18.132.240.116 Open in urlscan Pro
18.132.240.116 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://18.132.240.116/
Submission: On June 19 via manual (June 19th 2023, 11:03:38 am UTC) from DE — Scanned from DE

Summary HTTP 111 Redirects Links 21 Behaviour Indicators

Summary

This website contacted 30 IPs in 4 countries across 23 domains to perform 111 HTTP transactions. The main IP is 18.132.240.116, located in London, United Kingdom and belongs to AMAZON-02, US. The main domain is 18.132.240.116.
TLS certificate: Issued by DigiCert TLS RSA SHA256 2020 CA1 on February 1st 2023. Valid for: a year.

This is the only time 18.132.240.116 was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	18.132.240.116 18.132.240.116	16509 (AMAZON-02) (AMAZON-02)
1	2a04:4e42:200... 2a04:4e42:200::282	54113 (FASTLY) (FASTLY)
6	2600:9000:225... 2600:9000:225b:1800:1a:6509:4dc0:93a1	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:350... 2a02:26f0:3500:88e::13b8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a02:26f0:350... 2a02:26f0:3500:591::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
32	2a04:4e42:8d:... 2a04:4e42:8d::720	54113 (FASTLY) (FASTLY)
1	23.212.206.124 23.212.206.124	16625 (AKAMAI-AS) (AKAMAI-AS)
3	2a00:1450:400... 2a00:1450:4001:82f::2008	15169 (GOOGLE) (GOOGLE)
1	18.66.192.92 18.66.192.92	16509 (AMAZON-02) (AMAZON-02)
2	2606:2800:234... 2606:2800:234:59:254c:406:2366:268c	15133 (EDGECAST) (EDGECAST)
8	2a02:26f0:310... 2a02:26f0:3100::1735:28c8	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
6	99.84.88.126 99.84.88.126	16509 (AMAZON-02) (AMAZON-02)
2	23.35.236.145 23.35.236.145	16625 (AKAMAI-AS) (AKAMAI-AS)
2	2a03:2880:f17... 2a03:2880:f176:84:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 2	104.244.42.129 104.244.42.129	13414 (TWITTER) (TWITTER)
1 2	63.140.62.164 63.140.62.164	16509 (AMAZON-02) (AMAZON-02)
1	18.66.192.32 18.66.192.32	16509 (AMAZON-02) (AMAZON-02)
3	2a00:1450:400... 2a00:1450:4001:813::200e	15169 (GOOGLE) (GOOGLE)
3	2a03:2880:f08... 2a03:2880:f083:9:face:b00c:0:3	32934 (FACEBOOK) (FACEBOOK)
1	2600:9000:237... 2600:9000:237d:5a00:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	104.244.42.72 104.244.42.72	13414 (TWITTER) (TWITTER)
20	18.66.192.79 18.66.192.79	16509 (AMAZON-02) (AMAZON-02)
2	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400c:c0c::9d	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	99.84.88.7 99.84.88.7	16509 (AMAZON-02) (AMAZON-02)
2	2600:9000:237... 2600:9000:237d:f600:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	18.66.192.49 18.66.192.49	16509 (AMAZON-02) (AMAZON-02)
1	44.215.237.77 44.215.237.77	14618 (AMAZON-AES) (AMAZON-AES)
111	30

1 18.132.240.116 (London, United Kingdom)

ASN16509 (AMAZON-02, US)
PTR: ec2-18-132-240-116.eu-west-2.compute.amazonaws.com

18.132.240.116	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a04:4e42:200::282 (United States)

ASN54113 (FASTLY, US)

polyfill.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2600:9000:225b:1800:1a:6509:4dc0:93a1 (United States)

ASN16509 (AMAZON-02, US)

dtfa4dlwqrprr.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:3500:88e::13b8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

cdn.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:591::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

32 2a04:4e42:8d::720 (United States)

ASN54113 (FASTLY, US)

weekender-uk-uploads.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
weekender-uk-uploads-3.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
weekender-uk-uploads-2.imgix.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 23.212.206.124 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-212-206-124.deploy.static.akamaitechnologies.com

cdn3.optimizely.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:82f::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.92 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-92.muc50.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:2800:234:59:254c:406:2366:268c (United States)

ASN15133 (EDGECAST, US)

platform.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 2a02:26f0:3100::1735:28c8 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

use.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
p.typekit.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 99.84.88.126 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-126.muc50.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
consent-st.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.145 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-145.deploy.static.akamaitechnologies.com

2bb51c216a74a5694bf5-737d153f632dfaaf66fedef7e1e811e7.ssl.cf3.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
0843220b4b49fa3344e6-737d153f632dfaaf66fedef7e1e811e7.ssl.cf3.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f176:84:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.244.42.129 (United States) 1 redirects

ASN13414 (TWITTER, US)

twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 63.140.62.164 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ip-63-140-62-164.data.adobedc.net

smetric.hilton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.32 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-32.muc50.r.cloudfront.net

static.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:2880:f083:9:face:b00c:0:3 (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

connect.facebook.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:237d:5a00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.244.42.72 (United States)

ASN13414 (TWITTER, US)

syndication.twitter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 18.66.192.79 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-79.muc50.r.cloudfront.net

consent-pref.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400c:c0c::9d (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 99.84.88.7 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-99-84-88-7.muc50.r.cloudfront.net

script.hotjar.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:237d:f600:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.192.49 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-192-49.muc50.r.cloudfront.net

vc.hotjar.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.215.237.77 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-215-237-77.compute-1.amazonaws.com

prefmgr-cookie.truste-svc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
32	imgix.net weekender-uk-uploads.imgix.net — Cisco Umbrella Rank: 624632 weekender-uk-uploads-3.imgix.net — Cisco Umbrella Rank: 605084 weekender-uk-uploads-2.imgix.net — Cisco Umbrella Rank: 583009	538 KB
26	trustarc.com consent.trustarc.com — Cisco Umbrella Rank: 2977 consent-pref.trustarc.com — Cisco Umbrella Rank: 15753 consent-st.trustarc.com — Cisco Umbrella Rank: 33226	321 KB
8	typekit.net use.typekit.net — Cisco Umbrella Rank: 600 p.typekit.net — Cisco Umbrella Rank: 783	191 KB
6	cloudfront.net dtfa4dlwqrprr.cloudfront.net	1 MB
5	twitter.com 1 redirects platform.twitter.com — Cisco Umbrella Rank: 959 twitter.com — Cisco Umbrella Rank: 266 syndication.twitter.com — Cisco Umbrella Rank: 1131	132 KB
4	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 398	143 KB
3	facebook.net connect.facebook.net — Cisco Umbrella Rank: 176	70 KB
3	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 60	22 KB
3	branch.io cdn.branch.io — Cisco Umbrella Rank: 990 api2.branch.io — Cisco Umbrella Rank: 627	23 KB
3	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 82	230 KB
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 2890	307 B
2	hotjar.com static.hotjar.com — Cisco Umbrella Rank: 749 script.hotjar.com — Cisco Umbrella Rank: 1067	73 KB
2	hilton.com 1 redirects smetric.hilton.com — Cisco Umbrella Rank: 32789	2 KB
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 101	135 B
2	rackcdn.com 2bb51c216a74a5694bf5-737d153f632dfaaf66fedef7e1e811e7.ssl.cf3.rackcdn.com — Cisco Umbrella Rank: 679412 0843220b4b49fa3344e6-737d153f632dfaaf66fedef7e1e811e7.ssl.cf3.rackcdn.com — Cisco Umbrella Rank: 675111	44 KB
2	optimizely.com cdn.optimizely.com — Cisco Umbrella Rank: 681 cdn3.optimizely.com — Cisco Umbrella Rank: 5418	67 KB
1	truste-svc.net prefmgr-cookie.truste-svc.net — Cisco Umbrella Rank: 32861	2 KB
1	hotjar.io vc.hotjar.io — Cisco Umbrella Rank: 2638	257 B
1	google.de www.google.de — Cisco Umbrella Rank: 4835	408 B
1	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 124	253 B
1	app.link app.link — Cisco Umbrella Rank: 2307	637 B
1	polyfill.io polyfill.io — Cisco Umbrella Rank: 1711	690 B
0	mxptint.net Failed mpp.emea.mxptint.net Failed
111	23

	Domain	Requested by
20	consent-pref.trustarc.com	consent.trustarc.com consent-pref.trustarc.com 18.132.240.116 prefmgr-cookie.truste-svc.net
14	weekender-uk-uploads-2.imgix.net	18.132.240.116
10	weekender-uk-uploads.imgix.net	18.132.240.116
8	weekender-uk-uploads-3.imgix.net	18.132.240.116
7	use.typekit.net	18.132.240.116
6	dtfa4dlwqrprr.cloudfront.net	18.132.240.116 dtfa4dlwqrprr.cloudfront.net
5	consent.trustarc.com	18.132.240.116 consent.trustarc.com
4	assets.adobedtm.com	18.132.240.116 assets.adobedtm.com
3	connect.facebook.net	18.132.240.116 connect.facebook.net
3	www.google-analytics.com	18.132.240.116 www.google-analytics.com
3	www.googletagmanager.com	18.132.240.116 www.googletagmanager.com
2	api2.branch.io	cdn.branch.io
2	region1.analytics.google.com	www.googletagmanager.com
2	smetric.hilton.com	1 redirects 18.132.240.116
2	twitter.com	1 redirects 18.132.240.116
2	www.facebook.com	18.132.240.116
2	platform.twitter.com	18.132.240.116 platform.twitter.com
1	prefmgr-cookie.truste-svc.net	18.132.240.116
1	vc.hotjar.io	script.hotjar.com
1	consent-st.trustarc.com	consent-pref.trustarc.com
1	p.typekit.net	18.132.240.116
1	script.hotjar.com	static.hotjar.com
1	www.google.de	18.132.240.116
1	stats.g.doubleclick.net	www.googletagmanager.com
1	syndication.twitter.com	platform.twitter.com
1	app.link	cdn.branch.io
1	static.hotjar.com	www.googletagmanager.com
1	0843220b4b49fa3344e6-737d153f632dfaaf66fedef7e1e811e7.ssl.cf3.rackcdn.com	dtfa4dlwqrprr.cloudfront.net
1	2bb51c216a74a5694bf5-737d153f632dfaaf66fedef7e1e811e7.ssl.cf3.rackcdn.com	dtfa4dlwqrprr.cloudfront.net
1	cdn.branch.io	assets.adobedtm.com
1	cdn3.optimizely.com	cdn.optimizely.com
1	cdn.optimizely.com	18.132.240.116
1	polyfill.io	18.132.240.116
0	mpp.emea.mxptint.net Failed	18.132.240.116
111	34

This site contains links to these domains. Also see Links.

Domain
explore.hilton.com
www.facebook.com
twitter.com
hiltonhonors3.hilton.com
hiltonworldwide.hilton.com
www.hilton.com
www.aboutads.info

Subject Issuer	Validity	Valid
explore.hilton.com DigiCert TLS RSA SHA256 2020 CA1	`2023-02-01` - `2024-01-31`	a year	crt.sh
polyfill.io GlobalSign Atlas R3 DV TLS CA 2022 Q4	`2022-12-10` - `2024-01-11`	a year	crt.sh
*.cloudfront.net Amazon RSA 2048 M01	`2022-12-08` - `2023-12-07`	a year	crt.sh
cdn.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-30` - `2023-10-30`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
*.imgix.com GlobalSign Atlas R3 DV TLS CA 2023 Q1	`2023-03-05` - `2024-04-05`	a year	crt.sh
*.optimizely.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-30` - `2023-10-30`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.branch.io Amazon RSA 2048 M01	`2023-02-21` - `2023-11-09`	9 months	crt.sh
*.twimg.com DigiCert TLS RSA SHA256 2020 CA1	`2022-10-06` - `2023-11-06`	a year	crt.sh
use.typekit.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-09-14` - `2023-10-15`	a year	crt.sh
*.trustarc.com Amazon RSA 2048 M02	`2023-04-17` - `2024-05-14`	a year	crt.sh
*.ssl.cf3.rackcdn.com DigiCert TLS RSA SHA256 2020 CA1	`2023-01-23` - `2024-01-22`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2023-03-28` - `2023-06-26`	3 months	crt.sh
*.hotjar.com Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
appipv4.link Amazon RSA 2048 M02	`2023-04-25` - `2024-05-23`	a year	crt.sh
syndication.twitter.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2023-02-05` - `2024-02-05`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-05-22` - `2023-08-14`	3 months	crt.sh
*.hotjar.io Amazon ECDSA 256 M01	`2023-03-09` - `2024-04-06`	a year	crt.sh
*.truste-svc.net Amazon RSA 2048 M01	`2023-04-23` - `2024-05-21`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://18.132.240.116/
Frame ID: 1C61D02EC48C4791DB54D8955A8A57F0
Requests: 87 HTTP requests in this frame

Frame: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2F18.132.240.116
Frame ID: 239C132F1A957FCD050ADA95D210E1F5
Requests: 2 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8ee7d165-3ec0-4a21-bef1-ddefb9523d3c&userType=NEW
Frame ID: 8EA5FF9CC653A19396D7011C0CB83AF2
Requests: 20 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/defaultpreferencemanager/0DF70E809A1694D4900C7E11937CAE45.cache.html
Frame ID: 65F4245D9F3CA1A63FA418894C2960EE
Requests: 1 HTTP requests in this frame

Frame: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8ee7d165-3ec0-4a21-bef1-ddefb9523d3c&userType=NEW
Frame ID: A6B4C423CBB458CA40372C769D35B5E5
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/cookie_inneriframe.html
Frame ID: 0904054786120D5D18972246631FA30F
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Holidays | City Breaks | Hotels | Hilton Explore

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

/wp-(?:content|includes)/

Prototype (JavaScript Frameworks) Expand

Overall confidence: 100%
Detected patterns

(?:prototype|protoaculous)(?:-([\d.]*[\d]))?.*\.js

Facebook (Widgets) Expand

Overall confidence: 100%
Detected patterns

//connect\.facebook\.([a-z]+)/[^/]*/[a-z]*\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Hotjar (Analytics) Expand

Overall confidence: 100%
Detected patterns

//static\.hotjar\.com/

Optimizely (Analytics) Expand

Overall confidence: 100%
Detected patterns

optimizely\.com.*\.js

Polyfill (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/polyfill\.min\.js

TrustArc (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.trustarc\.com

Twitter (Widgets) Expand

Overall confidence: 100%
Detected patterns

//platform\.twitter\.com/widgets\.js

Page Statistics

111
Requests

96 %
HTTPS

55 %
IPv6

23
Domains

34
Subdomains

30
IPs

4
Countries

2943 kB
Transfer

8221 kB
Size

26
Cookies

21 Outgoing links

These are links going to different origins than the main page.

URL: https://explore.hilton.com/guides/london/
Title: London

Search URL Search Domain Scan URL

URL: https://explore.hilton.com/guides/dubai/
Title: Dubai

Search URL Search Domain Scan URL

URL: https://explore.hilton.com/guides/amsterdam/
Title: Amsterdam

Search URL Search Domain Scan URL

URL: https://explore.hilton.com/guides/rome/
Title: Rome

Search URL Search Domain Scan URL

URL: https://explore.hilton.com/guides/algarve/
Title: Algarve

Search URL Search Domain Scan URL

URL: https://explore.hilton.com/guides/berlin/
Title: Berlin

Search URL Search Domain Scan URL

URL: https://explore.hilton.com/guides/paris/
Title: Paris

Search URL Search Domain Scan URL

URL: https://explore.hilton.com/guides/bucharest/
Title: Bucharest

Search URL Search Domain Scan URL

URL: https://explore.hilton.com/articles/discover-the-london-docklands/
Title: LondonDiscover the London DocklandsRead More

Search URL Search Domain Scan URL

URL: https://explore.hilton.com/articles/skiing-in-summer-offbeat-things-to-do-in-dubai/
Title: DubaiSkiing in Summer: Offbeat Things to Do in DubaiRead More

Search URL Search Domain Scan URL

URL: https://explore.hilton.com/articles/the-barcelona-museums-galleries-you-must-see/
Title: BarcelonaThe Barcelona Museums & Galleries You Must SeeRead More

Search URL Search Domain Scan URL

URL: https://explore.hilton.com/articles/the-locals-guide-to-shopping-in-amsterdam/
Title: AmsterdamThe Local's Guide to Shopping in AmsterdamRead More

Search URL Search Domain Scan URL

URL: https://www.facebook.com/HiltonHonors

Search URL Search Domain Scan URL

URL: https://twitter.com/hiltonhotels?lang=en

Search URL Search Domain Scan URL

URL: https://hiltonhonors3.hilton.com/en/index.html

Search URL Search Domain Scan URL

URL: http://hiltonhonors3.hilton.com/en/policy/site-usage-agreement/english.html
Title: Site Usage Agreement

Search URL Search Domain Scan URL

URL: http://hiltonhonors3.hilton.com/en/policy/cookies-statement/english.html
Title: Cookies Statement (Updated April 23, 2018)

Search URL Search Domain Scan URL

URL: http://hiltonhonors3.hilton.com/en/promotions/privacy-policy/english.html
Title: Global Privacy Statement (Updated April 23, 2018)

Search URL Search Domain Scan URL

URL: http://hiltonworldwide.hilton.com/en/ww/ourbestrates/terms.jhtml
Title: Our Best Rates Terms & Conditions

Search URL Search Domain Scan URL

URL: https://www.hilton.com/en/hilton-honors/personal-data-requests/
Title: Do not sell my information

Search URL Search Domain Scan URL

URL: http://www.aboutads.info/choices/

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 33

https://twitter.com/hiltonhotels?lang=en HTTP 302
https://twitter.com/hiltonhotels?lang=en

Request Chain 64

https://smetric.hilton.com/b/ss/hiltonglobalprod/10/JS-2.21.0-LDQM/s98970365096908?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=19%2F5%2F2023%2011%3A3%3A33%201%200&d.&nsid=0&jsonv=1&.d&fid=13ED5E16F16AF9AC-21E22853A102E530&ce=UTF-8&pageName=HiltonWeekends&g=https%3A%2F%2F18.132.240.116%2F&c.&getQueryParam=4.0&getPreviousValue=3.0&.c&cc=USD&ch=homepage&c2=D%3Dv59&c3=D%3Dv24&c4=Logged-out&c6=images%2Ctext&c8=EMEA%20Hilton%20Weekender&c9=D%3Dv46&v10=%2B1&c11=D%3Dv40&c12=D%3Dv63&c13=D%3Dv150&c14=Holidays%20%7C%20City%20Breaks%20%7C%20Hotels%20%7C%20Hilton%20Explore&c15=D&v17=D%3Dv18&c24=18.132.240.116&v24=en-us&v25=Logged-out&v27=HiltonWeekends&c28=D%3Dv9&c35=D%3Dv135&c37=D%3Dv24&c38=D%3Dv59&c39=D%3Dv46&v43=D%3Dc8&v46=homepage&v47=D%3Dc15&c52=core.page-bottom%7C%7Cundefined%7CGW%20-%20Global%20Standard%20%5BAdobe%20Set%20Vars%2A%5D&c53=2023-6-19%2011%3A3%3A33&v59=mb&v111=Control%20Group&v135=old%20hilton&v150=https%3A%2F%2F18.132.240.116%2F&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1 HTTP 302
https://smetric.hilton.com/b/ss/hiltonglobalprod/10/JS-2.21.0-LDQM/s98970365096908?AQB=1&pccr=true&vidn=32481B02AB9FBABE-400008C121A1736A&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=19%2F5%2F2023%2011%3A3%3A33%201%200&d.&nsid=0&jsonv=1&.d&fid=13ED5E16F16AF9AC-21E22853A102E530&ce=UTF-8&pageName=HiltonWeekends&g=https%3A%2F%2F18.132.240.116%2F&c.&getQueryParam=4.0&getPreviousValue=3.0&.c&cc=USD&ch=homepage&c2=D%3Dv59&c3=D%3Dv24&c4=Logged-out&c6=images%2Ctext&c8=EMEA%20Hilton%20Weekender&c9=D%3Dv46&v10=%2B1&c11=D%3Dv40&c12=D%3Dv63&c13=D%3Dv150&c14=Holidays%20%7C%20City%20Breaks%20%7C%20Hotels%20%7C%20Hilton%20Explore&c15=D&v17=D%3Dv18&c24=18.132.240.116&v24=en-us&v25=Logged-out&v27=HiltonWeekends&c28=D%3Dv9&c35=D%3Dv135&c37=D%3Dv24&c38=D%3Dv59&c39=D%3Dv46&v43=D%3Dc8&v46=homepage&v47=D%3Dc15&c52=core.page-bottom%7C%7Cundefined%7CGW%20-%20Global%20Standard%20%5BAdobe%20Set%20Vars%2A%5D&c53=2023-6-19%2011%3A3%3A33&v59=mb&v111=Control%20Group&v135=old%20hilton&v150=https%3A%2F%2F18.132.240.116%2F&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

111 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
18.132.240.116/ 102 KB
21 KB 331ms
264ms Document
text/html 18.132.240.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://18.132.240.116/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.132.240.116 London, United Kingdom, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-18-132-240-116.eu-west-2.compute.amazonaws.com
Software: Apache/2.4.52 (Ubuntu) /
Resource Hash: fe87ba68b105cdd47231800105f52ad93b0027dcb67f1b2914996f34d69ef915

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-length: 20851
content-type: text/html; charset=UTF-8
date: Mon, 19 Jun 2023 11:03:32 GMT
server: Apache/2.4.52 (Ubuntu)
vary: Accept-Encoding,User-Agent

GET
H2 200 polyfill.min.js Show response
polyfill.io/v3/ 101 B
690 B 65ms
19ms Script
text/javascript 2a04:4e42:200::282
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://polyfill.io/v3/polyfill.min.js?features=Array.prototype.includes

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a04:4e42:200::282 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Resource Hash

d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubdomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://18.132.240.116/
Origin: https://18.132.240.116
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubdomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Jun 2023 11:03:32 GMT
age: 209436
detected-user-agent: Chrome Mobile WebView/114.0.5735
useragent_normaliser: chrome/114.0.0
server-timing: HIT-CLUSTER, fastly;desc="Edge time";dur=1
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 113
referrer-policy: origin-when-cross-origin
last-modified: Wed, 03 May 2023 00:17:37 GMT
fastly_service_version: 195
vary: User-Agent, Accept-Encoding
access-control-allow-methods: GET,HEAD,OPTIONS
content-type: text/javascript; charset=UTF-8
normalized-user-agent: chrome/114.0.0
access-control-allow-origin: *
cache-control: public, s-maxage=31536000, max-age=604800, stale-while-revalidate=604800, stale-if-error=604800
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 main.43593a408e1c58edeac98b31baa6e255.css
dtfa4dlwqrprr.cloudfront.net/uk/production/generated/ 452 KB
77 KB 103ms
31ms Stylesheet
text/css 2600:9000:225b:1800:1a:6509:4dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dtfa4dlwqrprr.cloudfront.net/uk/production/generated/main.43593a408e1c58edeac98b31baa6e255.css
Requested by: Host: 18.132.240.116
URL: https://18.132.240.116/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:1800:1a:6509:4dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 3d6f1488bd90d10bebce190c1064747dd69baaea1924f9ec9075c30d3131f32c

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 12:18:21 GMT
content-encoding: gzip
via: 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront)
last-modified: Tue, 18 Apr 2023 15:49:56 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 81912
x-amz-server-side-encryption: AES256
etag: W/"43593a408e1c58edeac98b31baa6e255"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/css
x-amz-cf-id: ZiZIwdbigMbdssdHa6QFGOjpz0nlcvK03frSwfhDBoElSQDPsx5yfQ==

GET
H2 200 7783820905.js Show response
cdn.optimizely.com/js/ 198 KB
66 KB 230ms
46ms Script
text/javascript 2a02:26f0:3500:88e::13b8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.optimizely.com/js/7783820905.js

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:88e::13b8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

AmazonS3 /

Resource Hash

14097fa07ad0790711ebbace6b9ed4efa989e102c9169f9d953016f05ceee17a

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

unused62: 8096267
x-amz-version-id: lnOksowc2amRSUAguW1IvJ9KInrR2ZR1
content-encoding: gzip
date: Mon, 19 Jun 2023 11:03:32 GMT
strict-transport-security: max-age=15768000
x-amz-request-id: KTX6WZ4J0TEZ0ENC
x-amz-meta-revision: 76
server-timing: cdn-cache; desc=HIT, edge; dur=7, origin; dur=0, cdn;desc="AkamaiION";dur=0,rtt;desc="32";dur=0,cdnip;desc="2a02:26f0:3500:88e::13b8";dur=0,cdnmap;desc="a5048.dsca.akamaiedge.net";dur=0,proto;desc="h2";dur=0, ak_p; desc="468659_388276626_701122522_705_1760_32_0_-";dur=1
content-length: 66664
x-amz-id-2: 81xe+dDxcPY4j6Cy9rqXJZZizNdh13ORdZdQxpXdlFqvO2Y0RZwFBhvtO8bRrxNCyTbs4SGrH0Q=
last-modified: Mon, 09 Jan 2017 15:12:55 GMT
server: AmazonS3
etag: "cc3aa181f0fb4cf31b6e27893d727da9"
vary: Accept-Encoding
access-control-max-age: 86400
content-type: text/javascript
access-control-allow-origin: *
access-control-allow-methods: GET, HEAD
access-control-expose-headers: x-amz-meta-revision
cache-control: max-age=120
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-headers: *

GET
H2 200 launch-EN02272261e0b845508227acf3ca0c37de.min.js Show response
assets.adobedtm.com/ 574 KB
120 KB 222ms
70ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN02272261e0b845508227acf3ca0c37de.min.js
Requested by: Host: 18.132.240.116
URL: https://18.132.240.116/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 38d6abb921ef70444744ec60f81414ed25adda6120887cac6703b2990d0bd794

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:32 GMT
content-encoding: gzip
last-modified: Fri, 09 Jun 2023 13:53:05 GMT
server: AkamaiNetStorage
etag: "100a957453a53499bacf5250c539d186:1686318785.955914"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://18.132.240.116
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 121809
expires: Mon, 19 Jun 2023 12:03:32 GMT

GET
H2 200 1736FW-header-london-1-thumbnail.jpg
weekender-uk-uploads.imgix.net/wp-content/uploads/2016/11/ 6 KB
6 KB 87ms
23ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weekender-uk-uploads.imgix.net/wp-content/uploads/2016/11/1736FW-header-london-1-thumbnail.jpg?auto=format&q=50

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

0816ac18f327a871c0becbf13609d45fefa9277dfa79a2a1c8ab98e26adc9ac0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:32 GMT
x-content-type-options: nosniff
age: 589793
x-cache: HIT, HIT
x-imgix-id: afda6440d631df8386423b3bc76f0e962fe0f6fe
cross-origin-resource-policy: cross-origin
content-length: 5860
x-served-by: cache-sjc1000135-SJC, cache-fra-eddf8230097-FRA
x-imgix-render-farm: 02.139816
last-modified: Mon, 12 Jun 2023 15:13:39 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1648BO-header-dubai-2-thumbnail.jpg
weekender-uk-uploads-3.imgix.net/wp-content/uploads/2016/11/ 6 KB
6 KB 82ms
24ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weekender-uk-uploads-3.imgix.net/wp-content/uploads/2016/11/1648BO-header-dubai-2-thumbnail.jpg?auto=format&q=50

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

6d51dee3c20a5efb6a27824e02f074b17c1e02bf5a0b96a5c73f5feca2da8255

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:32 GMT
x-content-type-options: nosniff
age: 158087
x-cache: MISS, HIT
x-imgix-id: 45c4c946b7782383a83cb48446cb2a0c78452f65
cross-origin-resource-policy: cross-origin
content-length: 5660
x-served-by: cache-sjc10054-SJC, cache-fra-eddf8230115-FRA
x-imgix-render-farm: 02.139816
last-modified: Sat, 17 Jun 2023 15:08:45 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1733PZ-header-istanbul-1-thumbnail.jpg
weekender-uk-uploads-3.imgix.net/wp-content/uploads/2016/11/ 5 KB
5 KB 55ms
22ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weekender-uk-uploads-3.imgix.net/wp-content/uploads/2016/11/1733PZ-header-istanbul-1-thumbnail.jpg?auto=format&q=50

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

29917cd33707fe87c89569c77f21b004e9d84c7452016e9c93cd51ce513549be

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:32 GMT
x-content-type-options: nosniff
age: 940675
x-cache: HIT, HIT
x-imgix-id: 9988f1f129d2be5d7775b6369a14c890d07f66f7
cross-origin-resource-policy: cross-origin
content-length: 4671
x-served-by: cache-sjc1000114-SJC, cache-fra-eddf8230115-FRA
x-imgix-render-farm: 02.139816
last-modified: Thu, 08 Jun 2023 13:45:37 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1640CN-header-amsterdam-1-thumbnail.jpg
weekender-uk-uploads.imgix.net/wp-content/uploads/2016/11/ 6 KB
6 KB 33ms
21ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weekender-uk-uploads.imgix.net/wp-content/uploads/2016/11/1640CN-header-amsterdam-1-thumbnail.jpg?auto=format&q=50

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

8ee8a19e1aeeb3b8c448a321c67d48947c2a1a2d1c17abd35c76226e5fed2fba

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:32 GMT
x-content-type-options: nosniff
age: 1113436
x-cache: HIT, HIT
x-imgix-id: 3410c142a369a5677bdf3f2d5613134bec712af1
cross-origin-resource-policy: cross-origin
content-length: 6220
x-served-by: cache-sjc1000117-SJC, cache-fra-eddf8230097-FRA
x-imgix-render-farm: 02.139816
last-modified: Tue, 06 Jun 2023 13:46:16 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1743QW-header-paris-1-thumbnail.jpg
weekender-uk-uploads-2.imgix.net/wp-content/uploads/2016/11/ 5 KB
5 KB 59ms
25ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weekender-uk-uploads-2.imgix.net/wp-content/uploads/2016/11/1743QW-header-paris-1-thumbnail.jpg?auto=format&q=50

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

9fdb83d3688d4ba0c1e3c1b7773058ed82e57ffc7271be370f3d94494faa796c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:32 GMT
x-content-type-options: nosniff
age: 1699172
x-cache: HIT, HIT
x-imgix-id: 3e289faf386a962316b901720f7182b33ace1b8d
cross-origin-resource-policy: cross-origin
content-length: 4725
x-served-by: cache-sjc10064-SJC, cache-fra-eddf8230097-FRA
x-imgix-render-farm: 02.8744
last-modified: Tue, 30 May 2023 19:04:00 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1643DN-header-barcelona-4-thumbnail.jpg
weekender-uk-uploads.imgix.net/wp-content/uploads/2016/11/ 5 KB
5 KB 32ms
21ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weekender-uk-uploads.imgix.net/wp-content/uploads/2016/11/1643DN-header-barcelona-4-thumbnail.jpg?auto=format&q=50

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

3b892e1d18a2c4a27acfa59b69ce343683e59a740fcf58dcc8892251645a8e61

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:32 GMT
x-content-type-options: nosniff
age: 1176546
x-cache: HIT, HIT
x-imgix-id: 3c90a349df0506850e96ee5cc90549e8d0811359
cross-origin-resource-policy: cross-origin
content-length: 5224
x-served-by: cache-sjc10053-SJC, cache-fra-eddf8230097-FRA
x-imgix-render-farm: 02.8744
last-modified: Mon, 05 Jun 2023 20:14:26 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1753FR-header-rome-4-thumbnail.jpg
weekender-uk-uploads-2.imgix.net/wp-content/uploads/2016/11/ 5 KB
5 KB 56ms
22ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weekender-uk-uploads-2.imgix.net/wp-content/uploads/2016/11/1753FR-header-rome-4-thumbnail.jpg?auto=format&q=50

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

a95fdcb92dbfa866ef69788927c57b436b319e44305c6e03aa3fd09e0c7e8c11

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:32 GMT
x-content-type-options: nosniff
age: 1962213
x-cache: HIT, HIT
x-imgix-id: 3adedb85915874643be7f3773ff3b43c3e9e4145
cross-origin-resource-policy: cross-origin
content-length: 5236
x-served-by: cache-sjc10068-SJC, cache-fra-eddf8230097-FRA
x-imgix-render-farm: 02.8744
last-modified: Sat, 27 May 2023 18:00:00 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1645PS-header-berlin-1-thumbnail.jpg
weekender-uk-uploads-3.imgix.net/wp-content/uploads/2016/11/ 5 KB
5 KB 53ms
21ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weekender-uk-uploads-3.imgix.net/wp-content/uploads/2016/11/1645PS-header-berlin-1-thumbnail.jpg?auto=format&q=50

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

eaf2e11b0a70fbbd97a9e98d9e643c8b69d18199b5a35334b905c39092f4821d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:32 GMT
x-content-type-options: nosniff
age: 1134139
x-cache: HIT, HIT
x-imgix-id: 6c9907285f208b5a2c0623a9d194e2ab59785e5d
cross-origin-resource-policy: cross-origin
content-length: 5365
x-served-by: cache-sjc1000129-SJC, cache-fra-eddf8230115-FRA
x-imgix-render-farm: 02.139816
last-modified: Tue, 06 Jun 2023 08:01:13 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1751CD-header-vienna-1-thumbnail.jpg
weekender-uk-uploads-2.imgix.net/wp-content/uploads/2016/11/ 6 KB
6 KB 56ms
23ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weekender-uk-uploads-2.imgix.net/wp-content/uploads/2016/11/1751CD-header-vienna-1-thumbnail.jpg?auto=format&q=50

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

141f36215219305a02154df613309654162903002642455997477d4f3ff25d12

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:32 GMT
x-content-type-options: nosniff
age: 1714236
x-cache: HIT, HIT
x-imgix-id: 80397bd8a20f9191e604921ff70b291a2994ffd5
cross-origin-resource-policy: cross-origin
content-length: 5732
x-served-by: cache-sjc10064-SJC, cache-fra-eddf8230097-FRA
x-imgix-render-farm: 01.9256
last-modified: Tue, 30 May 2023 14:52:56 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1741CJ-header-munich-1-thumbnail.jpg
weekender-uk-uploads-3.imgix.net/wp-content/uploads/2016/11/ 5 KB
6 KB 52ms
21ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weekender-uk-uploads-3.imgix.net/wp-content/uploads/2016/11/1741CJ-header-munich-1-thumbnail.jpg?auto=format&q=50

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

31166c3dc4af0b376677ec3e72c728f8c23efbfb351d64f7f7f6bcb8d6dfc39e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:32 GMT
x-content-type-options: nosniff
age: 1714236
x-cache: HIT, HIT
x-imgix-id: f762a7395d3f0d1600b0f830a8ef8adcf943a559
cross-origin-resource-policy: cross-origin
content-length: 5366
x-served-by: cache-sjc10080-SJC, cache-fra-eddf8230115-FRA
x-imgix-render-farm: 02.8744
last-modified: Tue, 30 May 2023 14:52:56 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1745NP-header-prague-1-thumbnail.jpg
weekender-uk-uploads-2.imgix.net/wp-content/uploads/2016/11/ 5 KB
5 KB 22ms
21ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weekender-uk-uploads-2.imgix.net/wp-content/uploads/2016/11/1745NP-header-prague-1-thumbnail.jpg?auto=format&q=50

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

c75a44a037b52863e1bbacd1d09447edb80c28a890b6280c68a48f00e5164b65

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:32 GMT
x-content-type-options: nosniff
age: 1200869
x-cache: HIT, HIT
x-imgix-id: 5abd9fb944caa47755d2a1eb75d12cebef08bb18
cross-origin-resource-policy: cross-origin
content-length: 5183
x-served-by: cache-sjc1000129-SJC, cache-fra-eddf8230097-FRA
x-imgix-render-farm: 02.8744
last-modified: Mon, 05 Jun 2023 13:29:03 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1647QR-header-budapest-1-thumbnail.jpg
weekender-uk-uploads-2.imgix.net/wp-content/uploads/2016/11/ 4 KB
4 KB 24ms
24ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weekender-uk-uploads-2.imgix.net/wp-content/uploads/2016/11/1647QR-header-budapest-1-thumbnail.jpg?auto=format&q=50

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

9f6cfc5e2f5a9ffeca2774ce1962f61052ea3064b74f8760e243bf4994a2f745

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:32 GMT
x-content-type-options: nosniff
age: 2232854
x-cache: HIT, HIT
x-imgix-id: b0d090eb4ee18e6e8c91602daa73004ec9f17f4c
cross-origin-resource-policy: cross-origin
content-length: 4088
x-served-by: cache-sjc10021-SJC, cache-fra-eddf8230097-FRA
x-imgix-render-farm: 02.8744
last-modified: Wed, 24 May 2023 14:49:17 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 ad-choices.png
dtfa4dlwqrprr.cloudfront.net/uk/production/img/legal/ 1 KB
2 KB 59ms
57ms Image
image/png 2600:9000:225b:1800:1a:6509:4dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dtfa4dlwqrprr.cloudfront.net/uk/production/img/legal/ad-choices.png
Requested by: Host: 18.132.240.116
URL: https://18.132.240.116/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:1800:1a:6509:4dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: f2b69222e3385558eef76ace2cd37b25d3753aecda2090f65c73fe4020fd4a1f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 12:32:34 GMT
via: 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront)
last-modified: Tue, 18 Apr 2023 15:50:02 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 81059
x-amz-server-side-encryption: AES256
etag: "3a37785bc0214bc87e49f30b54b22d26"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 1417
x-amz-cf-id: tojW5F1YxGlt7THW7qSk42N9CJB01NlxSZOmtj2Av7j-i7SlnoJEgw==

GET
H2 200 vendor.dc35738d72a503bc0da4.js Show response
dtfa4dlwqrprr.cloudfront.net/uk/production/generated/ 730 KB
217 KB 40ms
38ms Script
text/javascript 2600:9000:225b:1800:1a:6509:4dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dtfa4dlwqrprr.cloudfront.net/uk/production/generated/vendor.dc35738d72a503bc0da4.js
Requested by: Host: 18.132.240.116
URL: https://18.132.240.116/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:1800:1a:6509:4dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d19b61adc4d25ce2217efb4388f5131217e467eb181fa8dac126f8ea940f4128

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 12:18:21 GMT
content-encoding: gzip
via: 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront)
last-modified: Tue, 18 Apr 2023 15:49:57 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 81912
x-amz-server-side-encryption: AES256
etag: W/"c3e7afab5e688803db5f82b00fd24d20"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: SHV6wQ_sICOYxc3WW7p5M5_akuMTf1ihurgtwrBLBtKJ3IKYzhTvgg==

GET
H2 200 common.9d2978a8ac4e82a7ff9d.js Show response
dtfa4dlwqrprr.cloudfront.net/uk/production/generated/ 2 MB
713 KB 62ms
60ms Script
text/javascript 2600:9000:225b:1800:1a:6509:4dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dtfa4dlwqrprr.cloudfront.net/uk/production/generated/common.9d2978a8ac4e82a7ff9d.js
Requested by: Host: 18.132.240.116
URL: https://18.132.240.116/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:1800:1a:6509:4dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d1eb0c45473fd75bfef06a9cf8554de4cd27bb6537c5b4b0ce93d060fdae3a77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 12:18:21 GMT
content-encoding: gzip
via: 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront)
last-modified: Tue, 18 Apr 2023 15:49:54 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 81912
x-amz-server-side-encryption: AES256
etag: W/"d912bd6a4325f1464e9fc507c992873d"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: a5NmGtcZR8GwY1W8Z5jo6lwYt7WycY04ApeUN8JgSK67RX5pNlW5wQ==

GET
H2 200 homepage.ba1b6ea4f2b909d87cf6.js Show response
dtfa4dlwqrprr.cloudfront.net/uk/production/generated/ 58 KB
14 KB 29ms
28ms Script
text/javascript 2600:9000:225b:1800:1a:6509:4dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://dtfa4dlwqrprr.cloudfront.net/uk/production/generated/homepage.ba1b6ea4f2b909d87cf6.js
Requested by: Host: 18.132.240.116
URL: https://18.132.240.116/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:1800:1a:6509:4dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 220d7da91ca1056c0c108b056d94d852a263c2543b7ddc192b3488c7e60a5e0f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 13:25:31 GMT
content-encoding: gzip
via: 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront)
last-modified: Tue, 18 Apr 2023 15:49:54 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 77882
x-amz-server-side-encryption: AES256
etag: W/"d391be5818d1f580275cedfae55d6ebf"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: text/javascript
x-amz-cf-id: md5OyT8wEHOyfAW1CsqLq29M4UWrU7PhH7u4AI6fGwVNSSk5OmoNaw==

GET
H/1.1 200
OK geo2.js Show response
cdn3.optimizely.com/js/ 294 B
701 B 135ms
20ms Script
application/javascript 23.212.206.124
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn3.optimizely.com/js/geo2.js
Requested by: Host: cdn.optimizely.com
URL: https://cdn.optimizely.com/js/7783820905.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 23.212.206.124 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-212-206-124.deploy.static.akamaitechnologies.com
Software: AmazonS3 /
Resource Hash: 01582ef43b179f6fb988e0cc674ca85d4ccf58d4b9d3c5355268e145a2a89ce9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: Y1BKPK.c9lIaZx2uYj8JMWZye_vJfrh9
Date: Mon, 19 Jun 2023 11:03:32 GMT
Server: AmazonS3
x-amz-request-id: CMXJEG1P0XWK0FWZ
ETag: "adadfc5d7afd13e353d9d52cec1c7827"
Content-Type: application/javascript
Cache-Control: max-age=63161
Connection: keep-alive
Content-Length: 294
x-amz-id-2: 5I2tIgsra2PNBynoCN9hVw6IHNzuAPcPm6Ycs8oo+uac0mrFgIg+znrLPydZWkMs4ZC2CZvLSEo=

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 401 KB
96 KB 110ms
65ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-K7548Q

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

d70c51499f71fbe0fc1905f027ab21aade69d117dfab95ff8e24c2063ee5b46c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:32 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 97518
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Jun 2023 11:03:32 GMT

GET
H2 200 EXa07a8cc79aa74c9f92d04e43b1d28c7f-libraryCode_source.min.js Show response
assets.adobedtm.com/5e68f1ab8856/6f5249f15557/b689d4234de1/ 38 KB
14 KB 37ms
36ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/5e68f1ab8856/6f5249f15557/b689d4234de1/EXa07a8cc79aa74c9f92d04e43b1d28c7f-libraryCode_source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN02272261e0b845508227acf3ca0c37de.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 2dfa10066f88982897b76d7f3b0d8918af63954b8072e5cc3453edc25a245829

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:32 GMT
content-encoding: gzip
last-modified: Fri, 09 Jun 2023 13:53:06 GMT
server: AkamaiNetStorage
etag: "8c32f0226e0573a0085d8d4430136bd3:1686318786.693381"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://18.132.240.116
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 14051
expires: Mon, 19 Jun 2023 12:03:32 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 25 KB
9 KB 37ms
36ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN02272261e0b845508227acf3ca0c37de.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b01bd01687b15585b2740273c8c3c6674dd9f559cfe52eeffdf43b1f93a12d05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:32 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:50 GMT
server: AkamaiNetStorage
etag: "d220d501715e0484d0dddeac614f902c:1663863410.217006"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://18.132.240.116
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8755
expires: Mon, 19 Jun 2023 12:03:32 GMT

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 73 KB
22 KB 86ms
26ms Script
text/javascript 18.66.192.92
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN02272261e0b845508227acf3ca0c37de.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.92 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-92.muc50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: cdc2bb26fe76a79d54a6f197edf1188e4829093003f26707eed349267a8a96d3

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-amz-version-id: RcGafUhyGoCBAIKL0sPQaqgYc5MW5qY6
content-encoding: gzip
via: 1.1 a4a80ac7ffee78c042728f52e3f729e0.cloudfront.net (CloudFront)
date: Mon, 19 Jun 2023 10:59:48 GMT
last-modified: Tue, 04 Apr 2023 19:50:38 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 225
etag: "ce82fd24f9c8aae0ff0fa6e15c400c97"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=300
content-length: 22498
x-amz-cf-id: FXb65H9-3C6RD2qoQKEterQt3gVytv8xaVJOPmBIfrUMVSX5cV8aOg==

GET
H/1.1 200
OK widgets.js Show response
platform.twitter.com/ 91 KB
28 KB 100ms
18ms Script
application/javascript 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets.js
Requested by: Host: 18.132.240.116
URL: https://18.132.240.116/
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/6760) /
Resource Hash: 392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Mon, 19 Jun 2023 11:03:32 GMT
Content-Encoding: gzip
Age: 1286
x-amz-server-side-encryption: AES256
X-Cache: HIT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Content-Length: 27630
Last-Modified: Tue, 24 Jan 2023 21:41:51 GMT
Server: ECS (frb/6760)
Etag: "9e99725b7a4cd730a934afba2a438bb5+gzip"
Access-Control-Max-Age: 3000
Access-Control-Allow-Methods: GET
Content-Type: application/javascript; charset=utf-8
Access-Control-Allow-Origin: *
x-tw-cdn: VZ
Cache-Control: public, max-age=1800
Vary: Accept-Encoding

GET
H2 200 sem7ves.js Show response
use.typekit.net/ 18 KB
7 KB 214ms
32ms Script
text/javascript 2a02:26f0:3100::1735:28c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://use.typekit.net/sem7ves.js

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3100::1735:28c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

nginx /

Resource Hash

20be6ad3b3eb6ed608143650e07ad6d1f02938534b70c08f0f4ebd066a6b69f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains;
content-encoding: gzip
date: Mon, 19 Jun 2023 11:03:32 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript;charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=600, stale-while-revalidate=604800
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 6800

GET
H2 200 notice Show response
consent.trustarc.com/ 13 KB
5 KB 138ms
64ms Script
text/javascript 99.84.88.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?domain=hiltongdpr.com&c=teconsent&gtm=1&text=true&pcookie&js=nj&noticeType=bb&oc=1

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-126.muc50.r.cloudfront.net

Software

Resource Hash

bf4ece8ff871540d9c2ab564684896b54b0ed681219f199775819eecd0d1cfb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:32 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 c7cdb483c2afdb721f3c8ba14cd43e86.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
content-length: 5047
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: max-age=3600
timing-allow-origin: *
x-amz-cf-id: W4Tm2bL60Ycq583VmoRhAYTyCNghBGgt2rEfzfDrPkFhfHPps0aAsQ==
expires: Mon, 19 Jun 2023 12:03:32 GMT

GET
H2 200 logo-global.png
dtfa4dlwqrprr.cloudfront.net/uk/production/generated/images/sprites/ 15 KB
15 KB 117ms
117ms Image
image/png 2600:9000:225b:1800:1a:6509:4dc0:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dtfa4dlwqrprr.cloudfront.net/uk/production/generated/images/sprites/logo-global.png
Requested by: Host: dtfa4dlwqrprr.cloudfront.net
URL: https://dtfa4dlwqrprr.cloudfront.net/uk/production/generated/main.43593a408e1c58edeac98b31baa6e255.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:225b:1800:1a:6509:4dc0:93a1 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: d54cbf164902da3480cbca42e0533ea442f8533aacf083d62fff90e86b2683e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://dtfa4dlwqrprr.cloudfront.net/uk/production/generated/main.43593a408e1c58edeac98b31baa6e255.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Sun, 18 Jun 2023 12:18:22 GMT
via: 1.1 0f14828b89630f6555c6372e13fc999a.cloudfront.net (CloudFront)
last-modified: Tue, 18 Apr 2023 15:49:56 GMT
server: AmazonS3
x-amz-cf-pop: MUC50-P1
age: 81911
x-amz-server-side-encryption: AES256
etag: "eff4ba5831c4c3fa1b227001a490fd82"
vary: Accept-Encoding
x-cache: Hit from cloudfront
content-type: image/png
accept-ranges: bytes
content-length: 14951
x-amz-cf-id: i6t3jnyQKcm7RNFnE-N8Zgb95qx6-P6p6MVVZOXocSj3M9zUuxR7VQ==

GET
DATA 200
OK truncated
/ 26 KB
26 KB Font
application/font-woff

General

Check archive.org

Show headers Download Go to

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 0bbe7c49cd60d6d3e8033c430149673766ee9e38f1dbcb9bfbf579e326b6ffe2

Request headers

Referer
Origin: https://18.132.240.116
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Content-Type: application/font-woff

GET
H/1.1 200
OK loew-black-no_hints.woff2
2bb51c216a74a5694bf5-737d153f632dfaaf66fedef7e1e811e7.ssl.cf3.rackcdn.com/fonts/loew/ 17 KB
18 KB 138ms
19ms Font
application/font-woff 23.35.236.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://2bb51c216a74a5694bf5-737d153f632dfaaf66fedef7e1e811e7.ssl.cf3.rackcdn.com/fonts/loew/loew-black-no_hints.woff2
Requested by: Host: dtfa4dlwqrprr.cloudfront.net
URL: https://dtfa4dlwqrprr.cloudfront.net/uk/production/generated/main.43593a408e1c58edeac98b31baa6e255.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-145.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 2bb1ffc3bf30a7c7be034d24aee44d1a0734615283ff3c158b6cedaae7c957ec

Request headers

Referer: https://dtfa4dlwqrprr.cloudfront.net/
Origin: https://18.132.240.116
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Unused62: 8096267
Date: Mon, 19 Jun 2023 11:03:33 GMT
Origin: https://mycloud.rackspace.com
Last-Modified: Wed, 16 Aug 2017 09:17:19 GMT
ETag: 898db85da365e6b290ca68baa2b8d646
Content-Type: application/font-woff
Access-Control-Allow-Origin: *
X-Timestamp: 1502875038.01654
Cache-Control: public, max-age=182063
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txc676f0d9608a40c08da81-005ff319c6lon3
Content-Length: 17864
Expires: Wed, 21 Jun 2023 13:37:56 GMT

GET
H/1.1 200
OK loew-heavy.woff2
0843220b4b49fa3344e6-737d153f632dfaaf66fedef7e1e811e7.ssl.cf3.rackcdn.com/fonts/loew/ 26 KB
26 KB 184ms
21ms Font
application/x-www-form-urlencoded 23.35.236.145
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://0843220b4b49fa3344e6-737d153f632dfaaf66fedef7e1e811e7.ssl.cf3.rackcdn.com/fonts/loew/loew-heavy.woff2
Requested by: Host: dtfa4dlwqrprr.cloudfront.net
URL: https://dtfa4dlwqrprr.cloudfront.net/uk/production/generated/main.43593a408e1c58edeac98b31baa6e255.css
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.145 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-145.deploy.static.akamaitechnologies.com
Software: /
Resource Hash: 3a9f847a4937549c8153e2fe1b453835c42476cee3c159b1b307ad9e1a7fed2d

Request headers

Referer: https://dtfa4dlwqrprr.cloudfront.net/
Origin: https://18.132.240.116
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Date: Mon, 19 Jun 2023 11:03:33 GMT
Origin: https://mycloud.rackspace.com
Last-Modified: Mon, 26 Sep 2022 10:41:20 GMT
ETag: d5008abb48de9f58b50db1f697f3d93f
Content-Type: application/x-www-form-urlencoded;charset=utf-8
Access-Control-Allow-Origin: *
X-Timestamp: 1664188879.19901
Cache-Control: public, max-age=97529
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 26456
X-Trans-Id: tx0acf39bcd648470cbc742-006347e649lon3
Expires: Tue, 20 Jun 2023 14:09:02 GMT

GET
H2 200 HiltonHonors
www.facebook.com/ 0
0 143ms
95ms Image
text/html 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.facebook.com/HiltonHonors
Requested by: Host: 18.132.240.116
URL: https://18.132.240.116/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

GET
H2

200

hiltonhotels
twitter.com/
Redirect Chain

https://twitter.com/hiltonhotels?lang=en
https://twitter.com/hiltonhotels?lang=en

0
0

148ms
148ms

Image
text/html

104.244.42.129
TWITTER

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://twitter.com/hiltonhotels?lang=en
Requested by: Host: 18.132.240.116
URL: https://18.132.240.116/
Protocol: H2
Server: 104.244.42.129 , United States, ASN13414 (TWITTER, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

Redirect headers

x-response-time: 116
date: Mon, 19 Jun 2023 11:03:33 GMT
strict-transport-security: max-age=631138519
content-encoding: gzip
server: tsa_o
x-powered-by: Express
vary: Accept
content-type: text/plain; charset=utf-8
location: /hiltonhotels?lang=en
x-transaction-id: 64a97af2e92962a6
cache-control: no-cache, no-store, max-age=0
perf: 7626143928
x-connection-hash: cc6f2ecb55571bb37850a81a050927e5857ccfe9f7e00a43bc179c46919ab287
content-length: 69

GET
H2 200 1630DN-paris-homepage-2-original.jpg
weekender-uk-uploads.imgix.net/wp-content/uploads/2017/10/ 120 KB
120 KB 22ms
22ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weekender-uk-uploads.imgix.net/wp-content/uploads/2017/10/1630DN-paris-homepage-2-original.jpg?auto=format&q=50&fit=crop&ixlib=react-8.6.4&w=1678

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

a144cba43c58b39820d9cd00b4fcbdbde2cea6584337e1f320679bf8662edc4e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:32 GMT
x-content-type-options: nosniff
age: 587392
x-cache: HIT, HIT
x-imgix-id: 3ea1e68602f303e53188bba642b8108d71392e90
cross-origin-resource-policy: cross-origin
content-length: 122617
x-served-by: cache-sjc10058-SJC, cache-fra-eddf8230097-FRA
x-imgix-render-farm: 02.139816
last-modified: Mon, 12 Jun 2023 15:53:40 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 RCe267924711084c2ea517049a0a0b2543-source.min.js Show response
assets.adobedtm.com/5e68f1ab8856/6f5249f15557/b689d4234de1/ 1 KB
1 KB 33ms
33ms Script
application/x-javascript 2a02:26f0:3500:591::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/5e68f1ab8856/6f5249f15557/b689d4234de1/RCe267924711084c2ea517049a0a0b2543-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN02272261e0b845508227acf3ca0c37de.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:591::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 6407591f017525cf184d3609e9768e16b63a0247319f0df5b6ea7399a8b99302

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
content-encoding: gzip
last-modified: Fri, 09 Jun 2023 13:53:06 GMT
server: AkamaiNetStorage
etag: "8c32f0226e0573a0085d8d4430136bd3:1686318786.693381"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://18.132.240.116
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 786
expires: Mon, 19 Jun 2023 12:03:33 GMT

GET
H2 200 1630DN-paris-homepage-2-original.jpg
weekender-uk-uploads.imgix.net/wp-content/uploads/2017/10/ 48 KB
48 KB 22ms
22ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weekender-uk-uploads.imgix.net/wp-content/uploads/2017/10/1630DN-paris-homepage-2-original.jpg?auto=format&fit=crop&ixlib=react-8.6.4&w=1238&q=50&dpr=1

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

aeb865e466ad541736314731ff39910998e594689cfd3d773a625033efa43e75

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
x-content-type-options: nosniff
age: 591032
x-cache: HIT, HIT
x-imgix-id: 46938216c7f69359501eb1d2a340a88d18e3c0d0
cross-origin-resource-policy: cross-origin
content-length: 48872
x-served-by: cache-sjc10067-SJC, cache-fra-eddf8230097-FRA
x-imgix-render-farm: 02.139816
last-modified: Mon, 12 Jun 2023 14:53:00 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1602RV-8074542106a6-clsj__live_the_london_landmarks_3-tall.jpg
weekender-uk-uploads.imgix.net/wp-content/uploads/2019/08/ 20 KB
20 KB 24ms
21ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weekender-uk-uploads.imgix.net/wp-content/uploads/2019/08/1602RV-8074542106a6-clsj__live_the_london_landmarks_3-tall.jpg?auto=format&q=50&fit=crop&w=250&h=350&ixlib=react-8.6.4&w=250&h=350&dpr=1

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

ac8990b7b3a96b31a495dd3cc3e0f3166121800d3bb5b1257f899a5afce5ad9f

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
x-content-type-options: nosniff
age: 2901752
x-cache: HIT, HIT
x-imgix-id: 58ebe386f2321c6af37199fcef0154be80f523da
cross-origin-resource-policy: cross-origin
content-length: 20327
x-served-by: cache-sjc1000143-SJC, cache-fra-eddf8230097-FRA
x-imgix-render-farm: 01.9256
last-modified: Tue, 16 May 2023 21:01:00 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1648BO-header-dubai-2-tall.jpg
weekender-uk-uploads-2.imgix.net/wp-content/uploads/2016/11/ 26 KB
26 KB 26ms
22ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weekender-uk-uploads-2.imgix.net/wp-content/uploads/2016/11/1648BO-header-dubai-2-tall.jpg?auto=format&q=50&fit=crop&w=250&h=350&ixlib=react-8.6.4&w=250&h=350&dpr=1

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

d85fc60a52d4cc60b5b9c2991c46884931c9da873f0fbb4eb9b32b81cf233f8c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
x-content-type-options: nosniff
age: 1365095
x-cache: HIT, HIT
x-imgix-id: de71a798654d1506e87743f87e3a490f991e3621
cross-origin-resource-policy: cross-origin
content-length: 26160
x-served-by: cache-sjc10023-SJC, cache-fra-eddf8230097-FRA
x-imgix-render-farm: 02.8744
last-modified: Sat, 03 Jun 2023 15:51:57 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1103MZ-amsterdam-oud-zuid-tall.jpg
weekender-uk-uploads-2.imgix.net/wp-content/uploads/2018/05/ 20 KB
20 KB 26ms
23ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weekender-uk-uploads-2.imgix.net/wp-content/uploads/2018/05/1103MZ-amsterdam-oud-zuid-tall.jpg?auto=format&q=50&fit=crop&w=250&h=350&ixlib=react-8.6.4&w=250&h=350&dpr=1

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

7133830ea375ccdb43c9e92eb8290528e8ecdd4fda8132de1db6dbd129a96344

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
x-content-type-options: nosniff
age: 1647167
x-cache: HIT, HIT
x-imgix-id: e4cbf449d3a45896747f992b523122fa027e31bf
cross-origin-resource-policy: cross-origin
content-length: 20022
x-served-by: cache-sjc10040-SJC, cache-fra-eddf8230097-FRA
x-imgix-render-farm: 02.8744
last-modified: Wed, 31 May 2023 09:30:45 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1210WZ-rome-tall.jpg
weekender-uk-uploads.imgix.net/wp-content/uploads/2018/03/ 15 KB
15 KB 25ms
22ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weekender-uk-uploads.imgix.net/wp-content/uploads/2018/03/1210WZ-rome-tall.jpg?auto=format&q=50&fit=crop&w=250&h=350&ixlib=react-8.6.4&w=250&h=350&dpr=1

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

2eab1edb38a769e36f6028540382ee9e103bca36ef8bbe670026bba7928b7ad9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
x-content-type-options: nosniff
age: 2132109
x-cache: HIT, HIT
x-imgix-id: c40e7bacc5828747a27ad162b7463064aee279ae
cross-origin-resource-policy: cross-origin
content-length: 15504
x-served-by: cache-sjc1000094-SJC, cache-fra-eddf8230097-FRA
x-imgix-render-farm: 02.8744
last-modified: Thu, 25 May 2023 18:48:23 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1558KL-header-algarve-1-tall.jpg
weekender-uk-uploads-2.imgix.net/wp-content/uploads/2016/11/ 13 KB
13 KB 28ms
25ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weekender-uk-uploads-2.imgix.net/wp-content/uploads/2016/11/1558KL-header-algarve-1-tall.jpg?auto=format&q=50&fit=crop&w=250&h=350&ixlib=react-8.6.4&w=250&h=350&dpr=1

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

67b844357541485e0b435f20d53ee74ef37cbcf090f9126125eba578d72ba10a

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
x-content-type-options: nosniff
age: 950848
x-cache: HIT, HIT
x-imgix-id: 229b2a837e434cee76a7cf27e4b2403c26b195d7
cross-origin-resource-policy: cross-origin
content-length: 12856
x-served-by: cache-sjc10074-SJC, cache-fra-eddf8230097-FRA
x-imgix-render-farm: 02.139816
last-modified: Thu, 08 Jun 2023 10:56:04 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1645PS-header-berlin-1-tall.jpg
weekender-uk-uploads.imgix.net/wp-content/uploads/2016/11/ 20 KB
20 KB 36ms
33ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weekender-uk-uploads.imgix.net/wp-content/uploads/2016/11/1645PS-header-berlin-1-tall.jpg?auto=format&q=50&fit=crop&w=250&h=350&ixlib=react-8.6.4&w=250&h=350&dpr=1

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

a09bd748f61395be93f04812c025e083f342d0e3a05d8391367c666a1a76065c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
x-content-type-options: nosniff
age: 1112448
x-cache: HIT, HIT
x-imgix-id: d59751b4ed1d8db2136a962d280c1515a6bca73e
cross-origin-resource-policy: cross-origin
content-length: 20381
x-served-by: cache-sjc10048-SJC, cache-fra-eddf8230097-FRA
x-imgix-render-farm: 02.139816
last-modified: Tue, 06 Jun 2023 14:02:44 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1902IJ-header-paris-4-tall.jpg
weekender-uk-uploads-3.imgix.net/wp-content/uploads/2017/03/ 26 KB
26 KB 177ms
174ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weekender-uk-uploads-3.imgix.net/wp-content/uploads/2017/03/1902IJ-header-paris-4-tall.jpg?auto=format&q=50&fit=crop&w=250&h=350&ixlib=react-8.6.4&w=250&h=350&dpr=1

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

86543275e443f35b0cc0c9c86eabb7ea4762bbe8c1d4e8758620c660e36d761e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
x-content-type-options: nosniff
age: 545427
x-cache: HIT, MISS
x-imgix-id: 1dd2baaf62acf8b54dbda0dda87528c2e4e76311
cross-origin-resource-policy: cross-origin
content-length: 26609
x-served-by: cache-sjc10082-SJC, cache-fra-eddf8230115-FRA
x-imgix-render-farm: 02.139816
last-modified: Tue, 13 Jun 2023 03:33:06 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1611BO-header-bucharest-1-tall.jpg
weekender-uk-uploads.imgix.net/wp-content/uploads/2016/11/ 23 KB
24 KB 28ms
26ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weekender-uk-uploads.imgix.net/wp-content/uploads/2016/11/1611BO-header-bucharest-1-tall.jpg?auto=format&q=50&fit=crop&w=250&h=350&ixlib=react-8.6.4&w=250&h=350&dpr=1

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

f6d9c35719970e256d94beae218b136aadfafdad2a517f23353bc42fbb8cbed5

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
x-content-type-options: nosniff
age: 1005516
x-cache: HIT, HIT
x-imgix-id: 828d47e9ac797f7e921f41864216ce1830296a86
cross-origin-resource-policy: cross-origin
content-length: 23827
x-served-by: cache-sjc1000109-SJC, cache-fra-eddf8230097-FRA
x-imgix-render-farm: 02.139816
last-modified: Wed, 07 Jun 2023 19:44:56 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1528CE-experiences_art-2-original.jpg
weekender-uk-uploads-2.imgix.net/wp-content/uploads/2019/01/ 19 KB
19 KB 35ms
33ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weekender-uk-uploads-2.imgix.net/wp-content/uploads/2019/01/1528CE-experiences_art-2-original.jpg?auto=format&q=50&fit=crop&w=250&h=200&ixlib=react-8.6.4&w=250&h=200&dpr=1

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

5a60444c45c13cec770ee22659bb548fe0134ee607f94f58ef39ce598f728b98

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
x-content-type-options: nosniff
age: 2331931
x-cache: HIT, HIT
x-imgix-id: ce0f32a2ff33f839b63bffd3bf0c998dce739bb8
cross-origin-resource-policy: cross-origin
content-length: 19130
x-served-by: cache-sjc1000109-SJC, cache-fra-eddf8230097-FRA
x-imgix-render-farm: 02.8744
last-modified: Tue, 23 May 2023 11:18:01 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1529DU-experiences_culture-original.jpg
weekender-uk-uploads-2.imgix.net/wp-content/uploads/2019/01/ 12 KB
12 KB 56ms
54ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weekender-uk-uploads-2.imgix.net/wp-content/uploads/2019/01/1529DU-experiences_culture-original.jpg?auto=format&q=50&fit=crop&w=250&h=200&ixlib=react-8.6.4&w=250&h=200&dpr=1

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

28c47ee2efd65664ff26de2d50942eb8e30bdd215ce8ba5253112de1d72b9dee

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
x-content-type-options: nosniff
age: 1125516
x-cache: MISS, HIT
x-imgix-id: a3f349bfe3d90c0ef4ffe0de7192f59e662be486
cross-origin-resource-policy: cross-origin
content-length: 11784
x-served-by: cache-sjc1000139-SJC, cache-fra-eddf8230097-FRA
x-imgix-render-farm: 02.139816
last-modified: Tue, 06 Jun 2023 10:24:57 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1529FH-experiences_gastronomy-original.jpg
weekender-uk-uploads-2.imgix.net/wp-content/uploads/2019/01/ 19 KB
19 KB 55ms
53ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weekender-uk-uploads-2.imgix.net/wp-content/uploads/2019/01/1529FH-experiences_gastronomy-original.jpg?auto=format&q=50&fit=crop&w=250&h=200&ixlib=react-8.6.4&w=250&h=200&dpr=1

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

183daadf000c141df352c2f0bac7caa1b51a88e6786460a122cc5848367db764

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
x-content-type-options: nosniff
age: 2928995
x-cache: HIT, HIT
x-imgix-id: f1a2709097cf48dd5ef7e31b7fcce9fe8e323ee4
cross-origin-resource-policy: cross-origin
content-length: 19417
x-served-by: cache-sjc1000134-SJC, cache-fra-eddf8230097-FRA
x-imgix-render-farm: 01.9256
last-modified: Tue, 16 May 2023 13:26:57 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1150FI-article-london-theatre-2-original.jpg
weekender-uk-uploads-3.imgix.net/wp-content/uploads/2016/11/ 11 KB
11 KB 26ms
24ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weekender-uk-uploads-3.imgix.net/wp-content/uploads/2016/11/1150FI-article-london-theatre-2-original.jpg?auto=format&q=50&fit=crop&w=250&h=200&ixlib=react-8.6.4&w=250&h=200&dpr=1

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

38422ca8485a4e1f470cdcf6aa9fd17def1f778d20f9920c97f14105691467bd

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
x-content-type-options: nosniff
age: 1446134
x-cache: HIT, HIT
x-imgix-id: 2d5f73dbe89b7591937fb0d86a87b81602fbb739
cross-origin-resource-policy: cross-origin
content-length: 11105
x-served-by: cache-sjc10077-SJC, cache-fra-eddf8230115-FRA
x-imgix-render-farm: 02.8744
last-modified: Fri, 02 Jun 2023 17:21:18 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1529AE-experiences_wellbeing-original.jpg
weekender-uk-uploads-2.imgix.net/wp-content/uploads/2019/01/ 7 KB
7 KB 29ms
29ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weekender-uk-uploads-2.imgix.net/wp-content/uploads/2019/01/1529AE-experiences_wellbeing-original.jpg?auto=format&q=50&fit=crop&w=250&h=200&ixlib=react-8.6.4&w=250&h=200&dpr=1

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

165c4037c809b306ff190ec0a016ad31446056b57e22db3da56a97f11e7a83aa

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
x-content-type-options: nosniff
age: 1020552
x-cache: HIT, HIT
x-imgix-id: 1cdf2ef62e21087e8075b85237d0b3c4e01cf7c3
cross-origin-resource-policy: cross-origin
content-length: 6755
x-served-by: cache-sjc1000089-SJC, cache-fra-eddf8230097-FRA
x-imgix-render-farm: 02.139816
last-modified: Wed, 07 Jun 2023 15:34:20 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1529BP-experiences_luxury-original.jpg
weekender-uk-uploads.imgix.net/wp-content/uploads/2019/01/ 11 KB
11 KB 53ms
51ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weekender-uk-uploads.imgix.net/wp-content/uploads/2019/01/1529BP-experiences_luxury-original.jpg?auto=format&q=50&fit=crop&w=250&h=200&ixlib=react-8.6.4&w=250&h=200&dpr=1

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

0604e970bbbdce96c62be501899cfc011a3eaeabb63b989bbd029ce927af5ce0

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
x-content-type-options: nosniff
age: 1193980
x-cache: HIT, HIT
x-imgix-id: ba1842745eb1310b94c20fcf818144fe318134fe
cross-origin-resource-policy: cross-origin
content-length: 11527
x-served-by: cache-sjc10081-SJC, cache-fra-eddf8230097-FRA
x-imgix-render-farm: 02.8744
last-modified: Mon, 05 Jun 2023 15:23:53 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1225LM-view-of-canary-wharf-original.jpg
weekender-uk-uploads-3.imgix.net/wp-content/uploads/2018/10/ 11 KB
11 KB 22ms
21ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weekender-uk-uploads-3.imgix.net/wp-content/uploads/2018/10/1225LM-view-of-canary-wharf-original.jpg?auto=format&q=50&fit=crop&w=250&h=240&ixlib=react-8.6.4&w=250&h=240&dpr=1

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

610be5812eda1ccdf62c281fea0c56b8e900c6448348c90291986ba9e137fe8e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
x-content-type-options: nosniff
age: 3007727
x-cache: HIT, HIT
x-imgix-id: fc3d3632f9ea960d0275c1acbfdfbefd398c03ab
cross-origin-resource-policy: cross-origin
content-length: 11460
x-served-by: cache-sjc10055-SJC, cache-fra-eddf8230115-FRA
x-imgix-render-farm: 01.9256
last-modified: Mon, 15 May 2023 15:34:46 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1139GV-article-dubai-unusual-things-to-do-1-original.jpg
weekender-uk-uploads-3.imgix.net/wp-content/uploads/2016/11/ 11 KB
11 KB 24ms
23ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weekender-uk-uploads-3.imgix.net/wp-content/uploads/2016/11/1139GV-article-dubai-unusual-things-to-do-1-original.jpg?auto=format&q=50&fit=crop&w=250&h=240&ixlib=react-8.6.4&w=250&h=240&dpr=1

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

9bd4063e988fb2d8947040d108b726be1afb447137775f06a3c848bf32fa062d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
x-content-type-options: nosniff
age: 1814730
x-cache: HIT, HIT
x-imgix-id: a0f5db2339dce9543c3c6971d90a2a60bbacb367
cross-origin-resource-policy: cross-origin
content-length: 11136
x-served-by: cache-sjc10042-SJC, cache-fra-eddf8230115-FRA
x-imgix-render-farm: 02.8744
last-modified: Mon, 29 May 2023 10:58:02 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1125CI-articles-barcelona-museums-and-galleries-2-original.jpg
weekender-uk-uploads-2.imgix.net/wp-content/uploads/2016/11/ 14 KB
15 KB 181ms
181ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weekender-uk-uploads-2.imgix.net/wp-content/uploads/2016/11/1125CI-articles-barcelona-museums-and-galleries-2-original.jpg?auto=format&q=50&fit=crop&w=250&h=240&ixlib=react-8.6.4&w=250&h=240&dpr=1

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

imgix /

Resource Hash

3a1af58b1a049b1c4f1f0d37a043167d0839e224f29f7236f2665fa4c647f3bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
x-content-type-options: nosniff
age: 233217
x-cache: HIT, MISS
x-imgix-id: 65f207c9aee4e1273ba527ab188edfb8e35f7394
cross-origin-resource-policy: cross-origin
content-length: 14812
x-served-by: cache-sjc1000144-SJC, cache-fra-eddf8230097-FRA
x-imgix-render-farm: 01.140328
last-modified: Fri, 16 Jun 2023 18:16:35 GMT
server: imgix
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H2 200 1314PX-article-amsterdam-shopping-2-original.jpg
weekender-uk-uploads-2.imgix.net/wp-content/uploads/2016/11/ 27 KB
27 KB 29ms
28ms Image
image/avif 2a04:4e42:8d::720
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://weekender-uk-uploads-2.imgix.net/wp-content/uploads/2016/11/1314PX-article-amsterdam-shopping-2-original.jpg?auto=format&q=50&fit=crop&w=250&h=240&ixlib=react-8.6.4&w=250&h=240&dpr=1

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a04:4e42:8d::720 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

Google Frontend /

Resource Hash

f83671c54894fa95bf3cabe4d3a11afd1959125e473dcf6ec65ca1438bac2d45

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
x-content-type-options: nosniff
age: 1726212
x-cache: HIT, HIT
x-imgix-id: 2802364a6af4a84b873bc825feda2088640df8b8
cross-origin-resource-policy: cross-origin
content-length: 27145
x-served-by: cache-sjc1000124-SJC, cache-fra-eddf8230097-FRA
x-imgix-render-farm: 02.8744
last-modified: Tue, 30 May 2023 11:33:20 GMT
server: Google Frontend
vary: Accept, User-Agent
content-type: image/avif
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *

GET
H/1.1 200
OK widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html Show response
platform.twitter.com/widgets/ Frame 239C 320 KB
104 KB 19ms
19ms Document
text/html 2606:2800:234:59:254c:406:2366:268c
EDGECAST

General

Check archive.org

Show headers Download Go to

Full URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2F18.132.240.116
Requested by: Host: platform.twitter.com
URL: https://platform.twitter.com/widgets.js
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 2606:2800:234:59:254c:406:2366:268c , United States, ASN15133 (EDGECAST, US),
Reverse DNS
Software: ECS (frb/669E) /
Resource Hash: 4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf

Request headers

Referer: https://18.132.240.116/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Access-Control-Allow-Methods: GET
Access-Control-Allow-Origin: *
Age: 4455072
Cache-Control: public, max-age=315360000
Content-Encoding: gzip
Content-Length: 105435
Content-Type: text/html; charset=utf-8
Date: Mon, 19 Jun 2023 11:03:33 GMT
Etag: "95e1b50b0c179aefb47b5b211bb347b5+gzip"
Last-Modified: Tue, 24 Jan 2023 21:41:13 GMT
P3P: CP="CAO DSP LAW CURa ADMa DEVa TAIa PSAa PSDa IVAa IVDa OUR BUS IND UNI COM NAV INT"
Server: ECS (frb/669E)
Server-Timing: x-cache;desc= HIT,x-tw-cdn;desc=VZ
Vary: Accept-Encoding
X-Cache: HIT
x-amz-server-side-encryption: AES256
x-tw-cdn: VZ

GET
H2 200 v1.7-164 Show response
consent.trustarc.com/asset/notice.js/v/ 85 KB
26 KB 83ms
29ms Script
text/javascript 99.84.88.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/asset/notice.js/v/v1.7-164

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=hiltongdpr.com&c=teconsent&gtm=1&text=true&pcookie&js=nj&noticeType=bb&oc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-126.muc50.r.cloudfront.net

Software

Resource Hash

3513de4bf093c6b166f959edc9a64e8916ffd5c373201ef16ee41b15c07ce5fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://18.132.240.116/
Origin: https://18.132.240.116
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 10:31:11 GMT
content-encoding: gzip
via: 1.1 6f5ba49c3df973a476d63dbb743d9b22.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-C1
age: 1942
x-cache: Hit from cloudfront
pragma: public
last-modified: Mon, 19 Jun 2023 03:59:43 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: oEZqpw8PAFqj8Y02vvuCUtqjaLKo_tyafY-CPVkfh5dj2l5OaGU1Cg==
expires: Wed, 19 Jul 2023 10:31:11 GMT

GET
H2 200 log
consent.trustarc.com/ 43 B
429 B 65ms
63ms Image
image/gif 99.84.88.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/log?domain=hiltongdpr.com&country=de&state=&behavior=expressed&session=8ee7d165-3ec0-4a21-bef1-ddefb9523d3c&userType=NEW&c=a823

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-126.muc50.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jun 2023 11:03:33 GMT
via: 1.1 c7cdb483c2afdb721f3c8ba14cd43e86.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-C1
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: _rhh0iBqVh7XLMW-vVQ0xMp8NXeQuaQZ65pZ3v-Ro3qunSS5vcyMhQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 l
use.typekit.net/af/55bd39/00000000000000003b9b093f/27/ 31 KB
31 KB 128ms
33ms Font
application/font-woff2 2a02:26f0:3100::1735:28c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/55bd39/00000000000000003b9b093f/27/l?primer=d9280ead710e67fb71db702529942f0190ff37be124ea7f742202ca5f972fa8a&fvd=n9&v=3
Requested by: Host: 18.132.240.116
URL: https://18.132.240.116/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:28c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 638cdd8afdab213fa5f1c563a221fb496ecb379fd8cd352a9a1a4bc2c01be40f

Request headers

Referer: https://18.132.240.116/
Origin: https://18.132.240.116
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
server: nginx
etag: "7160262617e4038debc0a1879958aac942c8da48"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 31512

GET
H2 200 l
use.typekit.net/af/71f83c/00000000000000003b9b093b/27/ 31 KB
31 KB 193ms
98ms Font
application/font-woff2 2a02:26f0:3100::1735:28c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/71f83c/00000000000000003b9b093b/27/l?primer=d9280ead710e67fb71db702529942f0190ff37be124ea7f742202ca5f972fa8a&fvd=n7&v=3
Requested by: Host: 18.132.240.116
URL: https://18.132.240.116/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:28c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 0db58a85bed818965093f3735743a90b5d163e0d9201308e0f2f95b89149c3da

Request headers

Referer: https://18.132.240.116/
Origin: https://18.132.240.116
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
server: nginx
etag: "80080425b287f49965f8b94692d1501f9a4418a4"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 31556

GET
H2 200 l
use.typekit.net/af/27776b/00000000000000003b9b0939/27/ 30 KB
31 KB 128ms
33ms Font
application/font-woff2 2a02:26f0:3100::1735:28c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/27776b/00000000000000003b9b0939/27/l?primer=d9280ead710e67fb71db702529942f0190ff37be124ea7f742202ca5f972fa8a&fvd=n6&v=3
Requested by: Host: 18.132.240.116
URL: https://18.132.240.116/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:28c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 03875cfce7223da1c82346e5e3e7cf3bce68651d31f3703436f1757b291de282

Request headers

Referer: https://18.132.240.116/
Origin: https://18.132.240.116
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
server: nginx
etag: "86d4a11132d22fff39a127dda91efba51c9ae66c"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 31164

GET
H2 200 l
use.typekit.net/af/4838bd/00000000000000003b9b0934/27/ 30 KB
30 KB 128ms
33ms Font
application/font-woff2 2a02:26f0:3100::1735:28c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/4838bd/00000000000000003b9b0934/27/l?primer=d9280ead710e67fb71db702529942f0190ff37be124ea7f742202ca5f972fa8a&fvd=n4&v=3
Requested by: Host: 18.132.240.116
URL: https://18.132.240.116/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:28c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 420f69fbecb63c7b876e52129774917085ea3b72af0bb999959132f9f0580fe2

Request headers

Referer: https://18.132.240.116/
Origin: https://18.132.240.116
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
server: nginx
etag: "49af279eedda39933e7c4aa01baab101cb59409f"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30688

GET
H2 200 l
use.typekit.net/af/437c3d/00000000000000003b9b0932/27/ 30 KB
30 KB 128ms
34ms Font
application/font-woff2 2a02:26f0:3100::1735:28c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/437c3d/00000000000000003b9b0932/27/l?primer=d9280ead710e67fb71db702529942f0190ff37be124ea7f742202ca5f972fa8a&fvd=n3&v=3
Requested by: Host: 18.132.240.116
URL: https://18.132.240.116/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:28c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 6b09a7ddb6badb78588e51ce2ca12d31043621270e96033dc41572927459e69c

Request headers

Referer: https://18.132.240.116/
Origin: https://18.132.240.116
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
server: nginx
etag: "bbf53d7d1a6170e24fbb34c69ce61c0858de9f2d"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 30748

GET
H2 200 l
use.typekit.net/af/3331e6/00000000000000003b9b0936/27/ 31 KB
31 KB 128ms
33ms Font
application/font-woff2 2a02:26f0:3100::1735:28c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://use.typekit.net/af/3331e6/00000000000000003b9b0936/27/l?primer=d9280ead710e67fb71db702529942f0190ff37be124ea7f742202ca5f972fa8a&fvd=n5&v=3
Requested by: Host: 18.132.240.116
URL: https://18.132.240.116/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:28c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 2c5edfac75db1f69cf26a92e30a1a52995e1bbb2390c239bdc18173213516bd5

Request headers

Referer: https://18.132.240.116/
Origin: https://18.132.240.116
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
server: nginx
etag: "d4955f568e9436c810e621f7ec14253991eb7877"
content-type: application/font-woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 31544

GET
H2

200

s98970365096908 Show response
smetric.hilton.com/b/ss/hiltonglobalprod/10/JS-2.21.0-LDQM/
Redirect Chain

https://smetric.hilton.com/b/ss/hiltonglobalprod/10/JS-2.21.0-LDQM/s98970365096908?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=19%2F5%2F2023%2011%3A3%3A33%201%200&d.&nsid=0&jsonv=1&.d&fi...
https://smetric.hilton.com/b/ss/hiltonglobalprod/10/JS-2.21.0-LDQM/s98970365096908?AQB=1&pccr=true&vidn=32481B02AB9FBABE-400008C121A1736A&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=19%2F5%2F2...

111 B
341 B

36ms
35ms

Script
application/x-javascript

63.140.62.164
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetric.hilton.com/b/ss/hiltonglobalprod/10/JS-2.21.0-LDQM/s98970365096908?AQB=1&pccr=true&vidn=32481B02AB9FBABE-400008C121A1736A&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=19%2F5%2F2023%2011%3A3%3A33%201%200&d.&nsid=0&jsonv=1&.d&fid=13ED5E16F16AF9AC-21E22853A102E530&ce=UTF-8&pageName=HiltonWeekends&g=https%3A%2F%2F18.132.240.116%2F&c.&getQueryParam=4.0&getPreviousValue=3.0&.c&cc=USD&ch=homepage&c2=D%3Dv59&c3=D%3Dv24&c4=Logged-out&c6=images%2Ctext&c8=EMEA%20Hilton%20Weekender&c9=D%3Dv46&v10=%2B1&c11=D%3Dv40&c12=D%3Dv63&c13=D%3Dv150&c14=Holidays%20%7C%20City%20Breaks%20%7C%20Hotels%20%7C%20Hilton%20Explore&c15=D&v17=D%3Dv18&c24=18.132.240.116&v24=en-us&v25=Logged-out&v27=HiltonWeekends&c28=D%3Dv9&c35=D%3Dv135&c37=D%3Dv24&c38=D%3Dv59&c39=D%3Dv46&v43=D%3Dc8&v46=homepage&v47=D%3Dc15&c52=core.page-bottom%7C%7Cundefined%7CGW%20-%20Global%20Standard%20%5BAdobe%20Set%20Vars%2A%5D&c53=2023-6-19%2011%3A3%3A33&v59=mb&v111=Control%20Group&v135=old%20hilton&v150=https%3A%2F%2F18.132.240.116%2F&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Server

63.140.62.164 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

ip-63-140-62-164.data.adobedc.net

Software

jag /

Resource Hash

63d84ca73ef3c382a727e71aff470644c743c8170230533f71e7108378bff8a5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jun 2023 11:03:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 20 Jun 2023 11:03:33 GMT
server: jag
etag: 3623175599610232832-4619636721782777688
vary: *
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
content-type: application/x-javascript;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 111
x-xss-protection: 1; mode=block
expires: Sun, 18 Jun 2023 11:03:33 GMT

Redirect headers

pragma: no-cache
date: Mon, 19 Jun 2023 11:03:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
last-modified: Tue, 20 Jun 2023 11:03:33 GMT
server: jag
vary: Origin
p3p: CP="This is not a P3P policy"
access-control-allow-origin: *
location: https://smetric.hilton.com/b/ss/hiltonglobalprod/10/JS-2.21.0-LDQM/s98970365096908?AQB=1&pccr=true&vidn=32481B02AB9FBABE-400008C121A1736A&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=19%2F5%2F2023%2011%3A3%3A33%201%200&d.&nsid=0&jsonv=1&.d&fid=13ED5E16F16AF9AC-21E22853A102E530&ce=UTF-8&pageName=HiltonWeekends&g=https%3A%2F%2F18.132.240.116%2F&c.&getQueryParam=4.0&getPreviousValue=3.0&.c&cc=USD&ch=homepage&c2=D%3Dv59&c3=D%3Dv24&c4=Logged-out&c6=images%2Ctext&c8=EMEA%20Hilton%20Weekender&c9=D%3Dv46&v10=%2B1&c11=D%3Dv40&c12=D%3Dv63&c13=D%3Dv150&c14=Holidays%20%7C%20City%20Breaks%20%7C%20Hotels%20%7C%20Hilton%20Explore&c15=D&v17=D%3Dv18&c24=18.132.240.116&v24=en-us&v25=Logged-out&v27=HiltonWeekends&c28=D%3Dv9&c35=D%3Dv135&c37=D%3Dv24&c38=D%3Dv59&c39=D%3Dv46&v43=D%3Dc8&v46=homepage&v47=D%3Dc15&c52=core.page-bottom%7C%7Cundefined%7CGW%20-%20Global%20Standard%20%5BAdobe%20Set%20Vars%2A%5D&c53=2023-6-19%2011%3A3%3A33&v59=mb&v111=Control%20Group&v135=old%20hilton&v150=https%3A%2F%2F18.132.240.116%2F&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&AQE=1
content-type: text/plain;charset=utf-8
cache-control: no-cache, no-store, max-age=0, no-transform, private
content-length: 0
x-xss-protection: 1; mode=block
expires: Sun, 18 Jun 2023 11:03:33 GMT

GET
H2 200 hotjar-1222023.js Show response
static.hotjar.com/c/ 9 KB
4 KB 136ms
80ms Script
application/javascript 18.66.192.32
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://static.hotjar.com/c/hotjar-1222023.js?sv=7

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7548Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.32 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-32.muc50.r.cloudfront.net

Software

Resource Hash

33eff32198c8c39ff52d7227f1b276dab5b452706ccaa1e1c5625d74b7f21d28

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=2592000; includeSubDomains
content-encoding: br
x-content-type-options: nosniff
date: Mon, 19 Jun 2023 11:03:33 GMT
via: 1.1 66ce4848bcf993e3c57b596461cd0b82.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P1
etag: W/d92773ee85dd3026433c82e5eab9b203
vary: Accept-Encoding
x-cache: RefreshHit from cloudfront
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
x-cache-hit: 1
cache-control: max-age=60
cross-origin-resource-policy: cross-origin
x-amz-cf-id: ZBCA3tJL7NL0A-_8wY7_nRh1ON6s_OCGr8tyWVyCmszmt_pDIWqQwg==

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 51 KB
21 KB 69ms
20ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Mon, 19 Jun 2023 10:35:22 GMT
last-modified: Mon, 17 Apr 2023 22:36:01 GMT
server: Golfe2
age: 1691
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20737
expires: Mon, 19 Jun 2023 12:35:22 GMT

GET
H2 200 fbevents.js Show response
connect.facebook.net/en_US/ 108 KB
28 KB 62ms
21ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/en_US/fbevents.js

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

64816ef42196992f1120608cafa36df8e03c81064551abb6f23bc00f69bf6727

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 19 Jun 2023 11:03:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 27810
x-xss-protection: 0
pragma: public
x-fb-debug: oBlOeUCnqm3SYVbKBEzJFmJr8VERbAWhbOFFgrbKU1EMI/ydk1Kl9bKKxK4+Dr7cZGs4gKYJk+A3oIMEmTcPGA==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
origin-agent-cluster: ?0
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 125 KB
49 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=DC-2013561

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7548Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

c9fac2422cea20b95b11b355f4502334c01d93aa8001ba5b6762f792859bf417

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 49543
x-xss-protection: 0
last-modified: Mon, 19 Jun 2023 09:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Mon, 19 Jun 2023 11:03:33 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 250 KB
86 KB 43ms
43ms Script
application/javascript 2a00:1450:4001:82f::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-DVE6WNNFZR&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-K7548Q

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

3465076cd9507a222ea6ae25faa75d5472606c1b03ff3c2dc965662ac45c67ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 87812
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Mon, 19 Jun 2023 11:03:33 GMT

GET /
mpp.emea.mxptint.net/2/23284/ 0
0

GET
H2 200 _r Show response
app.link/ 91 B
637 B 255ms
188ms Script
text/javascript 2600:9000:237d:5a00:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.74.0&branch_key=key_live_glXPM2Kabtb7o8tG8hg7fhohwraYrfE7&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:237d:5a00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

4cc8706043e7c8e92fa2b427e30a21e63755958bc076ea663656ea799fc7f5e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 05e8912dc00dd796ed2b040e3237568e.cloudfront.net (CloudFront)
server: openresty
accept-ch: Sec-CH-UA-Platform-Version,Sec-CH-UA-Model
x-amz-cf-pop: MUC50-P2
etag: W/"5b-HgtDQ0bEsxY7UqmPIlfK2I/IuNk"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 91
x-amz-cf-id: E70lCYdBvQO7z5sS5ou3zY4eW0746pX3CJwBGGcAa_bsZ93xfgGiJQ==

GET
H2 200 settings Show response
syndication.twitter.com/ Frame 239C 869 B
658 B 171ms
123ms Fetch
application/json 104.244.42.72
TWITTER

General

Check archive.org

Show headers Download Go to

Full URL

https://syndication.twitter.com/settings?session_id=7850a674cfab91426349c9c9d7996f0ae36362f5

Requested by

Host: platform.twitter.com
URL: https://platform.twitter.com/widgets/widget_iframe.2b2d73daf636805223fb11d48f3e94f7.html?origin=https%3A%2F%2F18.132.240.116

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

104.244.42.72 , United States, ASN13414 (TWITTER, US),

Reverse DNS

Software

tsa_o /

Resource Hash

302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4

Security Headers

Name	Value
Strict-Transport-Security	max-age=631138519

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://platform.twitter.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

x-response-time: 104
date: Mon, 19 Jun 2023 11:03:32 GMT
content-encoding: gzip
strict-transport-security: max-age=631138519
last-modified: Mon, 19 Jun 2023 11:03:33 GMT
server: tsa_o
vary: Origin
content-type: application/json; charset=utf-8
access-control-allow-origin: https://platform.twitter.com
x-transaction-id: 440b97e7bcae4f33
cache-control: must-revalidate, max-age=600
access-control-allow-credentials: true
perf: 7626143928
x-connection-hash: 5c45ed80131fa7632cc4fbaf698d734021ac694ba06f4b9fd261c5202bda5b59
content-length: 337

GET
H2 200 / Show response
consent-pref.trustarc.com/ Frame 8EA5 5 KB
3 KB 132ms
68ms Document
text/html 18.66.192.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8ee7d165-3ec0-4a21-bef1-ddefb9523d3c&userType=NEW

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-164

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-79.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

053bf35ebd4d7473f9da3c4f0ef90fb10b2134c2d29c78f896f4f3ec648146bf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://18.132.240.116/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 19 Jun 2023 11:03:33 GMT
etag: W/"5135-1686104258000"
expect-ct: max-age=86400; enforce;
last-modified: Wed, 07 Jun 2023 02:17:38 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 32162aed20605276097da109dc97c5b0.cloudfront.net (CloudFront)
x-amz-cf-id: g41YPh4CZwJpVXi61TjCmq5aNkAbvi9g5xS9McEtreTRh-X7BjEqXQ==
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

GET
H2 200 noticemsg
consent.trustarc.com/ 43 B
430 B 62ms
62ms Image
image/gif 99.84.88.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/noticemsg?action=consent&domain=hiltongdpr.com&behavior=expressed&country=de&language=de&rand=0.08883025526253507&session=8ee7d165-3ec0-4a21-bef1-ddefb9523d3c&userType=NEW

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-126.muc50.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jun 2023 11:03:33 GMT
via: 1.1 c7cdb483c2afdb721f3c8ba14cd43e86.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-C1
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: Iklz5fKL-HRni2f4yBWPyH9uwlvMtBSII4r9Up1JOLgMKkcdBw6ElQ==
expires: Mon, 26 Jul 1997 05:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
253 B 73ms
26ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-DVE6WNNFZR&gtm=45je36e0&_p=1139219138&_gaz=1&cid=9057525.1687172613&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1687172613&sct=1&seg=0&dl=https%3A%2F%2F18.132.240.116%2F&dt=Holidays%20%7C%20City%20Breaks%20%7C%20Hotels%20%7C%20Hilton%20Explore&en=page_view&_fv=1&_nsi=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DVE6WNNFZR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jun 2023 11:03:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://18.132.240.116
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
253 B 81ms
27ms Ping
text/plain 2a00:1450:400c:c0c::9d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-DVE6WNNFZR&cid=9057525.1687172613&gtm=45je36e0&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DVE6WNNFZR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c0c::9d Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jun 2023 11:03:33 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://18.132.240.116
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 102ms
54ms Image
image/gif 2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-DVE6WNNFZR&cid=9057525.1687172613&gtm=45je36e0&aip=1&z=261443737

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: no-cache
date: Mon, 19 Jun 2023 11:03:33 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 linkid.js Show response
www.google-analytics.com/plugins/ua/ 2 KB
1 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/plugins/ua/linkid.js

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 10:46:21 GMT
content-encoding: br
x-content-type-options: nosniff
age: 1032
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 697
x-xss-protection: 0
last-modified: Wed, 14 Jun 2023 09:18:00 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: text/javascript
cache-control: public, max-age=3600
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Mon, 19 Jun 2023 11:46:21 GMT

GET
H2 200 104002613305885 Show response
connect.facebook.net/signals/config/ 74 KB
20 KB 22ms
22ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/config/104002613305885?v=2.9.107&r=stable

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

6b479a0269732a0d8c9b28ab6fdbc5b53a05df4facacac578fe58c6f44ed0ab8

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 19 Jun 2023 11:03:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 20686
x-xss-protection: 0
pragma: public
x-fb-debug: Il/dBBkrywW4Ue5bwKMDBKqf6o/sSkHfI1Cc61LSqar4UnvYYOmNh0m6Q0+EJLxkSy1n2VZw6pbPwi/YqWmRXA==
x-fb-trip-id: 1679558926
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 modules.d300ab0f8311d57bf5d6.js Show response
script.hotjar.com/ 270 KB
69 KB 81ms
28ms Script
application/javascript 99.84.88.7
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://script.hotjar.com/modules.d300ab0f8311d57bf5d6.js

Requested by

Host: static.hotjar.com
URL: https://static.hotjar.com/c/hotjar-1222023.js?sv=7

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.7 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-7.muc50.r.cloudfront.net

Software

Resource Hash

29a6e44de81a864485015f9623497c4729266f2be8244bf442caf96b53d43d82

Security Headers

Name	Value
Strict-Transport-Security	max-age=2592000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Thu, 15 Jun 2023 12:15:07 GMT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=2592000; includeSubDomains
via: 1.1 4ba99d04800d29b58ab9861f60991a2a.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-C1
age: 341306
x-cache: Hit from cloudfront
cross-origin-resource-policy: cross-origin
content-length: 70183
last-modified: Thu, 15 Jun 2023 12:14:20 GMT
etag: "389003ed05f597fc11f5765f5651f0ba"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=31536000
accept-ranges: bytes
x-robots-tag: none
x-amz-cf-id: 90rN9JHnwdOb8Z9q9YOkwGjb0jv-sdf_vtTlj60hX6fNouPIdIzgJw==

GET
H2 200 p.gif
p.typekit.net/ 35 B
219 B 57ms
32ms Image
image/gif 2a02:26f0:3100::1735:28c8
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://p.typekit.net/p.gif?s=1&k=sem7ves&ht=tk&h=18.132.240.116&f=137.139.173.175.5474.25136&a=697371&js=1.21.0&app=typekit&e=js&_=1687172613324
Requested by: Host: 18.132.240.116
URL: https://18.132.240.116/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3100::1735:28c8 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: nginx /
Resource Hash: 9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

unused62: 8096267
date: Mon, 19 Jun 2023 11:03:33 GMT
last-modified: Sat, 09 Oct 2021 02:10:03 GMT
server: nginx
etag: "6160f9fb-23"
content-type: image/gif
access-control-allow-origin: *
cache-control: public, max-age=604800
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
content-length: 35

POST
H2 200 collect Show response
www.google-analytics.com/j/ 3 B
207 B 28ms
27ms XHR
text/plain 2a00:1450:4001:813::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j100&a=1139219138&t=pageview&_s=1&dl=https%3A%2F%2F18.132.240.116%2F&ul=en-us&de=UTF-8&dt=Holidays%20%7C%20City%20Breaks%20%7C%20Hotels%20%7C%20Hilton%20Explore&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=KCDAAEIhAAAAACAAI~&jid=2119479659&gjid=1054072946&cid=9057525.1687172613&tid=UA-48456260-1&_gid=69284919.1687172613&_r=1&_slc=1&z=1863872204

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://18.132.240.116/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Mon, 19 Jun 2023 11:03:33 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://18.132.240.116
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 3
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 inferredevents.js Show response
connect.facebook.net/signals/plugins/ 71 KB
21 KB 20ms
19ms Script
application/x-javascript 2a03:2880:f083:9:face:b00c:0:3
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://connect.facebook.net/signals/plugins/inferredevents.js?v=2.9.107

Requested by

Host: connect.facebook.net
URL: https://connect.facebook.net/en_US/fbevents.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a03:2880:f083:9:face:b00c:0:3 Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

0b56dd809f978c08d4d736c90412e7d66e54aa4059d2e0b2b79f444dd734200f

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com data: blob: 'self';script-src .fbcdn.net .facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net .facebook.net fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com;connect-src .fbcdn.net .facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
Strict-Transport-Security	max-age=31536000; preload; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

content-security-policy: default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net wss://*.fbcdn.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c&minimize=0;
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; preload; includeSubDomains
date: Mon, 19 Jun 2023 11:03:33 GMT
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 21675
x-xss-protection: 0
pragma: public
x-fb-debug: IQ7x136XOjN/e7APXicKmpbZdwSXnqx9M9qYTzpml/gQHkb4f6Sfe25e/NnQx9aGlJkwo1oId2gwFrkBmKrb/A==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
x-frame-options: DENY
content-type: application/x-javascript; charset=utf-8
cache-control: public, max-age=1200
permissions-policy: accelerometer=(), ambient-light-sensor=(), bluetooth=(), gyroscope=(), hid=(), idle-detection=(), magnetometer=(), midi=(), payment=(), screen-wake-lock=(), serial=(), usb=()
priority: u=3,i
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H2 200 defaultpreferencemanager.nocache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 8EA5 5 KB
3 KB 63ms
62ms Script
application/javascript 18.66.192.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8ee7d165-3ec0-4a21-bef1-ddefb9523d3c&userType=NEW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-79.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

00c87ce6a907defc58bc4e4cde9e54938ec4a28b0a73ed0e3bf1a12dff259ac4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8ee7d165-3ec0-4a21-bef1-ddefb9523d3c&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
content-encoding: gzip
via: 1.1 32162aed20605276097da109dc97c5b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Jun 2023 02:17:58 GMT
server: nginx
etag: W/"4867-1686104278000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: 3-HP1QsABkroUBTOB8H5L36ao5u7kiSRHnihmQgwUCTqP4IJ2o6hsg==
expires: Mon, 19 Jun 2023 11:03:32 GMT

GET
H2 200 get Show response
consent-st.trustarc.com/ Frame 8EA5 20 KB
5 KB 36ms
26ms Script
text/javascript 99.84.88.126
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-st.trustarc.com/get?name=combined_static_cm_minified.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-126.muc50.r.cloudfront.net

Software

Resource Hash

f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: public
date: Mon, 12 Jun 2023 02:07:47 GMT
content-encoding: gzip
via: 1.1 c7cdb483c2afdb721f3c8ba14cd43e86.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-C1
age: 636946
vary: Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: 0pnIyqQRbR9sR4zNl8yOaqmDaEGmYspRRib_hnHszo8uM-C8wwShhA==
expires: Wed, 12 Jul 2023 02:07:47 GMT

GET
H2 200 loading.gif
consent-pref.trustarc.com/images/ Frame 8EA5 3 KB
3 KB 25ms
25ms Image
image/gif 18.66.192.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loading.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-79.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8ee7d165-3ec0-4a21-bef1-ddefb9523d3c&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 10:37:58 GMT
via: 1.1 32162aed20605276097da109dc97c5b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
age: 1538
x-cache: Hit from cloudfront
content-length: 2608
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Jun 2023 02:17:38 GMT
server: nginx
etag: W/"2608-1686104258000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/gif
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: PJMuYN269KyrAFZNFzDBXz6DdZ9aEyzGRaVXhNRYUhtU5MDCgS5fOA==

GET
H2 200 /
www.facebook.com/tr/ 0
135 B 19ms
19ms Image
text/plain 2a03:2880:f176:84:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=104002613305885&ev=PageView&dl=https%3A%2F%2F18.132.240.116%2F&rl=&if=false&ts=1687172613396&sw=1600&sh=1200&v=2.9.107&r=stable&ec=0&o=28&fbp=fb.3.1687172613395.856168116&it=1687172613312&coo=false&rqm=GET

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f176:84:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Mon, 19 Jun 2023 11:03:33 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

POST
H2 200 open Show response
api2.branch.io/v1/ 272 B
647 B 410ms
343ms XHR
application/json 2600:9000:237d:f600:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/open

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:237d:f600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7983a54324f216d3f444223bed42ed9e59d54df23071076fcb15a11067909593

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://18.132.240.116/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 c7e33a86531bfe239a9c43428fc5c122.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
x-branch-request-id: 0ae67cba-b200-4389-a574-9707bef59fcb-2023061911
content-length: 272
x-amz-cf-id: uiQGMnvBsktTj_68OTnktzNruWbzwI1p8n9EYWqyguwIr6dNWNoOQg==

GET
H2 204 1222023 Show response
vc.hotjar.io/sessions/ 0
257 B 111ms
60ms XHR
text/plain 18.66.192.49
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://vc.hotjar.io/sessions/1222023?s=0.25&r=0.006310938052072279
Requested by: Host: script.hotjar.com
URL: https://script.hotjar.com/modules.d300ab0f8311d57bf5d6.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.192.49 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-192-49.muc50.r.cloudfront.net
Software: Python/3.8 aiohttp/3.8.4 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://18.132.240.116/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
via: 1.1 1a45d1e1304c39dfa9b034c2308f4976.cloudfront.net (CloudFront)
server: Python/3.8 aiohttp/3.8.4
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: no-store
x-amz-cf-id: cBTt9YYbO7H2e8W22QKF-La18Lwa83UD0zy7tSnfdv2FFGX8pk-6zA==

GET
H2 200 0DF70E809A1694D4900C7E11937CAE45.cache.html Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 65F4 139 KB
46 KB 30ms
30ms Document
text/html 18.66.192.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/0DF70E809A1694D4900C7E11937CAE45.cache.html

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-79.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

ede1817214d05c2a979e877622245e14ee3fa6681d908b37ec97fabb0d1bee1d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8ee7d165-3ec0-4a21-bef1-ddefb9523d3c&userType=NEW
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 27387
cache-control: max-age=315360000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 19 Jun 2023 03:27:06 GMT
etag: W/"142502-1686104278000"
expect-ct: max-age=86400; enforce;
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Wed, 07 Jun 2023 02:17:58 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 32162aed20605276097da109dc97c5b0.cloudfront.net (CloudFront)
x-amz-cf-id: 25Rz5oBflzC-pES-0KEXIfuEdG6-tgyUD9jc_Nejolp5MSuXL-T1YA==
x-amz-cf-pop: MUC50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 8EA5 969 B
1 KB 115ms
114ms XHR
application/json 18.66.192.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/0DF70E809A1694D4900C7E11937CAE45.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-79.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

2bfe0bfebc6bf40e5f73c03389ba8285505bc2f45d739d1efd5ca830f940a51d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 0DF70E809A1694D4900C7E11937CAE45
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8ee7d165-3ec0-4a21-bef1-ddefb9523d3c&userType=NEW
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
content-encoding: gzip
via: 1.1 32162aed20605276097da109dc97c5b0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 468
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: aOZzwoM7KUl8OyMFu57C7vcEbdNnmmb5KBhR3jHGiBCLIW9YVzc2WQ==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 8EA5 48 B
622 B 58ms
58ms XHR
application/json 18.66.192.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/0DF70E809A1694D4900C7E11937CAE45.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-79.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

eafdbd0afad403a176f8bb6f98770fbc69ed86a0d6a26a26077971266edd406b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 0DF70E809A1694D4900C7E11937CAE45
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8ee7d165-3ec0-4a21-bef1-ddefb9523d3c&userType=NEW
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
via: 1.1 32162aed20605276097da109dc97c5b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 48
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: re9idXOmqcZNcbCWdckVR3E2KQTCZrElWXl0uZj22-TIXwORPk5N5w==

GET
H2 200 EuPreferenceManager.css
consent-pref.trustarc.com/ Frame 8EA5 30 KB
7 KB 27ms
27ms Stylesheet
text/css 18.66.192.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/EuPreferenceManager.css

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/0DF70E809A1694D4900C7E11937CAE45.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-79.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

1230e0ea39c92efe693a98e2954b2fec447cf05c7dce18a494b0974b693af427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8ee7d165-3ec0-4a21-bef1-ddefb9523d3c&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 10:37:57 GMT
content-encoding: gzip
via: 1.1 32162aed20605276097da109dc97c5b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
age: 1537
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Jun 2023 02:17:38 GMT
server: nginx
etag: W/"30573-1686104258000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: no-cache
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: bWt_V2q-oIPVRwXmIdRnJcM2FP6AlXepZ05-PKXBSCUCAIqgaCt2WQ==
expires: Mon, 19 Jun 2023 10:37:55 GMT

GET
H2 200 11.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/0DF70E809A1694D4900C7E11937CAE45/ Frame 8EA5 261 KB
89 KB 31ms
31ms XHR
application/javascript 18.66.192.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/0DF70E809A1694D4900C7E11937CAE45/11.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/0DF70E809A1694D4900C7E11937CAE45.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-79.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

4f90844f31d7362b9863b38462e757ef68211bd1f4b6a94b2e753e1c7b93bc3f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8ee7d165-3ec0-4a21-bef1-ddefb9523d3c&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 03:27:36 GMT
content-encoding: gzip
via: 1.1 32162aed20605276097da109dc97c5b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
age: 27357
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Jun 2023 02:17:58 GMT
server: nginx
etag: W/"267342-1686104278000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: 07p2HaT-B5wn_cnFYCd_BDmfywPLzgsf8teRmqIzct4Vx85y1Yui-w==
expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 pageview Show response
api2.branch.io/v1/ 29 B
433 B 197ms
197ms XHR
application/json 2600:9000:237d:f600:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:237d:f600:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://18.132.240.116/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Mon, 19 Jun 2023 11:03:33 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 c7e33a86531bfe239a9c43428fc5c122.cloudfront.net (CloudFront)
x-amz-cf-pop: MUC50-P2
x-powered-by: Express
etag: W/"1d-0Z1F50chJJpy5srE0HvlOYosSzw"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: 3031652b8ad446639e98f510b9dba16e-2023061911
content-length: 29
x-amz-cf-id: zot_GiZD7-dWS1Mccq52-z-jl3mIBXclA0E3OEn_GMAKw3TjhgSItA==

GET
H2 200 1.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/0DF70E809A1694D4900C7E11937CAE45/ Frame 8EA5 19 KB
8 KB 26ms
26ms XHR
application/javascript 18.66.192.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/0DF70E809A1694D4900C7E11937CAE45/1.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/0DF70E809A1694D4900C7E11937CAE45.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-79.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

ccaa9ea99455a83bb770a835d90223458efc596a6bdf41a9e9c247504a5a538e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8ee7d165-3ec0-4a21-bef1-ddefb9523d3c&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 03:27:57 GMT
content-encoding: gzip
via: 1.1 32162aed20605276097da109dc97c5b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
age: 27337
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Jun 2023 02:17:58 GMT
server: nginx
etag: W/"19776-1686104278000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: rqm7d8U_XZajH43ouoEKM6uoHzmpnVyBr_WRwFkaoYtEfAwr7yt-2A==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 cookie_iframe.html Show response
prefmgr-cookie.truste-svc.net/cookie_js/ Frame A6B4 5 KB
2 KB 376ms
113ms Document
text/html 44.215.237.77
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8ee7d165-3ec0-4a21-bef1-ddefb9523d3c&userType=NEW

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.215.237.77 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-215-237-77.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' *;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://consent-pref.trustarc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *;
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Mon, 19 Jun 2023 11:03:34 GMT
etag: W/"5014-1657163800000"
expect-ct: max-age=31536000
last-modified: Thu, 07 Jul 2022 03:16:40 GMT
permissions-policy: geolocation=(), microphone=(), payment=()
referrer-policy: origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 8EA5 910 B
989 B 58ms
58ms XHR
application/json 18.66.192.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/0DF70E809A1694D4900C7E11937CAE45.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-79.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

3312edf4bcabe795bc1162537c905022512b90e62749ecf5d41e4d11fa98af93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 0DF70E809A1694D4900C7E11937CAE45
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8ee7d165-3ec0-4a21-bef1-ddefb9523d3c&userType=NEW
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Mon, 19 Jun 2023 11:03:34 GMT
content-encoding: gzip
via: 1.1 32162aed20605276097da109dc97c5b0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 398
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: rInwPgPciadZWGL8c9pYLW8QfN6OFxy33TZvZrkrCruAu_0a5NQVtw==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 8EA5 15 KB
5 KB 58ms
58ms XHR
application/json 18.66.192.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/0DF70E809A1694D4900C7E11937CAE45.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-79.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

6e2dddc28075e0d31ef4963ac607062a7ccfb805823a030fe61c64f89262aa0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 0DF70E809A1694D4900C7E11937CAE45
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8ee7d165-3ec0-4a21-bef1-ddefb9523d3c&userType=NEW
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Mon, 19 Jun 2023 11:03:34 GMT
content-encoding: gzip
via: 1.1 32162aed20605276097da109dc97c5b0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 4565
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: tIIi6k1z0hI_72bDRH8r_M0beblW_YpVBDjIdjj3dID3aEGx3wuWJw==

GET
H2 200 trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame 8EA5 4 KB
5 KB 26ms
26ms Image
image/png 18.66.192.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/trustarc-logo-small.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-79.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8ee7d165-3ec0-4a21-bef1-ddefb9523d3c&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 10:38:00 GMT
via: 1.1 32162aed20605276097da109dc97c5b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
age: 1537
x-cache: Hit from cloudfront
content-length: 4197
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Jun 2023 02:17:38 GMT
server: nginx
etag: W/"4197-1686104258000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/png
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: ao0uEVq5StOEv1otSfJqCZIUEl1GqvswGls1eAwtaFKaVvmhpJa5sw==

GET
H2 200 4.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/0DF70E809A1694D4900C7E11937CAE45/ Frame 8EA5 40 KB
13 KB 26ms
26ms XHR
application/javascript 18.66.192.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/0DF70E809A1694D4900C7E11937CAE45/4.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/0DF70E809A1694D4900C7E11937CAE45.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-79.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

51cc691c0bf01c995b2a2051a8ad718f4050ec1036159031ead5ca6eb8fb5854

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8ee7d165-3ec0-4a21-bef1-ddefb9523d3c&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 03:27:59 GMT
content-encoding: gzip
via: 1.1 32162aed20605276097da109dc97c5b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
age: 27335
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Jun 2023 02:17:58 GMT
server: nginx
etag: W/"40904-1686104278000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: 9Kuqo_aLHFjQ74tAHVdSO8SM9VsT0fqKj-hq-fk0_ccEAd586S9gNQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 loading.gif
consent-pref.trustarc.com/images/ Frame 8EA5 3 KB
3 KB 26ms
25ms Image
image/gif 18.66.192.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loading.gif

Requested by

Host: 18.132.240.116
URL: https://18.132.240.116/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-79.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8ee7d165-3ec0-4a21-bef1-ddefb9523d3c&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 10:37:58 GMT
via: 1.1 32162aed20605276097da109dc97c5b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
age: 1539
x-cache: Hit from cloudfront
content-length: 2608
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Jun 2023 02:17:38 GMT
server: nginx
etag: W/"2608-1686104258000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/gif
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: dXgHgwlhGqszXymngjoJwbZ-fSGWlUFcN1iNTPhltq87mkguNLfW_A==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 8EA5 2 KB
1 KB 59ms
59ms XHR
application/json 18.66.192.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/0DF70E809A1694D4900C7E11937CAE45.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-79.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

63ca8acd92de82dd2090f15de8e247cf73d432d4d755c14862e6b3496f43ab42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 0DF70E809A1694D4900C7E11937CAE45
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8ee7d165-3ec0-4a21-bef1-ddefb9523d3c&userType=NEW
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Mon, 19 Jun 2023 11:03:34 GMT
content-encoding: gzip
via: 1.1 32162aed20605276097da109dc97c5b0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 880
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: 18GVABp6axXGvHeDle-rwjrWrAahEXi1o-aJxOgCVfEWTn3c--uIEw==

GET
H2 200 get
consent.trustarc.com/ Frame 8EA5 7 KB
7 KB 30ms
30ms Image
image/png 99.84.88.126
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/get?name=HiltonLogo_Black_HR250.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

99.84.88.126 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-84-88-126.muc50.r.cloudfront.net

Software

Resource Hash

d3452ec1127967b4fce882b728a14e85f0b78d22024081936dfd4f25bfbc16c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

pragma: public
date: Mon, 19 Jun 2023 10:43:40 GMT
content-encoding: gzip
via: 1.1 c7cdb483c2afdb721f3c8ba14cd43e86.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-C1
age: 1194
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: In3vGJr7o81MHX7Np4eE-fkbvx8w_5y7P0T0aYrqHoE-0F8M769qcw==
expires: Wed, 19 Jul 2023 10:43:40 GMT

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 8EA5 432 KB
78 KB 107ms
106ms XHR
application/json 18.66.192.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/0DF70E809A1694D4900C7E11937CAE45.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-79.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

5345c5740bc863a4001ced2dc7997aa2ac0e129f27b7d8f2cc5624b0656efbb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 0DF70E809A1694D4900C7E11937CAE45
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8ee7d165-3ec0-4a21-bef1-ddefb9523d3c&userType=NEW
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Mon, 19 Jun 2023 11:03:35 GMT
content-encoding: gzip
via: 1.1 32162aed20605276097da109dc97c5b0.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: MUC50-P1
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 79091
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: 8rRESnGc5CUVM00S8fjYvyWHbMzBgC0sX1erRBTe6wWqqdit9g_LzQ==

GET
H2 200 switchbg.png
consent-pref.trustarc.com/images/ Frame 8EA5 1 KB
2 KB 26ms
26ms Image
image/png 18.66.192.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/switchbg.png

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/EuPreferenceManager.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-79.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

1ffe0083c43292aaba8148fe6d7286bd27381ea13fef76b9e545a22d8bbd8af5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/EuPreferenceManager.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 10:05:12 GMT
via: 1.1 32162aed20605276097da109dc97c5b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
age: 3515
x-cache: Hit from cloudfront
content-length: 1068
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Jun 2023 02:17:38 GMT
server: nginx
etag: W/"1068-1686104258000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/png
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: 9VTSpT9GskE_S1cw3yhPGldwJywqnBACsA_Ye1vbfm78I9-m_SZcSg==

GET
H2 200 loader.gif
consent-pref.trustarc.com/images/ Frame 8EA5 2 KB
2 KB 26ms
25ms Image
image/gif 18.66.192.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loader.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-79.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

ee53ada617f2674cbd706e3b24fc6738c7f53f2f7a3a959e71f611aa850dc946

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8ee7d165-3ec0-4a21-bef1-ddefb9523d3c&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 10:18:45 GMT
via: 1.1 32162aed20605276097da109dc97c5b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
age: 2692
x-cache: Hit from cloudfront
content-length: 1737
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Jun 2023 02:17:38 GMT
server: nginx
etag: W/"1737-1686104258000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/gif
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: G0ySb7zFds5a8qX_NZsFQDYNglSp_QNslXwaxl6RGNKACwSfKKjVVA==

GET
H2 200 cookie_inneriframe.html Show response
consent-pref.trustarc.com/ Frame 0904 2 KB
1 KB 26ms
25ms Document
text/html 18.66.192.79
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/cookie_inneriframe.html

Requested by

Host: prefmgr-cookie.truste-svc.net
URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8ee7d165-3ec0-4a21-bef1-ddefb9523d3c&userType=NEW

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-79.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://prefmgr-cookie.truste-svc.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 2550
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 19 Jun 2023 10:21:06 GMT
etag: W/"2008-1686104258000"
expect-ct: max-age=86400; enforce;
last-modified: Wed, 07 Jun 2023 02:17:38 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 32162aed20605276097da109dc97c5b0.cloudfront.net (CloudFront)
x-amz-cf-id: Hjmv38IVFPo9vKFeC_GViK4WYsBgMQ0XTYOxPE8QINFkoeZiowBSww==
x-amz-cf-pop: MUC50-P1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

GET
H2 200 trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame 8EA5 4 KB
5 KB 26ms
25ms Image
image/png 18.66.192.79
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/trustarc-logo-small.png

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/0DF70E809A1694D4900C7E11937CAE45.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

18.66.192.79 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-18-66-192-79.muc50.r.cloudfront.net

Software

nginx /

Resource Hash

91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&behaviorManager=eu&irm=false&from=https://consent.trustarc.com/&session=8ee7d165-3ec0-4a21-bef1-ddefb9523d3c&userType=NEW
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36

Response headers

date: Mon, 19 Jun 2023 10:38:00 GMT
via: 1.1 32162aed20605276097da109dc97c5b0.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: MUC50-P1
age: 1538
x-cache: Hit from cloudfront
content-length: 4197
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Wed, 07 Jun 2023 02:17:38 GMT
server: nginx
etag: W/"4197-1686104258000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/png
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: mNui8aWLeK5IaXqss7jP44VmW0U9P4S0eo4MgYt4RzTGvclI_BFXhg==

POST
H2 204 collect
region1.analytics.google.com/g/ 0
54 B 26ms
25ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-DVE6WNNFZR&gtm=45je36e0&_p=1139219138&cid=9057525.1687172613&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&sid=1687172613&sct=1&seg=0&dl=https%3A%2F%2F18.132.240.116%2F&dt=Holidays%20%7C%20City%20Breaks%20%7C%20Hotels%20%7C%20Hilton%20Explore&_s=2
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-DVE6WNNFZR&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://18.132.240.116/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.5735.133 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

pragma: no-cache
date: Mon, 19 Jun 2023 11:03:38 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://18.132.240.116
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: mpp.emea.mxptint.net
URL: https://mpp.emea.mxptint.net/2/23284/?rnd=%n&gtmcb=1792501533

Verdicts & Comments Add Verdict or Comment

147 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
18.132.240.116/	1970-01-20 22:15:32	Name: optimizelyEndUserId Value: oeu1687172612597r0.25115452922555903
18.132.240.116/	1970-01-20 22:15:32	Name: optimizelySegments Value: %7B%227774003137%22%3A%22direct%22%2C%227769381443%22%3A%22false%22%2C%227773560892%22%3A%22gc%22%2C%227769761861%22%3A%22none%22%7D
18.132.240.116/	1970-01-20 22:15:32	Name: optimizelyBuckets Value: %7B%7D
18.132.240.116/	1970-01-20 12:39:32	Name: optimizelyPendingLogEvents Value: %5B%5D
18.132.240.116/	1969-12-31 23:59:59	Name: HILTONLOCALE Value: en_GB
18.132.240.116/	1970-01-20 12:39:34	Name: TAsessionID Value: 8ee7d165-3ec0-4a21-bef1-ddefb9523d3c\|NEW
18.132.240.116/	1969-12-31 23:59:59	Name: notice_behavior Value: expressed,eu
18.132.240.116/	1970-01-20 22:15:32	Name: s_fid Value: 13ED5E16F16AF9AC-21E22853A102E530
18.132.240.116/	1970-01-20 12:39:34	Name: gpv_v9 Value: HiltonWeekends
18.132.240.116/	1969-12-31 23:59:59	Name: s_cc Value: true
.twitter.com/	1970-01-20 22:09:47	Name: guest_id Value: v1%3A168717261311097254
18.132.240.116/	1970-01-20 14:49:08	Name: _gcl_au Value: 1.1.115952531.1687172613
18.132.240.116/	1970-01-20 22:15:32	Name: _ga Value: GA1.1.9057525.1687172613
.hilton.com/	1970-01-20 22:15:32	Name: s_vi Value: [CS]v1\|32481B02AB9FBABE-400008C121A1736A[CE]
18.132.240.116/	1970-01-20 12:40:59	Name: _gid Value: GA1.1.69284919.1687172613
18.132.240.116/	1970-01-20 12:39:32	Name: _gat Value: 1
18.132.240.116/	1970-01-20 14:49:08	Name: _fbp Value: fb.3.1687172613395.856168116
.app.link/	1970-01-20 21:25:08	Name: _s Value: UHp1P5DGXpuI%2FfttCgTk8FkMs4I%2FTgaANqbm%2Fd%2BdnXcoeT69Yui0wzqUEaqiNlTS
18.132.240.116/	1970-01-20 21:25:08	Name: _hjSessionUser_1222023 Value: eyJpZCI6ImRlOTM1ZjY2LWZiZjktNTJmYy05YzQyLTIyMmQ4MWZjMTAyZCIsImNyZWF0ZWQiOjE2ODcxNzI2MTM0NjYsImV4aXN0aW5nIjpmYWxzZX0=
18.132.240.116/	1970-01-20 12:39:34	Name: _hjFirstSeen Value: 1
18.132.240.116/	1970-01-20 12:39:32	Name: _hjIncludedInSessionSample_1222023 Value: 0
18.132.240.116/	1970-01-20 12:39:34	Name: _hjSession_1222023 Value: eyJpZCI6IjkwYTM0ZmI2LTBjOTAtNGRiMi1hOGY5LWI0NGYzMmQ1NGM1YiIsImNyZWF0ZWQiOjE2ODcxNzI2MTM0NzQsImluU2FtcGxlIjpmYWxzZX0=
18.132.240.116/	1970-01-20 12:39:34	Name: _hjAbsoluteSessionInProgress Value: 1
18.132.240.116/	1970-01-20 22:15:32	Name: _ga_DVE6WNNFZR Value: GS1.1.1687172613.1.0.1687172613.60.0.0
prefmgr-cookie.truste-svc.net/	1970-01-20 12:39:32	Name: cookie_3rdparty Value: enabled
consent-pref.trustarc.com/	1970-01-20 12:39:32	Name: token_test Value: Mon Jun 19 2023 11:03:35 GMT+0000 (GMT)

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mpp.emea.mxptint.net/2/23284/?rnd=%n&gtmcb=1792501533 Message: Failed to load resource: net::ERR_CONNECTION_REFUSED

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0843220b4b49fa3344e6-737d153f632dfaaf66fedef7e1e811e7.ssl.cf3.rackcdn.com
2bb51c216a74a5694bf5-737d153f632dfaaf66fedef7e1e811e7.ssl.cf3.rackcdn.com
api2.branch.io
app.link
assets.adobedtm.com
cdn.branch.io
cdn.optimizely.com
cdn3.optimizely.com
connect.facebook.net
consent-pref.trustarc.com
consent-st.trustarc.com
consent.trustarc.com
dtfa4dlwqrprr.cloudfront.net
mpp.emea.mxptint.net
p.typekit.net
platform.twitter.com
polyfill.io
prefmgr-cookie.truste-svc.net
region1.analytics.google.com
script.hotjar.com
smetric.hilton.com
static.hotjar.com
stats.g.doubleclick.net
syndication.twitter.com
twitter.com
use.typekit.net
vc.hotjar.io
weekender-uk-uploads-2.imgix.net
weekender-uk-uploads-3.imgix.net
weekender-uk-uploads.imgix.net
www.facebook.com
www.google-analytics.com
www.google.de
www.googletagmanager.com
mpp.emea.mxptint.net
104.244.42.129
104.244.42.72
18.132.240.116
18.66.192.32
18.66.192.49
18.66.192.79
18.66.192.92
2001:4860:4802:34::36
23.212.206.124
23.35.236.145
2600:9000:225b:1800:1a:6509:4dc0:93a1
2600:9000:237d:5a00:19:9934:6a80:93a1
2600:9000:237d:f600:11:f728:3040:93a1
2606:2800:234:59:254c:406:2366:268c
2a00:1450:4001:813::200e
2a00:1450:4001:82f::2008
2a00:1450:4001:831::2003
2a00:1450:400c:c0c::9d
2a02:26f0:3100::1735:28c8
2a02:26f0:3500:591::1e80
2a02:26f0:3500:88e::13b8
2a03:2880:f083:9:face:b00c:0:3
2a03:2880:f176:84:face:b00c:0:25de
2a04:4e42:200::282
2a04:4e42:8d::720
44.215.237.77
63.140.62.164
99.84.88.126
99.84.88.7
00c87ce6a907defc58bc4e4cde9e54938ec4a28b0a73ed0e3bf1a12dff259ac4
01582ef43b179f6fb988e0cc674ca85d4ccf58d4b9d3c5355268e145a2a89ce9
03875cfce7223da1c82346e5e3e7cf3bce68651d31f3703436f1757b291de282
053bf35ebd4d7473f9da3c4f0ef90fb10b2134c2d29c78f896f4f3ec648146bf
0604e970bbbdce96c62be501899cfc011a3eaeabb63b989bbd029ce927af5ce0
0816ac18f327a871c0becbf13609d45fefa9277dfa79a2a1c8ab98e26adc9ac0
0b56dd809f978c08d4d736c90412e7d66e54aa4059d2e0b2b79f444dd734200f
0bbe7c49cd60d6d3e8033c430149673766ee9e38f1dbcb9bfbf579e326b6ffe2
0db58a85bed818965093f3735743a90b5d163e0d9201308e0f2f95b89149c3da
1230e0ea39c92efe693a98e2954b2fec447cf05c7dce18a494b0974b693af427
14097fa07ad0790711ebbace6b9ed4efa989e102c9169f9d953016f05ceee17a
141f36215219305a02154df613309654162903002642455997477d4f3ff25d12
165c4037c809b306ff190ec0a016ad31446056b57e22db3da56a97f11e7a83aa
183daadf000c141df352c2f0bac7caa1b51a88e6786460a122cc5848367db764
1cffc2b3146584685cd72751d7f28aa030ab9ae2f1bc78f2c27909f8d8287b26
1ffe0083c43292aaba8148fe6d7286bd27381ea13fef76b9e545a22d8bbd8af5
20be6ad3b3eb6ed608143650e07ad6d1f02938534b70c08f0f4ebd066a6b69f7
220d7da91ca1056c0c108b056d94d852a263c2543b7ddc192b3488c7e60a5e0f
28c47ee2efd65664ff26de2d50942eb8e30bdd215ce8ba5253112de1d72b9dee
29917cd33707fe87c89569c77f21b004e9d84c7452016e9c93cd51ce513549be
29a6e44de81a864485015f9623497c4729266f2be8244bf442caf96b53d43d82
2bb1ffc3bf30a7c7be034d24aee44d1a0734615283ff3c158b6cedaae7c957ec
2bfe0bfebc6bf40e5f73c03389ba8285505bc2f45d739d1efd5ca830f940a51d
2c5edfac75db1f69cf26a92e30a1a52995e1bbb2390c239bdc18173213516bd5
2dfa10066f88982897b76d7f3b0d8918af63954b8072e5cc3453edc25a245829
2eab1edb38a769e36f6028540382ee9e103bca36ef8bbe670026bba7928b7ad9
302da628a6afc3e93f1b86bf7c65e4d6536d8283d78266964822a76d1c645aa4
31166c3dc4af0b376677ec3e72c728f8c23efbfb351d64f7f7f6bcb8d6dfc39e
3312edf4bcabe795bc1162537c905022512b90e62749ecf5d41e4d11fa98af93
33eff32198c8c39ff52d7227f1b276dab5b452706ccaa1e1c5625d74b7f21d28
3465076cd9507a222ea6ae25faa75d5472606c1b03ff3c2dc965662ac45c67ae
3513de4bf093c6b166f959edc9a64e8916ffd5c373201ef16ee41b15c07ce5fc
38422ca8485a4e1f470cdcf6aa9fd17def1f778d20f9920c97f14105691467bd
38d6abb921ef70444744ec60f81414ed25adda6120887cac6703b2990d0bd794
392c9fa9cd1273a2a89d1a83a69cd1f63f21d1d55e7be21e1d8f51f25145668b
3a1af58b1a049b1c4f1f0d37a043167d0839e224f29f7236f2665fa4c647f3bc
3a9f847a4937549c8153e2fe1b453835c42476cee3c159b1b307ad9e1a7fed2d
3b892e1d18a2c4a27acfa59b69ce343683e59a740fcf58dcc8892251645a8e61
3d6f1488bd90d10bebce190c1064747dd69baaea1924f9ec9075c30d3131f32c
4002d65e95f94dc87ae8ad170eb8dbc3644921032ac76dcb376537d9304a6fbf
420f69fbecb63c7b876e52129774917085ea3b72af0bb999959132f9f0580fe2
4cc8706043e7c8e92fa2b427e30a21e63755958bc076ea663656ea799fc7f5e6
4f90844f31d7362b9863b38462e757ef68211bd1f4b6a94b2e753e1c7b93bc3f
51cc691c0bf01c995b2a2051a8ad718f4050ec1036159031ead5ca6eb8fb5854
5345c5740bc863a4001ced2dc7997aa2ac0e129f27b7d8f2cc5624b0656efbb4
5a60444c45c13cec770ee22659bb548fe0134ee607f94f58ef39ce598f728b98
610be5812eda1ccdf62c281fea0c56b8e900c6448348c90291986ba9e137fe8e
638cdd8afdab213fa5f1c563a221fb496ecb379fd8cd352a9a1a4bc2c01be40f
63ca8acd92de82dd2090f15de8e247cf73d432d4d755c14862e6b3496f43ab42
63d84ca73ef3c382a727e71aff470644c743c8170230533f71e7108378bff8a5
6407591f017525cf184d3609e9768e16b63a0247319f0df5b6ea7399a8b99302
64816ef42196992f1120608cafa36df8e03c81064551abb6f23bc00f69bf6727
67b844357541485e0b435f20d53ee74ef37cbcf090f9126125eba578d72ba10a
6b09a7ddb6badb78588e51ce2ca12d31043621270e96033dc41572927459e69c
6b479a0269732a0d8c9b28ab6fdbc5b53a05df4facacac578fe58c6f44ed0ab8
6d51dee3c20a5efb6a27824e02f074b17c1e02bf5a0b96a5c73f5feca2da8255
6e2dddc28075e0d31ef4963ac607062a7ccfb805823a030fe61c64f89262aa0c
7133830ea375ccdb43c9e92eb8290528e8ecdd4fda8132de1db6dbd129a96344
7983a54324f216d3f444223bed42ed9e59d54df23071076fcb15a11067909593
86543275e443f35b0cc0c9c86eabb7ea4762bbe8c1d4e8758620c660e36d761e
8ee8a19e1aeeb3b8c448a321c67d48947c2a1a2d1c17abd35c76226e5fed2fba
91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004
92fca55833f48b4289ac8f1cedd48752b580fce4ec4b5d81670b8193d6e51b54
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9bd4063e988fb2d8947040d108b726be1afb447137775f06a3c848bf32fa062d
9f6cfc5e2f5a9ffeca2774ce1962f61052ea3064b74f8760e243bf4994a2f745
9fdb83d3688d4ba0c1e3c1b7773058ed82e57ffc7271be370f3d94494faa796c
a09bd748f61395be93f04812c025e083f342d0e3a05d8391367c666a1a76065c
a144cba43c58b39820d9cd00b4fcbdbde2cea6584337e1f320679bf8662edc4e
a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed
a95fdcb92dbfa866ef69788927c57b436b319e44305c6e03aa3fd09e0c7e8c11
ac8990b7b3a96b31a495dd3cc3e0f3166121800d3bb5b1257f899a5afce5ad9f
aeb865e466ad541736314731ff39910998e594689cfd3d773a625033efa43e75
b01bd01687b15585b2740273c8c3c6674dd9f559cfe52eeffdf43b1f93a12d05
bf4ece8ff871540d9c2ab564684896b54b0ed681219f199775819eecd0d1cfb4
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa
c75a44a037b52863e1bbacd1d09447edb80c28a890b6280c68a48f00e5164b65
c9fac2422cea20b95b11b355f4502334c01d93aa8001ba5b6762f792859bf417
ccaa9ea99455a83bb770a835d90223458efc596a6bdf41a9e9c247504a5a538e
cdc2bb26fe76a79d54a6f197edf1188e4829093003f26707eed349267a8a96d3
d19b61adc4d25ce2217efb4388f5131217e467eb181fa8dac126f8ea940f4128
d1eb0c45473fd75bfef06a9cf8554de4cd27bb6537c5b4b0ce93d060fdae3a77
d3452ec1127967b4fce882b728a14e85f0b78d22024081936dfd4f25bfbc16c5
d54cbf164902da3480cbca42e0533ea442f8533aacf083d62fff90e86b2683e0
d70c51499f71fbe0fc1905f027ab21aade69d117dfab95ff8e24c2063ee5b46c
d7f817255acac24d24766a420471f23c0796b5228b84f8432bf70570ed870b72
d85fc60a52d4cc60b5b9c2991c46884931c9da873f0fbb4eb9b32b81cf233f8c
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8
e7b90d32907f89c49e9e2a2ccca95133277f756f13a14187936d9b948ff67b44
eaf2e11b0a70fbbd97a9e98d9e643c8b69d18199b5a35334b905c39092f4821d
eafdbd0afad403a176f8bb6f98770fbc69ed86a0d6a26a26077971266edd406b
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
ede1817214d05c2a979e877622245e14ee3fa6681d908b37ec97fabb0d1bee1d
ee53ada617f2674cbd706e3b24fc6738c7f53f2f7a3a959e71f611aa850dc946
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880
f2b69222e3385558eef76ace2cd37b25d3753aecda2090f65c73fe4020fd4a1f
f6d9c35719970e256d94beae218b136aadfafdad2a517f23353bc42fbb8cbed5
f83671c54894fa95bf3cabe4d3a11afd1959125e473dcf6ec65ca1438bac2d45
fe87ba68b105cdd47231800105f52ad93b0027dcb67f1b2914996f34d69ef915

18.132.240.116 Open in urlscan Pro 18.132.240.116 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

111 Requests

96 %HTTPS

55 %IPv6

23 Domains

34 Subdomains

30 IPs

4 Countries

2943 kBTransfer

8221 kBSize

26 Cookies

21 Outgoing links

Redirected requests

111 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

18.132.240.116 Open in urlscan Pro
18.132.240.116 Public Scan

Screenshot
Live screenshot

Full Image

111
Requests

96 %
HTTPS

55 %
IPv6

23
Domains

34
Subdomains

30
IPs

4
Countries

2943 kB
Transfer

8221 kB
Size

26
Cookies

111 HTTP transactions
1 data transactions