firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 91dd975a7b17b2922dd23c0e49314e40
57a2ece1e3cee7c4ebf927f2ba92f52cac395fe2
09966873bbf317f8910c59544cfde2a6d46e8acd2905797cc7c85c6b4d18ea8a
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Content-Type, Alert, Backoff, Retry-After
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Fri, 02 Sep 2022 19:42:07 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 057fdebf738f5915bf38a78949190758.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: cme9vO8JlwBkiV4L2WrTfjKx8OU3SY9ZaYSMd5FvkccVmqmlhu2E4g==
Age: 1926
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash bcdebf7a2bad5db595e8a0c1abb2ddcb
249dda2fa5e37b8a8f3a8c797193bf0874b6eedc
9b43ec48b16f96449208a0094c4d660806a2a2d344b5862dbff4c393bf3f9f9f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9B43EC48B16F96449208A0094C4D660806A2A2D344B5862DBFF4C393BF3F9F9F"
Last-Modified: Thu, 01 Sep 2022 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=18991
Expires: Sat, 03 Sep 2022 01:30:44 GMT
Date: Fri, 02 Sep 2022 20:14:13 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain
IP
File type PEM certificate\012- , ASCII text
Hash 742edb4038f38bc533514982f3d2e861
cc3a20c8dc2a8c632ef9387a2744253f1e3fdef1
b6bfa49d3d135035701231db2fffc0c0643444394009a94c6a1b4d829d6b8345
GET /chains/remote-settings.content-signature.mozilla.org-2022-10-09-23-18-04.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: binary/octet-stream
content-length: 5348
last-modified: Sat, 20 Aug 2022 23:18:05 GMT
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
date: Fri, 02 Sep 2022 01:15:17 GMT
etag: "742edb4038f38bc533514982f3d2e861"
x-cache: Hit from cloudfront
via: 1.1 185768229530368be94556dcab1c486a.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: yK4C9RGGH8g3Io0rVF81v5gxpt19Dc7Iiibjmwq88YZLymgxql0KFg==
age: 68336
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Fri, 02 Sep 2022 20:14:13 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/1.1 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
Content-Type: application/json
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Retry-After, ETag, Backoff, Last-Modified, Pragma, Cache-Control, Expires, Content-Type, Content-Length, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
Strict-Transport-Security: max-age=31536000
X-Content-Type-Options: nosniff
Cache-Control: max-age=3600
Date: Fri, 02 Sep 2022 19:38:16 GMT
Expires: Fri, 02 Sep 2022 20:15:59 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-C1
X-Amz-Cf-Id: yKD1zBhAElgbLQWvQdpWHFh2tIb5OrfFCyvSOCYdD_LR118FmKG0ZA==
Age: 2158
ocsp.digicert.com/
200 OK 471 B IP
Hash 21daf45cdda2eb462873226bb5c1f0fb
4d4621bbf1461f35f7e536c1dbd9de71978ffa23
8164c742d013bdc2836cac1167acfe482547347ab6a1daefa15475f694dae057
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6472
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:14:14 GMT
Last-Modified: Fri, 02 Sep 2022 18:26:22 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
www.thehibiscushousebnb.com/reservations/
301 Moved Permanently 0 B URL HTTP/1.1 www.thehibiscushousebnb.com/reservations/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Phishing
GET /reservations/ HTTP/1.1
Host: www.thehibiscushousebnb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 301 Moved Permanently
Date: Fri, 02 Sep 2022 20:14:14 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
x-redirect-by: WordPress
location: https://www.thehibiscushousebnb.com/reservations/
vary: Accept-Encoding,Accept-Encoding
cache-control: public, max-age=0
expires: Fri, 02 Sep 2022 20:14:14 GMT
x-turbo-charged-by: LiteSpeed
CF-Cache-Status: DYNAMIC
Report-To: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=bQKJP4Xim03PA0OUi5mwP%2BdfJVmC5iR100Phx9F1pho3ypMQynMS%2FReOgeV%2BLIyKJBMcBz9j1u5RtZT3yJjGSND7u4HF4WN41LSpjwIWdSEk8e63irjlZgOjPdLxrh4XdNZQKpDb64AbCC58%2FUI%3D"}],"group":"cf-nel","max_age":604800}
NEL: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
Server: cloudflare
CF-RAY: 7448e926a8c80afe-OSL
alt-svc: h2=":443"; ma=60
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: +bIpu8E85/ZKijBNFd3M5g==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: kJzB4Y2+uMreJbpQFCGF3b7EBG8=
ocsp.pki.goog/gts1c3
200 OK 1.1 kB IP
File type gzip compressed data, from Unix\012- data
Hash ec41bba9abf123b16c474d385a091fe1
155e97f32bfd2eaf20458ed408686a1ddd255a9f
d2f6f053f69a66b981c4ad4790223a082d4d53c0f6a966d44741b1edae536428
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:14:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14019
Expires: Sat, 03 Sep 2022 00:07:54 GMT
Date: Fri, 02 Sep 2022 20:14:15 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14019
Expires: Sat, 03 Sep 2022 00:07:54 GMT
Date: Fri, 02 Sep 2022 20:14:15 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14019
Expires: Sat, 03 Sep 2022 00:07:54 GMT
Date: Fri, 02 Sep 2022 20:14:15 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 12f00eac4bda78b5d4c4bc00e96be439
5d6d88dbf72f208bc33c9af693440aec02e5f11c
4a85dc99793413780fdfde032e83995c0a15775eb09123f53a1ba9b789f91a55
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "4A85DC99793413780FDFDE032E83995C0A15775EB09123F53A1BA9B789F91A55"
Last-Modified: Wed, 31 Aug 2022 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14019
Expires: Sat, 03 Sep 2022 00:07:54 GMT
Date: Fri, 02 Sep 2022 20:14:15 GMT
Connection: keep-alive
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash b69e4ee589f24deef7c8a3004daae9d1
e96ab184083a5084569b86b8846a6fa0c3b6af9a
7560417294eeb0f5c955d68bcc9b9eae40d69d1ff4b717a115ca1c614b1f4a17
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:14:15 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg
200 OK 5.1 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5c3b7580a37e6eb7e5bd18491f1d4dd6
288b82ad8f924eb9570ae1c55da84d041f862366
046d1ef76448c53446068ef5f8315b7299484996cdebfd9d1e749b4ded9c7d3c
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F141f656b-9191-4cf5-a05b-891ed5c9656f.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5079
x-amzn-requestid: 3b19c77a-2e9b-499f-890b-36fc4ee72ba7
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XslOVEtZIAMFv1w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630e825b-01b7b71617b59f7414a0e5e5;Sampled=0
x-amzn-remapped-date: Tue, 30 Aug 2022 21:34:19 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: zYT0vF7Bxa5m84D12jI2w_A-MzR3wIMBOb0ubTEdNMlpYUes5aYdlQ==
via: 1.1 0aebf3fe433ff96e68d785fad4ea4c0e.cloudfront.net (CloudFront), 1.1 73cb83fe6699afc2791b5c690c1ff8c6.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:44:27 GMT
age: 80988
etag: "288b82ad8f924eb9570ae1c55da84d041f862366"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp
200 OK 9.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5ba50b2fd1814c5ffc95aef40c69ce8c
cbb4546228115cccc122b16209e70171bef5c1f2
de822c8549508b28a07d29b203ae3ef356470df906cba727fc765f1bd14bb866
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F06f2c9c2-de63-41e1-8359-5a5923a2b1e8.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9252
x-amzn-requestid: 7feebba8-f6b9-4b79-9726-5a7534da277e
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLyVG5DoAMF_Ug=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112675-3123158f3dcfbd476537ca3c;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:01 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: BOa5zGQyJS9q9bHmtKzlNtyS9ToGPZJkDFo2uY2lzz8Lnd3cZLQEaA==
via: 1.1 1cc6ed0d2d3dd9529ce544f9dfe61a52.cloudfront.net (CloudFront), 1.1 ebe4011a81a36e2bf678f69ce1711330.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:48:18 GMT
age: 77157
etag: "cbb4546228115cccc122b16209e70171bef5c1f2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
200 OK 17 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 12756903aaa74164feb5f8525398ca36
9fef9b071daea6793cbbdfe391254ac4326b1aa2
6d474a6d96aebfed43a4f6812f18a1be8d100c590f75eb0fbf4ec7277dd0c442
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9564bd06-b264-460b-96bb-6b37cf25a72b.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 16818
x-amzn-requestid: 6950a3c5-2cdc-4a21-854c-10d925e32ecd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XiYLvHRSIAMFotQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-630a6d7e-6e98b9a77e592bd01afb1d97;Sampled=0
x-amzn-remapped-date: Sat, 27 Aug 2022 19:16:14 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3eBLhLH4APXLyj9kLHXNCFT9ccS_bnBp5INvMI93IFvOuBMERe_GgQ==
via: 1.1 0005a84c2971ff4f5bbb79e7ebc622a8.cloudfront.net (CloudFront), 1.1 35575576af8067e30cfb17c6b9fde8e2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 02 Sep 2022 13:36:12 GMT
age: 23883
etag: "9fef9b071daea6793cbbdfe391254ac4326b1aa2"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd1bf889-bcbe-4ad4-950a-a32b2f875537.jpeg
200 OK 5.9 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd1bf889-bcbe-4ad4-950a-a32b2f875537.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 24d848f7606889b048b6334e70d8a5e0
85239ef4f2fee8d3345e599bc942cab63ff3aaf6
da6cf33b440b51f72a70f309d62fd581aed246b6a78b8f329fa3899db15ff86d
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffd1bf889-bcbe-4ad4-950a-a32b2f875537.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5889
x-amzn-requestid: 42237574-f86e-4ece-b986-6d0c5910fcc5
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzMVgHajoAMFmXg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112756-48ff9d98464cf3c9680d97b4;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:42:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: _7BBSlQQucoO5poncTYuX4fcmS4WFg3UcVFXalckGCCNFKJ0h5UpsQ==
via: 1.1 95b0ac620fa3a80ee590ecf1cda1c698.cloudfront.net (CloudFront), 1.1 e95ec8f1dc02e32f0cb9e113963ceb4e.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 22:31:42 GMT
etag: "85239ef4f2fee8d3345e599bc942cab63ff3aaf6"
content-type: image/jpeg
age: 78154
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
200 OK 10 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 955f2a35bd6b3802670e7fa8a7cda833
4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c
2fb517039f0704d2f6fe2fa78eae47c71c645add1c2276f8726248184ae45760
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7c0ef483-e545-4a1f-b9b9-88778330d881.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10435
x-amzn-requestid: 813ec4ca-243d-46cb-a6a6-8ec58e5dd9f8
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLjdHwnIAMFhzA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112615-4733cfb83cf0e8734abc5716;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:37:25 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: n6DJbsUGTdXT42cNLTDq6Uz28H2SDhwq6drdKP4axAHsBz471X7r_g==
via: 1.1 56c69262ecfa7873b40572ba8a323242.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:37:26 GMT
etag: "4c70d27f7c51b7fcae1d8a883bfc2e67a551ae6c"
content-type: image/jpeg
age: 81410
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg
200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5e05660322f0368dd2bf8067d7e4554d
ec65cb47d86488f734c945a210d5f636a40fea2c
98875230ec45766102191bdc4180742fa3b8f3ad5ad1a128d12437105f86247e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ff6b23082-fe08-4f5d-b709-47175510cf45.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6196
x-amzn-requestid: a7d6ce70-06d7-498c-8024-80185a3fc3e4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: XzLyLFmVIAMFkcQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63112674-3fad622927177e9236d7c50a;Sampled=0
x-amzn-remapped-date: Thu, 01 Sep 2022 21:39:00 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: qAMCgNpYR80vXSDyHFOFcbT8VukBemR2AGoGNaCfYaszKshu-gv6zg==
via: 1.1 4dde8ec6d6c12741888c2d3a059d4a2e.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Thu, 01 Sep 2022 21:54:15 GMT
age: 80401
etag: "ec65cb47d86488f734c945a210d5f636a40fea2c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.googletagmanager.com/gtag/js?id=UA-146395022-1
200 OK 42 kB URL HTTP/2 www.googletagmanager.com/gtag/js?id=UA-146395022-1
IP
File type ASCII text, with very long lines (1615)
Hash 748be8b8f63b0cd575aa56bb4c664024
1569a8895d1a1128d0f66a0c5d2241f281ad12b5
8ec0643f111b39d075523960a4387df7d7eb98e9e5cc7b9d2ba25a9af5d9e983
GET /gtag/js?id=UA-146395022-1 HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thehibiscushousebnb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Fri, 02 Sep 2022 20:14:16 GMT
expires: Fri, 02 Sep 2022 20:14:16 GMT
cache-control: private, max-age=900
last-modified: Fri, 02 Sep 2022 19:52:49 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 41853
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
static.tacdn.com/img2/travelers_choice/widgets/tchotel_2021_L.png
200 OK 7.4 kB URL HTTP/2 static.tacdn.com/img2/travelers_choice/widgets/tchotel_2021_L.png
IP
File type PNG image data, 151 x 100, 8-bit/color RGBA, non-interlaced\012- data
Hash c6c640c07af7d3ea175ee2b2075f3cb4
fc4c37dca58fd11b2a159105af09556d67a1d1ac
3ee3cb083b42d3e035a580c634310b4ccf4d5c24ae2725a51d8240d18fdbc8ea
GET /img2/travelers_choice/widgets/tchotel_2021_L.png HTTP/1.1
Host: static.tacdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thehibiscushousebnb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
last-modified: Tue, 18 May 2021 06:00:26 GMT
server: envoy
accept-ranges: bytes
content-length: 7402
timing-allow-origin: *
content-type: image/png
cache-control: max-age=1641961
expires: Wed, 21 Sep 2022 20:20:17 GMT
date: Fri, 02 Sep 2022 20:14:16 GMT
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 20cc30f2a41f9c5e824ea46460548950
c153b447d44cbbe8f30d7f490605d1a430af20a1
0f8bb96e7dfd8a6bb3d7eae1a958195cb8ca9f20e0ad8cd952c34267ff0625f3
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:14:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 7040539fecb815b0cc84c15e3e2e99df
761de2d6da86cb1df6bb1fdd85ad71f75a825bb4
b1edf3547f6db4798d46a116924942acc48ad56da1fd61f9951acf93053a6578
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:14:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=811&locationId=75077&lang=en_US&year=2021&display_version=2
301 Moved Permanently 0 B URL HTTP/2 www.jscache.com/wejs?wtype=certificateOfExcellence&uniq=811&locationId=75077&lang=en_US&year=2021&display_version=2
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /wejs?wtype=certificateOfExcellence&uniq=811&locationId=75077&lang=en_US&year=2021&display_version=2 HTTP/1.1
Host: www.jscache.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thehibiscushousebnb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: envoy
location: https://www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=811&locationId=75077&lang=en_US&year=2021&display_version=2
expires: 0
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
pragma: no-cache
cache-control: no-cache,no-store,must-revalidate
timing-allow-origin: https://www.tripadvisor.com
content-type: text/plain; charset=utf-8
accept-ranges: bytes
date: Fri, 02 Sep 2022 20:14:16 GMT
via: 1.1 varnish
x-served-by: cache-bma1641-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1662149656.037611,VS0,VE282
content-length: 0
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 7ce90d6fafa13d92fcf445b688f0389f
480461a46fc291cbcdf6218c7743779d7e862788
dd33483769f6c715aeb257c2955147c1a5a47b0af1684190247701465af8af6c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:14:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
200 OK 24 kB URL HTTP/2 fonts.gstatic.com/s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 23580, version 1.0\012- data
Hash e1b3b5908c9cf23dfb2b9c52b9a023ab
fcd4136085f2a03481d9958cc6793a5ed98e714c
918b7dc3e2e2d015c16ce08b57bcb64d2253bafc1707658f361e72865498e537
GET /s/lato/v23/S6uyw4BMUTPHjx4wXg.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thehibiscushousebnb.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 23580
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 30 Aug 2022 17:10:21 GMT
expires: Wed, 30 Aug 2023 17:10:21 GMT
cache-control: public, max-age=31536000
age: 270235
last-modified: Tue, 26 Apr 2022 15:48:56 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 7ce90d6fafa13d92fcf445b688f0389f
480461a46fc291cbcdf6218c7743779d7e862788
dd33483769f6c715aeb257c2955147c1a5a47b0af1684190247701465af8af6c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:14:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
fonts.gstatic.com/s/vidaloka/v18/7cHrv4c3ipenMKlEavs7wH8.woff2
200 OK 34 kB URL HTTP/2 fonts.gstatic.com/s/vidaloka/v18/7cHrv4c3ipenMKlEavs7wH8.woff2
IP
Hash 9676ac9596ef82c7b900c447b277b305
35bc880de07ad58418f894636de3c691ab270dd8
171d1a036fd2ae4145a0708c8e06167bd321b4ef5486f3540e5d4d98419bde8a
GET /s/vidaloka/v18/7cHrv4c3ipenMKlEavs7wH8.woff2 HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://thehibiscushousebnb.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30116
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 31 Aug 2022 19:49:43 GMT
expires: Thu, 31 Aug 2023 19:49:43 GMT
cache-control: public, max-age=31536000
age: 174273
last-modified: Wed, 27 Apr 2022 16:10:10 GMT
content-type: font/woff2
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=811&locationId=75077&lang=en_US&year=2021&display_version=2
200 OK 249 B URL HTTP/2 www.tripadvisor.com/wejs?wtype=certificateOfExcellence&uniq=811&locationId=75077&lang=en_US&year=2021&display_version=2
IP
Hash 374aec643b6146fa7d3e62439c3d40a2
933ad312709f2e084793e940abd25d787d0c3e89
181a7ae779d9e726def205ffb4a6896baff07652edf86fa7622351b2931a39ff
GET /wejs?wtype=certificateOfExcellence&uniq=811&locationId=75077&lang=en_US&year=2021&display_version=2 HTTP/1.1
Host: www.tripadvisor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://thehibiscushousebnb.com/
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: envoy
expires: 0
cache-control: no-cache,no-store,must-revalidate
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
pragma: no-cache
timing-allow-origin: https://www.tripadvisor.com
vary: Accept-Encoding
content-type: application/x-javascript;charset=UTF-8
content-encoding: gzip
content-length: 249
date: Fri, 02 Sep 2022 20:14:16 GMT
set-cookie: TADCID=k-zdaOIadxdSVCXhABQCFdpBzzOuRA-9xvCxaMyI12_uqzon6IEGV2kkA2isEs4C3H9qqifWvEgR8L8TUcusNDm2KfUYpEaLdQU; Domain=www.tripadvisor.com; Expires=Mon, 30-Aug-2032 20:14:16 GMT; Path=/; Secure; HttpOnly
__vt=Ej9JM5J5Wl6kMrOhABQCIf6-ytF7QiW7ovfhqc-AvR_MS45nFmFIBfv__srXQkZOMqJpPPUvKQdzZUbUAX33pmqJGW4phfuYHkS35LH066lh5LERjjEQDxt1k_Ab4zWoixGXD4HtK_TvhKVr4f-eMIva; Domain=www.tripadvisor.com; Expires=Fri, 02-Sep-2022 21:14:16 GMT; Path=/; Secure; HttpOnly
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 7ce90d6fafa13d92fcf445b688f0389f
480461a46fc291cbcdf6218c7743779d7e862788
dd33483769f6c715aeb257c2955147c1a5a47b0af1684190247701465af8af6c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:14:16 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.tripadvisor.com/WidgetEmbed-certificateOfExcellence?year=2021&locationId=75077&display_version=2&uniq=811&lang=en_US
200 OK 3.1 kB URL HTTP/2 www.tripadvisor.com/WidgetEmbed-certificateOfExcellence?year=2021&locationId=75077&display_version=2&uniq=811&lang=en_US
IP
Hash dc1f8d4ee0f3c82a50f54074822eb721
9eaf37f3dd71da05ea47b58a2197ae5900a8f5fc
da53eee52b51cac746b3b09f7c9b7d71f97886108c4bfa068f56aceeff0ce45c
GET /WidgetEmbed-certificateOfExcellence?year=2021&locationId=75077&display_version=2&uniq=811&lang=en_US HTTP/1.1
Host: www.tripadvisor.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thehibiscushousebnb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: envoy
vary: User-Agent,Accept-Encoding
expires: 0
cache-control: no-cache,no-store,must-revalidate
p3p: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT DSP COR CAO PSA IDC ADM DEVi TAIi PSD IVAi IVDi CONi HIS CNT"
pragma: no-cache
timing-allow-origin: https://www.tripadvisor.com
content-type: text/javascript;charset=UTF-8
content-encoding: gzip
content-length: 3112
date: Fri, 02 Sep 2022 20:14:16 GMT
set-cookie: TADCID=kNQboCBW37HDLj2IABQCFdpBzzOuRA-9xvCxaMyI12_uq9tRLRHPhc1TNQiLWWNqJbsEwWp09_tIFrXjXoXn075EueOfFipjIlo; Domain=www.tripadvisor.com; Expires=Mon, 30-Aug-2032 20:14:16 GMT; Path=/; Secure; HttpOnly
TAUnique=%1%enc%3A2vlPZgm4Kabk7nWhzVPS6olp8SSYEUNnbXkCvUlDgGk2jHwltRJPGQ%3D%3D; Domain=.tripadvisor.com; Expires=Sun, 01-Sep-2024 20:14:16 GMT; Path=/; HttpOnly
__vt=MV2unJ2EO4K4tnWJABQCIf6-ytF7QiW7ovfhqc-AvR_MS27Kd6TFleaxrkGZQvAG_oeH_ZM-HrmnaP1tUkmjuCFzXKTzijIDMhFeDiXM_KQ0oH4w3n4Kh7709HwepY7dHs0_-rrX28hBzXX1myeU4kjQ; Domain=www.tripadvisor.com; Expires=Fri, 02-Sep-2022 21:14:16 GMT; Path=/; Secure; HttpOnly
TASSK=enc%3AAFbOeBCobz3N9EO2toiWMBtAQNxL87lFsIntrR5VC94OU97H6YzchmeATLGxnp1Rjr1NYtll0i9dooueZkZ3rOoPJzJ7gwPEXsS7tZ8GLd40ZhQLcmJNE6HKSCTxixlnjw%3D%3D; Domain=www.tripadvisor.com; Expires=Wed, 01-Mar-2023 20:14:16 GMT; Path=/; HttpOnly
TASession=V2ID.4B148C041B624845949829AB12F998D4*SQ.1*LS.WidgetEmbed-certificateOfExcellence*HS.recommended*ES.popularity*DS.5*SAS.popularity*FPS.oldFirst*FA.1*DF.0*TRA.true; Domain=.tripadvisor.com; Path=/
SRT=TART_SYNC; Domain=www.tripadvisor.com; Expires=Fri, 02-Sep-2022 20:44:16 GMT; Path=/
ServerPool=C; Domain=.tripadvisor.com; Path=/
PMC=V2*MS.90*MD.20220902*LD.20220902; Domain=www.tripadvisor.com; Expires=Sun, 01-Sep-2024 20:14:16 GMT; Path=/; Secure; HttpOnly
TART=%1%enc%3A5O51oc1T0ur%2BRIJV2w39lGQQw0qFitfcM%2BRijl2WJXNlCovicHnUOufrjg5pz7rr4ieoPdYMDDY%3D; Domain=www.tripadvisor.com; Expires=Wed, 07-Sep-2022 20:14:16 GMT; Path=/; HttpOnly
TATravelInfo=V2*A.2*MG.-1*HP.2*FL.3*RS.1; Domain=.tripadvisor.com; Expires=Fri, 16-Sep-2022 20:14:16 GMT; Path=/
TAUD=RDD-1662149656824-2022_09_02; Domain=.tripadvisor.com; Expires=Fri, 16-Sep-2022 20:14:16 GMT; Path=/
TASID=4B148C041B624845949829AB12F998D4; Domain=www.tripadvisor.com; Expires=Fri, 02-Sep-2022 20:44:16 GMT; Path=/; Secure
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash 5e841e639ec115d375643c06ad12eddb
5462fdfc98efde7449959302d94f6257b60ebe3d
60e48b43a8ebde120551e5da362fa0693c306e93bb57dd02861c80c61e8ccd4f
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Cache-Control: 'max-age=158059'
Date: Fri, 02 Sep 2022 20:14:16 GMT
Server: ECS (dcb/7F83)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: FvxPVgOPPUb2e16TmgLS8d90aYjOcBVH0XajlIWiBn5abVMrZGxKiQ==
static.tacdn.com/css2/build/concat/t4b_widget_coe-v2381509749a.css
200 OK 5.5 kB URL HTTP/2 static.tacdn.com/css2/build/concat/t4b_widget_coe-v2381509749a.css
IP
Hash 357e3c8b268c6fc1b37f01dcd041106b
087a21dfbe9129267893c6f48373d9e891c8bb8b
c9887f3f5b40867fb4cdbd74f803e2a723e8f8243650f307c1105e62261a8377
GET /css2/build/concat/t4b_widget_coe-v2381509749a.css HTTP/1.1
Host: static.tacdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thehibiscushousebnb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: envoy
last-modified: Sat, 04 Dec 2021 12:35:33 GMT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-type: text/css
content-encoding: gzip
content-length: 2771
cache-control: max-age=9011624
expires: Fri, 16 Dec 2022 03:28:00 GMT
date: Fri, 02 Sep 2022 20:14:16 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
static.tacdn.com/js3/build/concat/widget/cdswidgets_min-c-v2395114504a.js
200 OK 1.1 kB URL HTTP/2 static.tacdn.com/js3/build/concat/widget/cdswidgets_min-c-v2395114504a.js
IP
Hash 7fe43a1db97dc6a145000224910bea87
a37acbf7d4fe432165e5662fd20df9de4f13be2a
75559f3ced621104dceefe0ad58517574435255668df21a4b3b8a82cf5912de3
GET /js3/build/concat/widget/cdswidgets_min-c-v2395114504a.js HTTP/1.1
Host: static.tacdn.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thehibiscushousebnb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: envoy
last-modified: Sat, 04 Dec 2021 12:35:33 GMT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
content-type: application/x-javascript
content-encoding: gzip
content-length: 647
cache-control: max-age=9011256
expires: Fri, 16 Dec 2022 03:21:52 GMT
date: Fri, 02 Sep 2022 20:14:16 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
thehibiscushousebnb.com/reservations/
200 OK 26 kB URL HTTP/2 thehibiscushousebnb.com/reservations/
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (8047), with CRLF, LF line terminators
Hash f2c5074c00d887e2d1f947bb76f4e69b
838967d2a2931b907b0dddfdfa3e13256d3c5642
8589459c4801a5f4c85593b19a10a9a95263b72f7063afccae7b6489ee03cbf7
Analyzer Verdict Alert fortinet Phishing
GET /reservations/ HTTP/1.1
Host: thehibiscushousebnb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
TE: trailers
HTTP/2 200 OK
date: Fri, 02 Sep 2022 20:14:15 GMT
content-type: text/html; charset=UTF-8
cache-control: public, max-age=0
expires: Fri, 02 Sep 2022 20:14:15 GMT
last-modified: Fri, 02 Sep 2022 18:47:40 GMT
vary: Accept-Encoding,Accept-Encoding
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=vN8DPesPFTTI3sILpHcQ8V0bKuBssrVi9RFMHxmxT%2Bi6icddhVc%2FjihsZUUf%2Bbd4ysPKv2A7j2kokxH2rBkkAgajYnzpDdU0oiVjRMRJlqlZ6iFggllDw%2B526okqS5QHrcDipy5WlQT%2BUA%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7448e931dc201c0a-OSL
content-encoding: br
X-Firefox-Spdy: h2
www.google-analytics.com/analytics.js
200 OK 20 kB URL HTTP/2 www.google-analytics.com/analytics.js
IP
File type ASCII text, with very long lines (1325)
Hash 56f5d7f608e25d64207135f045f988cb
901eb59372ae330ae85e1384da93479b21ae1082
1910daea79e5a9d04829a91e432dfa56f45a80a3e14a8cf667fec73af9fd3d29
GET /analytics.js HTTP/1.1
Host: www.google-analytics.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thehibiscushousebnb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20006
date: Fri, 02 Sep 2022 18:41:12 GMT
expires: Fri, 02 Sep 2022 20:41:12 GMT
cache-control: public, max-age=7200
age: 5585
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
content-type: text/javascript
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 6b6b5ffecd53193507458fbe6e66d3f0
c96009132e435078cd79e19b19eeb0dbcf9abef3
229806893f073d6d725880c375c2f72ab09221a46095e1203d7379c1a29b8bef
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:14:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 471 B IP
Hash b1ad004f11b9c337660dfc7b6a5091de
5e017d69c3549cd9d9b33d11486989bec8500b5a
6dfad0eaa16c37e2c7c9264636adcf2b3eed1577d44df08c388a983b810121b2
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3882
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:14:17 GMT
Last-Modified: Fri, 02 Sep 2022 19:09:35 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
www.google.com/pagead/conversion_async.js
200 OK 16 kB URL HTTP/2 www.google.com/pagead/conversion_async.js
IP
File type ASCII text, with very long lines (1623)
Hash 4738d969770682feba80f04bf171d65b
be0e0ceb91bf5ed0c64b0f3f2cc2c99c6d4cd6b7
1daca97cf9e8078299f94c50346e45fead45bf908ca97ded912f26986c1c4e9a
GET /pagead/conversion_async.js HTTP/1.1
Host: www.google.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thehibiscushousebnb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Fri, 02 Sep 2022 20:14:17 GMT
expires: Fri, 02 Sep 2022 20:14:17 GMT
cache-control: private, max-age=3600
content-type: text/javascript; charset=UTF-8
etag: 15579141248118922429
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 15687
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
connect.facebook.net/en_US/fbevents.js
200 OK 63 kB URL HTTP/2 connect.facebook.net/en_US/fbevents.js
IP
Hash da3d9a5d74523aa51faa205392943931
5a98082beb3d546af5e66d13f28c38fe0220eb57
7bc82ee439ee8f0b61a541554319191295cd56f475f53f8cbdb5ff6eab4c48f5
GET /en_US/fbevents.js HTTP/1.1
Host: connect.facebook.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thehibiscushousebnb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
vary: Accept-Encoding
content-encoding: gzip
content-type: application/x-javascript; charset=utf-8
content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
x-fb-rlafr: 0
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
pragma: public
cache-control: public, max-age=1200
expires: Sat, 01 Jan 2000 00:00:00 GMT
x-content-type-options: nosniff
x-xss-protection: 0
x-frame-options: DENY
strict-transport-security: max-age=31536000; preload; includeSubDomains
x-fb-debug: F/lPpLRojZu/P+zX7mb70iRqwFHD8DuPMT9bHqkevIHywtdtnb4NGmjTfwkzkhxPyKn+IO02v9Jce1pxY3RdDg==
content-length: 26752
x-fb-trip-id: 2050670934
date: Fri, 02 Sep 2022 20:14:17 GMT
alt-svc: h3=":443"; ma=86400,h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 1.6 kB IP
Hash 2c0d553fea45087149151e6d06c75d04
305ace06ea55966b0ab0a04aca5ae4328e92b268
5bc2d5664550da0c5ade9f675bd610337f9e5d1348a4db68a44708039a90193c
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 3882
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:14:17 GMT
Last-Modified: Fri, 02 Sep 2022 19:09:35 GMT
Server: ECS (ska/F70F)
X-Cache: HIT
Content-Length: 471
ocsp.pki.goog/gts1c3
200 OK 7.5 kB IP
Hash 02312f6137c525f4fd1a1c2e3197bc12
78d3174d4625172fc347aaa7769b4a105cc948ea
6528925cffe4ff32bc513624149da4ae99d9dc46ff71d4f2d60222d4fed2bfd8
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:14:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0fb935f05e6aaba744f686e2bb3928f9
5b8211247e237b44ddd5bc3df47063bfcac84b0e
a998f91aa98aee49510e973a892dd630395bb1af087c7dbc77b61d29bef2bf68
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:14:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
googleads.g.doubleclick.net/pagead/viewthroughconversion/785504306/?random=1662149655940&cv=9&fst=1662149655940&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fthehibiscushousebnb.com%2Freservations%2F&tiba=Reservations%20%E2%80%93%20The%20Hibiscus%20House%20B%26B&auid=1308120970.1662149655&hn=www.google.com&async=1&rfmt=3&fmt=4
200 OK 1.1 kB URL HTTP/2 googleads.g.doubleclick.net/pagead/viewthroughconversion/785504306/?random=1662149655940&cv=9&fst=1662149655940&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fthehibiscushousebnb.com%2Freservations%2F&tiba=Reservations%20%E2%80%93%20The%20Hibiscus%20House%20B%26B&auid=1308120970.1662149655&hn=www.google.com&async=1&rfmt=3&fmt=4
IP
File type ASCII text, with very long lines (2356), with no line terminators
Hash e5c7ad39850a94cecc0ef17190ac5512
eb5b87f1a55b934284032abd5143fb303a1a494a
21489d6a499cbe2f250d96bd982dacc9c6c456e0defc3a0f23a1d4cb1416b81b
GET /pagead/viewthroughconversion/785504306/?random=1662149655940&cv=9&fst=1662149655940&num=1&bg=ffffff&guid=ON&resp=GooglemKTybQhCsO&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&ig=0&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fthehibiscushousebnb.com%2Freservations%2F&tiba=Reservations%20%E2%80%93%20The%20Hibiscus%20House%20B%26B&auid=1308120970.1662149655&hn=www.google.com&async=1&rfmt=3&fmt=4 HTTP/1.1
Host: googleads.g.doubleclick.net
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thehibiscushousebnb.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 20:14:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
content-type: text/javascript; charset=UTF-8
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
server: cafe
content-length: 1065
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Fri, 02-Sep-2022 20:29:17 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 7eeea334c1d08b7566e27373f5e446eb
5ef1a6897d3fa68e35cdb14fb768625ac1b67cba
680ba8df61c4901b1cb18977095904807c8f6d73ec228aad2f57e02a33179885
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:14:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.googleadservices.com/pagead/conversion/785504306/wcm?cc=ZZ&dn=2393322651&cl=b2m9CKUFELKwx_YC&ct_eid=2
302 Found 0 B URL HTTP/2 www.googleadservices.com/pagead/conversion/785504306/wcm?cc=ZZ&dn=2393322651&cl=b2m9CKUFELKwx_YC&ct_eid=2
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /pagead/conversion/785504306/wcm?cc=ZZ&dn=2393322651&cl=b2m9CKUFELKwx_YC&ct_eid=2 HTTP/1.1
Host: www.googleadservices.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://thehibiscushousebnb.com
Connection: keep-alive
Referer: https://thehibiscushousebnb.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
location: https://www.google.no/pagead/attribution/wcm?cc=ZZ&dn=2393322651&cl=b2m9CKUFELKwx_YC
access-control-allow-origin: https://thehibiscushousebnb.com
access-control-allow-credentials: true
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Fri, 02 Sep 2022 20:14:17 GMT
server: cafe
content-length: 0
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 0fb935f05e6aaba744f686e2bb3928f9
5b8211247e237b44ddd5bc3df47063bfcac84b0e
a998f91aa98aee49510e973a892dd630395bb1af087c7dbc77b61d29bef2bf68
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:14:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 1a4f17bd63350fcbd827d3598f23afa1
6bd2b6656712c2ca057e2a22baebbf20b3cd3772
9303c40cbc559e8a5bdcde4a1bd32c41e1b9403fcee96b5581bf511499eedb3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:14:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/attribution/wcm?cc=ZZ&dn=2393322651&cl=b2m9CKUFELKwx_YC
200 OK 87 B URL HTTP/2 www.google.no/pagead/attribution/wcm?cc=ZZ&dn=2393322651&cl=b2m9CKUFELKwx_YC
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 36d9ec9a38ee63b6e93115603d96f7a1
efb8de49ffe231ec8a1266a8ca3a97901356a846
30f732c37c76fae3bcf6bcb7c39492d86abc6c3fbf53dadc4533f89df05c71b2
GET /pagead/attribution/wcm?cc=ZZ&dn=2393322651&cl=b2m9CKUFELKwx_YC HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Referer: https://thehibiscushousebnb.com/
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: application/json; charset=UTF-8
access-control-allow-origin: null
access-control-allow-credentials: true
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: gzip
date: Fri, 02 Sep 2022 20:14:17 GMT
server: cafe
cache-control: private
content-length: 87
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 2d7a177ba4f5d07378f3f80625ca76d4
aeb98c6fcc81f8337738537995dc458e4ca05744
81581b3594ced0fbfec9a2b0818692ba149112c2aecf167c661d52f26dd5904f
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:14:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
www.google.no/pagead/1p-user-list/785504306/?random=1662149655940&cv=9&fst=1662148800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fthehibiscushousebnb.com%2Freservations%2F&tiba=Reservations%20%E2%80%93%20The%20Hibiscus%20House%20B%26B&async=1&fmt=3&is_vtc=1&random=3597463310&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
200 OK 42 B URL HTTP/2 www.google.no/pagead/1p-user-list/785504306/?random=1662149655940&cv=9&fst=1662148800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fthehibiscushousebnb.com%2Freservations%2F&tiba=Reservations%20%E2%80%93%20The%20Hibiscus%20House%20B%26B&async=1&fmt=3&is_vtc=1&random=3597463310&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash d89746888da2d9510b64a9f031eaecd5
d5fceb6532643d0d84ffe09c40c481ecdf59e15a
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
GET /pagead/1p-user-list/785504306/?random=1662149655940&cv=9&fst=1662148800000&num=1&bg=ffffff&guid=ON&u_h=1024&u_w=1280&u_ah=1002&u_aw=1280&u_cd=24&u_his=1&u_tz=0&u_java=false&u_nplug=0&u_nmime=0>m=2oa8v0&sendb=1&data=event%3Dgtag.config&frm=0&url=https%3A%2F%2Fthehibiscushousebnb.com%2Freservations%2F&tiba=Reservations%20%E2%80%93%20The%20Hibiscus%20House%20B%26B&async=1&fmt=3&is_vtc=1&random=3597463310&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y HTTP/1.1
Host: www.google.no
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thehibiscushousebnb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Fri, 02 Sep 2022 20:14:17 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-type: image/gif
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 1a4f17bd63350fcbd827d3598f23afa1
6bd2b6656712c2ca057e2a22baebbf20b3cd3772
9303c40cbc559e8a5bdcde4a1bd32c41e1b9403fcee96b5581bf511499eedb3c
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Fri, 02 Sep 2022 20:14:17 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
v2.reservationkey.com/HiHo/3082
200 OK 134 kB URL HTTP/2 v2.reservationkey.com/HiHo/3082
IP
Size 134 kB (133616 bytes)
Hash a80afb1421e5c0c7bcefcec9f088a74d
9ff27134326a912b1fbb2f9c8bc9c496d1a6e519
c3c8206e329f6f4b1777abf971d53555dfd80a5a36ab7fc4654088dfb2366403
GET /HiHo/3082 HTTP/1.1
Host: v2.reservationkey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thehibiscushousebnb.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html;charset=UTF-8,text/html;charset=UTF-8
content-length: 89122
date: Fri, 02 Sep 2022 20:14:17 GMT
cache-control: private
server: Microsoft-IIS/10.0
set-cookie: prefcookie=minstayalert=1&labelcharacters=20&calfontsize=20&numperpage=0&caloption=1&usecustomform=0&selectrateplan=0&QBOEkey=&phonefields=1&nummonthstoshow=0&numdaysafter=45&idstardescriptions=5914&guestnames=1&usechannelmanager=0&tooltips=1&timeformat=%25h%3A%25mm+%25A&repeatdatebar=0&minstay=1&longdate=%25mmmm+%25d%2C+%25yyyy&cellwidth=40&callabel=1&usergmt=%2D5&shortdate=%25m%2F%25d%2F%25yyyy&selectreplyto=1&selectedstars=%231%23&scrollbars=1&numdaysbefore=4&labelwidthmobile=50&labelwidth=135&db64b=0&calview=0&calheight=30&addressfields=1&phoneformat=0&namealignment=0&idreseller=&showreminders=0&showhidden=1&showeventsbar=1&selectpaymentpage=0&selectemailschedule=0&repeatseparator=5&overallheight=1&datepickerseperator=%2F&datepickerformat=mdy¤cysymbol=%24¤cyformat=ns+%2Cg+%2Ed+cc&bookingdate=2&idsystemtheme=1&idlabelset=0&idreservationcustom=&iduser=0&taxsystem=1&saveresdetails=1&contextmenu=1&connections=%231%23&caltooltips=1&extracleaning%5Fidresstatus=0&extracleaning=0&idaccount=725; expires=Wed, 03-Aug-2022 00:00:00 GMT; path=/
ASPSESSIONIDSASDTQBD=HFMIDHMAKMHAFBPDFFEBALAM; path=/
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 4H4Gry5LfrcWIL0KySKkAzjz9sbnJ-XYocOjcqpHvMvjZ_nRebh_tQ==
X-Firefox-Spdy: h2
www.facebook.com/tr/?id=392613381432467&ev=PageView&dl=https%3A%2F%2Fthehibiscushousebnb.com%2Freservations%2F&rl=&if=false&ts=1662149656208&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.1.1662149656207.341503557&it=1662149655954&coo=false&exp=e1&rqm=GET
200 OK 44 B URL HTTP/2 www.facebook.com/tr/?id=392613381432467&ev=PageView&dl=https%3A%2F%2Fthehibiscushousebnb.com%2Freservations%2F&rl=&if=false&ts=1662149656208&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.1.1662149656207.341503557&it=1662149655954&coo=false&exp=e1&rqm=GET
IP
File type GIF image data, version 89a, 1 x 1\012- data
Hash b798f4ce7359fd815df4bdf76503b295
f8cc6addf1707ad236ad9970b0a48f9733d07da5
10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa
GET /tr/?id=392613381432467&ev=PageView&dl=https%3A%2F%2Fthehibiscushousebnb.com%2Freservations%2F&rl=&if=false&ts=1662149656208&sw=1280&sh=1024&v=2.9.79&r=stable&ec=0&o=30&fbp=fb.1.1662149656207.341503557&it=1662149655954&coo=false&exp=e1&rqm=GET HTTP/1.1
Host: www.facebook.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thehibiscushousebnb.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/gif
date: Fri, 02 Sep 2022 20:14:17 GMT
expires: Fri, 02 Sep 2022 20:14:17 GMT
last-modified: Fri, 21 Dec 2012 00:00:01 GMT
cache-control: no-cache, must-revalidate, max-age=0
set-cookie:
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 44
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2
v2.reservationkey.com/inc/dpicker.js?d=08042022
200 OK 23 kB URL HTTP/2 v2.reservationkey.com/inc/dpicker.js?d=08042022
IP
File type ASCII text, with very long lines (393), with CRLF line terminators
Hash 00d80dd9997379f6c60b892a7d527269
f24a83f53ed16274e30a29ebc09adb8883ad932e
aeebbe0f60133547a981e95bd56e7bd25dbb18d57d0cf3f5b1b60fd53cadde5c
GET /inc/dpicker.js?d=08042022 HTTP/1.1
Host: v2.reservationkey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.reservationkey.com/HiHo/3082
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 23039
date: Fri, 02 Sep 2022 20:14:18 GMT
last-modified: Thu, 04 Aug 2022 17:22:56 GMT
accept-ranges: bytes
etag: "24d58dd626a8d81:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 62HIe_RmwFOkOveoAGLAxmYahSih_G6efJjMTMW5pGt6qEKNt42kCA==
X-Firefox-Spdy: h2
v2.reservationkey.com/inc/dpicker.css
200 OK 2.6 kB URL HTTP/2 v2.reservationkey.com/inc/dpicker.css
IP
File type ASCII text, with CRLF line terminators
Hash 68e0c51783580277ce502f5fa9340c01
6c77f7c3f898d66c891f53350d5429c9f426a01d
edee989faed1ac2079f3dafaa2d168f3b569fb8142738a1dcfa5df542e4bbbd1
GET /inc/dpicker.css HTTP/1.1
Host: v2.reservationkey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.reservationkey.com/HiHo/3082
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 2588
date: Fri, 02 Sep 2022 20:14:18 GMT
last-modified: Wed, 25 Mar 2009 09:37:00 GMT
accept-ranges: bytes
etag: "046113f2dadc91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: YgenCBk0t3iV6hJGh5g3_BMCvW6T1OByNUgWgS4SK05a-ce1bmX2Vg==
X-Firefox-Spdy: h2
v2.reservationkey.com/p/inc/rk.js?d=12072020
200 OK 3.2 kB URL HTTP/2 v2.reservationkey.com/p/inc/rk.js?d=12072020
IP
File type ASCII text, with CRLF line terminators
Hash 2bd731c9dbc45c447d69de3d764c1a4b
e063b9eb1c29a91b935182e6aaa0b359eccecad4
39459aa86bb0c1d0f50bb3f1233f0a8650f26351576bc85b7931b90366b3e26d
GET /p/inc/rk.js?d=12072020 HTTP/1.1
Host: v2.reservationkey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.reservationkey.com/HiHo/3082
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 3228
date: Fri, 02 Sep 2022 20:14:18 GMT
last-modified: Wed, 09 Dec 2020 09:23:08 GMT
accept-ranges: bytes
etag: "6df864e8cced61:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 1EVBgHj9NqKyIg7XB0WVtd9s8Dxk_DltJRx2BujUBBJcLCJP3Rj61g==
X-Firefox-Spdy: h2
v2.reservationkey.com/inc/rgbcolor.js
200 OK 9.0 kB URL HTTP/2 v2.reservationkey.com/inc/rgbcolor.js
IP
File type ASCII text, with CRLF line terminators
Hash aaaae7430b58430564daedf7ef153e50
169b8dad9029c9505d7a8c75266dd4c3e8c53995
cf4c9b52f2b4d21f00a95d0f281537f354f891b53f9df6c4439c093a2e631af9
GET /inc/rgbcolor.js HTTP/1.1
Host: v2.reservationkey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.reservationkey.com/HiHo/3082
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 9042
date: Fri, 02 Sep 2022 20:14:18 GMT
last-modified: Mon, 06 Apr 2009 12:05:00 GMT
accept-ranges: bytes
etag: "0beeae8afb6c91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: d_d9gDFDwXw_e0Ye42qAReXedMqOLwtSvWzKJv8G8xxsrZ8ugvAjuA==
X-Firefox-Spdy: h2
v2.reservationkey.com/inc/sortarraydates.js
200 OK 647 B URL HTTP/2 v2.reservationkey.com/inc/sortarraydates.js
IP
File type ASCII text, with CRLF line terminators
Hash 87e0a1356bb89f91ce48d30cea28257f
1f77cff3f92469431d8f4ff1195cf6fa7cc3ea10
8787c34f74bd16cd5a2b00b46e76ecc2658af50ead2d23e5bed2409e9c21ca67
GET /inc/sortarraydates.js HTTP/1.1
Host: v2.reservationkey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.reservationkey.com/HiHo/3082
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 647
date: Fri, 02 Sep 2022 20:14:18 GMT
last-modified: Mon, 06 Apr 2009 15:30:00 GMT
accept-ranges: bytes
etag: "0cc498cccb6c91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: cEFQy2ZdLr37xUlhRML7wOB9Isl9gis9C9eAMyESgucaEG8QuQK-5g==
X-Firefox-Spdy: h2
v2.reservationkey.com/inc/jsDate.js
200 OK 27 kB URL HTTP/2 v2.reservationkey.com/inc/jsDate.js
IP
Hash 608749219e8121bdeaee5770f4cf7fe3
299f263f2d4f9a7af2c304235392694d56e38d2b
a14f5c0452326e17881d71525857f7288ecf2cdaf648caf2941d6cf63d0277d0
GET /inc/jsDate.js HTTP/1.1
Host: v2.reservationkey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.reservationkey.com/HiHo/3082
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 13897
date: Fri, 02 Sep 2022 20:14:18 GMT
last-modified: Wed, 14 May 2014 08:52:50 GMT
accept-ranges: bytes
etag: "80ceb4e2516fcf1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: EFQBaeBwQf2gX21BOPMLLIW122E0-dvjxlaeYkbo_rD1MlzJSZ0MFw==
X-Firefox-Spdy: h2
v2.reservationkey.com/i/busyblu.gif
200 OK 722 B URL HTTP/2 v2.reservationkey.com/i/busyblu.gif
IP
File type GIF image data, version 89a, 16 x 16\012- data
Hash 618a14f4dca4f51100cd2400e7f9049c
c19c6b4df46f9e8cc3bd7b74663a13cf9ea3a449
caae15eec8bd2af1f0ee84b9aabef62a6fb1a2305f65ff4eb5d56773b159187f
GET /i/busyblu.gif HTTP/1.1
Host: v2.reservationkey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.reservationkey.com/HiHo/3082
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 722
date: Fri, 02 Sep 2022 20:14:18 GMT
last-modified: Sun, 08 Mar 2009 21:46:00 GMT
accept-ranges: bytes
etag: "0dc1d4537a0c91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: wtxaWTkgmZ2fr56T3V-lYvtICDUtCoHRu1twMo0rG9vTRjouBv0JnA==
X-Firefox-Spdy: h2
v2.reservationkey.com/i/cal.gif
200 OK 86 kB URL HTTP/2 v2.reservationkey.com/i/cal.gif
IP
File type gzip compressed data, from Unix\012- data
Hash f1742abafb20c1dd3383e8a5cd250b92
d55dabb5a313eaafdd526fad2b8e7cf4b341d26c
2ab573a06c327760bf8456f8f9273c01c4ae1e49e0d45b5eadf1416da122c545
GET /i/cal.gif HTTP/1.1
Host: v2.reservationkey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.reservationkey.com/HiHo/3082
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 236
date: Fri, 02 Sep 2022 20:14:18 GMT
last-modified: Sun, 08 Mar 2009 21:46:00 GMT
accept-ranges: bytes
etag: "0dc1d4537a0c91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: zmDLCSl8u-elIXm7ktCo0LupR8RkGdHN3_c0HMAUvFHMfUnxddCvfQ==
X-Firefox-Spdy: h2
v2.reservationkey.com/i/ajax-loaderbar.gif
200 OK 4.0 kB URL HTTP/2 v2.reservationkey.com/i/ajax-loaderbar.gif
IP
File type GIF image data, version 89a, 128 x 15\012- data
Hash 2bdcbb3ea82e3c572a574485344fad40
9760eb8f28618b809a97eaf6621d5a4b6a5d47bc
a01f924c1c6e0d3c256ffbb4ab7aad1d58cf271b60acfa383088a9d9ddecafa2
GET /i/ajax-loaderbar.gif HTTP/1.1
Host: v2.reservationkey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.reservationkey.com/HiHo/3082
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 3951
date: Fri, 02 Sep 2022 20:14:18 GMT
last-modified: Sat, 29 Jan 2011 17:33:08 GMT
accept-ranges: bytes
etag: "062c197dabfcb1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: FB20JkOnUBONOBiMRI4pLznR4XUCYpB1hDGtS0n-MOoPU-jzkjM4_A==
X-Firefox-Spdy: h2
v2.reservationkey.com/i/logo_button_poweredby.gif
200 OK 1.9 kB URL HTTP/2 v2.reservationkey.com/i/logo_button_poweredby.gif
IP
File type GIF image data, version 89a, 229 x 42\012- data
Hash 548b127eaeabd5221673292621eaca76
d4da566bf7102c5890544cead72cd3f90de1e81d
9b416dcbeadc0fe6d1f7cf4f3a1672367d135392811d52f61ba82a865943a108
GET /i/logo_button_poweredby.gif HTTP/1.1
Host: v2.reservationkey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.reservationkey.com/HiHo/3082
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 1930
date: Fri, 02 Sep 2022 20:14:18 GMT
last-modified: Mon, 04 May 2009 12:59:00 GMT
accept-ranges: bytes
etag: "082ac17b8ccc91:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: JAK6odUPpdJrPfRrhxWXDGk9b3WnM2Rl4LJK_rjaY23MorjDLnEfGA==
X-Firefox-Spdy: h2
v2.reservationkey.com/inc/highslide/highslide.css
200 OK 22 kB URL HTTP/2 v2.reservationkey.com/inc/highslide/highslide.css
IP
File type ASCII text, with CRLF line terminators
Hash f5c52c11138732ea4dd6decafce42b81
9e67a044eddb82dea3db86386e895fe18b22cad0
be093c596b9b659f444f77d4a10a2ac25dcb862fa1e6b4d43f917a6881c90d1c
GET /inc/highslide/highslide.css HTTP/1.1
Host: v2.reservationkey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.reservationkey.com/HiHo/3082
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 21450
date: Fri, 02 Sep 2022 20:14:18 GMT
last-modified: Thu, 14 Dec 2017 19:28:48 GMT
accept-ranges: bytes
etag: "e0e320c41175d31:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Y1dK73C-38O7bGHKEdjN3jJulv66Yk3P1dB5xWBYkqrNL5v-yW9M_A==
X-Firefox-Spdy: h2
v2.reservationkey.com/inc/libs/jquery/jquery-3.3.1.min.js
200 OK 87 kB URL HTTP/2 v2.reservationkey.com/inc/libs/jquery/jquery-3.3.1.min.js
IP
File type ASCII text, with very long lines (65451)
Hash a09e13ee94d51c524b7e2a728c7d4039
0dc32db4aa9c5f03f3b38c47d883dbd4fed13aae
160a426ff2894252cd7cebbdd6d6b7da8fcd319c65b70468f10b6690c45d02ef
GET /inc/libs/jquery/jquery-3.3.1.min.js HTTP/1.1
Host: v2.reservationkey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.reservationkey.com/HiHo/3082
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 86927
date: Fri, 02 Sep 2022 20:14:18 GMT
last-modified: Tue, 30 Jan 2018 09:53:17 GMT
accept-ranges: bytes
etag: "60414a27b099d31:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Gj2-MFhigkE3Hbah-TgDyeEIVWEplVuuod9TAHX6QSIHXYXgxf8zYg==
X-Firefox-Spdy: h2
v2.reservationkey.com/inc/overlib/overlib.js
200 OK 51 kB URL HTTP/2 v2.reservationkey.com/inc/overlib/overlib.js
IP
File type ASCII text, with very long lines (1017), with CRLF line terminators
Hash 951d4027eef45aefe97334ee1e91a94e
14b5d5551ce5db7bfa1e819a6b41645e526ea23e
1b1dd81f9cf1caf96fd33aa2905a189ea6fee93f12a0aad08162136ed050d0c9
GET /inc/overlib/overlib.js HTTP/1.1
Host: v2.reservationkey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.reservationkey.com/HiHo/3082
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 50935
date: Fri, 02 Sep 2022 20:14:18 GMT
last-modified: Wed, 23 Oct 2013 11:26:06 GMT
accept-ranges: bytes
etag: "a49149aae2cfce1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Zso5XPrfNul_--r8MyQ0p2DB9BNdf67D5WC-UedmoNUsCWRTyi4qvg==
X-Firefox-Spdy: h2
v2.reservationkey.com/inc/highslide/highslide-full.packed.js
200 OK 48 kB URL HTTP/2 v2.reservationkey.com/inc/highslide/highslide-full.packed.js
IP
File type Unicode text, UTF-8 text, with very long lines (47647), with CRLF line terminators
Hash 278f980f861a20f0f440b2975bf8d341
614e7998c7bc927c901628370d0b76c48d2bf780
668dc6588613b6c27c8c5bfba9d4f9358b12d8ead9c3597c402bf6e6f9d2d9ef
GET /inc/highslide/highslide-full.packed.js HTTP/1.1
Host: v2.reservationkey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.reservationkey.com/HiHo/3082
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 47975
date: Fri, 02 Sep 2022 20:14:18 GMT
last-modified: Sat, 31 Dec 2011 10:50:36 GMT
accept-ranges: bytes
etag: "0a6d66aac7cc1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: sXTMaI0rRgxI85RNXFjpn8YYvRES5EjkINe40_DLwhfbhZtHmds6Mg==
X-Firefox-Spdy: h2
v2.reservationkey.com/inc/highslide/graphics/loader.white.gif
200 OK 673 B URL HTTP/2 v2.reservationkey.com/inc/highslide/graphics/loader.white.gif
IP
File type GIF image data, version 89a, 16 x 16\012- data
Hash 2a6692973429d7a74513bfa8bcb5be20
f2af060f1cadbc9065c8c465c648dc01be67cc12
1eb9e7880f723999a4ed63eece6a6e4d4976833d3c16dc18b4ace3971728ab0d
GET /inc/highslide/graphics/loader.white.gif HTTP/1.1
Host: v2.reservationkey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.reservationkey.com/inc/highslide/highslide.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 673
date: Fri, 02 Sep 2022 20:14:18 GMT
last-modified: Sat, 24 Dec 2011 17:25:44 GMT
accept-ranges: bytes
etag: "01c41161c2cc1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: Mj77UOtx_Evr3MOLLwariLp6q_RsJHNtzedeovhrjhT7ejdFY0cI3w==
X-Firefox-Spdy: h2
v2.reservationkey.com/inc/highslide/graphics/zoomout.cur
200 OK 326 B URL HTTP/2 v2.reservationkey.com/inc/highslide/graphics/zoomout.cur
IP
File type MS Windows cursor resource - 1 icon, 32x32, 2 colors, hotspot @7x7\012- data
Hash e5f236bf2b60f8c8fc1867d70636a046
2d1695a011edd32a1abc5329dcf4b8ee196d5e7f
110a21ee3616bfa86b492bb237eeb946ee4a643d7bb77a7fd2b131311f5ccf72
GET /inc/highslide/graphics/zoomout.cur HTTP/1.1
Host: v2.reservationkey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.reservationkey.com/HiHo/3082
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 326
date: Fri, 02 Sep 2022 20:14:18 GMT
last-modified: Sat, 24 Dec 2011 17:25:52 GMT
accept-ranges: bytes
etag: "0d0c81561c2cc1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: AE3U6j3PHKo_eUQpmoXJ-wsgC1gE3Hx4q53k7QY31ljZKPUXDJ4JLQ==
X-Firefox-Spdy: h2
v2.reservationkey.com/inc/highslide/graphics/outlines/drop-shadow.png
200 OK 2.1 kB URL HTTP/2 v2.reservationkey.com/inc/highslide/graphics/outlines/drop-shadow.png
IP
File type PNG image data, 40 x 3000, 8-bit gray+alpha, non-interlaced\012- data
Hash 1fc2eb3de80baea2bc85dc373670ecd4
90c718ca34fa1d7c82a5b5b6949acb89c2aaa77f
e5b23d855ab38d3c982e95d49894d4febd754baf5072d2049979254ad9663219
GET /inc/highslide/graphics/outlines/drop-shadow.png HTTP/1.1
Host: v2.reservationkey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.reservationkey.com/HiHo/3082
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2091
date: Fri, 02 Sep 2022 20:14:18 GMT
last-modified: Sat, 24 Dec 2011 17:25:46 GMT
accept-ranges: bytes
etag: "049351261c2cc1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: A4kweiJ2XSNnAbjwRBRJBU5lCHpYbyIw7ysV3XhVEJSsfCgZSb6zWw==
X-Firefox-Spdy: h2
v2.reservationkey.com/p/rooms.asp
200 OK 40 kB URL HTTP/2 v2.reservationkey.com/p/rooms.asp
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (5953), with CRLF line terminators
Hash a94811dc302c0f15754d8b78df0e507b
1f69cd1cc21db6eea0924454497534b6c510085c
345f7ffb34742d3376cc503c185509be02e58ef625b287782aace46b4d036224
POST /p/rooms.asp HTTP/1.1
Host: v2.reservationkey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 318
Origin: https://v2.reservationkey.com
Connection: keep-alive
Referer: https://v2.reservationkey.com/HiHo/3082
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
content-length: 40173
date: Fri, 02 Sep 2022 20:14:18 GMT
cache-control: private
server: Microsoft-IIS/10.0
set-cookie: prefcookie=minstayalert=1&labelcharacters=20&calfontsize=20&numperpage=0&caloption=1&usecustomform=0&selectrateplan=0&QBOEkey=&phonefields=1&nummonthstoshow=0&numdaysafter=45&idstardescriptions=5914&guestnames=1&usechannelmanager=0&tooltips=1&timeformat=%25h%3A%25mm+%25A&repeatdatebar=0&minstay=1&longdate=%25mmmm+%25d%2C+%25yyyy&cellwidth=40&callabel=1&usergmt=%2D5&shortdate=%25m%2F%25d%2F%25yyyy&selectreplyto=1&selectedstars=%231%23&scrollbars=1&numdaysbefore=4&labelwidthmobile=50&labelwidth=135&db64b=0&calview=0&calheight=30&addressfields=1&phoneformat=0&namealignment=0&idreseller=&showreminders=0&showhidden=1&showeventsbar=1&selectpaymentpage=0&selectemailschedule=0&repeatseparator=5&overallheight=1&datepickerseperator=%2F&datepickerformat=mdy¤cysymbol=%24¤cyformat=ns+%2Cg+%2Ed+cc&bookingdate=2&idsystemtheme=1&idlabelset=0&idreservationcustom=&iduser=0&taxsystem=1&saveresdetails=1&contextmenu=1&connections=%231%23&caltooltips=1&extracleaning%5Fidresstatus=0&extracleaning=0&idaccount=725; expires=Wed, 03-Aug-2022 00:00:00 GMT; path=/
ASPSESSIONIDSASDTQBD=AGMIDHMABGOFMFPPDFCLFEBB; path=/
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: SmDq43SUCN2qejrfUyz6ghtgqT3gUtRdHQREt6EfC4BCGZVnfT3Hug==
X-Firefox-Spdy: h2
v2.reservationkey.com/inc/highslide/graphics/zoomin.cur
200 OK 326 B URL HTTP/2 v2.reservationkey.com/inc/highslide/graphics/zoomin.cur
IP
File type MS Windows cursor resource - 1 icon, 32x32, 2 colors, hotspot @7x7\012- data
Hash 805e9d70e907f9b8151c43357de8af77
8dd0e088ec7172185c2363e9b5f83eedb4e8dac4
1318ef5f4f0e2f32fb2fd399260c54b5f15c6d9d909a3e224fab4bb7760a0cff
GET /inc/highslide/graphics/zoomin.cur HTTP/1.1
Host: v2.reservationkey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.reservationkey.com/HiHo/3082
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/octet-stream
content-length: 326
date: Fri, 02 Sep 2022 20:14:19 GMT
last-modified: Sat, 24 Dec 2011 17:25:52 GMT
accept-ranges: bytes
etag: "0d0c81561c2cc1:0"
server: Microsoft-IIS/10.0
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: a5oyRN9HsIFoG7q7QqZhvP2W-ytV58TzBqsJWEdxnhse1YWqJ8qzxA==
X-Firefox-Spdy: h2
v2.reservationkey.com/p/summary.asp
200 OK 0 B URL HTTP/2 v2.reservationkey.com/p/summary.asp
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /p/summary.asp HTTP/1.1
Host: v2.reservationkey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 33
Origin: https://v2.reservationkey.com
Connection: keep-alive
Referer: https://v2.reservationkey.com/HiHo/3082
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
content-length: 0
date: Fri, 02 Sep 2022 20:14:19 GMT
cache-control: private
server: Microsoft-IIS/10.0
set-cookie: prefcookie=; expires=Wed, 03-Aug-2022 00:00:00 GMT; path=/
ASPSESSIONIDSASDTQBD=CGMIDHMADPHFMLKJCKIOBDLE; path=/
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: 6mix5VJMv5fGsK2KeHQ3NGoIJgSIJnNRUApnnhzrmkn1ndli7I_Q4w==
X-Firefox-Spdy: h2
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash bc42e02a79cb8272d01df4d7e16d068c
42685c49f138f12a1af95c79f1b2910af7501bc8
10952a7b853a00d80b4f5dd0829dac9d986757a403bab61a35a4b0b9862a19fa
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 02 Sep 2022 20:14:19 GMT
Last-Modified: Fri, 02 Sep 2022 18:36:08 GMT
Server: ECS (nyb/1D28)
X-Cache: Miss from cloudfront
Via: 1.1 8ac66e1d6983a0f44cf391b1ec3b1cce.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fPkZ5yJVyhK2tpVA1tIBQu7d71Hrbh248GleeILLhE9xBS0kO7JZmg==
Age: 5891
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash bc42e02a79cb8272d01df4d7e16d068c
42685c49f138f12a1af95c79f1b2910af7501bc8
10952a7b853a00d80b4f5dd0829dac9d986757a403bab61a35a4b0b9862a19fa
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: max-age=142960
Date: Fri, 02 Sep 2022 20:14:19 GMT
Etag: "6311e815-1d7"
Expires: Sun, 04 Sep 2022 11:56:59 GMT
Last-Modified: Fri, 02 Sep 2022 11:25:09 GMT
Server: ECS (nyb/1D22)
X-Cache: Miss from cloudfront
Via: 1.1 6a0f63864791329e89a4b233ec4c3a36.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: j39AUisSOfV9O-RDFjpfoco3A_Vg5N_TI5DNwmvAF6uBkhqW4bbhHA==
Age: 1910
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash bc42e02a79cb8272d01df4d7e16d068c
42685c49f138f12a1af95c79f1b2910af7501bc8
10952a7b853a00d80b4f5dd0829dac9d986757a403bab61a35a4b0b9862a19fa
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 02 Sep 2022 20:14:19 GMT
Last-Modified: Fri, 02 Sep 2022 18:36:30 GMT
Server: ECS (nyb/1D1C)
X-Cache: Miss from cloudfront
Via: 1.1 c26775cc34c23943f6f5cfc9a3da9b4a.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 8LFRGwttCIgCD9v2c5YYw8WYz9ejyUfxErub9Gd-JJGynGAn6jEX9g==
Age: 5869
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash bc42e02a79cb8272d01df4d7e16d068c
42685c49f138f12a1af95c79f1b2910af7501bc8
10952a7b853a00d80b4f5dd0829dac9d986757a403bab61a35a4b0b9862a19fa
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 02 Sep 2022 20:14:19 GMT
Last-Modified: Fri, 02 Sep 2022 19:02:33 GMT
Server: ECS (nyb/1D2C)
X-Cache: Miss from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: 2VnH5mIIB8In7Vbu6UlMTyzieEHEhdocjufdDtuP_-kFuootzYzoug==
Age: 4306
ocsp.sca1b.amazontrust.com/
200 OK 471 B URL HTTP/1.1 ocsp.sca1b.amazontrust.com/
IP
Hash bc42e02a79cb8272d01df4d7e16d068c
42685c49f138f12a1af95c79f1b2910af7501bc8
10952a7b853a00d80b4f5dd0829dac9d986757a403bab61a35a4b0b9862a19fa
POST / HTTP/1.1
Host: ocsp.sca1b.amazontrust.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Accept-Ranges: bytes
Cache-Control: 'max-age=158059'
Date: Fri, 02 Sep 2022 20:14:19 GMT
Last-Modified: Fri, 02 Sep 2022 18:53:12 GMT
Server: ECS (nyb/1D10)
X-Cache: Miss from cloudfront
Via: 1.1 4c07121ca6e32bcda85cc9091b92050e.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: bKoy3qBo8D8OfAMtGYIATUvj_qshQ_pweoPugaWhqWr2vcUVWrSV1w==
Age: 4868
v2.reservationkey.com/p/inc/inc_itemsforsale_ajax.asp
200 OK 0 B URL HTTP/2 v2.reservationkey.com/p/inc/inc_itemsforsale_ajax.asp
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /p/inc/inc_itemsforsale_ajax.asp HTTP/1.1
Host: v2.reservationkey.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 58
Origin: https://v2.reservationkey.com
Connection: keep-alive
Referer: https://v2.reservationkey.com/HiHo/3082
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/html;charset=UTF-8
content-length: 0
date: Fri, 02 Sep 2022 20:14:19 GMT
cache-control: private
server: Microsoft-IIS/10.0
set-cookie: prefcookie=; expires=Wed, 03-Aug-2022 00:00:00 GMT; path=/
ASPSESSIONIDSASDTQBD=EGMIDHMAIDALKCKADNBKHMOK; path=/
x-powered-by: ASP.NET
x-cache: Miss from cloudfront
via: 1.1 410f51195842d9b592b15d6588c36654.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: D9o9w9CdwA3anQUzy0YQ8zMYnYchooGg2RD5N0P7FKEXGmNobvRD2g==
X-Firefox-Spdy: h2
s3.amazonaws.com/rkv2/725/72584201753107PM__SmallSunriseattheHiho.JPG
200 OK 8.6 kB URL HTTP/1.1 s3.amazonaws.com/rkv2/725/72584201753107PM__SmallSunriseattheHiho.JPG
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 150x226, components 3\012- data
Hash b39a4993b1efa1a92e25fcd5cb7a9fc3
5e8996d60117f454cae6ab3e7354f272624fa65c
948b4e8c40751e7317e7a932144ad02b339a0896070ba5b0ad95b3e7f1a559b3
GET /rkv2/725/72584201753107PM__SmallSunriseattheHiho.JPG HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.reservationkey.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: TZxZRe5pum5C28bYx0iFSDFvcbN0LWCYLhz5Pa/yTLlbUiketXw59am6t8L0Ctpn9CFZE2l0LSI=
x-amz-request-id: XRMG6E6E8K0W40WE
Date: Fri, 02 Sep 2022 20:14:20 GMT
Last-Modified: Fri, 04 Aug 2017 17:31:09 GMT
ETag: "b39a4993b1efa1a92e25fcd5cb7a9fc3"
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 8602
s3.amazonaws.com/rkv2/725/725624201533230PM__SmPalmBed2.JPG
200 OK 12 kB URL HTTP/1.1 s3.amazonaws.com/rkv2/725/725624201533230PM__SmPalmBed2.JPG
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 250x187, components 3\012- data
Hash f70cb08b0549148c205d21222e8e10d9
ddc6bb0ef5041ec0dd2a5cb6855ff748083ddf62
b8c401c58ee92251e9fbb4a6c53b208a96215f42709a318c2c16715bc34c0a37
GET /rkv2/725/725624201533230PM__SmPalmBed2.JPG HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.reservationkey.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 5yYYd/DAFmwwbn9hk3hdEspAUjkIQGoUVCadpTyztySN8wKvGD/1vl5GdjJbiPpuvPjMUz+2dEc=
x-amz-request-id: XRMJVQX5ZMFJK1Z1
Date: Fri, 02 Sep 2022 20:14:20 GMT
Last-Modified: Wed, 24 Jun 2015 15:32:32 GMT
ETag: "f70cb08b0549148c205d21222e8e10d9"
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 11816
s3.amazonaws.com/rkv2/725/725624201533848PM__peribeds.JPG
200 OK 10 kB URL HTTP/1.1 s3.amazonaws.com/rkv2/725/725624201533848PM__peribeds.JPG
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 250x187, components 3\012- data
Hash 9e5e80f4807c586cba971c519d9bf4f4
a49c21681e87e0e6e4a18aa7fcd339cf20960133
74c45ce355027e2b7662b6ceec287b5e2251b5d9900a4ec50c1f825083c89e51
GET /rkv2/725/725624201533848PM__peribeds.JPG HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.reservationkey.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: V15K0uLE1qaElaqpzX3bnhqzzdmR7pRj1FY9k+WSHXTKvDzp3p24H+lN9OkQCzJnCZcPR9cv8WQ=
x-amz-request-id: XRMPQ0ZA8QN23Z0G
Date: Fri, 02 Sep 2022 20:14:20 GMT
Last-Modified: Wed, 24 Jun 2015 15:38:49 GMT
ETag: "9e5e80f4807c586cba971c519d9bf4f4"
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 10367
s3.amazonaws.com/rkv2/725/725624201533526PM__SmOrchid.JPG
200 OK 9.4 kB URL HTTP/1.1 s3.amazonaws.com/rkv2/725/725624201533526PM__SmOrchid.JPG
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 250x187, components 3\012- data
Hash 2234618fc5d53050d7f8a91cc052b5d8
f5acf3dfe1c448a4f64b10586650204a8c5f8042
2ae0a2fedae1f39b242dd5344a60d28fb5399f41430486082a565d242edcc358
GET /rkv2/725/725624201533526PM__SmOrchid.JPG HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.reservationkey.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: k9XPOimJ8u6dWR/KrhumcSpKjWKI5BjhvPSyOJHY/MEdsC8tQ3oFlPdNRY/XCJ32NQdtKLGGdDc=
x-amz-request-id: XRMKZANH61JR2MHR
Date: Fri, 02 Sep 2022 20:14:20 GMT
Last-Modified: Wed, 24 Jun 2015 15:35:27 GMT
ETag: "2234618fc5d53050d7f8a91cc052b5d8"
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 9435
s3.amazonaws.com/rkv2/725/725624201533403PM__smjasfish.JPG
200 OK 8.7 kB URL HTTP/1.1 s3.amazonaws.com/rkv2/725/725624201533403PM__smjasfish.JPG
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 250x187, components 3\012- data
Hash cc53ddb890f74e870414d6cfad53d6bc
9c643a4447d93b36b1428f649e20a79fcadf8bae
831695ee5f30dc0caca112951b674bd298b6406ef747e6b84c106c4ce4ad054a
GET /rkv2/725/725624201533403PM__smjasfish.JPG HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.reservationkey.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: UpQnD2hMJBB3dFP+RUvWfxZvTcvJszAIGhjHAilFxk4sIUq2BBQm/dMzYny9J606L9+mpf0vikg=
x-amz-request-id: XRMXG4G1FG5GC4PX
Date: Fri, 02 Sep 2022 20:14:20 GMT
Last-Modified: Wed, 24 Jun 2015 15:34:04 GMT
ETag: "cc53ddb890f74e870414d6cfad53d6bc"
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 8657
s3.amazonaws.com/rkv2/725/725624201514241PM__DSC0066.JPG
200 OK 9.4 kB URL HTTP/1.1 s3.amazonaws.com/rkv2/725/725624201514241PM__DSC0066.JPG
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 250x166, components 3\012- data
Hash fb0bb4dff244e2a0a91f901de102253e
778f5e53d515d4124233d21d0f521628bff35353
50170cb7585d9a0674bc67eac7c3b32f09abdd0e5c31daa28dad642203e9df93
GET /rkv2/725/725624201514241PM__DSC0066.JPG HTTP/1.1
Host: s3.amazonaws.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://v2.reservationkey.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/1.1 200 OK
x-amz-id-2: 7hHUjf1K+Jlsa1zDq07h6+p/8MOqIVolzmbSfvJj+CWJeIQWekHx5ajInfG6u4Kc4j24BimTucQ=
x-amz-request-id: XRMJXCA4VXHBJ4C4
Date: Fri, 02 Sep 2022 20:14:20 GMT
Last-Modified: Wed, 24 Jun 2015 13:42:42 GMT
ETag: "fb0bb4dff244e2a0a91f901de102253e"
Cache-Control: no-cache
Accept-Ranges: bytes
Content-Type: image/jpeg
Server: AmazonS3
Content-Length: 9401
www.thehibiscushousebnb.com/reservations/
301 Moved Permanently 0 B URL HTTP/2 www.thehibiscushousebnb.com/reservations/
IP
Analyzer Verdict Alert fortinet Phishing
GET /reservations/ HTTP/1.1
Host: www.thehibiscushousebnb.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1
HTTP/2 301 Moved Permanently
date: Fri, 02 Sep 2022 20:14:15 GMT
content-type: text/html; charset=UTF-8
location: https://thehibiscushousebnb.com/reservations/
x-redirect-by: WordPress
vary: Accept-Encoding,Accept-Encoding
cache-control: public, max-age=0
expires: Fri, 02 Sep 2022 20:14:15 GMT
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-turbo-charged-by: LiteSpeed
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=QORx6cewmclb4nd1sP22JX%2BNbGDeCCF0nLvWDZk7RlvxMjoYkdbkc9SoM%2Fwhl9uLl3JclU8od6WtK1PxJ3UCsk8xtQ2wi02RS%2BUabzrGqOUfZ6jOU8xwIItSCNFDnFV1jjRWcAfVvMbq2fDim5o%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7448e92d3e501c0a-OSL
X-Firefox-Spdy: h2
fonts.googleapis.com/css?family=Vidaloka%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CNunito%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
200 OK 0 B URL HTTP/2 fonts.googleapis.com/css?family=Vidaloka%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CNunito%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap
IP
GET /css?family=Vidaloka%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CNunito%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic%7CLato%3A100%2C100italic%2C200%2C200italic%2C300%2C300italic%2C400%2C400italic%2C500%2C500italic%2C600%2C600italic%2C700%2C700italic%2C800%2C800italic%2C900%2C900italic&display=swap HTTP/1.1
Host: fonts.googleapis.com
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://thehibiscushousebnb.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css; charset=utf-8
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Fri, 02 Sep 2022 20:14:15 GMT
date: Fri, 02 Sep 2022 20:14:15 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
104.21.43.54
143.204.55.36
93.184.220.29
23.36.77.32
2.21.206.45
0.0.0.0