Overview

URL floragardenhotels.com
IP104.21.33.215
ASNCLOUDFLARENET
Location
Report completed2022-10-06 08:18:33 UTC
StatusLoading report..
urlquery Alerts No alerts detected


Settings

UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer


Intrusion Detection Systems

Suricata /w Emerging Threats Pro  No alerts detected


Blocklists

OpenPhish  No alerts detected
PhishTank  No alerts detected
Fortinet's Web Filter  No alerts detected
mnemonic secure dns  No alerts detected
Quad9 DNS  No alerts detected


Files

URL ocsp.pki.goog/gts1c3
IP  142.250.74.3
Magic gzip compressed data, max compression\012- data
Size 533
MD5 0c7737a481bbaf69c81b233e2a710136
SHA1 d3e0e3e1b704e229e93e4057e176fc7393d9db5c
SHA256 13065b7aa2495bc3877146ef7877fbdcb2153280af3324fe89348602f9f6cd09
Analyzer Analysed Verdict Comment
VirusTotal 0/0


Passive DNS (26)

Passive DNS Source Fully Qualifying Domain Name Rank First Seen Last Seen IP Comment
mnemonic passive DNS www.google.com (2) 7 2016-08-04 12:36:31 UTC 2022-10-05 23:51:52 UTC 142.250.74.164
mnemonic passive DNS cdn.livechatinc.com (1) 6288 2012-06-22 08:37:34 UTC 2022-10-06 04:57:51 UTC 23.36.79.17
mnemonic passive DNS www.facebook.com (1) 99 2017-01-30 05:00:00 UTC 2022-10-06 04:46:20 UTC 31.13.72.36
mnemonic passive DNS cdn.hweb.com (1) 0 2018-06-30 04:43:15 UTC 2022-10-05 23:26:14 UTC 54.230.111.87 Unknown ranking
mnemonic passive DNS firefox.settings.services.mozilla.com (2) 867 2020-05-28 17:26:30 UTC 2022-10-06 05:29:05 UTC 54.230.111.7
mnemonic passive DNS www.googletagmanager.com (1) 75 2012-12-25 14:52:06 UTC 2022-10-06 05:00:29 UTC 142.250.74.168
mnemonic passive DNS fonts.gstatic.com (3) 0 2014-08-29 13:43:22 UTC 2022-10-06 04:51:09 UTC 216.58.207.195 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS floragardenhotels.hweb.com (3) 0 2022-07-06 15:09:41 UTC 2022-09-15 09:54:56 UTC 89.19.238.77 Unknown ranking
mnemonic passive DNS www.google-analytics.com (1) 40 2012-10-03 01:04:21 UTC 2022-10-06 05:42:08 UTC 142.250.74.174
mnemonic passive DNS api.livechatinc.com (1) 5353 2013-12-20 14:27:35 UTC 2022-10-06 03:59:23 UTC 23.36.79.17
mnemonic passive DNS r3.o.lencr.org (8) 344 2020-12-02 08:52:13 UTC 2022-10-06 04:46:31 UTC 23.36.76.226
mnemonic passive DNS content-signature-2.cdn.mozilla.net (1) 1152 2020-11-03 12:26:46 UTC 2022-10-06 04:55:14 UTC 34.160.144.191
mnemonic passive DNS ocsp.digicert.com (3) 86 2012-05-21 07:02:23 UTC 2022-10-06 05:20:05 UTC 93.184.220.29
mnemonic passive DNS www.gstatic.com (2) 0 2016-07-26 09:37:06 UTC 2022-10-06 04:51:02 UTC 142.250.74.163 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS use.fontawesome.com (3) 942 2017-01-30 04:43:25 UTC 2022-10-06 04:51:27 UTC 172.64.132.15
mnemonic passive DNS region1.google-analytics.com (1) 0 2022-03-17 11:26:33 UTC 2022-10-06 05:36:17 UTC 216.239.34.36 Domain (google-analytics.com) ranked at: 8401
mnemonic passive DNS stats.g.doubleclick.net (1) 96 2013-06-02 22:47:44 UTC 2022-10-06 06:27:32 UTC 173.194.73.157
mnemonic passive DNS ssl.gstatic.com (1) 0 2016-11-22 23:58:12 UTC 2022-10-06 04:49:12 UTC 142.250.74.99 Domain (gstatic.com) ranked at: 540
mnemonic passive DNS contile.services.mozilla.com (1) 1114 2021-05-27 18:32:35 UTC 2022-10-06 04:46:50 UTC 34.117.237.239
mnemonic passive DNS push.services.mozilla.com (1) 2140 2015-09-03 10:29:36 UTC 2022-10-06 05:02:20 UTC 35.161.6.128
mnemonic passive DNS img-getpocket.cdn.mozilla.net (6) 1631 2017-09-01 03:40:57 UTC 2022-10-06 04:25:36 UTC 34.120.237.76
mnemonic passive DNS floragardenhotels.com (1) 0 2015-07-15 15:12:10 UTC 2022-07-23 21:16:53 UTC 172.67.192.214 Unknown ranking
mnemonic passive DNS fonts.googleapis.com (3) 8877 2013-06-10 20:14:26 UTC 2022-10-06 04:51:10 UTC 142.250.74.10
mnemonic passive DNS ocsp.pki.goog (14) 175 2017-06-14 07:23:31 UTC 2022-10-05 06:59:18 UTC 142.250.74.3
mnemonic passive DNS mt.googleapis.com (1) 25409 2015-09-24 13:46:28 UTC 2022-10-05 21:47:52 UTC 142.250.74.14
mnemonic passive DNS www.google.no (1) 25607 2016-04-05 19:50:59 UTC 2022-10-06 05:14:22 UTC 142.250.74.3


Recent reports on same IP/ASN/Domain/Screenshot

Last 2 reports on IP: 104.21.33.215

Date UQ / IDS / BL URL IP
2022-10-06 08:18:33 +0000
0 - 0 - 0 floragardenhotels.com 104.21.33.215
2022-09-06 01:18:36 +0000
0 - 0 - 14 ideahandhomecuts.cfd/ 104.21.33.215

Last 5 reports on ASN: CLOUDFLARENET

Date UQ / IDS / BL URL IP
2022-12-01 12:25:17 +0000
0 - 0 - 1 clenchstump.top/ 172.67.130.231
2022-12-01 12:24:29 +0000
0 - 0 - 1 ste2eh.cyou/ 104.21.44.126
2022-12-01 12:22:18 +0000
0 - 0 - 1 aventura.espirituracer.com/ 188.114.97.1
2022-12-01 12:22:06 +0000
0 - 0 - 3 goodlifestylenews.com/2022/10/13/first-martia (...) 172.67.172.49
2022-12-01 12:21:55 +0000
0 - 0 - 2 goodlifestylenews.com/2022/10/13/inside-n-j-s (...) 104.21.30.61

Last 2 reports on domain: floragardenhotels.com

Date UQ / IDS / BL URL IP
2022-10-06 08:31:25 +0000
0 - 0 - 0 floragardenhotels.com 172.67.192.214
2022-10-06 08:18:33 +0000
0 - 0 - 0 floragardenhotels.com 104.21.33.215

Last 1 reports with similar screenshot

Date UQ / IDS / BL URL IP
2022-10-06 08:31:25 +0000
0 - 0 - 0 floragardenhotels.com 172.67.192.214


JavaScript

Executed Scripts (76)


Executed Evals (0)


Executed Writes (0)



HTTP Transactions (64)


Request Response
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 939
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Content-Length, Backoff, Content-Type, Retry-After, Alert
Cache-Control: max-age=259200
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Date: Wed, 05 Oct 2022 15:47:18 GMT
X-Content-Type-Options: nosniff
X-Cache: Hit from cloudfront
Via: 1.1 94eee494c19905cb6933ec8a32a577a0.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: VPJyUeEkRfb_R-5--jg3jl-TC7mgI4HJ6Uwrt8jxOxIAPRCYaNWwKw==
Age: 59463


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    2d12f67fe57a87e7366b662d153a5582
Sha1:   d7b02d81cc74f24a251d9363e0f4b0a149264ec1
Sha256: 73c273c0b5a2de3cb970b8e8c187999d3b55e760dc7766dab4bb76428d19b551
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "AB48F17E54075E1ECF034278E82BCACD2E3689773186CC84FBA9B79AAC907294"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4115
Expires: Thu, 06 Oct 2022 09:26:56 GMT
Date: Thu, 06 Oct 2022 08:18:21 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A9FB1F7ADE7C8A79D2EE83E9B7215E66DC89AC733B11079297A8F4B9ACEAE1F5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3994
Expires: Thu, 06 Oct 2022 09:24:55 GMT
Date: Thu, 06 Oct 2022 08:18:21 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: H1uygtKLVFjCOrtdx4mHLqgZDehd1xZFAWjTYw8VqwIskQFhKbEs6zJlP7JscvoZGkyspWqpCQ8=
x-amz-request-id: VTNCRZT1RD7CR74W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Thu, 06 Oct 2022 07:58:40 GMT
age: 1181
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    67d5a988edcda47bc3b3b3f65d32b4b6
Sha1:   d4f0e0da8b3690cc7da925026d3414b68c7d954f
Sha256: 55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Thu, 06 Oct 2022 08:18:22 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.7
HTTP/1.1 200 OK
Content-Type: application/json
                                        
Content-Length: 329
Connection: keep-alive
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Pragma, Content-Length, Backoff, Last-Modified, Cache-Control, Content-Type, Retry-After, ETag, Expires, Alert
Content-Security-Policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
Last-Modified: Fri, 25 Mar 2022 17:45:46 GMT
X-Content-Type-Options: nosniff
Date: Thu, 06 Oct 2022 07:29:41 GMT
Cache-Control: max-age=3600, max-age=3600
Expires: Thu, 06 Oct 2022 07:59:48 GMT
ETag: "1648230346554"
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: fj89Xf2LUwpWme_sSIfzbBUKYgLMhMda83pO0i2ZX1BghTo-wU583A==
Age: 2921


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4127
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 08:18:22 GMT
Last-Modified: Thu, 06 Oct 2022 07:09:35 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: D9mzTXxGuVz52rhukNPuGQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

                                         
                                         35.161.6.128
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lLd/ttW9o3IgkuFylAa86hij+hw=

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 08:18:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 08:18:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 08:18:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 08:18:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "26FA7A785E578E023BD88E23319B572D52129D0804D7564D3C2D1B5EC93B8F43"
Last-Modified: Wed, 05 Oct 2022 10:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14189
Expires: Thu, 06 Oct 2022 12:14:53 GMT
Date: Thu, 06 Oct 2022 08:18:24 GMT
Connection: keep-alive

                                        
                                            GET /gtag/js?id=UA-62139020-3 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floragardenhotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Thu, 06 Oct 2022 08:18:24 GMT
expires: Thu, 06 Oct 2022 08:18:24 GMT
cache-control: private, max-age=900
last-modified: Thu, 06 Oct 2022 06:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 42414
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2039)
Size:   42414
Md5:    70154afd9f50b8712be9e8d996d0f404
Sha1:   cb6489e218f5267813204229eafd35dd75953f5b
Sha256: 8acebb9432e9d93825ef5cc4abe9591c51a141de7df168e03713d3b22e5da5e8
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 08:18:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 08:18:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /widget/widget-core.js?Lang=en HTTP/1.1 
Host: floragardenhotels.hweb.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floragardenhotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         89.19.238.77
HTTP/2 200 OK
content-type: application/javascript;charset=utf-8
                                        
date: Thu, 06 Oct 2022 08:00:23 GMT
content-length: 205748
content-security-policy: default-src 'self' 'unsafe-inline' *.hweb.com *.reswio.com *.iati.com *.google.com *.google.com.tr *.googleapis.com *.google-analytics.com *.googleadservices.com *.googletraveladservices.com *.googletagmanager.com *.gstatic.com themes.googleusercontent.com *.doubleclick.net *.livechatinc.com scripts.affilired.com *.facebook.net *.facebook.com static.tacdn.co secde.trivago.com *.tripadvisor.com platform.twitter.com syndication.twitter.com *.criteo.com *.criteo.net static.criteo.net widget.criteo.com dis.eu.criteo.com sslwidget.criteo.com secure.wegostaging.com mc.yandex.ru *.//floragardenhotels.com/ 'unsafe-eval'; frame-ancestors http:; img-src 'self' http: https: data:;
set-cookie: siteLocale=en; Path=/ SESSION=9ab9304d-8d42-4603-819c-4d3f4e483f00; Path=/; HttpOnly SRV=front_1|Yz6LG|Yz6LG; path=/ hwuid=4767b1f7d90b4b8d97b5a25de986498d; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=hweb.com; path=/
cache-control: private
server: hwebf100
p3p: CP="NOI CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (53029)
Size:   205748
Md5:    56dac38144221030a7fc554bd3cfd43c
Sha1:   6be9e83f0ba3a547d4913f2e092c8675cb02dc5c
Sha256: f67f088dc51f8f575342127fd3eab32309e0614e83ebd130ff9ad0bfb7b99a07
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4184
Expires: Thu, 06 Oct 2022 09:28:08 GMT
Date: Thu, 06 Oct 2022 08:18:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4184
Expires: Thu, 06 Oct 2022 09:28:08 GMT
Date: Thu, 06 Oct 2022 08:18:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4184
Expires: Thu, 06 Oct 2022 09:28:08 GMT
Date: Thu, 06 Oct 2022 08:18:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4184
Expires: Thu, 06 Oct 2022 09:28:08 GMT
Date: Thu, 06 Oct 2022 08:18:24 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "A09C835AA140C7B4220194E940F54DE09CA3B7EA470FEB7C4C5BE574643086D5"
Last-Modified: Tue, 04 Oct 2022 00:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4184
Expires: Thu, 06 Oct 2022 09:28:08 GMT
Date: Thu, 06 Oct 2022 08:18:24 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fdfb1f9d9-58f2-4af5-b299-6a59b5768aba.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8651
x-amzn-requestid: 8bbdbc11-92fe-4cdf-8469-1c1ffac9e65b
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPLIGG0IAMFehw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df8ad-132ee26478d791850dd14462;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:35:41 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: KBuHj1vlNgk4oflp8uIxuxuPoWh7B7O0SWrMrNP-lAhnp2m53ttPMw==
via: 1.1 efe54e8b68e074d39b2ecd249f85100a.cloudfront.net (CloudFront), 1.1 e77661e211afe9242e85e573f12d5534.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 22:09:18 GMT
age: 36546
etag: "d839f3aa41455d818da9a794b0688b1144b3a03a"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8651
Md5:    2d101e6535dfc8ea8c193d3e97c07e1d
Sha1:   d839f3aa41455d818da9a794b0688b1144b3a03a
Sha256: d73e79f203ef50354e078de30fcb52d298e14ad53924e0387ab586a9cb4376a2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F0916782d-815c-4b19-b89a-acc67a745ebc.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 11478
x-amzn-requestid: a09aebdb-ec16-4f21-b972-6f97eda93ac6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjRNiHLGIAMFcFA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633dfbf0-28d33fc650641df56dfb5b06;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:49:36 GMT
x-amz-cf-pop: SEA73-P2, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: RqNGDz8fc7-Et0JSVOTstRITabta3ruIF-gtPFu7jtBRbiLDBv_cGg==
via: 1.1 bd6f70221217681265382902c6157c76.cloudfront.net (CloudFront), 1.1 57bd3a2d9e0e4cbf89d9eb3d7dfb916e.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:58:48 GMT
etag: "016d84f56f97f1ab12c4046177e3e809aa861729"
age: 37176
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   17676
Md5:    35c4807b35061a62093f42ab3593435b
Sha1:   d6bf444de322734d18696352f24c30f79215a253
Sha256: 3c9630709ca160460841421da05b5248d6afb1498439c8b79a53236a64f969fb
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F5ce3d070-3bf1-47cd-bdd7-2bda7b826976.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4140
x-amzn-requestid: f3cb33c4-26b6-4fd8-9293-dfb42be34600
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjOZiEZ4IAMFvLg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df770-424459547db8b3d721d75e54;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:30:24 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: q70sezhl0h-lASzUDh5_WQ6KraRa3fWYl_tO0iuE0CpbJ5GeiihgMw==
via: 1.1 9c60d6224ac0b44e908b5c9dcf70e9a4.cloudfront.net (CloudFront), 1.1 95785220a566cd050f3ad80928463374.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 21:37:06 GMT
etag: "26694f34166345ee5693653e0101db6b910e68ba"
age: 38478
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4140
Md5:    dbba56f647bf5989ca51863632bbebfc
Sha1:   26694f34166345ee5693653e0101db6b910e68ba
Sha256: ec5cc38f2a77e8e655aeeb7a376cf882ccb7163e4ef9d1ce4633ab4754e48765
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F73af78d1-5736-4820-b1cd-2746dc2b907b.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6933
x-amzn-requestid: aa50b0cd-e931-49a9-bce3-00366738aea6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZjPtNGKPoAMF6UA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633df987-77a4f8306103dcdf3de7d1fd;Sampled=0
x-amzn-remapped-date: Wed, 05 Oct 2022 21:39:19 GMT
x-amz-cf-pop: SEA19-C1, SEA73-P2
x-cache: Miss from cloudfront
x-amz-cf-id: aRwLcesGtAJ-M6BLPyzdprcMh8tvcxVH6AOG2LJc8aSYLR0BR9WAwg==
via: 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 3c974a460e97e56c6eb1e6a30797d9d6.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 22:09:09 GMT
etag: "b19dd1d42995ea4242505b152e77835442341581"
age: 36555
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   7588
Md5:    e7f41dabb29143372d912640e8975784
Sha1:   01dd9ddf3e8b60a2a99da013e1ddefdaf0b757a4
Sha256: b38665c23f13ca6c5a8b8e63fe69d9322c006852f27f0f2de6eb8547a5c63bdf
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F1ca20164-9b52-49c5-9e63-1fc0ae719f45.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10158
x-amzn-requestid: def1fc7e-8008-466f-9271-20fa1ab0fa5a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZaqZCH7doAMFcPQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-633a8aa0-7fd2fb1249366f2277d719d6;Sampled=0
x-amzn-remapped-date: Mon, 03 Oct 2022 07:09:20 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: aeOU8fGkf5uHuYZ79k17EzxiFnwm0_z7SeZJElgwECzRyhR2N_SYJA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Thu, 06 Oct 2022 03:50:38 GMT
age: 16066
etag: "bbe71936b78a8c34d03ab87948dc840b35c6948f"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   10708
Md5:    404b5ba23d60eff55c234a86380e40e6
Sha1:   58cb975f1b962374485757bf07319e7b347ae921
Sha256: 60ecb03591151560cb0822ec9653c3690515ae9bcb609a55d429e36ee7e34589
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb35f200a-4b30-4eca-b738-7597a7594fb0.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 12156
x-amzn-requestid: 0640ef42-f082-43cb-9fbb-ba509f7ec1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: ZXYcIFhmIAMFeVw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63393ab3-2fbc1cf648993ee1346ec9b2;Sampled=0
x-amzn-remapped-date: Sun, 02 Oct 2022 07:16:03 GMT
x-amz-cf-pop: SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: LZZWZlT3DnlbEyrOaNR-emsGas3uCB6VaQYdTQ76-W0XL7_Yq3BAJw==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 5397b304713f6301c7c94ac084b6ed08.cloudfront.net (CloudFront), 1.1 google
date: Wed, 05 Oct 2022 13:09:19 GMT
age: 68945
etag: "1282572af57f7d04cae3f736a9b9fcb378efdf70"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   12156
Md5:    af17f003b33d854fd024dcd3980fea27
Sha1:   1282572af57f7d04cae3f736a9b9fcb378efdf70
Sha256: 5e0112558b9196f1025a354f4b69fb02321d9a345c2d302e523001a56b51cc31
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 08:18:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/montserrat/v25/JTUSjIg1_i6t8kCHKm459Wlhyw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://floragardenhotels.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 30928
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 29 Sep 2022 16:40:18 GMT
expires: Fri, 29 Sep 2023 16:40:18 GMT
cache-control: public, max-age=31536000
age: 574686
last-modified: Mon, 11 Jul 2022 18:57:39 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   32999
Md5:    569716137c3b0fb09e09a002d94ccaf6
Sha1:   f1e4f045c8e682617f7bba616d7eb74aa996a1fe
Sha256: ce0ebf86b7e84b08a8f47b2010f583944da9596a674bb6067155f44d993d2455
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 08:18:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/playfairdisplay/v30/nuFvD-vYSZviVYUb_rj3ij__anPXJzDwcbmjWBN2PKdFvXDXbtM.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://floragardenhotels.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 19860
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Mon, 03 Oct 2022 22:46:46 GMT
expires: Tue, 03 Oct 2023 22:46:46 GMT
cache-control: public, max-age=31536000
age: 207098
last-modified: Mon, 18 Jul 2022 19:06:33 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 19860, version 1.0\012- data
Size:   19860
Md5:    a95e391373ad634c3b7dbaf77de3f40e
Sha1:   ddc4638bc28c21a400fcd2df94448743f198a257
Sha256: fa3d5a0422c9b413abb4c78f8ff80de8a8ed58766f7110c82febf5296e899b47
                                        
                                            GET /s/abhayalibre/v13/e3t5euGtX-Co5MNzeAOqinEYo23CrdZJ.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://floragardenhotels.com
Connection: keep-alive
Referer: https://fonts.googleapis.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         216.58.207.195
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 21664
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Wed, 05 Oct 2022 21:18:31 GMT
expires: Thu, 05 Oct 2023 21:18:31 GMT
cache-control: public, max-age=31536000
age: 39593
last-modified: Tue, 19 Apr 2022 18:53:38 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 21664, version 1.0\012- data
Size:   21664
Md5:    c453724db11b036a2d0cea593aadbba5
Sha1:   f3f868172562eaa6a5cb7fd0a27a7963bb429c02
Sha256: 974bc554befdc01455b889fc41b34591fc4fc283426bcfb363ffc8d8b763d855
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 08:18:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  data
Size:   2037
Md5:    ba8801c2ab70f54551d731b83a7472e2
Sha1:   823c527d9d968e49d883dabb9edf931c58500027
Sha256: fec2c7c215aeee4452c7c9c2071843e47e9f5a57e6d7079dfc6e22a025324071
                                        
                                            GET /maps/d/u/0/embed?mid=1q_ibM6tDQJez6KJ1jnOGJx82ipPhpLjp&ehbc=2E312F HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floragardenhotels.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.164
HTTP/2 302 Found
content-type: application/binary
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 06 Oct 2022 08:18:24 GMT
location: https://www.google.com/maps/d/embed?mid=1q_ibM6tDQJez6KJ1jnOGJx82ipPhpLjp&ehbc=2E312F
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info.", CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce--tjKYNkWYvYklPx6nBhLnA' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /maps/d/u/0/cspreport
cross-origin-opener-policy: unsafe-none
server: ESF
content-length: 0
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
set-cookie: NID=511=RzaUhjbWh3PYH9uv2Z9y0VGPIhMABdPXcD70JpowLyBzSBGK63Iij-p1KG9dtaS-Jq7W_JOkKgK4QLoQmTGZawq2opUGH_p-GUDLr22Z0JfW8TmQgYsp9fhs4pEDAaavE7opiZZab0QSV6qZ2yf7Ewidgp1u84QdQ2NTSdvSzuo; expires=Fri, 07-Apr-2023 08:18:24 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none NID=511=qOZiPJaBmNqz6lYLu8022wsCpEY2rt81C2XvdnYjrkFnMQkkOhfN9aB5U-5kENAJI3Qg9OXLlno5v8sq_FBtYTuclxMnieB-oCLf4OrzEMt3mqw40GyovBcdEZ_1W1vMaKbxUwXS_nJSqcgDDTsvh3_xoPVbltf-C4Scygueq6Y; expires=Fri, 07-Apr-2023 08:18:24 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2799
Md5:    e1c24be5153862348448c7a1034b638b
Sha1:   c258cd87de5e8a695f69592c1fdb13d1ac86b823
Sha256: 52427b8ac5aa9671600be1dabc1852cf49308dc19a9ced145dce535111bc7512
                                        
                                            GET /tracking.js HTTP/1.1 
Host: cdn.livechatinc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floragardenhotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
last-modified: Mon, 03 Oct 2022 08:52:45 GMT
x-amz-version-id: ShWf3uxOW76WIXrfmBNYEunJ4VXa8qrD
server: AmazonS3
content-encoding: br
etag: W/"76bb2b42910688967d67aa5519646e5d"
vary: Accept-Encoding
x-amz-cf-pop: AMS54-C1
x-amz-cf-id: rn7s_tBh0iAmVniiyguB1enwQ-YRMXK5bH3Zd6OV5vDOdHRsEY6Unw==
content-length: 25677
cache-control: max-age=28800
expires: Thu, 06 Oct 2022 16:18:24 GMT
date: Thu, 06 Oct 2022 08:18:24 GMT
access-control-allow-origin: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   25677
Md5:    6d3a2ae40bc8b1a9d4db4491a8b8a2de
Sha1:   586a0476415b81afe725bbd9ab93052222f56a2b
Sha256: 68432d22583705e7515d896d46ac76e5962b6cdee4b2ffb24099e6abd54fc924
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 08:18:24 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /widget/flatpickr.v4.5.2.min.css HTTP/1.1 
Host: floragardenhotels.hweb.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floragardenhotels.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         89.19.238.77
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 06 Oct 2022 08:00:24 GMT
last-modified: Fri, 05 Jun 2020 16:02:41 GMT
vary: Accept-Encoding
etag: W/"5eda6ca1-3a01"
content-encoding: gzip
cache-control: private
server: hwebf100
set-cookie: SRV=front_1|Yz6LG|Yz6LG; path=/ hwuid=f91025a83c804851af6317864fc3eda1; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=hweb.com; path=/
p3p: CP="NOI CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   3318
Md5:    afe73d96c7209e1290508d11ffe21525
Sha1:   9239381074c8f5aff06d214b75d1362176a627c4
Sha256: 8aca413632a81b205b25a3a04b32f3420b22b962d6de5da23a580a9e47fc3ef5
                                        
                                            GET /mapspro/_/ss/k=mapspro.gmeviewer.o7YEyf3oBZE.L.F4.O/d=0/rs=ABjfnFWPttv5MZ7TIuhQqujoqo1VR3vFxg HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-mapspro
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="geo-mapspro"
report-to: {"group":"geo-mapspro","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-mapspro"}]}
content-length: 42063
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 03:20:43 GMT
expires: Wed, 04 Oct 2023 03:20:43 GMT
cache-control: public, max-age=31536000
last-modified: Wed, 28 Sep 2022 23:36:28 GMT
age: 190662
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   42063
Md5:    bdd9d2d55fa48fddafd4529889bd26af
Sha1:   e3b5140a51113ca218888da311feca1ee3e09202
Sha256: fabe225461f23d3ac33474cf8d4f5b193b3c1f62223b720f14ae5c3ccbfb3641
                                        
                                            GET /mapspro/_/js/k=mapspro.gmeviewer.no.vk5ovkSCsno.O/d=0/rs=ABjfnFUArWZWSrpFhZ4WhDG9THNfJszVLw/m=gmeviewer_base HTTP/1.1 
Host: www.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.163
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding, Origin
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/geo-mapspro
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="geo-mapspro"
report-to: {"group":"geo-mapspro","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/geo-mapspro"}]}
content-length: 238181
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 04 Oct 2022 03:19:12 GMT
expires: Wed, 04 Oct 2023 03:19:12 GMT
cache-control: public, max-age=31536000
last-modified: Thu, 29 Sep 2022 15:40:38 GMT
age: 190753
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (548)
Size:   238181
Md5:    ab6e9642020e9096554d20ca64a16ad7
Sha1:   ac6cb34f73fa5fca00473fdedff9fc3bfbe02557
Sha256: a807f3dcb74ac30de890d916a7da2cd7b0599ab4a2b7c2c0ba49c12e69dc9774
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2983
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 08:18:25 GMT
Last-Modified: Thu, 06 Oct 2022 07:28:42 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floragardenhotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.174
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Thu, 06 Oct 2022 06:41:09 GMT
expires: Thu, 06 Oct 2022 08:41:09 GMT
cache-control: public, max-age=7200
age: 5836
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   21233
Md5:    6a11c4ad5fc3456717a380fa2ae1a4ac
Sha1:   4a5475e805323872170293deb490f281ff283ecb
Sha256: b4f1bc6f1574a91460bda825f853764cc17e05489954b96efa8611e700cad53f
                                        
                                            GET /releases/v5.11.2/webfonts/fa-solid-900.eot HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://floragardenhotels.com
Connection: keep-alive
Referer: https://floragardenhotels.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         172.64.132.15
HTTP/2 200 OK
content-type: application/vnd.ms-fontobject
                                        
date: Thu, 06 Oct 2022 08:18:25 GMT
x-amz-id-2: 3rqWWfjOORB1pdknz8xecp2KJUVbsn0VzznJVaxrkbTMPqA2Cc3+3ZBnyNXy1j7caQN2Y5x5Kj0=
x-amz-request-id: DTX4Y3WQEVSGGX87
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:37:33 GMT
etag: W/"8e4a6dcc692b3887f9f542cd6894d6d4"
cache-control: max-age=31556926
cf-cache-status: MISS
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=WrFeGP2BhVkflmh1ac%2BkXoX27VtXXUY7gZAgBiTLrEB5jGy7kPFZjeCwD3TazDENSEgxd3pzZ9mrg72tKavSUizpVpliDjLM%2FOMGfZNUpUmss6CmH0bcB3Hy5tmmQ2IXhk%2FGhQe%2F"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 755cf7579f687576-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Embedded OpenType (EOT), Font Awesome 5 Free Solid family\012- data
Size:   125940
Md5:    e49d577bda7a4ba505ed8c213df379f3
Sha1:   0a307c3f9aec93be93541ec0adb0e78b252f1702
Sha256: 65326b5f5d2dffd52d203426b6dfec5e31691540ccdd68c0fc78c1a10c351fd2
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 2983
Cache-Control: 'max-age=158059'
Date: Thu, 06 Oct 2022 08:18:25 GMT
Last-Modified: Thu, 06 Oct 2022 07:28:42 GMT
Server: ECS (ska/F713)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v3.3/customer/action/get_dynamic_configuration?license_id=3756101&url=https%3A%2F%2Ffloragardenhotels.com%2F&channel_type=code&jsonp=__d5gvtj9aoyi HTTP/1.1 
Host: api.livechatinc.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floragardenhotels.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         23.36.79.17
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
legacy: 2023-06-30
vary: Accept-Encoding
content-length: 80
date: Thu, 06 Oct 2022 08:18:25 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   11659
Md5:    14e0a012cba5723d9c66d2a37705fed3
Sha1:   a55751cc3601b90808c6cc0ff6cdda022e6a9834
Sha256: 48ae2b9197bd2785a6a8a1e0a07002242685bc63497bf6508b3366368f850979
                                        
                                            GET /vt/icon/name=icons/onion/SHARED-mymaps-pin-container-bg_4x.png,icons/onion/SHARED-mymaps-pin-container_4x.png,icons/onion/1899-blank-shape_pin_4x.png&highlight=ff000000,0288D1&scale=2.0 HTTP/1.1 
Host: mt.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.google.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.14
HTTP/2 200 OK
content-type: image/png
                                        
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
content-security-policy: script-src 'none'; object-src 'none'; base-uri 'none'
x-content-type-options: nosniff
x-server-version-bin: CggIBBCKxO+ZBg==
server: scaffolding on HTTPServer2
content-length: 980
x-xss-protection: 0
x-frame-options: SAMEORIGIN
date: Wed, 05 Oct 2022 17:33:21 GMT
expires: Mon, 19 Jun 2023 22:23:43 GMT
cache-control: public, max-age=22222222
age: 53104
server-timing: gfet4t7; dur=0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 64 x 64, 8-bit colormap, non-interlaced\012- data
Size:   980
Md5:    1c35128c26299a39bcaae4acb9c04f0c
Sha1:   527082158709755f24753d2e926030d50df97a88
Sha256: e2d09246c364f928ce2aed8cc7e36ba71301f8104d3f027be10b1a493b0983ef
                                        
                                            GET /tr/?id=1226568030871595&ev=PageView&dl=https%3A%2F%2Ffloragardenhotels.com%2F&rl=&if=false&ts=1665044305969&sw=1280&sh=1024&v=2.9.84&r=stable&ec=0&o=30&fbp=fb.1.1665044305969.55107090&it=1665044305658&coo=false&rqm=GET HTTP/1.1 
Host: www.facebook.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floragardenhotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         31.13.72.36
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin:
access-control-allow-credentials: true
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
content-length: 0
server: proxygen-bolt
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
date: Thu, 06 Oct 2022 08:18:26 GMT
X-Firefox-Spdy: h2

                                        
                                            POST /g/collect?v=2&tid=G-H9HVJXR7T2&gtm=2oea50&_p=728725865&cid=593769068.1665044305&ul=en-us&sr=1280x1024&_s=1&sid=1665044305&sct=1&seg=0&dl=https%3A%2F%2Ffloragardenhotels.com%2F&dt=Flora%20Garden%20Hotels&en=page_view&_fv=1&_nsi=1&_ss=1 HTTP/1.1 
Host: region1.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://floragardenhotels.com
Connection: keep-alive
Referer: https://floragardenhotels.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Content-Length: 0

                                         
                                         216.239.34.36
HTTP/2 204 No Content
content-type: text/plain
                                        
access-control-allow-origin: https://floragardenhotels.com
date: Thu, 06 Oct 2022 08:18:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  gzip compressed data, from Unix\012- data
Size:   85883
Md5:    b16722c858c71b2d58d3a834e1228b77
Sha1:   8ddc1e2455a7300e675da4d7003dd1c1dc4f45c7
Sha256: 7dd08143fab66a6d5f86dfbfe1dfc7b871d381f4408639e176bdda70ff6ca49a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 08:18:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN


--- Additional Info ---
Magic:  gzip compressed data, max compression\012- data
Size:   533
Md5:    0c7737a481bbaf69c81b233e2a710136
Sha1:   d3e0e3e1b704e229e93e4057e176fc7393d9db5c
Sha256: 13065b7aa2495bc3877146ef7877fbdcb2153280af3324fe89348602f9f6cd09

Alerts:
  File Analyzers:
    - virustotal: 0/0
                                        
                                            POST /j/collect?t=dc&aip=1&_r=3&v=1&_v=j98&tid=UA-222068292-1&cid=593769068.1665044305&jid=1859822046&gjid=2143319209&_gid=1407839962.1665044306&_u=YCDACUABBAAAACAAI~&z=571198274 HTTP/1.1 
Host: stats.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain
Content-Length: 0
Origin: https://floragardenhotels.com
Connection: keep-alive
Referer: https://floragardenhotels.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         173.194.73.157
HTTP/2 200 OK
content-type: text/plain
                                        
access-control-allow-origin: https://floragardenhotels.com
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Thu, 06 Oct 2022 08:18:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
last-modified: Sun, 17 May 1998 03:00:00 GMT
access-control-allow-credentials: true
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 4
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   4
Md5:    48c0473b7821185d937e685216e2168b
Sha1:   3743e47f8a429a5e87b86cb582d78940733d9d2e
Sha256: 570c4d4674fd20602189c548c145ba1f8ac34bc2e4599a71471969028aa1e25a
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 08:18:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 08:18:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j98&tid=UA-222068292-1&cid=593769068.1665044305&jid=1859822046&_u=YCDACUABBAAAACAAI~&z=245351509 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floragardenhotels.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.3
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Thu, 06 Oct 2022 08:18:26 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /ui/v1/star/star4.png HTTP/1.1 
Host: ssl.gstatic.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.gstatic.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site

                                         
                                         142.250.74.99
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
vary: Origin
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/gstatic-ui-assets
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="gstatic-ui-assets"
report-to: {"group":"gstatic-ui-assets","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/gstatic-ui-assets"}]}
content-length: 294
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 01 Oct 2022 01:53:50 GMT
expires: Sun, 01 Oct 2023 01:53:50 GMT
cache-control: public, max-age=31536000
age: 455076
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 19 x 19, 8-bit/color RGBA, non-interlaced\012- data
Size:   294
Md5:    c3e38fc01d8bd2d4a1150aa6b4414852
Sha1:   e4d1abd103711b8e2d863b75815f893f602b7561
Sha256: e5b7b36c80b9444eefd181c2862412165e771328f66b0b95ee96d6c59957d13e
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

                                         
                                         142.250.74.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Thu, 06 Oct 2022 08:18:26 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET / HTTP/1.1 
Host: floragardenhotels.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

                                         
                                         172.67.192.214
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
                                        
date: Thu, 06 Oct 2022 08:18:23 GMT
x-powered-by: PHP/7.4.30
cf-edge-cache: cache,platform=wordpress
link: <https://floragardenhotels.com/wp-json/>; rel="https://api.w.org/", <https://floragardenhotels.com/wp-json/wp/v2/pages/3050>; rel="alternate"; type="application/json", <https://floragardenhotels.com/>; rel=shortlink
vary: Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=4Eiqd0V7DqmjpEwc8CWUCkxL2d%2FZtqjm%2Bbw0RFOxOFS0voWGnwChFeaHMYVOw5hZqq2HSr1o%2F%2FMrE08v6Lh1svh6g%2FtDKeWubi1p7aLpxiPKykoJf1ndDItiveRq%2B6z4EWyumwgv0Ao%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 755cf745a969b523-OSL
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /releases/v5.11.2/css/all.css HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://floragardenhotels.com
Connection: keep-alive
Referer: https://floragardenhotels.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.132.15
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 06 Oct 2022 08:18:24 GMT
x-amz-id-2: nkwXtwssGr+0FlhWHMM8fnfyHk2BKnWmYzfkilaP1xOMygylDZ4qqkSqvX2o+xpf8LFP6Q7pJuA=
x-amz-request-id: 4S3M64J22TWBYAZX
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:37:11 GMT
etag: W/"41d394990448b2c2b1afe840e837dc8e"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 22005324
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=yavr%2F5ZSUxLDB4LsBua7Lwb8Lz7zgeVYUhXrk%2FNuxBgrYpSPi497XT1pWhT%2BC8eVV3QoO8FWWlOl3HtM2pgcuVCByTJsEVJcsGwI%2B5v7sltQHHb%2F%2Bs6iktjra1EvtRwds18t6mrN"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 755cf7544b407576-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /widget/widget-theme2.css?ver=13 HTTP/1.1 
Host: floragardenhotels.hweb.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floragardenhotels.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         89.19.238.77
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 06 Oct 2022 08:00:24 GMT
last-modified: Fri, 05 Jun 2020 16:02:41 GMT
vary: Accept-Encoding
etag: W/"5eda6ca1-8583"
content-encoding: gzip
cache-control: private
server: hwebf100
set-cookie: SRV=front_1|Yz6LG|Yz6LG; path=/ hwuid=94bf1acd57204d97803ed1a79953d840; expires=Thu, 31-Dec-37 23:55:55 GMT; domain=hweb.com; path=/
p3p: CP="NOI CUR ADM OUR NOR STA NID"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Poppins:400,600,700 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floragardenhotels.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 06 Oct 2022 08:18:24 GMT
date: Thu, 06 Oct 2022 08:18:24 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /banners/128163/widget-custom.css HTTP/1.1 
Host: cdn.hweb.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floragardenhotels.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         54.230.111.87
HTTP/2 403 Forbidden
content-type: application/xml
                                        
date: Thu, 06 Oct 2022 08:18:24 GMT
server: AmazonS3
x-cache: Error from cloudfront
via: 1.1 5916f6b8d469d1bee1e905ff13761ebc.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -CZhGbnNDoP3-VktIhtn43RD4xwM1YjA0wHToFtQbf84w0UggZAb0Q==
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /maps/d/embed?mid=1q_ibM6tDQJez6KJ1jnOGJx82ipPhpLjp&ehbc=2E312F HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://floragardenhotels.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

                                         
                                         142.250.74.164
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 06 Oct 2022 08:18:25 GMT
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info.", CP="This is not a P3P policy! See g.co/p3phelp for more info."
content-security-policy: script-src 'nonce-2PtMhL1LbWYBOdSbFmGAOQ' 'unsafe-inline' 'strict-dynamic' https: http:;object-src 'none';base-uri 'self';report-uri /maps/d/cspreport
cross-origin-opener-policy: unsafe-none
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
set-cookie: NID=511=vN74aJPq_9ya5JHhN15AVyLmfm0fd6tWAHcqWsWa8Fwgex9Lb6SEbbxPwPeSnlo4Z9IkkOfZeYJ4Pr5N883DtU3ZWz0mt-8mZqeyDfU_IqjSgPmBcEUbcn-7W1-iHYg2AMqaLw58ObQF9mZEOnPoJsXHMSXgMpNIKO5R6KQdeoo; expires=Fri, 07-Apr-2023 08:18:24 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none NID=511=GqcKc1X02Fjn__GfzU1Z_J1ERiavpSz0N6sqMsXIEv4moMSQXV-GKtlFkdgBTTsNboIw7Db4qaQU0f5iwTkGtr2JCL3PcrB4IbVRUR177IyTycHj7Bb9m0JW7pmwDjAtXXGvBWIxa9nHIovDE_wEcKHtiCprcfcZin9ehAWU0KE; expires=Fri, 07-Apr-2023 08:18:24 GMT; path=/; domain=.google.com; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /releases/v5.11.2/css/v4-shims.css HTTP/1.1 
Host: use.fontawesome.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://floragardenhotels.com
Connection: keep-alive
Referer: https://floragardenhotels.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

                                         
                                         172.64.132.15
HTTP/2 200 OK
content-type: text/css
                                        
date: Thu, 06 Oct 2022 08:18:24 GMT
x-amz-id-2: EaG+idYPX9TC+h+U2lqGsuebfmEgZqsPcUb73p6rqEkPq/TPekn7A5BlQGNoBTsDnp9foZ0Oc60=
x-amz-request-id: FE1TRAAFQ392KTBA
access-control-allow-origin: *
access-control-allow-methods: GET
access-control-max-age: 3000
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
last-modified: Wed, 30 Jun 2021 15:37:11 GMT
etag: W/"77971cdc3e2fe959ab710a0041c3d79f"
cache-control: max-age=31556926
cf-cache-status: HIT
age: 23227368
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=ireoIPZOg2fq5mRPERjacfP1s2DL%2FF7TBb5YCd6VFR6IRS%2BWZVG0UgfsjaT8ns6mrL8k%2Bkvvfn1d3i%2BrmtzIzh8BgsY0koC%2Bu35lPHbsPK0fY5txqWUIMF%2BhydJr2fPPQlMXVR%2Fo"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 755cf7545b6f7576-LHR
content-encoding: br
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?display=swap&family=Montserrat%3A300%2C400%7CPlayfair+Display%3A300%2C400 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floragardenhotels.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 06 Oct 2022 08:18:24 GMT
date: Thu, 06 Oct 2022 08:18:24 GMT
cache-control: private, max-age=86400
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin-allow-popups
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
                                        
                                            GET /css?family=Montserrat%3A100%2C200%2C300%2C400%2C500%2C600%2C700%2C800%2C900%2C100italic%2C200italic%2C300italic%2C400italic%2C500italic%2C600italic%2C700italic%2C800italic%2C900italic%7CAbhaya+Libre%3A400%2C500%2C600%2C700%2C800&subset=latin-ext%2Clatin&ver=1644923318 HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://floragardenhotels.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

                                         
                                         142.250.74.10
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Thu, 06 Oct 2022 08:18:24 GMT
date: Thu, 06 Oct 2022 08:18:24 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---