895d8b4f4e3c2f9763a
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "C1FB51C2DDB50176DD8070E4820A0508DFF37428B4AEE895D8B4F4E3C2F9763A"
Last-Modified: Fri, 03 Feb 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2529
Expires: Sun, 05 Feb 2023 01:39:41 GMT
Date: Sun, 05 Feb 2023 00:57:32 GMT
Connection: keep-alive
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash d7422eb5607dcf3fe8421aa5b60119db
9a4ce67f3379aee76baa521620cc23ffa9de53bb
4d68b820e1a33df20b6d685b4584cfd405f134cd6e55a1d9705757e380ed7b96
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6205
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:32 GMT
Last-Modified: Sat, 04 Feb 2023 23:14:07 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash fd2f8421086521721ac4b242f5ba4b58
60ba744a6c925acc63c4994cd5bc1c8ffc6f3d59
dca37f14eb01f58452ce9608bb0752abdaa630ebb86a994d493da77ea270d34e
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=106129
Date: Sun, 05 Feb 2023 00:57:32 GMT
Etag: "63ddeaa4-1d7"
Expires: Mon, 06 Feb 2023 06:26:21 GMT
Last-Modified: Sat, 04 Feb 2023 05:18:28 GMT
Server: ECS (bsa/EB1C)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: RYnIe6d-YPduRpgYo9NlSmuHG-xcwKOKrVT92zRhMW8ZuFTmuOhvOQ==
Age: 4073
gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
178.250.2.146302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=8&r=1&a=1&u=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D28645%26dpuuid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 05 Feb 2023 00:57:32 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://dpm.demdex.net/ibs:dpid=28645&dpuuid=
server-processing-duration-in-ticks: 787812
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-3RN2Hz1SJ_GbIeI3ky0UyOLJKlb5sgnSUfl71Q
23.38.200.22200 OK 237 B URL HTTP/2 contextual.media.net/cksync.php?cs=3&type=crt&ovsid=k-3RN2Hz1SJ_GbIeI3ky0UyOLJKlb5sgnSUfl71Q
IP 23.38.200.22:0
File type GIF image data, version 87a, 1 x 1\012- data
Hash 74378edf31ef26cd97c236ad08d05fa3
fdd52cdbf193d1dfd1031978667689f3414b49ed
11cb2c0e70f91c6a0326cf4a4f9fa1b177c14efba6b56bf7535624b9c7bce990
GET /cksync.php?cs=3&type=crt&ovsid=k-3RN2Hz1SJ_GbIeI3ky0UyOLJKlb5sgnSUfl71Q HTTP/1.1
Host: contextual.media.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: Apache
content-length: 237
content-type: image/gif
set-cookie: visitor-id=3185602523580240000V10; Expires=Mon, 05 Feb 2024 00:57:32 GMT; domain=.media.net; Path=/;
data-c-ts=1675558652;Expires=Tue, 07 Mar 2023 00:57:32 GMT;path=/;domain=.media.net;
data-c=k-3RN2Hz1SJ_GbIeI3ky0UyOLJKlb5sgnSUfl71Q~~3;Expires=Tue, 07 Mar 2023 00:57:32 GMT;path=/;domain=.media.net;
p3p: CP="NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA", CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA, CP: NON DSP COR NID CUR ADMa DEVo TAI PSA PSDo HIS OUR BUS COM NAV INT STA
strict-transport-security: max-age=31536000
x-mnet-hl2: E
expires: Sun, 05 Feb 2023 00:57:32 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 05 Feb 2023 00:57:32 GMT
X-Firefox-Spdy: h2
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-p2_uED1SJ_GbIeI3ky0UyOLJKlYIdkQyoh225Q&google_cm&google_hm=ay1wMl91RUQxU0pfR2JJZUkza3kwVXlPTEpLbFlJZGtReW9oMjI1UQ
142.250.74.98302 Found 440 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-p2_uED1SJ_GbIeI3ky0UyOLJKlYIdkQyoh225Q&google_cm&google_hm=ay1wMl91RUQxU0pfR2JJZUkza3kwVXlPTEpLbFlJZGtReW9oMjI1UQ
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 2e6f417168b1bc9ce38029acf24abf58
a08174e676d72da7868a1d5693b653fa5da46646
62ab4ed4038d6a1ea8b856d22ba360b7f8aa2b84f444ea89b7409dbb26efa0f6
GET /pixel?google_nid=cjp&google_sc&google_ula=913071&CriteoUserId=k-p2_uED1SJ_GbIeI3ky0UyOLJKlYIdkQyoh225Q&google_cm&google_hm=ay1wMl91RUQxU0pfR2JJZUkza3kwVXlPTEpLbFlJZGtReW9oMjI1UQ HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-p2_uED1SJ_GbIeI3ky0UyOLJKlYIdkQyoh225Q&google_cm=&google_hm=ay1wMl91RUQxU0pfR2JJZUkza3kwVXlPTEpLbFlJZGtReW9oMjI1UQ&google_tc=
date: Sun, 05 Feb 2023 00:57:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 440
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 05-Feb-2023 01:12:32 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
criteo-sync.teads.tv/um?eid=80&uid=k-Og_8AT1SJ_GbIeI3ky0UyOLJKlY9s9jiUPKjAg
23.195.255.234200 OK 23 B URL HTTP/2 criteo-sync.teads.tv/um?eid=80&uid=k-Og_8AT1SJ_GbIeI3ky0UyOLJKlY9s9jiUPKjAg
IP 23.195.255.234:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash da5b449fff36752a93779fa4067cd2eb
71a96eea77f21ab5f1819b96c4cedd5cd34476ca
328e90a318268aea96180cc31666ae6d6f79d90d078c123bc3d98ee08a192fb7
GET /um?eid=80&uid=k-Og_8AT1SJ_GbIeI3ky0UyOLJKlY9s9jiUPKjAg HTTP/1.1
Host: criteo-sync.teads.tv
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
server: akka-http/10.2.9
content-length: 23
expires: Sun, 05 Feb 2023 00:57:32 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 05 Feb 2023 00:57:32 GMT
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 78a82e2279e081ee2bd2aebd2df7d998
6768c02cb5f8dc6a93a7a33a1be8b0531f1156e1
37139034b5d88f08c251fbb1fcd3d01281583013f0f73bd37bee8f50ca8abeed
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4871
Cache-Control: max-age=91837
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:32 GMT
Etag: "63ddafb2-1d7"
Expires: Mon, 06 Feb 2023 02:28:09 GMT
Last-Modified: Sat, 04 Feb 2023 01:06:58 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-p2_uED1SJ_GbIeI3ky0UyOLJKlYIdkQyoh225Q&google_cm=&google_hm=ay1wMl91RUQxU0pfR2JJZUkza3kwVXlPTEpLbFlJZGtReW9oMjI1UQ&google_tc=
142.250.74.98302 Found 332 B URL HTTP/2 cm.g.doubleclick.net/pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-p2_uED1SJ_GbIeI3ky0UyOLJKlYIdkQyoh225Q&google_cm=&google_hm=ay1wMl91RUQxU0pfR2JJZUkza3kwVXlPTEpLbFlJZGtReW9oMjI1UQ&google_tc=
IP 142.250.74.98:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF, LF line terminators
Hash 10075ef5c69ae309b0d2387d86398b3f
e42e0c9c65c1f801067f14caece4c47166260b10
49b59dc7f32aae7ccc72276ccae0daf4f07f6a69a249bc844f8fdc005595044b
GET /pixel?google_nid=cjp&google_sc=&google_ula=913071&CriteoUserId=k-p2_uED1SJ_GbIeI3ky0UyOLJKlYIdkQyoh225Q&google_cm=&google_hm=ay1wMl91RUQxU0pfR2JJZUkza3kwVXlPTEpLbFlJZGtReW9oMjI1UQ&google_tc= HTTP/1.1
Host: cm.g.doubleclick.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
location: https://dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-p2_uED1SJ_GbIeI3ky0UyOLJKlYIdkQyoh225Q&google_error=3
date: Sun, 05 Feb 2023 00:57:32 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
server: HTTP server (unknown)
content-length: 332
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
185.83.142.19307 Redirection 0 B URL HTTP/1.1 ib.adnxs.com/getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID
IP 185.83.142.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /getuid?https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=$UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 307 Redirection
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 00:57:32 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
AN-X-Request-Uuid: 34c34453-23bd-4f86-b0a8-8def2d2ab63b
Set-Cookie: uuid2=7437386549084907771; SameSite=None; Path=/; Max-Age=7776000; Expires=Sat, 06-May-2023 00:57:32 GMT; Domain=.adnxs.com; Secure; HttpOnly
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-QlT_0j1SJ_GbIeI3ky0UyOLJKlaK3LOegO02NQ&expires=30
69.173.144.165204 No Content 0 B URL HTTP/1.1 pixel.rubiconproject.com/tap.php?v=6434&nid=2149&put=k-QlT_0j1SJ_GbIeI3ky0UyOLJKlaK3LOegO02NQ&expires=30
IP 69.173.144.165:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /tap.php?v=6434&nid=2149&put=k-QlT_0j1SJ_GbIeI3ky0UyOLJKlaK3LOegO02NQ&expires=30 HTTP/1.1
Host: pixel.rubiconproject.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
Pragma: no-cache
Cache-Control: no-cache,no-store,must-revalidate
Expires: 0
X-RPHost: 54ae5f20a7acdd83fd00ddb00e96a2c1
Content-Type: image/gif
5e3f1f4401834b4bbb9d31890bf57fed-4dc2aa82bc5e.cdn.forter.com/prop.json
54.81.184.157200 OK 2 B URL HTTP/1.1 5e3f1f4401834b4bbb9d31890bf57fed-4dc2aa82bc5e.cdn.forter.com/prop.json
IP 54.81.184.157:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /prop.json HTTP/1.1
Host: 5e3f1f4401834b4bbb9d31890bf57fed-4dc2aa82bc5e.cdn.forter.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Origin: https://conrad-osaka.hiltonjapan.co.jp
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 00:57:32 GMT
Server: Apache
Last-Modified: Mon, 26 Dec 2022 12:09:02 GMT
ETag: "2-5f0ba00447b29"
Accept-Ranges: bytes
Content-Length: 2
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Pragma: no-cache
Expires: Wed, 11 Jan 1984 05:00:00 GMT
Access-Control-Allow-Origin: https://conrad-osaka.hiltonjapan.co.jp
Access-Control-Allow-Credentials: true
Timing-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type, x-csrf-token
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Connection: close
Content-Type: application/json
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 559e28226cae3d9dcc05a4b3b2397e9d
9554456b30a6948aceb7102906e93342907b065f
13c46ddee7d04c6128ab27034d24127c18bb40c5a053da4f641209eb9f693445
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 05 Feb 2023 00:57:33 GMT
Last-Modified: Sun, 05 Feb 2023 00:43:34 GMT
Server: ECS (nyb/1D29)
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: BJrfLavBNV0eXQytPWarGZCe_wE1thp8dQw7X_JBbA-nuE2sb-BucA==
Age: 839
dpm.demdex.net/ibs:dpid=28645&dpuuid=
52.17.182.43302 Found 0 B URL HTTP/1.1 dpm.demdex.net/ibs:dpid=28645&dpuuid=
IP 52.17.182.43:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ibs:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
DCS: dcs-prod-irl1-2-v045-0cc0feb7f.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
Location: https://dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
set-cookie: demdex=83893487210453578683483505745283008941; Max-Age=15552000; Expires=Fri, 04 Aug 2023 00:57:33 GMT; Path=/; Domain=.demdex.net; Secure; SameSite=None
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: K3DurttfTrU=
Content-Length: 0
Connection: keep-alive
eb2.3lift.com/xuid?mid=2711&xuid=k-wfunUD1SJ_GbIeI3ky0UyOLJKlYFK5V0TEiJcg&dongle=013b
76.223.111.18200 OK 37 B URL HTTP/2 eb2.3lift.com/xuid?mid=2711&xuid=k-wfunUD1SJ_GbIeI3ky0UyOLJKlYFK5V0TEiJcg&dongle=013b
IP 76.223.111.18:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 3eacd0132310ea44cad756b378a3bc07
e2216a7e9b73f5cb0279351c78ce61c33475cea7
bb229a48bee31f5d54ca12dc9bd960c63a671f0d4be86a054c1d324a44499d96
GET /xuid?mid=2711&xuid=k-wfunUD1SJ_GbIeI3ky0UyOLJKlYFK5V0TEiJcg&dongle=013b HTTP/1.1
Host: eb2.3lift.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:57:33 GMT
content-type: image/gif
content-length: 37
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 313 B IP 93.184.220.29:0
Hash 17b154551d0d62dde5d62de38fa46d8a
3468762be6e127f7641c3409e0ca8a567725e2b6
0dd480ace544fcda0d1504940cab79895ef63d8d17132c8d8b3be6edf07d93b5
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3579
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:33 GMT
Last-Modified: Sat, 04 Feb 2023 23:57:54 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 313
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash bbd90245f244e76d9f45706b1fb5ae58
1e15a0d03d74175f976310f2db334050485ed546
03fda0816cd373e36f33630fc50b4fb5e5852fb1f2c65175b98437386c436dd4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 00:57:33 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 01:56:49 GMT
Expires: Sat, 11 Feb 2023 01:56:48 GMT
Etag: "1e15a0d03d74175f976310f2db334050485ed546"
Cache-Control: max-age=521354,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7947b14cd9cb1c16-OSL
ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
185.83.142.19302 Found 0 B URL HTTP/1.1 ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID
IP 185.83.142.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /bounce?%2Fgetuid%3Fhttps%3A%2F%2Fdis.criteo.com%2Fdis%2Frtb%2Fappnexus%2Fcookiematch.aspx%3Fappnxsid%3D%24UID HTTP/1.1
Host: ib.adnxs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 302 Found
Server: nginx/1.21.3
Date: Sun, 05 Feb 2023 00:57:33 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 0
Connection: keep-alive
Cache-Control: no-store, no-cache, private
Pragma: no-cache
Expires: Sat, 15 Nov 2008 16:00:00 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
X-XSS-Protection: 0
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Location: https://dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
AN-X-Request-Uuid: eb642129-7474-4ee0-86e0-f530f325ca5b
X-Proxy-Origin: 91.90.42.154; 91.90.42.154; 960.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0006fb5e3cfceb796be5de36d494e9ac
b597abcab8e24c535b8b4479775f9e2f5b15ccb0
2567f8b81cbffd4565a6638ef2c01d3ded23de59b925b35136e225a0595bbdeb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1338
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:33 GMT
Last-Modified: Sun, 05 Feb 2023 00:35:15 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
x.bidswitch.net/sync?dsp_id=46&user_id=k-PeUC-z1SJ_GbIeI3ky0UyOLJKla0T0uM8ytdZQ&expires=30
52.29.36.14302 Found 0 B URL HTTP/2 x.bidswitch.net/sync?dsp_id=46&user_id=k-PeUC-z1SJ_GbIeI3ky0UyOLJKla0T0uM8ytdZQ&expires=30
IP 52.29.36.14:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?dsp_id=46&user_id=k-PeUC-z1SJ_GbIeI3ky0UyOLJKla0T0uM8ytdZQ&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 05 Feb 2023 00:57:33 GMT
content-length: 0
location: https://x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-PeUC-z1SJ_GbIeI3ky0UyOLJKla0T0uM8ytdZQ&expires=30
cache-control: no-cache, no-store, must-revalidate
set-cookie: tuuid=35f06ee9-a52c-4e4a-b84c-ed303f1df7a8; path=/; expires=Mon, 05-Feb-2024 00:57:33 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675558653; path=/; expires=Mon, 05-Feb-2024 00:57:33 GMT; domain=.bidswitch.net; samesite=none; secure
tuuid_lu=1675558653; path=/; expires=Mon, 05-Feb-2024 00:57:33 GMT; domain=.bidswitch.net; samesite=none; secure
c=1675558653; path=/; expires=Mon, 05-Feb-2024 00:57:33 GMT; domain=.bidswitch.net; samesite=none; secure
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 392150821fa2297ac03c44478a2dce26
d95771a08af29868b2cf80c0cb7e27b4de9a38e5
30fbbe75e0ec1a15edac9f7b0271ee25bb924822be648cf04c5148eec820af77
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1474
Cache-Control: max-age=139164
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:33 GMT
Etag: "63de75d7-1d7"
Expires: Mon, 06 Feb 2023 15:36:57 GMT
Last-Modified: Sat, 04 Feb 2023 15:12:23 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-uDftGj1SJ_GbIeI3ky0UyOLJKlZdiWrfsUnkwA
185.86.138.144200 OK 43 B URL HTTP/1.1 rtb-csync.smartadserver.com/redir/?partnerid=79&partneruserid=k-uDftGj1SJ_GbIeI3ky0UyOLJKlZdiWrfsUnkwA
IP 185.86.138.144:0
ASN #201081 SmartAdServer SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 221d8352905f2c38b3cb2bd191d630b0
d804b495cb9b84b9007a25b5d85f9ae674004cde
89fe0ee6020314794fc2cfeacf3d10c31050cfe56f8ebddf1ed0a33fbe941fa7
GET /redir/?partnerid=79&partneruserid=k-uDftGj1SJ_GbIeI3ky0UyOLJKlZdiWrfsUnkwA HTTP/1.1
Host: rtb-csync.smartadserver.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
content-type: image/gif
date: Sun, 05 Feb 2023 00:57:32 GMT
cache-control: no-cache,no-store
pragma: no-cache
set-cookie: pid=6071397703124392257; expires=Tue, 05 Mar 2024 00:57:33 GMT; domain=smartadserver.com; path=/
TestIfCookieP=ok; expires=Tue, 05 Mar 2024 00:57:33 GMT; domain=smartadserver.com; path=/
csync=79:k-uDftGj1SJ_GbIeI3ky0UyOLJKlZdiWrfsUnkwA; expires=Mon, 05 Feb 2024 00:57:33 GMT; domain=smartadserver.com; path=/
transfer-encoding: chunked
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 9d525a4056778875caaa260fef2c061e
9d0b2b0b9be3e7cc4534f6f270e46fa3e74fa394
5a66f26e823673c1076843efba10956528413b229e342153afdd93cfebd5a673
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3377
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:33 GMT
Last-Modified: Sun, 05 Feb 2023 00:01:17 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
52.17.182.43200 OK 59 B URL HTTP/1.1 dpm.demdex.net/demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid=
IP 52.17.182.43:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 1251cd5e5c2def4c046309375f87c1c1
e02d6b0c6a5c495c15985e2832e335eda8528c80
4e7010cc46fa361c88e57e3346d27421cf3b8a8bf5f39b43fc45997c60cb1c13
GET /demconf.jpg?et:ibs%7cdata:dpid=28645&dpuuid= HTTP/1.1
Host: dpm.demdex.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
content-encoding: gzip
Content-Type: image/gif
DCS: dcs-prod-irl1-1-v045-0078884aa.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-Content-Type-Options: nosniff
X-TID: kf1ms7McS3c=
Content-Length: 59
Connection: keep-alive
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash b4354a9ba9090b58b80e2006507706bb
68543577ba09b6d3e5af06d831d09e5c75babcb1
17915bcdc8d702be290ea7aace9aed85ffc3dca4659ef6aadf77c04aa904bcf4
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 05 Feb 2023 00:57:33 GMT
Last-Modified: Sun, 05 Feb 2023 00:07:46 GMT
Server: ECS (bsa/EB1C)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: kJN1tFQaeBuu6YRiTugEjySytlN7qhlkhzmf3y_-s5oztCQhJ7LPkw==
Age: 2988
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-IMzrGT1SJ_GbIeI3ky0UyOLJKlYoX1Ao0CX1UA
104.18.33.19302 Found 0 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-IMzrGT1SJ_GbIeI3ky0UyOLJKlYoX1Ao0CX1UA
IP 104.18.33.19:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /rum?cm_dsp_id=20&external_user_id=k-IMzrGT1SJ_GbIeI3ky0UyOLJKlYoX1Ao0CX1UA HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 05 Feb 2023 00:57:33 GMT
content-length: 0
location: /rum?cm_dsp_id=20&external_user_id=k-IMzrGT1SJ_GbIeI3ky0UyOLJKlYoX1Ao0CX1UA&C=1
cf-ray: 7947b14e3e36b529-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
p3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
pragma: no-cache
set-cookie: CMID=Y97.-WshjR2IFxedXFk46gAA; Path=/; Domain=casalemedia.com; Expires=Mon, 05 Feb 2024 00:57:33 GMT; Max-Age=31536000; Secure; SameSite=None
CMPS=1872; Path=/; Domain=casalemedia.com; Expires=Sat, 06 May 2023 00:57:33 GMT; Max-Age=7776000; Secure; SameSite=None
CMPRO=1872; Path=/; Domain=casalemedia.com; Expires=Sat, 06 May 2023 00:57:33 GMT; Max-Age=7776000; Secure; SameSite=None
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=UwLhxyrvN8C1GhV%2BPxXNCa%2FTsWQTd%2FDdPZjCXCD70YoVmJsecG69n4YiP76UEkVorEXsxeIKGOBWumhE1BpeF6DyNbF6uYSOOdueYrcZJAfrvRsKb6O0Vtjf39jsq7v3ZToE"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-PeUC-z1SJ_GbIeI3ky0UyOLJKla0T0uM8ytdZQ&expires=30
52.29.36.14200 OK 43 B URL HTTP/2 x.bidswitch.net/ul_cb/sync?dsp_id=46&user_id=k-PeUC-z1SJ_GbIeI3ky0UyOLJKla0T0uM8ytdZQ&expires=30
IP 52.29.36.14:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/sync?dsp_id=46&user_id=k-PeUC-z1SJ_GbIeI3ky0UyOLJKla0T0uM8ytdZQ&expires=30 HTTP/1.1
Host: x.bidswitch.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:57:33 GMT
content-type: image/gif
content-length: 43
cache-control: no-cache, no-store, must-revalidate
X-Firefox-Spdy: h2
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-ni6Kgj1SJ_GbIeI3ky0UyOLJKlYBf4JzTxFZaQ
18.156.0.31302 Found 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-ni6Kgj1SJ_GbIeI3ky0UyOLJKlYBf4JzTxFZaQ
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-ni6Kgj1SJ_GbIeI3ky0UyOLJKlYBf4JzTxFZaQ HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 05 Feb 2023 00:57:33 GMT
content-length: 0
strict-transport-security: max-age=31536000
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
location: https://ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-ni6Kgj1SJ_GbIeI3ky0UyOLJKlYBf4JzTxFZaQ&verify=true
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBP3-3mMCEHYNqJISly3vT0qRJeRiv00FEgEBAQFQ4GPoYwAAAAAA_eMAAA&S=AQAAApArCeY0qTazMQoE1Z8_EHU; Expires=Mon, 5 Feb 2024 06:57:33 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash d12cb53144d0964484d5533da0d9224f
a656489348ebb5f6eb71f7f8758d64ea5e9a1f7a
1b458c0e3cebcfb9bb5cfb8fd54cd54b79825bde21f296a4348b0ce342a38585
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1B458C0E3CEBCFB9BB5CFB8FD54CD54B79825BDE21F296A4348B0CE342A38585"
Last-Modified: Sat, 04 Feb 2023 14:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4070
Expires: Sun, 05 Feb 2023 02:05:23 GMT
Date: Sun, 05 Feb 2023 00:57:33 GMT
Connection: keep-alive
cm.adform.net/pixel?adform_pid=15&adform_pc=k-0O-VlD1SJ_GbIeI3ky0UyOLJKlaT8OQ6m_Gj0w
37.157.2.238200 OK 43 B URL HTTP/2 cm.adform.net/pixel?adform_pid=15&adform_pc=k-0O-VlD1SJ_GbIeI3ky0UyOLJKlaT8OQ6m_Gj0w
IP 37.157.2.238:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /pixel?adform_pid=15&adform_pc=k-0O-VlD1SJ_GbIeI3ky0UyOLJKlaT8OQ6m_Gj0w HTTP/1.1
Host: cm.adform.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:57:33 GMT
content-type: image/gif
content-length: 43
last-modified: Fri, 22 Jul 2016 06:55:37 GMT
etag: "5791c369-2b"
accept-ranges: bytes
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash ebce6de82aa929525d1c1e6d8ca17c8a
6e79c213ccf757da0bcbc0e762e9fa8701e51ff0
75baa30790c1aaeaf38d4f92aaf4ca77575f65c977fe5dbf4ea7e895494e5065
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 05 Feb 2023 00:57:33 GMT
Last-Modified: Sun, 05 Feb 2023 00:42:15 GMT
Server: ECS (bsa/EB24)
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: Ta27he3z_mwVdmD86ieqHNeZ4jqGhbxwpOcN8yQEaRRZ3cKzCqTqEQ==
Age: 918
ad.yieldlab.net/m?dt_id=8664&ext_id=k-Nm9EJz1SJ_GbIeI3ky0UyOLJKlY3S4S8H3M7Mg
23.13.245.180204 No Content 0 B URL HTTP/1.1 ad.yieldlab.net/m?dt_id=8664&ext_id=k-Nm9EJz1SJ_GbIeI3ky0UyOLJKlY3S4S8H3M7Mg
IP 23.13.245.180:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /m?dt_id=8664&ext_id=k-Nm9EJz1SJ_GbIeI3ky0UyOLJKlY3S4S8H3M7Mg HTTP/1.1
Host: ad.yieldlab.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 204 No Content
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-frame-options: DENY
x-application-context: application
Cache-Control: no-store,no-cache,max-age=-3600,must-revalidate,post-check=0,pre-check=0
Pragma: no-cache
Expires: Sat, 04 Feb 2023 00:57:33 GMT
Date: Sun, 05 Feb 2023 00:57:33 GMT
Connection: keep-alive
Set-Cookie: id=ed883858-75d9-4bda-8f24-7b793caee6da; Path=/; Domain=prod.svc.y6b.de; Expires=Mon, 05-Feb-2024 00:57:33 GMT; Max-Age=31536000; Secure; SameSite=None
gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
178.250.2.146302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=83&r=1&a=1&u=https%3A%2F%2Fbeacon.krxd.net%2Fusermatch.gif%3Fpartner%3Dcriteo%26partner_uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 05 Feb 2023 00:57:32 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
server-processing-duration-in-ticks: 912040
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-vWxqkT1SJ_GbIeI3ky0UyOLJKlbNaWDacCh9EQ
18.192.235.185302 Found 0 B URL HTTP/2 ad.360yield.com/match?publisher_dsp_id=38&external_user_id=k-vWxqkT1SJ_GbIeI3ky0UyOLJKlbNaWDacCh9EQ
IP 18.192.235.185:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /match?publisher_dsp_id=38&external_user_id=k-vWxqkT1SJ_GbIeI3ky0UyOLJKlbNaWDacCh9EQ HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
date: Sun, 05 Feb 2023 00:57:33 GMT
content-type: text/plain
content-length: 0
location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-vWxqkT1SJ_GbIeI3ky0UyOLJKlbNaWDacCh9EQ
set-cookie: tuuid=b8bbc691-7825-4818-a632-f9f1e45ee557; Expires=Sat, 06 May 2023 00:57:33 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
tuuid_lu=1675558653; Expires=Sat, 06 May 2023 00:57:33 GMT; Domain=.360yield.com; Path=/; SameSite=None; Secure
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 27ce914bad3a60d980c23e19ae639690
270acbd8d798698216b3c48f0e09e0a2d8576836
d5ebe8ba92a47d866879d7a7ab736b586ff458f57e81552255eb423d2eb6719a
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3409
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:33 GMT
Last-Modified: Sun, 05 Feb 2023 00:00:44 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-IMzrGT1SJ_GbIeI3ky0UyOLJKlYoX1Ao0CX1UA&C=1
104.18.33.19200 OK 43 B URL HTTP/2 r.casalemedia.com/rum?cm_dsp_id=20&external_user_id=k-IMzrGT1SJ_GbIeI3ky0UyOLJKlYoX1Ao0CX1UA&C=1
IP 104.18.33.19:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 325472601571f31e1bf00674c368d335
2daeaa8b5f19f0bc209d976c02bd6acb51b00b0a
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
GET /rum?cm_dsp_id=20&external_user_id=k-IMzrGT1SJ_GbIeI3ky0UyOLJKlYoX1Ao0CX1UA&C=1 HTTP/1.1
Host: r.casalemedia.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:57:33 GMT
content-type: image/gif
content-length: 43
cf-ray: 7947b14e8e6fb529-OSL
cache-control: no-cache
expires: 0
cf-cache-status: DYNAMIC
pragma: no-cache
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=sBbZt0CjHUgwIpkp8ttL%2FsWKlt%2FNLfIf0JL3rIKkzUh0C34iDQZwN36rHt0ltvpI3EeBRyDo55nx9MbSDw4QNpcK6aSe4b9M4VMATNmNprka5BHW3%2B4KepeYVLgyX9kFXl%2Bz"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
id5-sync.com/s/966/9.gif?puid=k-ioVmsD1SJ_GbIeI3ky0UyOLJKlYEvV7b6TNqJQ
141.95.98.64200 43 B URL HTTP/1.1 id5-sync.com/s/966/9.gif?puid=k-ioVmsD1SJ_GbIeI3ky0UyOLJKlYEvV7b6TNqJQ
IP 141.95.98.64:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash 07fff40b5dd495aca2ac4e1c3fbc60aa
e8ac224ba9ee97e87670ed6f3a2f0128b7af9fe4
a065920df8cc4016d67c3a464be90099c9d28ffe7c9e6ee3a18f257efc58cbd7
GET /s/966/9.gif?puid=k-ioVmsD1SJ_GbIeI3ky0UyOLJKlYEvV7b6TNqJQ HTTP/1.1
Host: id5-sync.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
p3p: CP="CAO PSA OUR"
set-cookie: cf=; Max-Age=300; Expires=Sun, 05-Feb-2023 01:02:33 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cip=; Max-Age=300; Expires=Sun, 05-Feb-2023 01:02:33 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
cnac=; Max-Age=300; Expires=Sun, 05-Feb-2023 01:02:33 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
car=; Max-Age=300; Expires=Sun, 05-Feb-2023 01:02:33 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
gdpr=; Max-Age=300; Expires=Sun, 05-Feb-2023 01:02:33 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
callback=; Max-Age=300; Expires=Sun, 05-Feb-2023 01:02:33 GMT; Domain=id5-sync.com; Path=/; SameSite=None; Secure
content-type: image/gif;charset=UTF-8
transfer-encoding: chunked
date: Sun, 05 Feb 2023 00:57:32 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-ni6Kgj1SJ_GbIeI3ky0UyOLJKlYBf4JzTxFZaQ&verify=true
18.156.0.31204 No Content 0 B URL HTTP/2 ups.analytics.yahoo.com/ups/58301/sync?_origin=1&uid=k-ni6Kgj1SJ_GbIeI3ky0UyOLJKlYBf4JzTxFZaQ&verify=true
IP 18.156.0.31:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /ups/58301/sync?_origin=1&uid=k-ni6Kgj1SJ_GbIeI3ky0UyOLJKlYBf4JzTxFZaQ&verify=true HTTP/1.1
Host: ups.analytics.yahoo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
date: Sun, 05 Feb 2023 00:57:33 GMT
p3p: CP=NOI DSP COR LAW CURa DEVa TAIa PSAa PSDa OUR BUS UNI COM NAV
strict-transport-security: max-age=31536000
age: 0
server: ATS/9.1.10.25
set-cookie: A3=d=AQABBP3-3mMCEFKDOThbxzNo5fJfqqK-kGYFEgEBAQFQ4GPoYwAAAAAA_eMAAA&S=AQAAAm_d6GYhHIDstATAxO3NsUQ; Expires=Mon, 5 Feb 2024 06:57:33 GMT; Max-Age=31557600; Domain=.yahoo.com; Path=/; SameSite=None; Secure; HttpOnly
X-Firefox-Spdy: h2
match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-sHCp4j1SJ_GbIeI3ky0UyOLJKlahnhJ6OOQD9Q
52.57.206.183204 No Content 0 B URL HTTP/2 match.sharethrough.com/sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-sHCp4j1SJ_GbIeI3ky0UyOLJKlahnhJ6OOQD9Q
IP 52.57.206.183:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync/v1?source_id=7658cb1d77a660882b48db06&source_user_id=k-sHCp4j1SJ_GbIeI3ky0UyOLJKlahnhJ6OOQD9Q HTTP/1.1
Host: match.sharethrough.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 05 Feb 2023 00:57:33 GMT
X-Firefox-Spdy: h2
ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-vWxqkT1SJ_GbIeI3ky0UyOLJKlbNaWDacCh9EQ
18.192.235.185200 OK 43 B URL HTTP/2 ad.360yield.com/ul_cb/match?publisher_dsp_id=38&external_user_id=k-vWxqkT1SJ_GbIeI3ky0UyOLJKlbNaWDacCh9EQ
IP 18.192.235.185:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /ul_cb/match?publisher_dsp_id=38&external_user_id=k-vWxqkT1SJ_GbIeI3ky0UyOLJKlbNaWDacCh9EQ HTTP/1.1
Host: ad.360yield.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:57:33 GMT
content-type: image/gif
content-length: 43
access-control-allow-origin: *
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
X-Firefox-Spdy: h2
ocsp.digicert.com/
93.184.220.29200 OK 279 B IP 93.184.220.29:0
Hash 0006fb5e3cfceb796be5de36d494e9ac
b597abcab8e24c535b8b4479775f9e2f5b15ccb0
2567f8b81cbffd4565a6638ef2c01d3ded23de59b925b35136e225a0595bbdeb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1338
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:33 GMT
Last-Modified: Sun, 05 Feb 2023 00:35:15 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 279
simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-3y-v4j1SJ_GbIeI3ky0UyOLJKlYkIDqm2LIpeQ
185.64.189.110200 OK 42 B URL HTTP/2 simage2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-3y-v4j1SJ_GbIeI3ky0UyOLJKlYkIDqm2LIpeQ
IP 185.64.189.110:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /AdServer/Pug?vcode=bz0yJnR5cGU9MSZjb2RlPTE5MjgmdGw9NDMyMDA=&piggybackCookie=uid:k-3y-v4j1SJ_GbIeI3ky0UyOLJKlYkIDqm2LIpeQ HTTP/1.1
Host: simage2.pubmatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:57:32 GMT
content-type: image/gif; charset=utf-8
content-length: 42
set-cookie: KRTBCOOKIE_97=3385-uid:k-3y-v4j1SJ_GbIeI3ky0UyOLJKlYkIDqm2LIpeQ&KRTB&23144-uid:k-3y-v4j1SJ_GbIeI3ky0UyOLJKlYkIDqm2LIpeQ&KRTB&23286-uid:k-3y-v4j1SJ_GbIeI3ky0UyOLJKlYkIDqm2LIpeQ&KRTB&23287-uid:k-3y-v4j1SJ_GbIeI3ky0UyOLJKlYkIDqm2LIpeQ; domain=pubmatic.com; secure; expires=Tue, 07-Mar-2023 00:57:32 GMT; path=/
PugT=1675558652; domain=pubmatic.com; secure; expires=Tue, 07-Mar-2023 00:57:32 GMT; path=/
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"
cache-control: no-store, no-cache, private
X-Firefox-Spdy: h2
sync.outbrain.com/cookie-sync?p=criteo&uid=k-auAnLD1SJ_GbIeI3ky0UyOLJKlauClYtJvU8Dw
64.202.112.159200 OK 408 B URL HTTP/1.1 sync.outbrain.com/cookie-sync?p=criteo&uid=k-auAnLD1SJ_GbIeI3ky0UyOLJKlauClYtJvU8Dw
IP 64.202.112.159:0
File type JSON data\012- , ASCII text, with very long lines (408), with no line terminators
Hash d3575267967e9f2540aba1c9c3ed6362
6a04e3d744e60f816f99851282d82cd8cdf634fa
f1029d45a947f53028d92c289cf806c187b457acddda25d2c1cfb1367f5bd195
GET /cookie-sync?p=criteo&uid=k-auAnLD1SJ_GbIeI3ky0UyOLJKlauClYtJvU8Dw HTTP/1.1
Host: sync.outbrain.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 00:57:33 GMT
Content-Type: application/json
Content-Length: 408
Cache-Control: no-cache
X-TraceId: ad7bb0908ff9a65254b4f8a69d99164a
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash a8913413cc3807a4937be1cc134090ce
a28f64e21385b9703a184df7169380001aa5bad8
74278e35e611ff7540c0f649189417657561e147fbb138f4d0856ce042f71044
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=129102
Date: Sun, 05 Feb 2023 00:57:33 GMT
Etag: "63de4903-1d7"
Expires: Mon, 06 Feb 2023 12:49:15 GMT
Last-Modified: Sat, 04 Feb 2023 12:01:07 GMT
Server: ECS (nyb/1D05)
X-Cache: Miss from cloudfront
Via: 1.1 76c917e0bb0ba45eb834d25d76ee125e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: tMjuG-9pZXfrydv8XQSeKYyZHQUY931CBdYq4r9rj2z_DHHzragtuA==
Age: 2888
ocsp.godaddy.com/
192.124.249.41200 OK 1.8 kB IP 192.124.249.41:0
Hash be7f3f4089391cef2ea78f259940035e
e1dac0692a0d3111c73cd6b3dd1045b70361406f
0ea389625b51190d2e31782836d5ba57bf2261b9c557a232c7c2eba374ff9fdb
POST / HTTP/1.1
Host: ocsp.godaddy.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 76
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: Sucuri/Cloudproxy
Date: Sun, 05 Feb 2023 00:57:33 GMT
Content-Type: application/ocsp-response
Content-Length: 1778
Connection: keep-alive
X-Sucuri-ID: 19041
Content-Transfer-Encoding: Binary
Cache-Control: public, no-transform, must-revalidate
Last-Modified: Sat, 04 Feb 2023 21:32:54 GMT
Expires: Sun, 05 Feb 2023 21:32:54 GMT
ETag: "e1dac0692a0d3111c73cd6b3dd1045b70361406f"
P3P: CP="IDC DSP COR LAW CUR ADM DEV TAI PSA PSD IVA IVD HIS OUR SAM PUB LEG UNI COM NAV STA"
ocsp.digicert.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 20986e3ad41b7c7568b647083cfa3ee9
a6199774774df812bb2e847f7d01cddbba9192f2
6cc18cd5bcc4c953f33cb49aecfed274701b2af3a15fd8f7cde0a05f8d6dc1eb
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5502
Cache-Control: max-age=131712
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:33 GMT
Etag: "63de48ff-1d7"
Expires: Mon, 06 Feb 2023 13:32:45 GMT
Last-Modified: Sat, 04 Feb 2023 12:01:03 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
sync-criteo.ads.yieldmo.com/sync?id=k-vGkuIj1SJ_GbIeI3ky0UyOLJKlbFfrWWtZ0vqg&pn_id=criteo&ext=1
54.220.97.152200 OK 43 B URL HTTP/2 sync-criteo.ads.yieldmo.com/sync?id=k-vGkuIj1SJ_GbIeI3ky0UyOLJKlbFfrWWtZ0vqg&pn_id=criteo&ext=1
IP 54.220.97.152:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash df3e567d6f16d040326c7a0ea29a4f41
ea7df583983133b62712b5e73bffbcd45cc53736
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
GET /sync?id=k-vGkuIj1SJ_GbIeI3ky0UyOLJKlbFfrWWtZ0vqg&pn_id=criteo&ext=1 HTTP/1.1
Host: sync-criteo.ads.yieldmo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:57:33 GMT
content-type: image/gif
content-length: 43
set-cookie: yieldmo_id=g204453557229527780f%7C1675558653358%7C0%7C; Domain=.yieldmo.com; Expires=Mon, 05-Feb-2024 00:57:33 GMT; Path=/; Secure; SameSite=None; Secure
ptrcriteo=k-vGkuIj1SJ_GbIeI3ky0UyOLJKlbFfrWWtZ0vqg; Domain=ads.yieldmo.com; Expires=Mon, 05-Feb-2024 00:57:33 GMT; Path=/; Secure; SameSite=None; Secure
access-control-allow-origin: *
access-control-request-headers: Cache-Control, Pragma
access-control-allow-methods: GET, OPTIONS
pragma: no-cache
X-Firefox-Spdy: h2
e1.emxdgt.com/put?d=d53&uid=k-Q1owqj1SJ_GbIeI3ky0UyOLJKlaKxe2ICqn8dCV8PgLWGHdv
3.71.169.66204 No Content 0 B URL HTTP/2 e1.emxdgt.com/put?d=d53&uid=k-Q1owqj1SJ_GbIeI3ky0UyOLJKlaKxe2ICqn8dCV8PgLWGHdv
IP 3.71.169.66:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /put?d=d53&uid=k-Q1owqj1SJ_GbIeI3ky0UyOLJKlaKxe2ICqn8dCV8PgLWGHdv HTTP/1.1
Host: e1.emxdgt.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
content-type: text/html
date: Sun, 05 Feb 2023 00:57:32 GMT
content-length: 0
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash e4dfb9e29f29906cd74c15f9796f94a4
eaaad4849c68f6e27b26b49bde5c33d30132d0da
fd04918a97864139ab2d2c32c51f83d39d67c01cd3a97053d95a0f7bcf411fbd
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 00:57:33 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Sat, 04 Feb 2023 15:11:58 GMT
Expires: Sat, 11 Feb 2023 15:11:57 GMT
Etag: "eaaad4849c68f6e27b26b49bde5c33d30132d0da"
Cache-Control: max-age=569063,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb2
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7947b14e6a481c16-OSL
ocsp.sca1b.amazontrust.com/
143.204.42.165200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP 143.204.42.165:0
Hash 8b01e823dcdb0bc93def67791b99c1ff
c2b1ff308d5b27a776259ed5696ee0854e586c77
7be7f84db702ba6b520c773d6422eaf7e1ee519485a030057713a74618e3be2d
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Sun, 05 Feb 2023 00:57:33 GMT
Last-Modified: Sun, 05 Feb 2023 00:41:39 GMT
Server: ECS (bsa/EB1C)
X-Cache: Miss from cloudfront
Via: 1.1 d4fd24ae65d4d2b97cfdea8d2f0c21a6.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: 1MSQnBGPGqHce1V74u27tjwX6bT4kuWfyupaDs5mo3qUYWQydCS8fA==
Age: 954
visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-qeVa5T1SJ_GbIeI3ky0UyOLJKlY2cxx8wuH_vQ
185.255.84.152200 OK 49 B URL HTTP/2 visitor.omnitagjs.com/visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-qeVa5T1SJ_GbIeI3ky0UyOLJKlY2cxx8wuH_vQ
IP 185.255.84.152:0
ASN #200271 Iguane Solutions SAS
File type GIF image data, version 89a, 1 x 1\012- data
Hash 4408efc0174f07ad685c456f1de521ca
e3bc3250f8f32bd98dc7b05fd8940b74617eb8d1
d1371feb0512d700cf724b05a588ce79f8d8dfbb0991ae5f45ecd3ab08983a38
GET /visitor/sync?uid=732efe97317e6352de4c1caf24b5064b&name=CRITEO&visitor=k-qeVa5T1SJ_GbIeI3ky0UyOLJKlY2cxx8wuH_vQ HTTP/1.1
Host: visitor.omnitagjs.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
expires: 0
p3p: CP="CAO PSA OUR"
pragma: no-cache
set-cookie: ayl_visitor=42cc27fd99cbefae479e16538bb75281; Path=/; Domain=omnitagjs.com; Max-Age=2592000; Secure; SameSite=None
vary: Accept-Encoding
x-content-type-options: nosniff
date: Sun, 05 Feb 2023 00:57:33 GMT
content-length: 49
x-envoy-upstream-service-time: 3
server: ayl-lb-fra02
X-Firefox-Spdy: h2
beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
52.208.71.104204 No Content 0 B URL HTTP/2 beacon.krxd.net/usermatch.gif?partner=criteo&partner_uid=
IP 52.208.71.104:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /usermatch.gif?partner=criteo&partner_uid= HTTP/1.1
Host: beacon.krxd.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 204 No Content
date: Sun, 05 Feb 2023 00:57:33 GMT
set-cookie: _kuid_=PXETWy_U; Expires=Fri, 04-Aug-23 00:57:33 GMT; Max-Age=15552000; Domain=.krxd.net; Path=/
cache-control: private, no-cache, no-store
p3p: policyref="https://cdn.krxd.net/kruxcontent/p3p.xml", CP="NON DSP COR NID OUR DEL SAM OTR UNR COM NAV INT DEM CNT STA PRE LOC OTC"
x-served-by: beacon-n014-dub-prod.krxd.net
x-request-time: D=30 t=1675558653
X-Firefox-Spdy: h2
gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
178.250.2.146302 Found 0 B URL HTTP/2 gum.criteo.com/sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40
IP 178.250.2.146:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /sync?c=10&r=1&u=https%3A%2F%2Fs.thebrighttag.com%2Fcs%3Fbtt%3D0%26tp%3Dcr%26uid%3D%40USERID%40 HTTP/1.1
Host: gum.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 302 Found
date: Sun, 05 Feb 2023 00:57:33 GMT
server: Kestrel
content-length: 0
cache-control: private, max-age=0, no-cache, no-store, must-revalidate
location: https://s.thebrighttag.com/cs?btt=0&tp=cr&uid=
server-processing-duration-in-ticks: 504814
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 251f1a5d671fb797fb98e9a71754c341
335425603d9eec146a3c03422dbca91134272e53
74932f07561287e33302aabcf9c639e9df7ae0fbc4bf71f5467310aabafea208
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fed9dd21c-6496-4f6e-b306-570e4802aba4.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 6202
x-amzn-requestid: 01b85fcd-69a0-49da-8640-32a3ef19378a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bUFEJoAMFapg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c48-14817e717361e09170714e9d;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:44 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 1_1mEN4j5cciWEiimz4PRjx3PNGnrSRib9oEJAdYLrrtyjqnz_zvcQ==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 13:05:46 GMT
age: 42707
etag: "335425603d9eec146a3c03422dbca91134272e53"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
status.geotrust.com/
93.184.220.29200 OK 471 B IP 93.184.220.29:0
Hash 4df99dade3eb1aa2baa3ab905c4a930b
0701345c4b887780df82e6cd8c32139f5aec4764
5d5439f1948d474837fb99a8d499f9a4655b8fe851ebd74139c67d4e73cbbbba
POST / HTTP/1.1
Host: status.geotrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4158
Cache-Control: max-age=137888
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 00:57:33 GMT
Etag: "63de6660-1d7"
Expires: Mon, 06 Feb 2023 15:15:41 GMT
Last-Modified: Sat, 04 Feb 2023 14:06:24 GMT
Server: ECS (ska/F717)
X-Cache: HIT
Content-Length: 471
dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-p2_uED1SJ_GbIeI3ky0UyOLJKlYIdkQyoh225Q&google_error=3
178.250.0.163200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-p2_uED1SJ_GbIeI3ky0UyOLJKlYIdkQyoh225Q&google_error=3
IP 178.250.0.163:0
GET /dis/rtb/google/cookiematch.aspx?id=&CriteoUserId=k-p2_uED1SJ_GbIeI3ky0UyOLJKlYIdkQyoh225Q&google_error=3 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:57:32 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 231742
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
178.250.0.163200 OK 0 B URL HTTP/2 dis.criteo.com/dis/rtb/appnexus/cookiematch.aspx?appnxsid=0
IP 178.250.0.163:0
GET /dis/rtb/appnexus/cookiematch.aspx?appnxsid=0 HTTP/1.1
Host: dis.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:57:32 GMT
content-type: image/gif
server: Kestrel
cache-control: no-cache
pragma: no-cache
expires: Mon, 26 Jul 1997 05:00:00 GMT
cross-origin-resource-policy: cross-origin
p3p: CP='NON DSP COR CURa PSA PSD OUR BUS NAV STA'
timing-allow-origin: *
server-processing-duration-in-ticks: 391858
strict-transport-security: max-age=31536000; preload;
X-Firefox-Spdy: h2
criteo-partners.tremorhub.com/sync?UICR=k-zphKhj1SJ_GbIeI3ky0UyOLJKlYSGQ5oDaZBUA
184.73.183.26200 OK 0 B URL HTTP/2 criteo-partners.tremorhub.com/sync?UICR=k-zphKhj1SJ_GbIeI3ky0UyOLJKlYSGQ5oDaZBUA
IP 184.73.183.26:0
GET /sync?UICR=k-zphKhj1SJ_GbIeI3ky0UyOLJKlYSGQ5oDaZBUA HTTP/1.1
Host: criteo-partners.tremorhub.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:57:33 GMT
content-type: image/gif
server: Apache-Coyote/1.1
p3p: CP='This is not a P3P policy. See https://telaria.com/privacy-policy/'
X-Firefox-Spdy: h2
consent-st.trustarc.com/get?name=combined_static_cm_minified.js
143.204.55.33200 OK 0 B URL HTTP/2 consent-st.trustarc.com/get?name=combined_static_cm_minified.js
IP 143.204.55.33:0
GET /get?name=combined_static_cm_minified.js HTTP/1.1
Host: consent-st.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/javascript
date: Mon, 16 Jan 2023 07:14:08 GMT
pragma: public
expires: Wed, 15 Feb 2023 07:14:08 GMT
cache-control: max-age=2592000
timing-allow-origin: *
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 5de23153ac267c206221751e1cccb6e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 87L5EgLYnrhpcbH8c_AFljpAblzjhe55FfO7sZ62CIgQz8t7L0TY2w==
age: 1705400
strict-transport-security: max-age=31536000; includeSubDomains
vary: Origin
X-Firefox-Spdy: h2
consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html
143.204.55.57200 OK 0 B URL HTTP/2 consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html
IP 143.204.55.57:0
GET /defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
date: Wed, 18 Jan 2023 05:03:36 GMT
server: nginx
etag: W/"142492-1672992016000"
last-modified: Fri, 06 Jan 2023 08:00:16 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: UwLNmR_oVQPbean3eZ0wbWN__zf0dYLPMgzUezXV-9MTr6n_JIaKrg==
age: 1540432
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
gem.gbc.criteo.com/newidsd
178.250.6.108200 OK 0 B URL HTTP/2 gem.gbc.criteo.com/newidsd
IP 178.250.6.108:0
GET /newidsd HTTP/1.1
Host: gem.gbc.criteo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://gum.criteo.com/
Origin: https://gum.criteo.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:57:30 GMT
content-type: application/json; charset=utf-8
server: Kestrel
cache-control: no-cache, no-store, must-revalidate
pragma: no-cache
expires: 0
access-control-allow-credentials: true
access-control-allow-methods: GET
access-control-allow-origin: https://gum.criteo.com
server-processing-duration-in-ticks: 145043
strict-transport-security: max-age=31536000; preload;
vary: Accept-Encoding
content-encoding: gzip
X-Firefox-Spdy: h2
exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-L7gb_z1SJ_GbIeI3ky0UyOLJKlZHYdwTPlrB3WGuRne0eWI6
54.93.66.54200 OK 0 B URL HTTP/2 exchange.mediavine.com/usersync/push?partner=criteo&partnerId=k-L7gb_z1SJ_GbIeI3ky0UyOLJKlZHYdwTPlrB3WGuRne0eWI6
IP 54.93.66.54:0
GET /usersync/push?partner=criteo&partnerId=k-L7gb_z1SJ_GbIeI3ky0UyOLJKlZHYdwTPlrB3WGuRne0eWI6 HTTP/1.1
Host: exchange.mediavine.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:57:32 GMT
content-type: text/html; charset=utf-8
vary: Origin, Accept-Encoding
access-control-allow-credentials: true
cache-control: private, no-cache
set-cookie: mv_tokens=%7B%22mv_uuid%22%3A%2212989810-a4f0-11ed-bf8a-f9680b292f06%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Sun, 19 Feb 2023 00:57:32 GMT; Secure; SameSite=None
mv_tokens_eu-v1=%7B%22mv_uuid%22%3A%2212989810-a4f0-11ed-bf8a-f9680b292f06%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Sun, 19 Feb 2023 00:57:32 GMT; Secure; SameSite=None
am_tokens=%7B%22mv_uuid%22%3A%2212989810-a4f0-11ed-bf8a-f9680b292f06%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Sun, 19 Feb 2023 00:57:32 GMT; Secure; SameSite=None
am_tokens_eu-v1=%7B%22mv_uuid%22%3A%2212989810-a4f0-11ed-bf8a-f9680b292f06%22%2C%22version%22%3A%22eu-v1%22%7D; Path=/; Expires=Sun, 19 Feb 2023 00:57:32 GMT; Secure; SameSite=None
criteo=%7B%22id%22%3A%22k-L7gb_z1SJ_GbIeI3ky0UyOLJKlZHYdwTPlrB3WGuRne0eWI6%22%2C%22version%22%3A%22criteo%22%7D; Path=/; Expires=Sun, 19 Feb 2023 00:57:32 GMT; Secure; SameSite=None
content-encoding: gzip
X-Firefox-Spdy: h2
cache.send.microad.jp/js/universe_cookie_sync.html
14.0.43.163200 OK 0 B URL HTTP/2 cache.send.microad.jp/js/universe_cookie_sync.html
IP 14.0.43.163:0
ASN #54994 QUANTILNETWORKS
GET /js/universe_cookie_sync.html HTTP/1.1
Host: cache.send.microad.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:57:31 GMT
content-type: text/html
x-amz-id-2: CEoijoop4+xHFax02dmhOXUnuxJpOXLJNKIYJ+05ABP8Gc/P6SOHOK/hy8ELRyT333TsbC3Ihrk=
x-amz-request-id: SWRATWFHYA3WCAG9
last-modified: Thu, 21 Apr 2022 06:35:10 GMT
etag: "4d8bba3bbc1e55a4b1e6873c6a4d79c5"
x-amz-version-id: CJ0IzgOZiCpIu4rIa.DdQvoklwux.nLV
accept-ranges: bytes
server: PWS/8.3.1.0.8
cache-control: max-age=604800
content-encoding: gzip
via: 1.1 PSrbdbOSA2ju136:0 (W), 1.1 PSrbdbOSA2ig100:5 (W)
x-px: ht PSrbdbOSA2ig100KIX
x-ws-request-id: 63defefb_PSrbdbOSA2fy102_21724-15699
X-Firefox-Spdy: h2
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/4.cache.js
143.204.55.57200 OK 0 B URL HTTP/2 consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/4.cache.js
IP 143.204.55.57:0
GET /defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/4.cache.js HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Connection: keep-alive
Cookie: token_test=Sun Feb 05 2023 00:58:07 GMT+0000 (Coordinated Universal Time)
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Mon, 30 Jan 2023 03:03:06 GMT
server: nginx
etag: W/"44335-1672992016000"
last-modified: Fri, 06 Jan 2023 08:00:16 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: kHG2Jc2UAwpnVeO7s3FBNniCVF5LIyZpWxap6X5JRbpcsX-myciUPg==
age: 510864
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-AGz8iD1SJ_GbIeI3ky0UyOLJKlaxILSBBQ5zYw
141.226.228.48200 OK 0 B URL HTTP/2 sync-t1.taboola.com/sg/criteortb-network/1/rtb-h/?taboola_hm=k-AGz8iD1SJ_GbIeI3ky0UyOLJKlaxILSBBQ5zYw
IP 141.226.228.48:0
ASN #200478 Taboola.com ltd
GET /sg/criteortb-network/1/rtb-h/?taboola_hm=k-AGz8iD1SJ_GbIeI3ky0UyOLJKlaxILSBBQ5zYw HTTP/1.1
Host: sync-t1.taboola.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 00:57:32 GMT
x-fastly-to-nlb-rtt: 22015
access-control-allow-credentials: true
X-Firefox-Spdy: h2
asset.popin.cc/js/pixel.js
54.230.111.79200 OK 0 B URL HTTP/2 asset.popin.cc/js/pixel.js
IP 54.230.111.79:0
GET /js/pixel.js HTTP/1.1
Host: asset.popin.cc
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 07 Dec 2022 07:16:34 GMT
server: AmazonS3
content-encoding: gzip
date: Sat, 04 Feb 2023 08:04:40 GMT
etag: W/"fcadfe78fe6c9936c45f9f39f02375f9"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 04c4f064943f75498361739eb063cb7a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QUJ5sH-pfsYEumcQAryURi29dWN629j278l5jh8DDtIsQZWwO5CisQ==
age: 60769
X-Firefox-Spdy: h2
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/1.cache.js
143.204.55.57200 OK 0 B URL HTTP/2 consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/1.cache.js
IP 143.204.55.57:0
GET /defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/1.cache.js HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
date: Wed, 18 Jan 2023 05:03:11 GMT
server: nginx
etag: W/"19787-1672992016000"
last-modified: Fri, 06 Jan 2023 08:00:16 GMT
expires: Thu, 31 Dec 2037 23:55:55 GMT
cache-control: max-age=315360000
content-encoding: gzip
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Y31eN7M85rVS--0ZS5ce8BFUAT2Fg2vtbh8px-QbM4VVcyLB4ucUTg==
age: 1540458
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
www.hiltontokyo.jp/js/user_question.js
188.114.96.1301 Moved Permanently 0 B URL HTTP/2 www.hiltontokyo.jp/js/user_question.js
IP 188.114.96.1:0
GET /js/user_question.js HTTP/1.1
Host: www.hiltontokyo.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
date: Sun, 05 Feb 2023 00:57:27 GMT
location: https://tokyo.hiltonjapan.co.jp/js/user_question.js
cache-control: max-age=3600
expires: Sun, 05 Feb 2023 01:57:27 GMT
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=E5JQBHuFaoAjg7vkSPKKZeWAOGKhZMR5F16bPKivxKAujj1fO9v5lUByl1i8z4H4JmPGcChgwOReLH3ubDdPrj7jiC61Q7104SlDxfrFapRKgH%2BKz1DozR1e3B%2FHjDePJ2%2FRUdA%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
vary: Accept-Encoding
server: cloudflare
cf-ray: 7947b12a3e90b4eb-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
143.204.55.57200 OK 0 B URL HTTP/2 consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
IP 143.204.55.57:0
GET /?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/ HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
content-encoding: gzip
date: Sat, 04 Feb 2023 07:20:18 GMT
etag: W/"5147-1672991998000"
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: mVb0utm3CpeZvFzDhQtS3L4HX09dm0WZjffFzWG879ZBuqhYgsnE-w==
age: 63430
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2
conrad-osaka.hiltonjapan.co.jp/plans/restaurants/plan-cat/afternoon
104.22.3.74200 OK 0 B URL HTTP/2 conrad-osaka.hiltonjapan.co.jp/plans/restaurants/plan-cat/afternoon
IP 104.22.3.74:0
GET /plans/restaurants/plan-cat/afternoon HTTP/1.1
Host: conrad-osaka.hiltonjapan.co.jp
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:57:25 GMT
content-type: text/html; charset=UTF-8
content-encoding: gzip
vary: Accept-Encoding
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 7947b11a1f70b50f-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
vesper-widget.s3.amazonaws.com/tc_widget/tc_widget.js
52.219.137.13200 OK 0 B URL HTTP/1.1 vesper-widget.s3.amazonaws.com/tc_widget/tc_widget.js
IP 52.219.137.13:0
GET /tc_widget/tc_widget.js HTTP/1.1
Host: vesper-widget.s3.amazonaws.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://conrad-osaka.hiltonjapan.co.jp/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: m2n7i7nmPJ3vRGzjgcYdZXVDMKoWiVdmyDRCf6cHLBK7VDeOGtboaZ4BrlH0U7VTWwTqhqpd1so=
x-amz-request-id: 4ECC33PKQJ91WKW6
Date: Sun, 05 Feb 2023 00:57:28 GMT
Last-Modified: Tue, 02 Jul 2019 13:55:49 GMT
ETag: "b773473b202f678b68bd54e720bbbb83"
x-amz-server-side-encryption: AES256
Accept-Ranges: bytes
Content-Type: application/javascript
Server: AmazonS3
Content-Length: 152719
prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
54.221.189.17200 OK 0 B URL HTTP/2 prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/
IP 54.221.189.17:0
GET /cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=no&locale=en&behavior=expressed>m=1&irm=undefined&from=https://consent.trustarc.com/ HTTP/1.1
Host: prefmgr-cookie.truste-svc.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://consent-pref.trustarc.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sun, 05 Feb 2023 00:57:29 GMT
content-type: text/html; charset=UTF-8
server: nginx
vary: Accept-Encoding
etag: W/"5014-1657163800000"
last-modified: Thu, 07 Jul 2022 03:16:40 GMT
x-frame-options: SAMEORIGIN
strict-transport-security: max-age=31536000; includeSubDomains
referrer-policy: origin
x-content-type-options: nosniff
permissions-policy: geolocation=(), microphone=(), payment=()
expect-ct: max-age=31536000
cross-origin-embedder-policy: unsafe-none
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: unsafe-none
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
content-encoding: gzip
X-Firefox-Spdy: h2
consent-pref.trustarc.com/cookie_inneriframe.html
143.204.55.57200 OK 0 B URL HTTP/2 consent-pref.trustarc.com/cookie_inneriframe.html
IP 143.204.55.57:0
GET /cookie_inneriframe.html HTTP/1.1
Host: consent-pref.trustarc.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://prefmgr-cookie.truste-svc.net/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
content-encoding: gzip
date: Sun, 05 Feb 2023 00:50:26 GMT
etag: W/"2008-1672991998000"
x-cache: Hit from cloudfront
via: 1.1 6480520a5e02f3163410e3134bd77baa.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yH5hIKld2zA1M9ixknbv1e7kUmE7OEoSDARq3hg6NlDzTo2xgFd9Nw==
age: 56909
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
expect-ct: max-age=86400; enforce;
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
vary: Accept-Encoding, Origin
X-Firefox-Spdy: h2