www.hilton.com Open in urlscan Pro
2a02:26f0:dc:187::b58 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTI...
Submission: On February 08 via api (February 8th 2023, 6:02:35 pm UTC) from BE — Scanned from DE

Summary HTTP 143 Redirects Links 11 Behaviour Indicators

Summary

This website contacted 36 IPs in 9 countries across 38 domains to perform 143 HTTP transactions. The main IP is 2a02:26f0:dc:187::b58, located in Vienna, Austria and belongs to AKAMAI-ASN1, NL. The main domain is www.hilton.com. The Cisco Umbrella rank of the primary domain is 18407.
TLS certificate: Issued by DigiCert ECC Extended Validation Serv... on April 8th 2022. Valid for: a year.

This is the only time www.hilton.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
60	2a02:26f0:dc:... 2a02:26f0:dc:187::b58	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	185.180.12.68 185.180.12.68	60068 (CDN77 ^_^) (CDN77 ^_^)
1	2a02:26f0:dc:... 2a02:26f0:dc:183::2682	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
4	2a02:26f0:f70... 2a02:26f0:f700:4b0::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	2a02:26f0:710... 2a02:26f0:7100:585::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 15	52.31.194.68 52.31.194.68	16509 (AMAZON-02) (AMAZON-02)
1	18.66.15.103 18.66.15.103	16509 (AMAZON-02) (AMAZON-02)
5	13.227.219.116 13.227.219.116	16509 (AMAZON-02) (AMAZON-02)
1	52.222.139.58 52.222.139.58	16509 (AMAZON-02) (AMAZON-02)
1	2600:9000:220... 2600:9000:2204:ae00:19:9934:6a80:93a1	16509 (AMAZON-02) (AMAZON-02)
1	34.254.165.240 34.254.165.240	16509 (AMAZON-02) (AMAZON-02)
2	15.236.117.205 15.236.117.205	16509 (AMAZON-02) (AMAZON-02)
1 1	18.201.4.185 18.201.4.185	16509 (AMAZON-02) (AMAZON-02)
20	13.227.219.65 13.227.219.65	16509 (AMAZON-02) (AMAZON-02)
1	13.227.219.6 13.227.219.6	16509 (AMAZON-02) (AMAZON-02)
1 2	99.86.4.5 99.86.4.5	16509 (AMAZON-02) (AMAZON-02)
1 1	54.78.245.184 54.78.245.184	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
2	2600:9000:21c... 2600:9000:21c7:ba00:11:f728:3040:93a1	16509 (AMAZON-02) (AMAZON-02)
1	3.234.25.89 3.234.25.89	14618 (AMAZON-AES) (AMAZON-AES)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:400d:802::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:811::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:400d:804::2003	15169 (GOOGLE) (GOOGLE)
2 3	37.252.173.215 37.252.173.215	29990 (ASN-APPNEX) (ASN-APPNEX)
1	44.195.150.192 44.195.150.192	14618 (AMAZON-AES) (AMAZON-AES)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
1 2	142.251.208.162 142.251.208.162	15169 (GOOGLE) (GOOGLE)
1 1	2620:116:800d... 2620:116:800d:21:de2e:c7b3:55c0:d5a0	16509 (AMAZON-02) (AMAZON-02)
1	35.186.236.204 35.186.236.204	15169 (GOOGLE) (GOOGLE)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	104.64.122.89 104.64.122.89	16625 (AKAMAI-AS) (AKAMAI-AS)
2 2	2606:4700::68... 2606:4700::6812:18ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.186.212.60 35.186.212.60	15169 (GOOGLE) (GOOGLE)
5	54.204.202.163 54.204.202.163	14618 (AMAZON-AES) (AMAZON-AES)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1 1	3.214.130.6 3.214.130.6	14618 (AMAZON-AES) (AMAZON-AES)
1	54.172.144.228 54.172.144.228	14618 (AMAZON-AES) (AMAZON-AES)
1	54.229.20.73 54.229.20.73	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:dc:... 2a02:26f0:dc:18c::11a6	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1 1	135.148.137.214 135.148.137.214	16276 (OVH) (OVH)
8 8	151.101.130.49 151.101.130.49	54113 (FASTLY) (FASTLY)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
2	3.228.88.68 3.228.88.68	14618 (AMAZON-AES) (AMAZON-AES)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.126 185.94.180.126	35220 (SPOTX-AMS) (SPOTX-AMS)
143	36

60 2a02:26f0:dc:187::b58 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

www.hilton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.180.12.68 (Vienna, Austria)

ASN60068 (CDN77 ^_^, GB)
PTR: edge-731.bunnyinfra.net

hilton.cdn-v3.conductrics.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:dc:183::2682 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

s2.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:f700:4b0::1e80 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:7100:585::11a6 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

c.go-mpulse.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 52.31.194.68 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-31-194-68.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.66.15.103 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-18-66-15-103.vie50.r.cloudfront.net

cdn.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.227.219.116 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-116.ams54.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 52.222.139.58 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-52-222-139-58.ams50.r.cloudfront.net

4dc2aa82bc5e.cdn4.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2600:9000:2204:ae00:19:9934:6a80:93a1 (United States)

ASN16509 (AMAZON-02, US)

app.link	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.254.165.240 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-34-254-165-240.eu-west-1.compute.amazonaws.com

hilton.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.236.117.205 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-117-205.eu-west-3.compute.amazonaws.com

smetric.hilton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 18.201.4.185 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-18-201-4-185.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 13.227.219.65 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-65.ams54.r.cloudfront.net

consent-pref.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.227.219.6 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-227-219-6.ams54.r.cloudfront.net

consent-st.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 99.86.4.5 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-99-86-4-5.fra6.r.cloudfront.net

cdn9.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.78.245.184 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-78-245-184.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f11c:8183:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2600:9000:21c7:ba00:11:f728:3040:93a1 (United States)

ASN16509 (AMAZON-02, US)

api2.branch.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.234.25.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-25-89.compute-1.amazonaws.com

7a9bc18e2f4949bab4d63fea95ad8ac8-4dc2aa82bc5e.cdn.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:802::2002 (Ireland) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:400d:804::2003 (Ireland)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 37.252.173.215 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.195.150.192 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-195-150-192.compute-1.amazonaws.com

prefmgr-cookie.truste-svc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.251.208.162 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: bud02s43-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:de2e:c7b3:55c0:d5a0 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.236.204 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 204.236.186.35.bc.googleusercontent.com

mpp.vindicosuite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 104.64.122.89 (Prague, Czech Republic) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-64-122-89.deploy.static.akamaitechnologies.com

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:18ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.212.60 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 60.212.186.35.bc.googleusercontent.com

tag.yieldoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 54.204.202.163 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-204-202-163.compute-1.amazonaws.com

cdn0.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.214.130.6 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-214-130-6.compute-1.amazonaws.com

get.truex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.172.144.228 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-172-144-228.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.229.20.73 (Dublin, Ireland)

ASN16509 (AMAZON-02, US)
PTR: ec2-54-229-20-73.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:dc:18c::11a6 (Vienna, Austria)

ASN20940 (AKAMAI-ASN1, NL)

0217991d.akstat.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 135.148.137.214 (Warrenton, United States) 1 redirects

ASN16276 (OVH, FR)
PTR: ext.svh218.incmdb.net

pix-us.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.130.49 (United States) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 3.228.88.68 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-228-88-68.compute-1.amazonaws.com

bf08412nhq.bf.dynatrace.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.126 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
62	hilton.com www.hilton.com — Cisco Umbrella Rank: 18407 smetric.hilton.com — Cisco Umbrella Rank: 27063	2 MB
26	trustarc.com consent.trustarc.com — Cisco Umbrella Rank: 2859 consent-pref.trustarc.com — Cisco Umbrella Rank: 15281 consent-st.trustarc.com — Cisco Umbrella Rank: 28551	373 KB
16	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 201 hilton.demdex.net — Cisco Umbrella Rank: 14827	19 KB
9	everesttech.net 9 redirects cm.everesttech.net — Cisco Umbrella Rank: 1005 sync-tm.everesttech.net — Cisco Umbrella Rank: 551	2 KB
9	forter.com 1 redirects 4dc2aa82bc5e.cdn4.forter.com — Cisco Umbrella Rank: 26211 cdn9.forter.com — Cisco Umbrella Rank: 4539 7a9bc18e2f4949bab4d63fea95ad8ac8-4dc2aa82bc5e.cdn.forter.com cdn0.forter.com — Cisco Umbrella Rank: 4737	139 KB
4	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 475	144 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 205	3 KB
3	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 29 cm.g.doubleclick.net — Cisco Umbrella Rank: 207	1 KB
3	branch.io cdn.branch.io — Cisco Umbrella Rank: 983 api2.branch.io — Cisco Umbrella Rank: 628	23 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 702	1 KB
2	dynatrace.com bf08412nhq.bf.dynatrace.com — Cisco Umbrella Rank: 29481	977 B
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 540	1 KB
2	yieldoptimizer.com 2 redirects tag.yieldoptimizer.com — Cisco Umbrella Rank: 4182	2 KB
2	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 732 s.tribalfusion.com — Cisco Umbrella Rank: 1833	943 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 108	858 B
2	go-mpulse.net s2.go-mpulse.net — Cisco Umbrella Rank: 5967 c.go-mpulse.net — Cisco Umbrella Rank: 621	42 KB
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 870	450 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 423	273 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 316	239 B
1	revjet.com 1 redirects pix-us.revjet.com — Cisco Umbrella Rank: 23311	326 B
1	akstat.io 0217991d.akstat.io — Cisco Umbrella Rank: 62996	355 B
1	crwdcntrl.net sync.crwdcntrl.net — Cisco Umbrella Rank: 763	265 B
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 1068	35 B
1	truex.com 1 redirects get.truex.com — Cisco Umbrella Rank: 20867	302 B
1	bttrack.com bttrack.com — Cisco Umbrella Rank: 741	163 B
1	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 889	674 B
1	flashtalking.com 1 redirects servedby.flashtalking.com — Cisco Umbrella Rank: 791	551 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 239	538 B
1	vindicosuite.com mpp.vindicosuite.com — Cisco Umbrella Rank: 5759	24 B
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 638	488 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1177	402 B
1	truste-svc.net prefmgr-cookie.truste-svc.net — Cisco Umbrella Rank: 29052	2 KB
1	google.de www.google.de — Cisco Umbrella Rank: 6211	455 B
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	492 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 351	98 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 484	480 B
1	app.link app.link — Cisco Umbrella Rank: 1762	593 B
1	conductrics.net hilton.cdn-v3.conductrics.net — Cisco Umbrella Rank: 27646	85 KB
143	38

	Domain	Requested by
60	www.hilton.com	www.hilton.com
20	consent-pref.trustarc.com	consent.trustarc.com consent-pref.trustarc.com www.hilton.com prefmgr-cookie.truste-svc.net
15	dpm.demdex.net	1 redirects www.hilton.com
8	sync-tm.everesttech.net	8 redirects
5	cdn0.forter.com	www.hilton.com
5	consent.trustarc.com	www.hilton.com consent.trustarc.com
4	assets.adobedtm.com	www.hilton.com assets.adobedtm.com
3	ib.adnxs.com	2 redirects
2	sync.search.spotxchange.com	1 redirects
2	bf08412nhq.bf.dynatrace.com	www.hilton.com
2	dsum-sec.casalemedia.com	1 redirects
2	tag.yieldoptimizer.com	2 redirects
2	cm.g.doubleclick.net	1 redirects
2	api2.branch.io	www.hilton.com
2	www.facebook.com	www.hilton.com
2	cdn9.forter.com	1 redirects
2	smetric.hilton.com	www.hilton.com assets.adobedtm.com
1	image2.pubmatic.com
1	us-u.openx.net
1	pixel.rubiconproject.com
1	pix-us.revjet.com	1 redirects
1	0217991d.akstat.io	s2.go-mpulse.net
1	sync.crwdcntrl.net
1	rtb.adentifi.com
1	get.truex.com	1 redirects
1	bttrack.com
1	cms.analytics.yahoo.com	1 redirects
1	s.tribalfusion.com	1 redirects
1	a.tribalfusion.com	1 redirects
1	servedby.flashtalking.com	1 redirects
1	c.bing.com	1 redirects
1	mpp.vindicosuite.com
1	cms.quantserve.com	1 redirects
1	d.turn.com	1 redirects
1	prefmgr-cookie.truste-svc.net	www.hilton.com
1	www.google.de
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	idsync.rlcdn.com
1	7a9bc18e2f4949bab4d63fea95ad8ac8-4dc2aa82bc5e.cdn.forter.com
1	aa.agkn.com	1 redirects
1	consent-st.trustarc.com	consent-pref.trustarc.com
1	cm.everesttech.net	1 redirects
1	hilton.demdex.net	assets.adobedtm.com
1	app.link	cdn.branch.io
1	4dc2aa82bc5e.cdn4.forter.com	www.hilton.com
1	cdn.branch.io	assets.adobedtm.com
1	c.go-mpulse.net	www.hilton.com
1	s2.go-mpulse.net	www.hilton.com
1	hilton.cdn-v3.conductrics.net	www.hilton.com
143	50

This site contains links to these domains. Also see Links.

Domain
www.waldorfastorialoscabospedregal.com
www.facebook.com
twitter.com
www.instagram.com
www.buyhiltongiftcards.com
jobs.hilton.com
stories.hilton.com
help.hilton.com
cr.hilton.com
esg.hilton.com
secure.ethicspoint.com

Subject Issuer	Validity	Valid
www.hilton.com DigiCert ECC Extended Validation Server CA	`2022-04-08` - `2023-04-08`	a year	crt.sh
hilton.cdn-v3.conductrics.net R3	`2023-01-19` - `2023-04-19`	3 months	crt.sh
s2.go-mpulse.net R3	`2022-12-20` - `2023-03-20`	3 months	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
akstat.io DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2022-04-15` - `2023-04-19`	a year	crt.sh
*.branch.io Amazon	`2022-10-11` - `2023-11-09`	a year	crt.sh
*.trustarc.com Amazon	`2022-05-17` - `2023-06-15`	a year	crt.sh
*.cdn4.forter.com GeoTrust RSA CA 2018	`2022-12-08` - `2024-01-08`	a year	crt.sh
appipv4.link Amazon	`2022-05-25` - `2023-06-23`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
smetric.hilton.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-30` - `2023-08-30`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-11-17` - `2023-02-15`	3 months	crt.sh
*.cdn.forter.com GeoTrust RSA CA 2018	`2022-06-27` - `2023-07-27`	a year	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.truste-svc.net Amazon	`2022-05-23` - `2023-06-21`	a year	crt.sh
mpp.vindicosuite.com GTS CA 1D4	`2023-01-30` - `2023-05-01`	3 months	crt.sh
cdn0.forter.com GeoTrust RSA CA 2018	`2022-06-27` - `2023-07-07`	a year	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-21` - `2023-04-20`	a year	crt.sh
adentifi.com Amazon	`2022-08-05` - `2023-09-03`	a year	crt.sh
*.crwdcntrl.net Go Daddy Secure Certificate Authority - G2	`2022-05-01` - `2023-06-02`	a year	crt.sh
*.bf.dynatrace.com Amazon	`2022-12-09` - `2024-01-07`	a year	crt.sh

This page contains 6 frames:

Primary Page: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
Frame ID: 15AD206B617FA23631269E66317E4D2F
Requests: 92 HTTP requests in this frame

Frame: https://hilton.demdex.net/dest5.html?d_nsid=0
Frame ID: 63D56D0648A2FBCF3D052AF2FB814BBC
Requests: 28 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
Frame ID: 67C1574911D34E499B558E1E79DA2130
Requests: 20 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html
Frame ID: 1CE34CAB5744CB2138889D7FDB11C97D
Requests: 1 HTTP requests in this frame

Frame: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
Frame ID: BA5FB12D8A224B24958763CE492DD5ED
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/cookie_inneriframe.html
Frame ID: 7D066D65B03E94AD34B5A61FB5DAB6D9
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

4,500 Point New Member Welcome Bonus - Hilton Honors, Opens new tab

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Forter (Analytics) Expand

Overall confidence: 100%
Detected patterns

forter\.com

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

TrustArc (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.trustarc\.com

Page Statistics

143
Requests

82 %
HTTPS

31 %
IPv6

38
Domains

50
Subdomains

36
IPs

9
Countries

2812 kB
Transfer

7246 kB
Size

56
Cookies

11 Outgoing links

These are links going to different origins than the main page.

URL: https://www.waldorfastorialoscabospedregal.com/?cid=OH,HH,WAPedregalNMWelcomeBonus,MULTIPR,Carousel,Home,SingleLink,i84218
Title: Waldorf Astoria Los Cabos Pedregal. opens in a new tab

Search URL Search Domain Scan URL

URL: https://www.facebook.com/hiltonnewsroom/
Title: Facebook, Opens new tab

Search URL Search Domain Scan URL

URL: https://twitter.com/hiltonnewsroom
Title: Twitter, Opens new tab

Search URL Search Domain Scan URL

URL: https://www.instagram.com/hiltonnewsroom/
Title: Instagram, Opens new tab

Search URL Search Domain Scan URL

URL: https://www.buyhiltongiftcards.com/
Title: Hilton Gift Card

Search URL Search Domain Scan URL

URL: https://jobs.hilton.com/select-country.php
Title: Careers

Search URL Search Domain Scan URL

URL: https://stories.hilton.com/
Title: Media

Search URL Search Domain Scan URL

URL: https://help.hilton.com/s/
Title: Customer Support

Search URL Search Domain Scan URL

URL: https://cr.hilton.com/wp-content/uploads/2021/06/Hilton-Slavery-and-Trafficking-Statement-2020.pdf
Title: Modern Slavery and Human Trafficking, Opens new tab

Search URL Search Domain Scan URL

URL: https://esg.hilton.com/
Title: Corporate Responsibility, Opens new tab

Search URL Search Domain Scan URL

URL: https://secure.ethicspoint.com/domain/media/en/gui/23073/index.html
Title: Hilton Hotline

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 62

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1675879349185 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1675879349185

Request Chain 75

https://cm.everesttech.net/cm/dd?d_uuid=28020279755585149850870251391735646046 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y_PjtQAAAJ_7-AN-

Request Chain 83

https://cdn9.forter.com/vchk2 HTTP 301
https://cdn9.forter.com/vchk2/v1/79ee53c96f4b242e3f72b61318a754eea2b7ca0d2dde1334b1e3300bb795911cac7f4bc9661f50eedaf440dca776

Request Chain 85

https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=28020279755585149850870251391735646046 HTTP 302
https://dpm.demdex.net/ibs:dpid=21&dpuuid=219773204421002981185

Request Chain 95

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1005930085/?value=0&guid=ON&script=0&data=23583573 HTTP 302
https://www.google.com/pagead/1p-user-list/1005930085/?value=0&guid=ON&script=0&data=23583573&is_vtc=1&random=1525433687 HTTP 302
https://www.google.de/pagead/1p-user-list/1005930085/?value=0&guid=ON&script=0&data=23583573&is_vtc=1&random=1525433687&ipr=y

Request Chain 98

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=5626319825133662033

Request Chain 104

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=3580847287377973543

Request Chain 105

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjgwMjAyNzk3NTU1ODUxNDk4NTA4NzAyNTEzOTE3MzU2NDYwNDY= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGY6sPv2pJEIU8_AB9s172Y&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 106

https://cms.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=x-c_SpTnOE_c5mpKyeN3Scnhahzc7GhBlO14mN2b

Request Chain 108

https://c.bing.com/c.gif?uid=28020279755585149850870251391735646046&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=0517B3F240D967EF152DA14041D966AF

Request Chain 113

https://servedby.flashtalking.com/map/?key=a74thHgsfK627J6Ftt8sj5ks52bKe&gdpr=0&gdpr_consent=&url=https://dpm.demdex.net/ibs:dpid=3047&dpuuid=[%FT_GUID%]&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=3047&dpuuid=5517DC1498A273&gdpr=0&gdpr_consent=

Request Chain 118

https://a.tribalfusion.com/i.match?p=b13&u=28020279755585149850870251391735646046&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://s.tribalfusion.com/z/i.match?p=b13&u=28020279755585149850870251391735646046&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://dpm.demdex.net/ibs:dpid=22054

Request Chain 119

https://tag.yieldoptimizer.com/ps/ps?t=i&p=2233 HTTP 302
https://tag.yieldoptimizer.com/ps/ps?tc=853328515&t=i&p=2233 HTTP 302
https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3016658186670

Request Chain 121

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=28020279755585149850870251391735646046&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-4uMe1CpE2pE6omxZFDSwc2FHOdMK24.GaiE-~A

Request Chain 124

https://get.truex.com/adobe/audience_manager/sync HTTP 302
https://dpm.demdex.net/ibs:dpid=66013&dpuuid=

Request Chain 129

https://pix-us.revjet.com/idsync/adobe/1?aam_id=28020279755585149850870251391735646046&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D70027%26dpuuid%3D%24%24visitor_id%24%24 HTTP 302
https://dpm.demdex.net/ibs:dpid=70027&dpuuid=5389040765876929750

Request Chain 130

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WV9QanRRQUFBSl83LUFOLQ==

Request Chain 132

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y_PjtQAAAJ_7-AN-&expires=90

Request Chain 133

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y_PjtQAAAJ_7-AN- HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y_PjtQAAAJ_7-AN-&C=1

Request Chain 136

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=Y_PjtQAAAJ_7-AN-

Request Chain 137

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y_PjtQAAAJ_7-AN-

Request Chain 139

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y_PjtQAAAJ_7-AN-

Request Chain 140

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y_PjtQAAAJ_7-AN-&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y_PjtQAAAJ_7-AN-&img=1&__user_check__=1&sync_id=c22ce3ae-a7da-11ed-8d66-1a7ccaea0106

Request Chain 141

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y_PjtQAAAJ_7-AN-&t=2592000&o=0

143 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.hilton.com/en/p/welcome-bonus/ 163 KB
34 KB 316ms
278ms Document
text/html 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

84427a1da71ffc7308e726c7786c4ab1e2b9bb963ad251124bed5ed022ba3e33

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: public, max-age=600
content-encoding: gzip
content-security-policy: frame-ancestors 'self'
content-type: text/html; charset=utf-8
date: Wed, 08 Feb 2023 18:02:27 GMT
etag: "25eb7-Lbq1VJrI0L3aNRL3qpp6RpJIkrY:dtagent102572212220941476WPh"
expires: Wed, 08 Feb 2023 18:12:27 GMT
hltclientmessageid: 8cdde79b-06d3-4c61-bf86-07077ec1483d-6s6ieef3xqrkzf4botzsgthoerxwcpul1yqavfgis
server-timing: cdn-cache; desc=HIT edge; dur=244 dtSInfo;desc="0", dtRpid;desc="-1545391221"
strict-transport-security: max-age=31536000
vary: Accept-Encoding
x-akam-sw-version: 0.5.0
x-frame-options: SAMEORIGIN
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block

GET
H2 200 dt-jSoVLlm8Db1J9D3k4nN05QFUuoFH90 Show response
hilton.cdn-v3.conductrics.net/ac-JEgVELUJfI/v3/agent-api/js/f-kNOeWOuont/ 238 KB
85 KB 322ms
201ms Script
text/javascript 185.180.12.68
CDN77 ^_^

General

Check archive.org

Show headers Download Go to

Full URL

https://hilton.cdn-v3.conductrics.net/ac-JEgVELUJfI/v3/agent-api/js/f-kNOeWOuont/dt-jSoVLlm8Db1J9D3k4nN05QFUuoFH90?apikey=api-FMyCwMtUoUiPlbmMxooa

Requested by

Host: www.hilton.com
URL: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

185.180.12.68 Vienna, Austria, ASN60068 (CDN77 ^_^, GB),

Reverse DNS

edge-731.bunnyinfra.net

Software

BunnyCDN-AT1-731 / Express

Resource Hash

68f8c2dd9b1cd1a9fe1b2c1d4d910b3ab0c8b05a235b71cc61a79f299aeadda6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:28 GMT
content-encoding: br
x-content-type-options: nosniff
cdn-edgestorageid: 731
x-powered-by: Express
cdn-cachedat: 02/08/2023 18:02:28
cdn-pullzone: 704813
cdn-tag: ac-JEgVELUJfI_dt-jSoVLlm8Db1J9D3k4nN05QFUuoFH90
x-response-time: 22.745ms
last-modified: Wed, 08 Feb 2023 17:35:32 GMT
server: BunnyCDN-AT1-731
cdn-proxyver: 1.03
cdn-requestpullcode: 200
etag: W/"3b973-Y9hYkkUnKAu5R/vlJPwJXLO4gWk"
x-conductrics-deploy: dd-uNFEtoBjEaMOMSQZ14NMhrKad5MzWx; Wed Feb 08 2023 17:35:32 GMT+0000 (Coordinated Universal Time)
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cdn-cache: MISS
cdn-uid: 079b8da0-e854-4c0b-ab57-5653ffe5590b
cache-control: public, max-age=1200
access-control-allow-credentials: true
cdn-requestid: 85a1ef8c929b95b2d7a7665392348d4a
cdn-requestcountrycode: DE
cdn-status: 200
cdn-requestpullsuccess: True

GET
H2 200 ruxitagentjs_ICA237NVfghjoqrtux_10257221222094147.js Show response
www.hilton.com/dynjs/ 262 KB
99 KB 371ms
362ms Script
text/javascript 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dynjs/ruxitagentjs_ICA237NVfghjoqrtux_10257221222094147.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8efb7d3120703f9d2a054a20a4576a74c7575726d36816a4def40089f2ba4c4b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Wed, 03 Mar 2010 07:01:40 GMT
vary: Accept-Encoding
content-type: text/javascript; charset=utf-8
cache-control: public, max-age=600
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 100434
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 sjdwa-pool-at-dusk.jpg
www.hilton.com/im/en/SJDWAWA/10620099/ 14 KB
15 KB 50ms
47ms Image
image/webp 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hilton.com/im/en/SJDWAWA/10620099/sjdwa-pool-at-dusk.jpg?impolicy=crop&cw=4108&ch=3015&gravity=NorthWest&xposition=310&yposition=0&rw=400&rh=294

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f7a1823caa66fdd3f6c01ec493121534460c5b8df0ee1cf6143e0d8c977d6107

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 14 Dec 2022 00:50:08 GMT
etag: "1629a1c66d24328003e9551d7cfb0a40"
content-type: image/webp
cache-control: no-transform, max-age=600
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 14624
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 sjdwa-pool-at-dusk.jpg
www.hilton.com/im/en/SJDWAWA/10620099/ 11 KB
11 KB 49ms
47ms Image
image/webp 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hilton.com/im/en/SJDWAWA/10620099/sjdwa-pool-at-dusk.jpg?impolicy=crop&cw=4730&ch=2464&gravity=NorthWest&xposition=0&yposition=275&rw=400&rh=208

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d406b63a7d23bf0fc52e3dda58a28f048101c31f57d12cd164633d6832919d1f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 14 Dec 2022 00:50:07 GMT
etag: "1629a1c66d24328003e9551d7cfb0a40"
content-type: image/webp
cache-control: no-transform, max-age=600
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 10972
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 979a7b062eea3863daca.css
www.hilton.com/dx_cpm_app/_next/static/css/ 131 KB
22 KB 197ms
188ms Stylesheet
text/css 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dx_cpm_app/_next/static/css/979a7b062eea3863daca.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

53fab80350ce588120fefa6b9045a21264367a9556f1caa7a681f43d9397c040

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: gzip
date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="-1934435376"
content-length: 21629
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:57:57 GMT
etag: W/"20beb-186032f4d08"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: 7f6bfb9d-d269-4fa7-8e6f-84e9fbe5fb3b-xaqiew4ye6qu29ojo1pota4evkltph58euwfgh0m3f
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 145c3f0854b61176ce85.css
www.hilton.com/dx_cpm_app/_next/static/css/ 725 B
654 B 217ms
208ms Stylesheet
text/css 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dx_cpm_app/_next/static/css/145c3f0854b61176ce85.css

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8594fca92e528d2233cd5744d4916d2a0c191bff764d3496222e48945d42f2f0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: gzip
date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="1"
content-length: 199
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:57:57 GMT
etag: W/"2d5-186032f4d08"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: text/css; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: 9820314f-6007-4b46-83a8-6c57a01959be-6c2bvd8dz6n9tg0ja1zhi73t39nbfs4x
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 commons.4aa10c44b199a01514b5.js Show response
www.hilton.com/dx_cpm_app/_next/static/chunks/ 82 KB
25 KB 215ms
206ms Script
application/javascript 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dx_cpm_app/_next/static/chunks/commons.4aa10c44b199a01514b5.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

19e6ec4050b2d44e2e69683eb2d949f773dd84b1e5dd514c046ea20d44e71c16

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="816363281"
content-length: 25066
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:57:57 GMT
etag: W/"14897-186032f4d08"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: 18fbf4ea-8875-470b-a968-7f7d1fb7582b-4z2eb6i2kvhd0qjmmv0o8emcbthh4ahzi
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 c8f7fe3b0e41be846d5687592cf2018ff6e22687.4a88f4eb1ee81cb38843.js Show response
www.hilton.com/dx_cpm_app/_next/static/chunks/ 72 KB
23 KB 204ms
196ms Script
application/javascript 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dx_cpm_app/_next/static/chunks/c8f7fe3b0e41be846d5687592cf2018ff6e22687.4a88f4eb1ee81cb38843.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

4115945d73ebe24bc0587e257ebfb210dd95007982ad85bf2bc397cbf3ef25af

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: gzip
date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="996435968"
content-length: 23368
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:57:57 GMT
etag: W/"11ed4-186032f4d08"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: 46124137-fd94-4107-b70b-738aa7aafda3-0r39i527k6irgzbw92r3eqq0msyff5qzpt
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 33.f722a46b3b324f350e38.js Show response
www.hilton.com/dx_cpm_app/_next/static/chunks/ 28 KB
9 KB 376ms
368ms Script
application/javascript 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dx_cpm_app/_next/static/chunks/33.f722a46b3b324f350e38.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

82c2894beb8fb0d7084ed84539960eaae15bca3c7f3590f839886b37b2982a56

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="-705566971"
content-length: 8310
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:57:57 GMT
etag: W/"713b-186032f4d08"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: a4f797b7-5924-4283-92f0-b54ff386aee4-74yv8wlwe7l7y5d3b9lw89dcqekg0xxt
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 70f752a2.892829245737abbd6c6d.js Show response
www.hilton.com/dx_cpm_app/_next/static/chunks/ 152 KB
18 KB 363ms
355ms Script
application/javascript 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dx_cpm_app/_next/static/chunks/70f752a2.892829245737abbd6c6d.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

dafc06c54a09e1c0488b88535aa3e2be5155ecad9e0396f0317984d9b8f517b0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: gzip
date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="1"
content-length: 17787
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:57:57 GMT
etag: W/"25f67-186032f4d08"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: 23d98fab-cf4f-4be4-b73f-e7fdcf3f9fa3-o12d34k2zaiwlcnutj194j6i4hdguqu4hlzx39vlji
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 f54b42984bfe4d114461fcea2710af414ac1fe74.ae5133876a1fe5d21847.js Show response
www.hilton.com/dx_cpm_app/_next/static/chunks/ 94 KB
15 KB 360ms
352ms Script
application/javascript 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dx_cpm_app/_next/static/chunks/f54b42984bfe4d114461fcea2710af414ac1fe74.ae5133876a1fe5d21847.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

515e511632df46396d203e9877f97fb6d737c79045ef289b0181a3d655a4dad1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: gzip
date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="1"
content-length: 15285
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:57:57 GMT
etag: W/"17879-186032f4d08"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: 7bc2d1d9-3bbc-4acd-ad71-9556c4ae26fb-3n740fj84ecgl7y73rtvqq3b081uhmqdq
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 19.cbec9528280f3bd1d5f1.js Show response
www.hilton.com/dx_cpm_app/_next/static/chunks/ 106 KB
34 KB 215ms
208ms Script
application/javascript 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dx_cpm_app/_next/static/chunks/19.cbec9528280f3bd1d5f1.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8e827e67746b9c86c9cb7411fb9fa63ddc75eb7bb4120eb80d5316da48f42996

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: gzip
date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="1"
content-length: 33892
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:57:57 GMT
etag: W/"1a730-186032f4d08"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: 494396c6-a1c7-4257-972f-cc70a2906184-g7w43ivq1q4pv5389v1y59pzrlqfcikum
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 34.0b4acdbb68c142f77507.js Show response
www.hilton.com/dx_cpm_app/_next/static/chunks/ 3 KB
2 KB 382ms
374ms Script
application/javascript 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dx_cpm_app/_next/static/chunks/34.0b4acdbb68c142f77507.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

95a1075c5a11f9f834abf9be15ab1b9f3527c15f269c11228c6f618e7515fd40

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="-2116956392"
content-length: 1423
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:57:57 GMT
etag: W/"cc7-186032f4d08"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: dc5d0f83-faca-43a8-b9f2-0b7508e2a453-nvo97qfyiyswo5lti56v8ze0bdo7dw9i
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 21.572772650c51396e29f7.js Show response
www.hilton.com/dx_cpm_app/_next/static/chunks/ 18 KB
7 KB 222ms
215ms Script
application/javascript 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dx_cpm_app/_next/static/chunks/21.572772650c51396e29f7.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7efdbea858a5543e271850d4a62e8893414f605d522bbe2bc6e4201d514d33f4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="-1559465624"
content-length: 6783
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:57:57 GMT
etag: W/"4708-186032f4d08"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: 91ceb299-8d25-46c6-baeb-87f341586388-eshx1hk3n8fg0aqdfxzj04x5so9r6n1k
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 36.1e5f9562347537b9eb3f.js Show response
www.hilton.com/dx_cpm_app/_next/static/chunks/ 2 KB
2 KB 200ms
193ms Script
application/javascript 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dx_cpm_app/_next/static/chunks/36.1e5f9562347537b9eb3f.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

103617aa372df7126b40e43d7e3106d148d004d8d29f66ebb3089c0693f46aa3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="-2096284493"
content-length: 1088
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:57:57 GMT
etag: W/"9c2-186032f4d08"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: df3804ed-c566-4d82-921f-41d770d2c6f7-atqy2q5b06ww4fdy5p81it7xxc1w8h8f
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 22.3d528f6fdbb5922538ee.js Show response
www.hilton.com/dx_cpm_app/_next/static/chunks/ 4 KB
2 KB 368ms
361ms Script
application/javascript 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dx_cpm_app/_next/static/chunks/22.3d528f6fdbb5922538ee.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

77d21fe6ff1de0c27114a96dd35088dce9b76119f0fb090d1c405674c94c9480

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	frame-ancestors 'none'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-content-security-policy: frame-ancestors 'none'
x-edgeconnect-origin-mex-latency: 56
content-security-policy: frame-ancestors 'none'
content-encoding: gzip
date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
x-edgeconnect-midmile-rtt: 11
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="-759114847"
content-length: 1740
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:57:57 GMT
etag: W/"11fc-186032f4d08"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
x-webkit-csp: frame-ancestors 'none'
hltclientmessageid: a7d600d6-3c08-4a8b-a3cc-91b3321ad97f-7mezbet0rks1adu6chiaz4fuq1i67bttq
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 45.bf15710882395aab77f8.js Show response
www.hilton.com/dx_cpm_app/_next/static/chunks/ 1 KB
1 KB 380ms
374ms Script
application/javascript 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dx_cpm_app/_next/static/chunks/45.bf15710882395aab77f8.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3273b9752cefdffe59886aaf94985343b75ff9289d172ba9f4f788e003a748c0

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: gzip
date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=6, dtSInfo;desc="0", dtRpid;desc="242151323"
content-length: 763
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:57:57 GMT
etag: W/"5e6-186032f4d08"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: a31c6260-b6e1-42cd-a219-9926e1e672ac-m5yaoqbvkvewevljm6j3m8n9atw4elut
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 27.8ed4d7e43b9d9da7907b.js Show response
www.hilton.com/dx_cpm_app/_next/static/chunks/ 3 KB
2 KB 386ms
379ms Script
application/javascript 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dx_cpm_app/_next/static/chunks/27.8ed4d7e43b9d9da7907b.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3a7c1e7aa1e19fa5700a8b89a73a7b7b36ae85d0703104b70b058cb743bef7fb

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: gzip
date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=17, dtSInfo;desc="0", dtRpid;desc="366185203"
content-length: 1170
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:57:57 GMT
etag: W/"a78-186032f4d08"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: f723ad6d-5055-492a-8960-2956c371bb11-gtp71lyr3wj5kg9nrmoc7u9eqjctxvocg
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 41.9b0a34474ac0bb7ea280.js Show response
www.hilton.com/dx_cpm_app/_next/static/chunks/ 4 KB
2 KB 201ms
195ms Script
application/javascript 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dx_cpm_app/_next/static/chunks/41.9b0a34474ac0bb7ea280.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

d130832237337d881ba43c2c2d0f02b1905ea9ea8f764b5eddce1441e47eafad

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: gzip
date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="1"
content-length: 1625
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:57:57 GMT
etag: W/"e35-186032f4d08"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: 7e35f4d9-b840-4def-aeb6-683b5b8559f6-pk67y67qq1mcqrtit5njsgko3372vt5d
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 23.339ed7c7f66678a74f2d.js Show response
www.hilton.com/dx_cpm_app/_next/static/chunks/ 6 KB
2 KB 357ms
351ms Script
application/javascript 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dx_cpm_app/_next/static/chunks/23.339ed7c7f66678a74f2d.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

74a6500c0809af9375ddedc95a98d36cfa81970346096273a554ca84d250f2d0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="2007898955"
content-length: 2023
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:57:57 GMT
etag: W/"1605-186032f4d08"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: cf76f28b-13a2-4a6f-8484-dfcb8e5ed26c-xxy9int6y5g89sgcm26slgzappvkxnvej
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 39.cbda889edc9e2143d37c.js Show response
www.hilton.com/dx_cpm_app/_next/static/chunks/ 2 KB
2 KB 213ms
207ms Script
application/javascript 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dx_cpm_app/_next/static/chunks/39.cbda889edc9e2143d37c.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

3c3bfa40d19356bfa0c8dff74fe17f3b84773b23c4cc8c1235509062ca23ae81

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="2089614196"
content-length: 1181
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:57:57 GMT
etag: W/"9fc-186032f4d08"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: 4cd37e27-fbab-423f-b23b-7a6dca4200d8-edfvd77wutsqickyxjzbanirthc6rnq5
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 24.9ceb9aefaca1312815cd.js Show response
www.hilton.com/dx_cpm_app/_next/static/chunks/ 5 KB
2 KB 215ms
210ms Script
application/javascript 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dx_cpm_app/_next/static/chunks/24.9ceb9aefaca1312815cd.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e31c6a03cf6f842e0268c818db32401a84ac15aa4e5aa19c7fcd68a954ff018f

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: gzip
date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="-315100392"
content-length: 1893
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:57:57 GMT
etag: W/"14fb-186032f4d08"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: 26db8384-f929-4936-81ed-2628b32c7f49-ufgeesa8fqpa14tivn9b6mxk3dzwbdpz6o4cnbru7
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 40.2248833c74ffefa1d793.js Show response
www.hilton.com/dx_cpm_app/_next/static/chunks/ 1 KB
1 KB 410ms
405ms Script
application/javascript 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dx_cpm_app/_next/static/chunks/40.2248833c74ffefa1d793.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a35f23f2527318fb63862f2c96469ff946135dedabeda06b94a3e5c152a3d615

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: gzip
date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=207, dtSInfo;desc="1"
content-length: 742
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:57:57 GMT
etag: W/"5fb-186032f4d08"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: 3bb8d505-dfde-4829-862d-e865c1be0feb-apnmku51w6627xdw2466swi4qkh7leoa
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 31.3cbb4bedae7ea72cebf4.js Show response
www.hilton.com/dx_cpm_app/_next/static/chunks/ 2 KB
2 KB 383ms
378ms Script
application/javascript 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dx_cpm_app/_next/static/chunks/31.3cbb4bedae7ea72cebf4.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

cbe55528c76d1b5f3295de26b8c544fe6801a8659a8a93ba50a2b603f5e172ed

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: gzip
date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=16, dtSInfo;desc="0", dtRpid;desc="-529777476"
content-length: 1077
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:57:57 GMT
etag: W/"9a2-186032f4d08"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: 9aa97139-8bca-4f7d-b4ff-45db43925529-pdamt40eirnf3zc4kr60fjc6wrjdrvzip25kcbhw2
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 44.376595969764aacea632.js Show response
www.hilton.com/dx_cpm_app/_next/static/chunks/ 2 KB
2 KB 215ms
210ms Script
application/javascript 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dx_cpm_app/_next/static/chunks/44.376595969764aacea632.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e9fcc2dba0833b1cc0eacf3113234283eff992e45c3dc695dfc8aef7ba905b84

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: gzip
date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="-1282849080"
content-length: 1085
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:57:57 GMT
etag: W/"962-186032f4d08"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: e05f684f-78f8-4e4f-9ce5-f7a7ac4cfa0a-js3ixgv95b50qwj9pncsvdn4c8uouvvklvxst4zeuq
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 26.9449b75ef1b98300c385.js Show response
www.hilton.com/dx_cpm_app/_next/static/chunks/ 4 KB
2 KB 205ms
200ms Script
application/javascript 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dx_cpm_app/_next/static/chunks/26.9449b75ef1b98300c385.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b7c7fbe5d508c972a088e7da622a568641928e36323e32227292e49b1ac38821

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: gzip
date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="1"
content-length: 1794
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:57:57 GMT
etag: W/"1138-186032f4d08"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: 5c9e97db-8890-45b1-8eb2-814e3c1e585a-w5e5jpuh8wjzqfzlzv5jqn9vdjxph8ph8
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 webpack-779010d4b1ee0d49d8a9.js Show response
www.hilton.com/dx_cpm_app/_next/static/chunks/ 3 KB
2 KB 356ms
351ms Script
application/javascript 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dx_cpm_app/_next/static/chunks/webpack-779010d4b1ee0d49d8a9.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bad277d6326bfb9555c57f7f075f7a9fefb0063240773b7f8554f4694fd06963

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Content-Security-Policy	frame-ancestors 'none'
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-content-security-policy: frame-ancestors 'none'
x-edgeconnect-origin-mex-latency: 66
content-security-policy: frame-ancestors 'none'
content-encoding: gzip
date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
x-edgeconnect-midmile-rtt: 0
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="577146435"
content-length: 1889
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:57:57 GMT
etag: W/"d47-186032f4d08"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
x-webkit-csp: frame-ancestors 'none'
hltclientmessageid: af0eb7d9-7467-4120-a2a8-0aa9fe98d7f1-e5on1n031jloec15l5alysm3yu5ksvhyb03zple8i
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 framework.7f759bc637b72b831a69.js Show response
www.hilton.com/dx_cpm_app/_next/static/chunks/ 147 KB
45 KB 198ms
194ms Script
application/javascript 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dx_cpm_app/_next/static/chunks/framework.7f759bc637b72b831a69.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

212521d68cb7524cbf1e607a8e5a64880e7c629f22f942de6753f0a92b32bb86

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="-1333253003"
content-length: 45418
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:57:57 GMT
etag: W/"24b74-186032f4d08"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: ff95353f-3e62-4ae5-82cc-99d7e4468810-dg2iffeh028cedhmvop3n9zqwhwap3lma
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 main-7b032a0279b7dd092c08.js Show response
www.hilton.com/dx_cpm_app/_next/static/chunks/ 19 KB
7 KB 219ms
214ms Script
application/javascript 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dx_cpm_app/_next/static/chunks/main-7b032a0279b7dd092c08.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9cd49deb5c44953db866815ccf1831b32277cf2dedff5388cd7baacc891a96c1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: gzip
date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="1099152826"
content-length: 6953
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:57:57 GMT
etag: W/"4a05-186032f4d08"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: fb13382b-57f4-47ab-9a1d-9596567af55e-txijkeoir4bvz4b1nolpfqvrjqtw28eh
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 e2b1663e2867b8ce2031ff3ed02cf8cf4bea86ae.69846847017b0f40e508.js Show response
www.hilton.com/dx_cpm_app/_next/static/chunks/ 622 KB
179 KB 361ms
357ms Script
application/javascript 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dx_cpm_app/_next/static/chunks/e2b1663e2867b8ce2031ff3ed02cf8cf4bea86ae.69846847017b0f40e508.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

22dd9cf2d818510af07946854ee6bea597b838c58ed97340ae65fbd15d061e2c

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: gzip
date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="-216233718"
content-length: 182094
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:57:57 GMT
etag: W/"9b8cf-186032f4d08"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: f730b951-3567-4554-b667-941caccfdccb-j7821uawh7lri21wzdcsqp5qn1q9virci
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 _app-9ce01d1d3d833075ff38.js Show response
www.hilton.com/dx_cpm_app/_next/static/chunks/pages/ 4 KB
2 KB 205ms
201ms Script
application/javascript 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dx_cpm_app/_next/static/chunks/pages/_app-9ce01d1d3d833075ff38.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

61791b1da70c30eb0e2540349a5a2d811eb896c2c63741023fd7f62d60bb0659

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: gzip
date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="942756831"
content-length: 1635
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:57:57 GMT
etag: W/"1098-186032f4d08"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: f615b225-b1b9-4a05-b792-abeab4ab130d-g98l97f2fnbhib7n8q3i5i1sfqe4dzxfv
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 7baa1c52.37769ed140e07021460c.js Show response
www.hilton.com/dx_cpm_app/_next/static/chunks/ 105 KB
29 KB 213ms
209ms Script
application/javascript 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dx_cpm_app/_next/static/chunks/7baa1c52.37769ed140e07021460c.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

358254413b06b2b83c1cd9d9e697a21e5316dcb99c980a964767f5e30e4811e1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: gzip
date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="632133020"
content-length: 28939
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:57:57 GMT
etag: W/"1a479-186032f4d08"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: 82e8eb17-31ec-4208-9356-ed0f718e49a1-qmg4o3i056g3w2bpu6wnsmo6nrofy1ws
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 e8daa70cfd3a4b1686bce010dfe9048e6f2b09a2.8f120b405d5439efe10f.js Show response
www.hilton.com/dx_cpm_app/_next/static/chunks/ 1 MB
332 KB 355ms
352ms Script
application/javascript 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dx_cpm_app/_next/static/chunks/e8daa70cfd3a4b1686bce010dfe9048e6f2b09a2.8f120b405d5439efe10f.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b487932f299b6209ba6665c8bf358e714d4e6959150eebca947e1ef7b1a6abda

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: gzip
date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="1193065407"
content-length: 338589
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:57:57 GMT
etag: W/"123f85-186032f4d08"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: 6aa7de59-7e36-4f70-854e-4debdac4e959-rot6hhi275qjztpsgy45qz84mhcg78bfcici6ms6zs
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 %5B%5B...brandSlug%5D%5D-e967697e371a41a356c0.js Show response
www.hilton.com/dx_cpm_app/_next/static/chunks/pages/ 1019 B
1 KB 198ms
194ms Script
application/javascript 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dx_cpm_app/_next/static/chunks/pages/%5B%5B...brandSlug%5D%5D-e967697e371a41a356c0.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8a5151a017c954b7b3945040b841aaf81f5b8d87c117b64f4b4b301db1bad5a1

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: gzip
date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="1"
content-length: 597
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:57:57 GMT
etag: W/"3fb-186032f4d08"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: c87cef97-c956-4c95-8ef9-8e709728badf-ubjgypyf0hl3avr1cnzt0p4i0b6s2ij1l
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 WW.svg
www.hilton.com/modules/assets/svgs/logos/shop/ 6 KB
3 KB 46ms
44ms Image
image/svg+xml 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hilton.com/modules/assets/svgs/logos/shop/WW.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5dda36da7625dfd7aaf2da92e100d92f0fa7a7d519e226b641cd0abaea8468e0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 61
date: Wed, 08 Feb 2023 18:02:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 27 Jan 2023 18:09:54 GMT
x-edgeconnect-midmile-rtt: 0
etag: W/"8ee-185f46bf550"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=600
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 2286
x-pod: dx-assets-ui-prd-c
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 Facebook.svg
www.hilton.com/modules/assets/svgs/social/ 598 B
647 B 44ms
42ms Image
image/svg+xml 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hilton.com/modules/assets/svgs/social/Facebook.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

a3715f40344826e3d37ded41c32bf598d8a24a2385a1d30efeb52f37d314e7d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 27 Jan 2023 18:10:04 GMT
etag: W/"177-185f46c1c60"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=600
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 375
x-pod: dx-assets-ui-prd-c
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 Twitter.svg
www.hilton.com/modules/assets/svgs/social/ 490 B
547 B 44ms
42ms Image
image/svg+xml 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hilton.com/modules/assets/svgs/social/Twitter.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

27a31791a21300b9ddb7980f633f099c054dcb3fb58ae172f9993a9575525a1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 27 Jan 2023 18:06:14 GMT
etag: W/"1ea-185f46899f0"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=600
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 275
x-pod: dx-assets-ui-prd-c
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 Instagram.svg
www.hilton.com/modules/assets/svgs/social/ 3 KB
1 KB 45ms
43ms Image
image/svg+xml 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hilton.com/modules/assets/svgs/social/Instagram.svg

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

7ec26bb449135c61ace348c704ced42e2111da2e7f1980a64484096223cdbbfd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:28 GMT
content-encoding: gzip
strict-transport-security: max-age=31536000
last-modified: Fri, 27 Jan 2023 18:10:05 GMT
etag: W/"4d7-185f46c2048"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: public, max-age=600
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 1239
x-pod: dx-assets-ui-prd-c
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 _buildManifest.js Show response
www.hilton.com/dx_cpm_app/_next/static/bS0Bg6_-OR80MbU9z6jsy/ 879 B
918 B 46ms
45ms Script
application/javascript 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dx_cpm_app/_next/static/bS0Bg6_-OR80MbU9z6jsy/_buildManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

8d9d99b6bab8d91b9883ccfdff4de77b0edcfc15f779ec5ad51ed29e6b6309a2

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: gzip
date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="-625473946"
content-length: 430
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:57:57 GMT
etag: W/"36f-186032f4d08"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: fe13a5a3-0087-4614-9826-35ab56f675b8-o8y4ok1zt7kt30z2e6xzxcqznauv2aeu9
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 _ssgManifest.js Show response
www.hilton.com/dx_cpm_app/_next/static/bS0Bg6_-OR80MbU9z6jsy/ 76 B
525 B 45ms
44ms Script
application/javascript 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dx_cpm_app/_next/static/bS0Bg6_-OR80MbU9z6jsy/_ssgManifest.js

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: gzip
date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="1"
content-length: 60
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:57:57 GMT
etag: W/"4c-186032f4d08"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: 6b075369-31f5-462f-8962-8c0a286f459d-93tvmx2u8kpstogi7ksf18k98kdbb7bdn
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 Vsexp2KHQ Show response
www.hilton.com/K8-I74/t_LBe/7wjcB/xQ/D1cukh3Q/biVUdhwB/XT/ 182 KB
69 KB 62ms
62ms Script
application/javascript 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/K8-I74/t_LBe/7wjcB/xQ/D1cukh3Q/biVUdhwB/XT/Vsexp2KHQ

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

233a5cb7ccfbad3e40b0984592960920bdcf915fd9d987ae3d5ebabcb32e86c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:28 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Mon, 05 Dec 2022 18:21:50 GMT
etag: "c065b170d98e55180d9d0ec22203687e78580f5a9c71964c6b1b97f01595bfe0"
vary: Accept-Encoding
content-type: application/javascript
cache-control: max-age=21600
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 69534

GET
H2 200 SBHYK-LK2AL-UW4L5-6RD2N-4TGQC Show response
s2.go-mpulse.net/boomerang/ 164 KB
40 KB 98ms
24ms Script
application/javascript 2a02:26f0:dc:183::2682
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://s2.go-mpulse.net/boomerang/SBHYK-LK2AL-UW4L5-6RD2N-4TGQC
Requested by: Host: www.hilton.com
URL: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:dc:183::2682 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 903ae518e851d447d5ac9c096975e8f1b0870815e7df13f738c76ea9a75bc280

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:28 GMT
content-encoding: br
last-modified: Tue, 24 Jan 2023 04:55:21 GMT
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=604800
x-n: S
timing-allow-origin: *
content-length: 41195

GET
H2 200 semibold.woff2
www.hilton.com/modules/assets/fonts/proxima-nova/ 32 KB
32 KB 38ms
37ms Font
font/woff2 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/modules/assets/fonts/proxima-nova/semibold.woff2

Requested by

Host: www.hilton.com
URL: https://www.hilton.com/dx_cpm_app/_next/static/css/979a7b062eea3863daca.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

026dd753d9f1a497edc39c33b432827701b7a9ee2d2d06093b6061db3e48f9a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.hilton.com/dx_cpm_app/_next/static/css/979a7b062eea3863daca.css
Origin: https://www.hilton.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 27 Jan 2023 18:06:14 GMT
etag: W/"7eb4-185f46899f0"
content-type: font/woff2
access-control-allow-origin: https://www.hilton.com
cache-control: public, max-age=600
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 32436
x-pod: dx-assets-ui-prd-c
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 bold.woff2
www.hilton.com/modules/assets/fonts/proxima-nova/ 33 KB
33 KB 37ms
36ms Font
font/woff2 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/modules/assets/fonts/proxima-nova/bold.woff2

Requested by

Host: www.hilton.com
URL: https://www.hilton.com/dx_cpm_app/_next/static/css/979a7b062eea3863daca.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

249adada92006dd2dd73ce849d964a6381c62c0ca279bbff4e3620aac13ef8df

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.hilton.com/dx_cpm_app/_next/static/css/979a7b062eea3863daca.css
Origin: https://www.hilton.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 27 Jan 2023 18:06:14 GMT
etag: W/"828c-185f46899f0"
content-type: font/woff2
access-control-allow-origin: https://www.hilton.com
cache-control: public, max-age=600
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 33420
x-pod: dx-assets-ui-prd-c
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 heavy.woff2
www.hilton.com/modules/assets/fonts/loew/ 39 KB
39 KB 58ms
58ms Font
font/woff2 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/modules/assets/fonts/loew/heavy.woff2

Requested by

Host: www.hilton.com
URL: https://www.hilton.com/dx_cpm_app/_next/static/css/979a7b062eea3863daca.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b444739d51f5f630511e5df4b3dfca22e20348a59b8be2ae75dd71a6f4042ac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.hilton.com/dx_cpm_app/_next/static/css/979a7b062eea3863daca.css
Origin: https://www.hilton.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 27 Jan 2023 18:06:14 GMT
etag: W/"9ba4-185f46899f0"
content-type: font/woff2
access-control-allow-origin: https://www.hilton.com
cache-control: public, max-age=600
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 39844
x-pod: dx-assets-ui-prd-c
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 regular.woff2
www.hilton.com/modules/assets/fonts/proxima-nova/ 32 KB
33 KB 53ms
53ms Font
font/woff2 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/modules/assets/fonts/proxima-nova/regular.woff2

Requested by

Host: www.hilton.com
URL: https://www.hilton.com/dx_cpm_app/_next/static/css/979a7b062eea3863daca.css

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

abc3a46c34b8eaad299c8f1de34ea27fc50e1e4de16f113143143cb314b689e6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.hilton.com/dx_cpm_app/_next/static/css/979a7b062eea3863daca.css
Origin: https://www.hilton.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 27 Jan 2023 18:06:14 GMT
etag: W/"80d8-185f46899f0"
content-type: font/woff2
access-control-allow-origin: https://www.hilton.com
cache-control: public, max-age=600
server-timing: cdn-cache; desc=HIT, edge; dur=1
accept-ranges: bytes
content-length: 32984
x-pod: dx-assets-ui-prd-c
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
DATA 200
OK truncated
/ 42 B
0 Image
image/gif

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/gif

POST
H2 201 Vsexp2KHQ Show response
www.hilton.com/K8-I74/t_LBe/7wjcB/xQ/D1cukh3Q/biVUdhwB/XT/ 18 B
813 B 200ms
200ms XHR
application/json 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/K8-I74/t_LBe/7wjcB/xQ/D1cukh3Q/biVUdhwB/XT/Vsexp2KHQ

Requested by

Host: www.hilton.com
URL: https://www.hilton.com/dynjs/ruxitagentjs_ICA237NVfghjoqrtux_10257221222094147.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Content-Type: text/plain;charset=UTF-8
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
x-dtpc: -55$79348433_395h2vPJCIUSCKADKNRFCGPBPWJDMPKFMMSPRJ-0e0

Response headers

date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.hilton.com
access-control-allow-credentials: true
x_req_id: 0c988c2b-811f-40d3-906c-eb2e15b5cc0f
server-timing: edge; dur=4, origin; dur=167, cdn-cache; desc=MISS
access-control-allow-headers: Content-Type
content-length: 18
x-akam-sw-version: 0.5.0

POST
H2 200 token Show response
www.hilton.com/dx-customer/auth/applications/ 1 KB
2 KB 146ms
146ms Fetch
application/json 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/dx-customer/auth/applications/token

Requested by

Host: www.hilton.com
URL: https://www.hilton.com/dynjs/ruxitagentjs_ICA237NVfghjoqrtux_10257221222094147.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5f52906b2aabe4e6e26fd0fbdb6627254e05583b47939a9f36335e692d43d9cd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Content-type: application/json; charset=utf-8
Accept: application/json; charset=utf-8
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
x-dtpc: -55$79348433_395h3vPJCIUSCKADKNRFCGPBPWJDMPKFMMSPRJ-0e0

Response headers

x-edgeconnect-origin-mex-latency: 14
date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 91
x-dns-prefetch-control: off
server-timing: cdn-cache; desc=MISS, edge; dur=100, origin; dur=14, dtSInfo;desc="1", dtTao;desc="1"
content-length: 1341
x-pod: dx-auth-api-prd-c
x-xss-protection: 1; mode=block
pragma: no-cache
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=0, no-cache, no-store
timing-allow-origin: *
hltclientmessageid: bc717cab-5d2f-42d6-bd69-7b4b167f1cd8-dyxzoaknil8r6w2x3mt6bdpho6jh4jw03eghhc8y4nt
expires: Wed, 08 Feb 2023 18:02:28 GMT

GET
H2 200 osc-products.json Show response
www.hilton.com/static_cpm_assets/i18n/en/ 1 KB
1015 B 32ms
32ms Fetch
application/json 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/static_cpm_assets/i18n/en/osc-products.json

Requested by

Host: www.hilton.com
URL: https://www.hilton.com/dynjs/ruxitagentjs_ICA237NVfghjoqrtux_10257221222094147.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b2509e99cef473eca91473779ad326b7292355b04d7c8c7c7106d809d0f3a5d7

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
x-dtpc: -55$79348433_395h4vPJCIUSCKADKNRFCGPBPWJDMPKFMMSPRJ-0e0

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: gzip
date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="-1444283488"
content-length: 513
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:35:27 GMT
etag: W/"45f-186031ab780:dtagent102572212220941476WPh"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: 221d5bb8-20e4-4a74-8220-e135f534e9a8-s6rahsrbrqnygc6ziys5asxjuud3w3t9
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 dx-image-carousel.json Show response
www.hilton.com/static_cpm_assets/i18n/en/ 227 B
739 B 45ms
44ms Fetch
application/json 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/static_cpm_assets/i18n/en/dx-image-carousel.json

Requested by

Host: www.hilton.com
URL: https://www.hilton.com/dynjs/ruxitagentjs_ICA237NVfghjoqrtux_10257221222094147.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9b2ff7e2eadc07a21925cf9eb1944c06702b4ffac45b5993964c71f7bacb07ba

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
x-dtpc: 7$79348433_395h5vPJCIUSCKADKNRFCGPBPWJDMPKFMMSPRJ-0e0

Response headers

x-edgeconnect-origin-mex-latency: 50, 50
content-security-policy: frame-ancestors 'none'
content-encoding: gzip
date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
x-edgeconnect-midmile-rtt: 0, 1
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="638829196"
content-length: 131
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:34:00 GMT
etag: W/"e3-186031963a8:dtagent102572212220941476WPh"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: ff2684d0-cd59-4c32-82c3-8ee7c9e5edfd-lqand4rxjyqpgevslj14dbytodajkew5lbsu952q9g
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 osc-marketing:brand-alert.json Show response
www.hilton.com/static_cpm_assets/i18n/en/ 300 B
679 B 115ms
114ms Fetch
application/json 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/static_cpm_assets/i18n/en/osc-marketing:brand-alert.json

Requested by

Host: www.hilton.com
URL: https://www.hilton.com/dynjs/ruxitagentjs_ICA237NVfghjoqrtux_10257221222094147.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

04b10ea1dc7b372ce5ac61a7105b0a1f98090c4f7f891843e418823f53161c9b

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
x-dtpc: 7$79348433_395h6vPJCIUSCKADKNRFCGPBPWJDMPKFMMSPRJ-0e0

Response headers

content-security-policy: frame-ancestors 'none'
content-encoding: gzip
date: Wed, 08 Feb 2023 18:02:29 GMT
strict-transport-security: max-age=31536000
server-timing: cdn-cache; desc=HIT, edge; dur=62, dtSInfo;desc="0", dtRpid;desc="-1331864792"
content-length: 171
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:35:26 GMT
etag: W/"12c-186031ab398:dtagent102572212220941476WPh"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: 2484c4c6-02fc-4a88-9d32-89d474112ce1-pqiaethlw8uw1fb4rfgbji8s9povc1d7b8dxuspgr
expires: Wed, 08 Feb 2023 18:12:29 GMT

GET
H2 200 osc-marketing:dx-dialog-with-content.json Show response
www.hilton.com/static_cpm_assets/i18n/en/ 65 B
726 B 40ms
40ms Fetch
application/json 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/static_cpm_assets/i18n/en/osc-marketing:dx-dialog-with-content.json

Requested by

Host: www.hilton.com
URL: https://www.hilton.com/dynjs/ruxitagentjs_ICA237NVfghjoqrtux_10257221222094147.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

36e7ec9b9ee9168735e75a543e8f2a174b9a0b658ecb49f03f4ec331609f802a

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
x-dtpc: 7$79348433_395h7vPJCIUSCKADKNRFCGPBPWJDMPKFMMSPRJ-0e0

Response headers

x-edgeconnect-origin-mex-latency: 31, 31, 31
content-security-policy: frame-ancestors 'none'
content-encoding: gzip
date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
x-edgeconnect-midmile-rtt: 1, 12, 1
server-timing: cdn-cache; desc=HIT, edge; dur=1, dtSInfo;desc="0", dtRpid;desc="97795573"
content-length: 75
x-pod: dx-cpm-live-prd-c
x-xss-protection: 1; mode=block
last-modified: Mon, 30 Jan 2023 14:35:26 GMT
etag: W/"41-186031ab398:dtagent102572212220941476WPh"
x-frame-options: SAMEORIGIN
vary: Accept-Encoding
content-type: application/json; charset=UTF-8
cache-control: private, max-age=600
accept-ranges: bytes
hltclientmessageid: 4838a284-9f05-4ac6-b0a5-d9d3560a1cfa-6l5dugxjxl93o2retp8tdtp9bwwf524ka
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 launch-EN02272261e0b845508227acf3ca0c37de.min.js Show response
assets.adobedtm.com/ 579 KB
120 KB 148ms
20ms Script
application/x-javascript 2a02:26f0:f700:4b0::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/launch-EN02272261e0b845508227acf3ca0c37de.min.js
Requested by: Host: www.hilton.com
URL: https://www.hilton.com/dx_cpm_app/_next/static/chunks/e8daa70cfd3a4b1686bce010dfe9048e6f2b09a2.8f120b405d5439efe10f.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4b0::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 59188719cc6ad45d39628fcc907d77a8cf763d68243612cfa3c6678ec374ea9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:29 GMT
content-encoding: gzip
last-modified: Mon, 06 Feb 2023 18:05:09 GMT
server: AkamaiNetStorage
etag: "ab1857f1fa2e01e8b89563d7660c485c:1675706709.738252"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.hilton.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 122623
expires: Wed, 08 Feb 2023 19:02:29 GMT

GET
H2 200 sjdwa-pool-at-dusk.jpg
www.hilton.com/im/en/SJDWAWA/10620099/ 232 KB
233 KB 37ms
37ms Image
image/webp 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hilton.com/im/en/SJDWAWA/10620099/sjdwa-pool-at-dusk.jpg?impolicy=crop&cw=4108&ch=3015&gravity=NorthWest&xposition=310&yposition=0&rw=2880&rh=2114

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

b4d64b83c0875c08b96e4bd1ba80319a3ca1731d30fc6182b8325bd1cd135e9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 329, 329, 329
date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 14 Dec 2022 15:51:28 GMT
x-serial: 1885
x-check-cacheable: YES
x-edgeconnect-midmile-rtt: 51, 61, 51
etag: "1629a1c66d24328003e9551d7cfb0a40"
content-type: image/webp
cache-control: no-transform, max-age=600
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 237134
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 sjdwa-pool-at-dusk.jpg
www.hilton.com/im/en/SJDWAWA/10620099/ 172 KB
173 KB 37ms
36ms Image
image/webp 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hilton.com/im/en/SJDWAWA/10620099/sjdwa-pool-at-dusk.jpg?impolicy=crop&cw=4730&ch=2464&gravity=NorthWest&xposition=0&yposition=275&rw=2880&rh=1500

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5d5542834ba2845dc38e09d621efd771f9251c3f879b0511ded7cf23f39383cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 272, 272, 272, 272
date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 14 Dec 2022 15:51:28 GMT
x-serial: 1574
x-check-cacheable: YES
x-edgeconnect-midmile-rtt: 64, 64, 74, 64
etag: "1629a1c66d24328003e9551d7cfb0a40"
content-type: image/webp
cache-control: no-transform, max-age=600
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 176552
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 sjdwa-pool-at-dusk.jpg
www.hilton.com/im/en/SJDWAWA/10620099/ 163 KB
163 KB 38ms
38ms Image
image/webp 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hilton.com/im/en/SJDWAWA/10620099/sjdwa-pool-at-dusk.jpg?impolicy=crop&cw=4730&ch=2464&gravity=NorthWest&xposition=0&yposition=275&rw=5120&rh=2668

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

1be5be627328fc78b074a7fef82d8fd4d7ed5c2986fa62ce4e8e724f4e8e6367

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 165, 165
date: Wed, 08 Feb 2023 18:02:28 GMT
strict-transport-security: max-age=31536000
last-modified: Wed, 14 Dec 2022 15:51:30 GMT
x-serial: 191
x-check-cacheable: YES
x-edgeconnect-midmile-rtt: 57, 57
etag: "1629a1c66d24328003e9551d7cfb0a40"
content-type: image/webp
cache-control: no-transform, max-age=600
server-timing: cdn-cache; desc=HIT, edge; dur=2
content-length: 166632
expires: Wed, 08 Feb 2023 18:12:28 GMT

GET
H2 200 tennislifestyle.jpg
www.hilton.com/im/en/SJNHIHH/2568702/ 74 KB
75 KB 45ms
44ms Image
image/webp 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hilton.com/im/en/SJNHIHH/2568702/tennislifestyle.jpg?impolicy=crop&cw=4500&ch=3000&gravity=NorthWest&xposition=0&yposition=0&rw=1280&rh=854

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

9ba3827e3290d21e78d0958581510439b3406baf182cc0e76aab9f7758bf06ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 381, 381, 381, 381
date: Wed, 08 Feb 2023 18:02:29 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 10 Nov 2022 16:45:38 GMT
x-serial: 892
x-check-cacheable: YES
x-edgeconnect-midmile-rtt: 59, 121, 62, 59
etag: "8a47c1739e25889a1bbef4ad17a89320"
content-type: image/webp
cache-control: no-transform, max-age=600
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 75892
expires: Wed, 08 Feb 2023 18:12:29 GMT

GET
H2 200 licensed-shutterstock-1406696702.jpg
www.hilton.com/im/en/NoHotel/15516585/ 152 KB
152 KB 47ms
46ms Image
image/webp 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hilton.com/im/en/NoHotel/15516585/licensed-shutterstock-1406696702.jpg?impolicy=crop&cw=5000&ch=3333&gravity=NorthWest&xposition=0&yposition=-1&rw=1280&rh=854

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

6f069252d082560ebb79f4d1844bf473e94542e58daeb238a9c4fb591f95dfeb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:29 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 10 Nov 2022 16:45:39 GMT
etag: "7f44982781e5e6b7b4c53cf2f3322c7f"
content-type: image/webp
cache-control: no-transform, max-age=600
server-timing: cdn-cache; desc=HIT, edge; dur=10
content-length: 155570
expires: Wed, 08 Feb 2023 18:12:29 GMT

GET
H2 200 eywqq-lifestyle-beach-male.jpg
www.hilton.com/im/en/EYWQQQQ/17275751/ 23 KB
23 KB 65ms
65ms Image
image/avif 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.hilton.com/im/en/EYWQQQQ/17275751/eywqq-lifestyle-beach-male.jpg?impolicy=crop&cw=5000&ch=3333&gravity=NorthWest&xposition=0&yposition=0&rw=1280&rh=854

Requested by

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

f8fad84c8342f0b34b92bcd56b47d9e73c83d75c440d003b5e99002d00798359

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-edgeconnect-origin-mex-latency: 138, 138, 138, 138
date: Wed, 08 Feb 2023 18:02:29 GMT
strict-transport-security: max-age=31536000
last-modified: Thu, 26 Jan 2023 16:59:34 GMT
x-serial: 645
x-check-cacheable: YES
x-edgeconnect-midmile-rtt: 21, 22, 31, 21
etag: "588801d47c9d955a09f8986f4c7a2e0d"
content-type: image/avif
cache-control: no-transform, max-age=600
server-timing: cdn-cache; desc=HIT, edge; dur=1
content-length: 23450
expires: Wed, 08 Feb 2023 18:12:29 GMT

POST
H2 200 customer Show response
www.hilton.com/graphql/ 165 B
1 KB 45ms
45ms Fetch
application/json 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/graphql/customer?appName=dx_cpm_app&operationName=brand

Requested by

Host: www.hilton.com
URL: https://www.hilton.com/dynjs/ruxitagentjs_ICA237NVfghjoqrtux_10257221222094147.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

5e0610740a6d17707a9f81c141233374b3418bedb9aa0307c1331e6c169784ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Authorization: Bearer DX.eyJhbGciOiJSU0EtT0FFUCIsImVuYyI6IkEyNTZHQ00iLCJwaWQiOiJ3ZWIiLCJraWQiOiI4UVl1RTZfdHBValdjUmVnem1RZFlBaF9RYlk1ckVqUlpPTThwWmNKeU5BIn0.Ioqv2UdQMc9uU8vkkud-RSLW2c5L6Mi9k19Tuad1N40gDcG0V6nlAKke37Cht6wuhke5u55VikcL-EAPAvFaE8zirwVNG4QX5tiGurw3iA2BobDVwXEheLvBtZmwIgtSgKto3pZmaNygZU6myJKzv6jZOEQgwFRxQgv8mL1Spwz8kw732h_8QiA9yzd4NBQkt47xmHsTlPm7KZxlYUhcjtQzfPddWISdlPMAF18tBizvOk9hMEjgDAP3S-6fI0yGnZibwlMrZpxAxP2N2r3ARG2zdmzvG4_kLd3w3_gMiKbDvy8zikHGJcX2E8Aag4MR1sDIlkDDmCZd59fAXulehA.dkqv2RhjjnU1aEYt.soceyA0hZcRMkih4FvUmC5hWgtAYgaJHaXjIMnjwKg5LG3D8l-48iFoqC6GIc-su4SVbWJ2mtTmDRwd-nxxvsqvN44QoYOTTN7cVeXS5jUVmbHuJjuC0OrUA_41Xgki0h6zDDXczKzYNrVX5eKlpNUsQlimbpLQHG9HfYdp5w8z7TXUR3vT-zSqaWUVZx5nmSK_c9HD1rd6jYmVLjgQ7DU3GDp0PuuZCyQP6toymH_PI4AAd8-r0EiOYEb0ufvWm1sX4MBzNwpt1Y2vHmHj-2qzu1xAaOB-_2bHMuNGCpUZiXgfy0ADDmSSU0uEukS8dsClPEVkiLCoomVrCmGRRJRn_-JrsN3VrCo1qu8BD8PSCyiGegCMszMx4HSXnbjHc0pqBmo18u6TdyiOGZT9S1gZKhrlnXiRrKksVOLH9A7rjXJ1WIXvw1YTTriZxBQTW6tgpzkigpH2hOiWmY1mq1MHJHKjLhAOF9iXAbQJFs2sFq4YYop3n_jtHEMuVGKB8d5DGu5cufS5rzcKAJIVxDLgWwxRZ97tcUpXEUkAeOwX4k7E_bsI4xPkLMc9lyGZQTdrZqZ0DTd66mEaAljs5sRWdNU4-j6QupiObZOfa5bFx_SZSFcZXu5QMSzF1aQFmIXkXEC0hys6yEO-VLZQsKVCdFNo77SgdEfulVXaimex2wWtOT9U.aUQ38RJMTr3t1n7FWUCOkw
content-type: application/json
x-dtpc: 7$79348433_395h8vPJCIUSCKADKNRFCGPBPWJDMPKFMMSPRJ-0e0
accept: */*
dx-platform: web
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
dx-trusted-app: true
hltClientMessageId: f04bd654-c8f4-44b4-bd43-d9dbe713411c-0jdk9xr5gptm

Response headers

x-edgeconnect-origin-mex-latency: 31, 31
date: Wed, 08 Feb 2023 18:02:29 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
x-edgeconnect-midmile-rtt: 110, 120
x-dns-prefetch-control: off
server-timing: cdn-cache; desc=HIT, edge; dur=13, dtSInfo;desc="0", dtRpid;desc="1384597442", dtTao;desc="1"
content-length: 165
x-pod: dx-gql-prd-c
x-xss-protection: 1; mode=block
x-download-options: noopen
x-frame-options: SAMEORIGIN
content-type: application/json
access-control-allow-origin: https://www.hilton.com
cache-control: public, max-age=600
timing-allow-origin: *
hltclientmessageid: 60b481a3-b427-4a0c-82ad-4589169136bf-e1nrc4zcdul
expires: Wed, 08 Feb 2023 18:12:29 GMT

GET
H/1.1 200
OK config.json Show response
c.go-mpulse.net/api/ 5 KB
1 KB 88ms
23ms XHR
application/json 2a02:26f0:7100:585::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://c.go-mpulse.net/api/config.json?key=SBHYK-LK2AL-UW4L5-6RD2N-4TGQC&d=www.hilton.com&t=5586264&v=1.737.80&sl=0&si=109ba1ca-acda-4cbe-95ee-9ec8e471c3fc-rprws4&plugins=AK,ConfigOverride,Continuity,PageParams,AutoXHR,SPA,History,Angular,Backbone,Ember,RT,PaintTiming,NavigationTiming,ResourceTiming,Memory,Akamai,EventTiming,LOGN&acao=&ak.ai=398504
Requested by: Host: www.hilton.com
URL: https://www.hilton.com/dynjs/ruxitagentjs_ICA237NVfghjoqrtux_10257221222094147.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a02:26f0:7100:585::11a6 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash: 326f15a7432bfb981dff98a01571e73ee1f0a0581ba22458514812adcde32244

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Wed, 08 Feb 2023 18:02:29 GMT
Content-Encoding: gzip
Vary: Accept-Encoding
Content-Type: application/json
Access-Control-Allow-Origin: *
Cache-Control: private, max-age=300, stale-while-revalidate=60, stale-if-error=120
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 1177

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1675879349185
https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1675879349185

5 KB
2 KB

31ms
31ms

XHR
application/json

52.31.194.68
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1675879349185

Requested by

Protocol

HTTP/1.1

Server

52.31.194.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-194-68.eu-west-1.compute.amazonaws.com

Software

Resource Hash

e882309f376f3c15e6058fa35a11f1d3aaf956fc2f7d737e2640fbb9ef79d059

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v046-0c33410a0.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: bRkqN9l3Tdk=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.hilton.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1719
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-2-v046-0ebef7d37.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: czNiyVWGQcs=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://www.hilton.com
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.5.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1675879349185
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 EX9d85f19b2bb9438d88e8200a247afa89-libraryCode_source.min.js Show response
assets.adobedtm.com/5e68f1ab8856/6f5249f15557/9379dd82bb1b/ 38 KB
14 KB 21ms
20ms Script
application/x-javascript 2a02:26f0:f700:4b0::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/5e68f1ab8856/6f5249f15557/9379dd82bb1b/EX9d85f19b2bb9438d88e8200a247afa89-libraryCode_source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN02272261e0b845508227acf3ca0c37de.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4b0::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 0c2b9a20ab7c25818412807bb584b736cac78858c4fb9a4d5c4d227168f6c00d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:29 GMT
content-encoding: gzip
last-modified: Mon, 06 Feb 2023 18:05:10 GMT
server: AkamaiNetStorage
etag: "bd17ac949139d088dc6ea0fd5d00498a:1675706710.547059"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.hilton.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 14051
expires: Wed, 08 Feb 2023 19:02:29 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/ 25 KB
9 KB 22ms
22ms Script
application/x-javascript 2a02:26f0:f700:4b0::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EPbf7b42aa08bc4f10879b1484195e80d1/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN02272261e0b845508227acf3ca0c37de.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4b0::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: b01bd01687b15585b2740273c8c3c6674dd9f559cfe52eeffdf43b1f93a12d05

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:29 GMT
content-encoding: gzip
last-modified: Thu, 22 Sep 2022 16:16:50 GMT
server: AkamaiNetStorage
etag: "d220d501715e0484d0dddeac614f902c:1663863410.217006"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.hilton.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8755
expires: Wed, 08 Feb 2023 19:02:29 GMT

GET
H2 200 branch-latest.min.js Show response
cdn.branch.io/ 72 KB
22 KB 75ms
20ms Script
text/javascript 18.66.15.103
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn.branch.io/branch-latest.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN02272261e0b845508227acf3ca0c37de.min.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 18.66.15.103 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS: server-18-66-15-103.vie50.r.cloudfront.net
Software: AmazonS3 /
Resource Hash: 83cad37f70113f7b8bbb98c2ef8ee949f9a611e402e55ee826aef65130f2ef77

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-amz-version-id: LzwY9oP1_KD6QZAz0SCDQRP53VCVCZV0
content-encoding: gzip
via: 1.1 b159f39ee34c14548a9d9dc3e730676a.cloudfront.net (CloudFront)
date: Wed, 08 Feb 2023 17:59:17 GMT
last-modified: Thu, 17 Nov 2022 20:07:47 GMT
server: AmazonS3
x-amz-cf-pop: VIE50-P1
age: 193
etag: "2a6320386437cc44ae1713f25f6ea30b"
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=300
content-length: 22048
x-amz-cf-id: 0T5Lq8tJblYzD1wz2hRD-zy7BHTsrlqz_zFDy0g3T7PMTc4bzqRC4g==

GET
H2 200 notice Show response
consent.trustarc.com/ 11 KB
5 KB 74ms
26ms Script
text/javascript 13.227.219.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?domain=hiltongdpr.com&c=teconsent&gtm=1&text=true&pcookie&js=nj&noticeType=bb&oc=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-116.ams54.r.cloudfront.net

Software

Resource Hash

5d549da391ad6d08ffd680907b2f8cf05cfab7e56f36d26ffd0a04763195e655

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 17:17:31 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 4e4c50c641418e6aad9ec09cb0f22844.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
age: 2698
x-cache: Hit from cloudfront
cloudfront-viewer-country: DE
content-length: 4189
x-xss-protection: 1; mode=block
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: max-age=3600
cloudfront-viewer-country-region: HE
timing-allow-origin: *
x-amz-cf-id: -KyFDuaUiXvtIXcv-FH82sqfe1qdRY1BhhZ28uFxD3Z41I-97nKIIw==
expires: Wed, 08 Feb 2023 18:17:31 GMT

POST
H2 201 Vsexp2KHQ Show response
www.hilton.com/K8-I74/t_LBe/7wjcB/xQ/D1cukh3Q/biVUdhwB/XT/ 18 B
814 B 258ms
257ms XHR
application/json 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/K8-I74/t_LBe/7wjcB/xQ/D1cukh3Q/biVUdhwB/XT/Vsexp2KHQ

Requested by

Host: www.hilton.com
URL: https://www.hilton.com/dynjs/ruxitagentjs_ICA237NVfghjoqrtux_10257221222094147.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Content-Type: text/plain;charset=UTF-8
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
x-dtpc: 7$79348433_395h10vPJCIUSCKADKNRFCGPBPWJDMPKFMMSPRJ-0e0

Response headers

date: Wed, 08 Feb 2023 18:02:29 GMT
strict-transport-security: max-age=31536000
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.hilton.com
access-control-allow-credentials: true
x_req_id: 15384603-5c88-4964-a14e-9f10b5105dc4
server-timing: edge; dur=4, origin; dur=205, cdn-cache; desc=MISS
access-control-allow-headers: Content-Type
content-length: 18
x-akam-sw-version: 0.5.0

GET
H2 200 script.js Show response
4dc2aa82bc5e.cdn4.forter.com/sn/4dc2aa82bc5e/ 278 KB
136 KB 64ms
18ms Script
application/javascript 52.222.139.58
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://4dc2aa82bc5e.cdn4.forter.com/sn/4dc2aa82bc5e/script.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

52.222.139.58 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-52-222-139-58.ams50.r.cloudfront.net

Software

Resource Hash

57604fa5a2f6caf9ad495647e200addc53ca0bb4bf204a558516dbea77dd2b5d

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 25 Jan 2023 17:26:51 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
via: 1.1 614841c4d4b9d16b3be042dd1938400c.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS50-C1
age: 1211738
x-cache: Hit from cloudfront
last-modified: Wed, 25 Jan 2023 17:26:50 GMT
x-sourcemap: https://cdn4.forter.com/map/suid/4dc2aa82bc5e/56016159838
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=300
timing-allow-origin: *
x-amz-cf-id: uhzX9GFtjeTNt3zAC0Gx_dHpG8h5oXG7y0SLTPIIOKD-LIbOIOwPrA==
expires: Wed, 25 Jan 2023 17:31:50 GMT

GET
H2 200 RCe267924711084c2ea517049a0a0b2543-source.min.js Show response
assets.adobedtm.com/5e68f1ab8856/6f5249f15557/9379dd82bb1b/ 1 KB
1 KB 26ms
26ms Script
application/x-javascript 2a02:26f0:f700:4b0::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/5e68f1ab8856/6f5249f15557/9379dd82bb1b/RCe267924711084c2ea517049a0a0b2543-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN02272261e0b845508227acf3ca0c37de.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:f700:4b0::1e80 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 76a688d93077aea9bfc66910692b490f8a521299e02a48bc6426c013f0f8753d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:29 GMT
content-encoding: gzip
last-modified: Mon, 06 Feb 2023 18:05:10 GMT
server: AkamaiNetStorage
etag: "bd17ac949139d088dc6ea0fd5d00498a:1675706710.547059"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://www.hilton.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 786
expires: Wed, 08 Feb 2023 19:02:29 GMT

GET
H2 200 v1.7-10255 Show response
consent.trustarc.com/asset/notice.js/v/ 76 KB
23 KB 47ms
16ms Script
text/javascript 13.227.219.116
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/asset/notice.js/v/v1.7-10255

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=hiltongdpr.com&c=teconsent&gtm=1&text=true&pcookie&js=nj&noticeType=bb&oc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-116.ams54.r.cloudfront.net

Software

Resource Hash

903a46ee5c7582595197c74cbda644ca7e45ef90e0f89bdfce0d3d6cb3a3bc77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.hilton.com/
Origin: https://www.hilton.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 17:39:11 GMT
content-encoding: gzip
via: 1.1 4445c4223f8c2460ef5d29a08d1cc6ac.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS54-C1
age: 1397
x-cache: Hit from cloudfront
pragma: public
last-modified: Wed, 18 Jan 2023 04:54:48 GMT
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: vFjHFKXjWt23-7AoINyelf7HO8nlK84C2S__BgG-mLC4JcokXeqLqw==
expires: Fri, 10 Mar 2023 17:39:11 GMT

GET
H2 200 log
consent.trustarc.com/ 43 B
429 B 53ms
52ms Image
image/gif 13.227.219.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/log?domain=hiltongdpr.com&country=de&state=&behavior=expressed&c=9cf2

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-116.ams54.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 18:02:29 GMT
via: 1.1 4e4c50c641418e6aad9ec09cb0f22844.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS54-C1
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: QDl833IWF5BYK5t9CjrXbx6WOYJsjOJOBw6Uw44YqfFSgq2d6jFUqA==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 _r Show response
app.link/ 91 B
593 B 259ms
175ms Script
text/javascript 2600:9000:2204:ae00:19:9934:6a80:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://app.link/_r?sdk=web2.71.0&branch_key=key_live_glXPM2Kabtb7o8tG8hg7fhohwraYrfE7&callback=branch_callback__0

Requested by

Host: cdn.branch.io
URL: https://cdn.branch.io/branch-latest.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:2204:ae00:19:9934:6a80:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

openresty /

Resource Hash

0c34b422141d1bb84b8b083cf92debe9613f7698cb90baf6011f684b83e8fc2f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
via: 1.1 614841c4d4b9d16b3be042dd1938400c.cloudfront.net (CloudFront)
server: openresty
x-amz-cf-pop: AMS50-C1
etag: W/"5b-6KKXy2Avjj0RoogrtS6aIjI3YR0"
x-cache: Miss from cloudfront
content-type: text/javascript; charset=utf-8
content-length: 91
x-amz-cf-id: axi2iw44OkM-jlKfQd734vMc0uZmtBUDbn0wESGYTKB8oN6copW_iA==

GET
H/1.1 200
OK dest5.html Show response
hilton.demdex.net/ Frame 63D5 7 KB
3 KB 173ms
29ms Document
text/html 34.254.165.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hilton.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/launch-EN02272261e0b845508227acf3ca0c37de.min.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.254.165.240 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-254-165-240.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.hilton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v046-0f8f2f033.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: +SsyvlH+TkA=
content-encoding: gzip
date: Wed, 8 Feb 2023 18:02:29 GMT
last-modified: Wed, 8 Feb 2023 11:53:45 GMT
transfer-encoding: chunked
vary: accept-encoding

GET
H2 200 id Show response
smetric.hilton.com/ 48 B
462 B 123ms
19ms XHR
application/x-javascript 15.236.117.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetric.hilton.com/id?d_visid_ver=5.5.0&d_fieldgroup=A&mcorgid=F0C120B3534685700A490D45%40AdobeOrg&mid=28041706620986799100872403938712270353&ts=1675879349344

Requested by

Host: www.hilton.com
URL: https://www.hilton.com/dynjs/ruxitagentjs_ICA237NVfghjoqrtux_10257221222094147.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.117.205 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-117-205.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

ef8f041ba80fc26b8b6c766082dd295c31344557ba230921d904189d0eb6bb39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.hilton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 08 Feb 2023 18:02:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://www.hilton.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y_PjtQAAAJ_7-AN-
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=28020279755585149850870251391735646046
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y_PjtQAAAJ_7-AN-

42 B
942 B

33ms
32ms

Image
image/gif

52.31.194.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y_PjtQAAAJ_7-AN-

Requested by

Protocol

HTTP/1.1

Server

52.31.194.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-194-68.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v046-08c3cf452.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Tx/XSlK7RH8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y_PjtQAAAJ_7-AN-
Date: Wed, 08 Feb 2023 18:02:29 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 / Show response
consent-pref.trustarc.com/ Frame 67C1 5 KB
3 KB 61ms
15ms Document
text/html 13.227.219.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-10255

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-65.ams54.r.cloudfront.net

Software

nginx /

Resource Hash

5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://www.hilton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 33609
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 08 Feb 2023 08:45:58 GMT
etag: W/"5147-1672991998000"
expect-ct: max-age=86400; enforce;
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 1bc76a14967a660022b25f573baec632.cloudfront.net (CloudFront)
x-amz-cf-id: Xt4XiuoY8OvgFxsLuHXir3rZi_adbSBQLl_veMBCchU0jtKByFyWzQ==
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

GET
H2 200 noticemsg
consent.trustarc.com/ 43 B
528 B 51ms
51ms Image
image/gif 13.227.219.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/noticemsg?action=consent&domain=hiltongdpr.com&behavior=expressed&country=de&language=de&rand=0.1969747179839949

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-116.ams54.r.cloudfront.net

Software

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:29 GMT
via: 1.1 4e4c50c641418e6aad9ec09cb0f22844.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS54-C1
x-cache: Miss from cloudfront
cloudfront-viewer-country: DE
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=3600
cloudfront-viewer-country-region: HE
timing-allow-origin: *
x-amz-cf-id: fq6o975H_9xzqAUAbJCxIaTXa5UT46HQy-lMNUJiSGzjO-1yHndhqA==
expires: Wed, 08 Feb 2023 19:02:29 GMT

GET
BLOB 200
OK 3bd6d02e-0c97-49f7-8114-46808cac282a
https://www.hilton.com/ 5 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.hilton.com/3bd6d02e-0c97-49f7-8114-46808cac282a
Requested by: Host: www.hilton.com
URL: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: edd1902dd5765bbb64b84e96a299a11de755ab6f84f60239475b1841dd14b8fb

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Length: 5305
Content-Type: application/javascript

GET
H2 200 defaultpreferencemanager.nocache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 67C1 5 KB
3 KB 94ms
92ms Script
application/javascript 13.227.219.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-65.ams54.r.cloudfront.net

Software

nginx /

Resource Hash

0f291b48c679e4c033b4710f137ca5382256b632d6e7521a2c92b4ad9f18790c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:29 GMT
content-encoding: gzip
via: 1.1 1bc76a14967a660022b25f573baec632.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS54-C1
x-cache: Miss from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 08:00:16 GMT
server: nginx
etag: W/"4867-1672992016000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: Ggi8gdPopNlR93byba4auXLLL_sdIx2ImgKRebPpPSmv-a3WZwRVSw==
expires: Wed, 08 Feb 2023 18:02:28 GMT

GET
H2 200 get Show response
consent-st.trustarc.com/ Frame 67C1 20 KB
5 KB 89ms
17ms Script
text/javascript 13.227.219.6
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-st.trustarc.com/get?name=combined_static_cm_minified.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.6 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-6.ams54.r.cloudfront.net

Software

Resource Hash

f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: public
date: Mon, 06 Feb 2023 16:44:11 GMT
content-encoding: gzip
via: 1.1 acf9ad664f94bee3e3cf93077b65edea.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS54-C1
age: 177498
vary: Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: Pj0pS52uxZz42DKTPVffyJOJG8bVhEDAkYTbE7eWzEE1M0vY9ABjPQ==
expires: Wed, 08 Mar 2023 16:44:11 GMT

GET
H2 200 loading.gif
consent-pref.trustarc.com/images/ Frame 67C1 3 KB
3 KB 16ms
15ms Image
image/gif 13.227.219.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loading.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-65.ams54.r.cloudfront.net

Software

nginx /

Resource Hash

eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 07:19:25 GMT
via: 1.1 1bc76a14967a660022b25f573baec632.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS54-C1
age: 38585
x-cache: Hit from cloudfront
content-length: 2608
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
server: nginx
etag: W/"2608-1672991998000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/gif
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: WvEsRbIXeXuecIYNvSZrBZFx4rucdkayTirIBwD2ahaDrEtFj5fPJg==

GET
H2 200 s45017411772676 Show response
smetric.hilton.com/b/ss/hiltonglobalprod/10/JS-2.21.0-LCXS/ 6 KB
6 KB 46ms
45ms Script
application/x-javascript 15.236.117.205
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetric.hilton.com/b/ss/hiltonglobalprod/10/JS-2.21.0-LCXS/s45017411772676?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=8%2F1%2F2023%2018%3A2%3A29%203%200&d.&nsid=0&jsonv=1&.d&mid=28041706620986799100872403938712270353&aamlh=6&ce=UTF-8&pageName=Browser%3AEN%3AHilton%3ABrand%3ALanding%3AWelcome-Bonus&g=https%3A%2F%2Fwww.hilton.com%2Fen%2Fp%2Fwelcome-bonus%2F%3FWT.mc_id%3DzHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846%26commhistid%3D6031039531307945496%26customerid%3D1307945496%26hhonorsid%3D1736552769&c.&getQueryParam=4.0&getPreviousValue=3.0&.c&cc=USD&ch=Brand&v0=zhh0ww1hh2ole3hos4mo1783x_hwemail3__feb5tileone_welcomebonus_6multibr7en8i87846&events=event3&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c2=D%3Dv59&c3=D%3Dv24&c8=Hilton&c9=D%3Dv46&v10=%2B1&c11=D%3Dv40&c12=D%3Dv63&c13=D%3Dv150&c14=4%2C500%20Point%20New%20Member%20Welcome%20Bonus%20-%20Hilton%20Honors&c15=R&c16=D%3Dv49&v17=D%3Dv18&v18=zhh0ww1hh2ole3hos4mo1783x_hwemail3__feb5tileone_welcomebonus_6multibr7en8i87846&c24=www.hilton.com&v24=EN&v27=Browser%3AEN%3AHilton%3ABrand%3ALanding%3AWelcome-Bonus&c28=D%3Dv9&c30=dockerhub.hilton.com%2Fhilton%2Fgitlab%2Fdx-cpm-develop%3A78055&c35=D%3Dv135&c36=Browser&c37=D%3Dv24&c38=D%3Dv59&c39=D%3Dv46&c40=Landing&c41=Welcome-Bonus&v43=D%3Dc8&v46=Brand&v47=D%3Dc15&v49=B&c52=core.page-bottom%7CtrackUserLoggedIn%2CbrandLandingPageView%7Cundefined%7CGW%20-%20Global%20Standard%20%28AT%29&c53=2023-2-8%2018%3A2%3A29&v59=hi&v92=1307945496&v93=6031039531307945496&v94=1736552769&v111=Control%20Group&v135=new%20hilton&v150=https%3A%2F%2Fwww.hilton.com%2Fen%2Fp%2Fwelcome-bonus%2F&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=F0C120B3534685700A490D45%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5e68f1ab8856/6f5249f15557/9379dd82bb1b/EX9d85f19b2bb9438d88e8200a247afa89-libraryCode_source.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.117.205 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-117-205.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

ed073fba60261680cd5d32f1e796bf902c98067986fbea302d4645d25e0516ca

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-aam-tid: MXvAjwEXQ74=
date: Wed, 08 Feb 2023 18:02:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 5888
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-1-v046-095a32b2e.edge-irl1.demdex.com 7 ms
pragma: no-cache
last-modified: Thu, 09 Feb 2023 18:02:29 GMT
server: jag
etag: 3598923498660036608-4619650583211116310
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Tue, 07 Feb 2023 18:02:29 GMT

GET
H2

200

79ee53c96f4b242e3f72b61318a754eea2b7ca0d2dde1334b1e3300bb795911cac7f4bc9661f50eedaf440dca776 Show response
cdn9.forter.com/vchk2/v1/
Redirect Chain

https://cdn9.forter.com/vchk2
https://cdn9.forter.com/vchk2/v1/79ee53c96f4b242e3f72b61318a754eea2b7ca0d2dde1334b1e3300bb795911cac7f4bc9661f50eedaf440dca776

0
321 B

104ms
104ms

XHR
text/plain

99.86.4.5
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn9.forter.com/vchk2/v1/79ee53c96f4b242e3f72b61318a754eea2b7ca0d2dde1334b1e3300bb795911cac7f4bc9661f50eedaf440dca776

Protocol

Server

99.86.4.5 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-99-86-4-5.fra6.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:30 GMT
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
strict-transport-security: max-age=86400; includeSubDomains
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: uBflBnZgLfTrC0Hyfc_jeLRhGv68EfA7cpf9VRxYaROo6s8-Xji2ng==

Redirect headers

date: Wed, 08 Feb 2023 18:02:29 GMT
via: 1.1 d3039ad83798b26ecb9f9f1e666afe26.cloudfront.net (CloudFront)
strict-transport-security: max-age=86400; includeSubDomains
x-amz-cf-pop: FRA6-C1
x-cache: Miss from cloudfront
location: https://cdn9.forter.com/vchk2/v1/79ee53c96f4b242e3f72b61318a754eea2b7ca0d2dde1334b1e3300bb795911cac7f4bc9661f50eedaf440dca776
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: cnFBZRraviFQr3C3Y0ehED6UN8I6CaPpCZs3F6mTfJqQrhL42Yz4cw==

GET
BLOB 200
OK 477ca67e-f913-4562-8343-f9bc863857ca
https://www.hilton.com/ 17 KB
0 Other
application/javascript

General

Check archive.org

Show headers Download Go to

Full URL: blob:https://www.hilton.com/477ca67e-f913-4562-8343-f9bc863857ca
Requested by: Host: www.hilton.com
URL: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
Protocol: BLOB
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: e573ecfd15f14f6e0d0402ec7412128723db2d2ff241b8de3652a67acff6b15a

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Length: 17368
Content-Type: application/javascript

GET
H/1.1

200
OK

ibs:dpid=21&dpuuid=219773204421002981185
dpm.demdex.net/ Frame 63D5
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=28020279755585149850870251391735646046
https://dpm.demdex.net/ibs:dpid=21&dpuuid=219773204421002981185

42 B
942 B

30ms
30ms

Image
image/gif

52.31.194.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=21&dpuuid=219773204421002981185

Protocol

HTTP/1.1

Server

52.31.194.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-194-68.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v046-006ebecd7.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Vf7a4w3yTc4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 08 Feb 2023 18:02:29 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dpm.demdex.net/ibs:dpid=21&dpuuid=219773204421002981185
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2 200 /
www.facebook.com/tr/ Frame 63D5 0
185 B 25ms
8ms Image
text/plain 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=967617709996912&ev=Adobe-Audience-Manager-Segment&cd[segID]=15300019,22365141&noscript=1

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Wed, 08 Feb 2023 18:02:29 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 1CE3 139 KB
46 KB 17ms
16ms Document
text/html 13.227.219.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-65.ams54.r.cloudfront.net

Software

nginx /

Resource Hash

2b01ae0442a80d4aa980667743285340122c3432880a4979476fe7d88ef7c37b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 1861170
cache-control: max-age=315360000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Wed, 18 Jan 2023 05:02:59 GMT
etag: W/"142492-1672992016000"
expect-ct: max-age=86400; enforce;
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Fri, 06 Jan 2023 08:00:16 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 1bc76a14967a660022b25f573baec632.cloudfront.net (CloudFront)
x-amz-cf-id: p32XjSmQvLGr2MfegO7u5hn0YkpupvCQ48rNvQgi3j2OMLPG_2-mtw==
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

POST
H2 200 open Show response
api2.branch.io/v1/ 272 B
598 B 226ms
176ms XHR
application/json 2600:9000:21c7:ba00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/open

Requested by

Host: www.hilton.com
URL: https://www.hilton.com/dynjs/ruxitagentjs_ICA237NVfghjoqrtux_10257221222094147.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:ba00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

Resource Hash

7bf1597c6cf6d497de06cb9337f10f4b560b19e99c7357668eb16b64fef281b9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.hilton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 08 Feb 2023 18:02:29 GMT
via: 1.1 3af85c3075e12aff72b9e148b99d6622.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS54-C1
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: no-cache
content-length: 272
x-amz-cf-id: BZ3HmeNdNYts2-Ej3wHBKEGZUj3MRxX4hHslKeVweSQujOWJEjeRyg==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 67C1 969 B
1 KB 34ms
32ms XHR
application/json 13.227.219.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-65.ams54.r.cloudfront.net

Software

nginx /

Resource Hash

2bfe0bfebc6bf40e5f73c03389ba8285505bc2f45d739d1efd5ca830f940a51d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 9F5DDAD4256889D2A2BB0A3140E8B74B
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Wed, 08 Feb 2023 18:02:29 GMT
content-encoding: gzip
via: 1.1 1bc76a14967a660022b25f573baec632.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 468
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: KFoW6FbOwSFvXHBvKfpU0CXEajeb4gk2o77bJHHrgfhUaqCPaDEH5g==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 67C1 48 B
623 B 39ms
36ms XHR
application/json 13.227.219.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-65.ams54.r.cloudfront.net

Software

nginx /

Resource Hash

6b60c61e99b6af0d327aeb286220ea7593002ff4058f3ad87577e4093bec9052

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 9F5DDAD4256889D2A2BB0A3140E8B74B
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Wed, 08 Feb 2023 18:02:29 GMT
via: 1.1 1bc76a14967a660022b25f573baec632.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS54-C1
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 48
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: NcCZehT-NH6ZRYdQ3vdiWYwH3YhSQ3CT-6HAhGJ1fGCSvDGZ6tjCcg==

POST
H/1.1 200
OK prop.json
7a9bc18e2f4949bab4d63fea95ad8ac8-4dc2aa82bc5e.cdn.forter.com/ 2 B
622 B 512ms
104ms Ping
application/json 3.234.25.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://7a9bc18e2f4949bab4d63fea95ad8ac8-4dc2aa82bc5e.cdn.forter.com/prop.json
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.234.25.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-25-89.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://www.hilton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Wed, 08 Feb 2023 18:02:30 GMT
Connection: close
Content-Length: 2
Pragma: no-cache
Last-Modified: Mon, 26 Dec 2022 12:08:40 GMT
Server: Apache
ETag: "2-5f0b9fef920fa"
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://www.hilton.com
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type, x-csrf-token
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 451 365868.gif
idsync.rlcdn.com/ Frame 63D5 0
98 B 86ms
28ms Image
text/plain 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/365868.gif?partner_uid=28020279755585149850870251391735646046
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:29 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0

GET
H2 200 EuPreferenceManager.css
consent-pref.trustarc.com/ Frame 67C1 28 KB
7 KB 36ms
35ms Stylesheet
text/css 13.227.219.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/EuPreferenceManager.css

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-65.ams54.r.cloudfront.net

Software

nginx /

Resource Hash

11304b88bdf5cd5f42513b9aa8bd3206653770f4f125b852285db812c731cf24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:29 GMT
content-encoding: gzip
via: 1.1 1bc76a14967a660022b25f573baec632.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS54-C1
x-cache: RefreshHit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
server: nginx
etag: W/"29043-1672991998000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: no-cache
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: GkbTEMzziGSVSrNpI405zOysIGZKbXibDaJEBB03gQhHDLGLIU_nlA==
expires: Wed, 08 Feb 2023 18:02:28 GMT

GET
H2 200 10.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/ Frame 67C1 254 KB
87 KB 17ms
16ms XHR
application/javascript 13.227.219.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/10.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-65.ams54.r.cloudfront.net

Software

nginx /

Resource Hash

1bb0a294ccb83bcb350ace8804b9666d13d73d040567e09c9a794de938d7a429

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 05:02:59 GMT
content-encoding: gzip
via: 1.1 1bc76a14967a660022b25f573baec632.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS54-C1
age: 1861170
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 08:00:16 GMT
server: nginx
etag: W/"259669-1672992016000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: VAXC5jewqpLsYZCbZescbsRnZjsoJK7xfnhTzc0mMXfYzcwpMQqt1g==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2

200

/
www.google.de/pagead/1p-user-list/1005930085/ Frame 63D5
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1005930085/?value=0&guid=ON&script=0&data=23583573
https://www.google.com/pagead/1p-user-list/1005930085/?value=0&guid=ON&script=0&data=23583573&is_vtc=1&random=1525433687
https://www.google.de/pagead/1p-user-list/1005930085/?value=0&guid=ON&script=0&data=23583573&is_vtc=1&random=1525433687&ipr=y

42 B
455 B

188ms
72ms

Image
image/gif

2a00:1450:400d:804::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/pagead/1p-user-list/1005930085/?value=0&guid=ON&script=0&data=23583573&is_vtc=1&random=1525433687&ipr=y

Protocol

Server

2a00:1450:400d:804::2003 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 18:02:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 08 Feb 2023 18:02:30 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.de/pagead/1p-user-list/1005930085/?value=0&guid=ON&script=0&data=23583573&is_vtc=1&random=1525433687&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 201 Vsexp2KHQ Show response
www.hilton.com/K8-I74/t_LBe/7wjcB/xQ/D1cukh3Q/biVUdhwB/XT/ 18 B
818 B 203ms
202ms XHR
application/json 2a02:26f0:dc:187::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://www.hilton.com/K8-I74/t_LBe/7wjcB/xQ/D1cukh3Q/biVUdhwB/XT/Vsexp2KHQ

Requested by

Host: www.hilton.com
URL: https://www.hilton.com/dynjs/ruxitagentjs_ICA237NVfghjoqrtux_10257221222094147.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:dc:187::b58 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Content-Type: text/plain;charset=UTF-8
Referer: https://www.hilton.com/en/p/welcome-bonus/?WT.mc_id=zHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846&commhistid=6031039531307945496&customerid=1307945496&hhonorsid=1736552769
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
x-dtpc: 7$79348433_395h13vPJCIUSCKADKNRFCGPBPWJDMPKFMMSPRJ-0e0

Response headers

date: Wed, 08 Feb 2023 18:02:29 GMT
strict-transport-security: max-age=31536000
vary: Origin
content-type: application/json
access-control-allow-origin: https://www.hilton.com
access-control-allow-credentials: true
x_req_id: 1d5303ee-14fa-43a4-a69a-c5c580dc7634
server-timing: edge; dur=5, origin; dur=168, cdn-cache; desc=MISS
access-control-allow-headers: Content-Type
content-length: 18
x-akam-sw-version: 0.5.0

GET
H2 200 1.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/ Frame 67C1 19 KB
8 KB 15ms
15ms XHR
application/javascript 13.227.219.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/1.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-65.ams54.r.cloudfront.net

Software

nginx /

Resource Hash

579c0e329b6a1ba8a7d65f4f14d1532ced14c4171dd9f4eeb501bfb0eae7c955

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 05:03:11 GMT
content-encoding: gzip
via: 1.1 1bc76a14967a660022b25f573baec632.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS54-C1
age: 1861158
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 08:00:16 GMT
server: nginx
etag: W/"19787-1672992016000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: UjuNF4utTQ3FAoRQZNSCCPmvrgtX4voC-el8hkP7M6eVR7cyO-pHYg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=5626319825133662033
dpm.demdex.net/ Frame 63D5
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=5626319825133662033

42 B
942 B

30ms
30ms

Image
image/gif

52.31.194.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=5626319825133662033

Protocol

HTTP/1.1

Server

52.31.194.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-194-68.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v046-0c33410a0.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 4QYeMrL6Qr8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Date: Wed, 08 Feb 2023 18:02:30 GMT
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Pragma: no-cache
AN-X-Request-Uuid: 374fdedd-ef43-405b-8c17-2b57d3f1d19e
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: text/html; charset=utf-8
Access-Control-Allow-Origin: *
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=5626319825133662033
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 cookie_iframe.html Show response
prefmgr-cookie.truste-svc.net/cookie_js/ Frame BA5F 5 KB
2 KB 378ms
108ms Document
text/html 44.195.150.192
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/

Requested by

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.195.150.192 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-195-150-192.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://consent-pref.trustarc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Wed, 08 Feb 2023 18:02:30 GMT
etag: W/"5014-1657163800000"
expect-ct: max-age=31536000
last-modified: Thu, 07 Jul 2022 03:16:40 GMT
permissions-policy: geolocation=(), microphone=(), payment=()
referrer-policy: origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 67C1 910 B
990 B 35ms
35ms XHR
application/json 13.227.219.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-65.ams54.r.cloudfront.net

Software

nginx /

Resource Hash

3312edf4bcabe795bc1162537c905022512b90e62749ecf5d41e4d11fa98af93

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 9F5DDAD4256889D2A2BB0A3140E8B74B
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Wed, 08 Feb 2023 18:02:29 GMT
content-encoding: gzip
via: 1.1 1bc76a14967a660022b25f573baec632.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 398
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: oD5ar1CiQfEc4iX93s-RtjzEfbZq-DEyTe9gTLFP9LgyySPMAdsAbw==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 67C1 15 KB
5 KB 36ms
34ms XHR
application/json 13.227.219.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-65.ams54.r.cloudfront.net

Software

nginx /

Resource Hash

6e2dddc28075e0d31ef4963ac607062a7ccfb805823a030fe61c64f89262aa0c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 9F5DDAD4256889D2A2BB0A3140E8B74B
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Wed, 08 Feb 2023 18:02:29 GMT
content-encoding: gzip
via: 1.1 1bc76a14967a660022b25f573baec632.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 4565
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: GkVMMgSw_-4ZvZwPb24sTbn_2X25BqB1UwALXDOxZvOW4IhTw0jUkA==

POST
H2 200 pageview Show response
api2.branch.io/v1/ 29 B
433 B 179ms
179ms XHR
application/json 2600:9000:21c7:ba00:11:f728:3040:93a1
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://api2.branch.io/v1/pageview

Requested by

Host: www.hilton.com
URL: https://www.hilton.com/dynjs/ruxitagentjs_ICA237NVfghjoqrtux_10257221222094147.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2600:9000:21c7:ba00:11:f728:3040:93a1 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

Software

/ Express

Resource Hash

c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://www.hilton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Wed, 08 Feb 2023 18:02:29 GMT
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 3af85c3075e12aff72b9e148b99d6622.cloudfront.net (CloudFront)
x-amz-cf-pop: AMS54-C1
x-powered-by: Express
etag: W/"1d-0Z1F50chJJpy5srE0HvlOYosSzw"
x-cache: Miss from cloudfront
content-type: application/json; charset=utf-8
access-control-allow-origin: *
x-branch-request-id: c85ee4de8a71483d9eaf22579e1a4eed-2023020818
content-length: 29
x-amz-cf-id: HYDLO8NMGwaEiWMc73Wvc8hWuO3FgqbgwdSzQrEI8F24BD2JnaIbWw==

GET
H2 200 trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame 67C1 4 KB
5 KB 18ms
18ms Image
image/png 13.227.219.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/trustarc-logo-small.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-65.ams54.r.cloudfront.net

Software

nginx /

Resource Hash

91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 06:07:02 GMT
via: 1.1 1bc76a14967a660022b25f573baec632.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS54-C1
age: 42950
x-cache: Hit from cloudfront
content-length: 4197
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
server: nginx
etag: W/"4197-1672991998000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/png
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: txYOO2AcNFM4gFvTIVuF-juXHzexrmguQzQ3KFfI0eKa_pD_os1OJQ==

GET
H/1.1

200
OK

ibs:dpid=470&dpuuid=3580847287377973543
dpm.demdex.net/ Frame 63D5
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://dpm.demdex.net/ibs:dpid=470&dpuuid=3580847287377973543

42 B
942 B

54ms
29ms

Image
image/gif

52.31.194.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=3580847287377973543

Protocol

HTTP/1.1

Server

52.31.194.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-194-68.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v046-0bf7d8264.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: hu6HMGlqQ8g=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=3580847287377973543
pragma: no-cache
date: Wed, 08 Feb 2023 18:02:29 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEGY6sPv2pJEIU8_AB9s172Y&google_cver=1
dpm.demdex.net/ Frame 63D5
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MjgwMjAyNzk3NTU1ODUxNDk4NTA4NzAyNTEzOTE3MzU2NDYwNDY=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGY6sPv2pJEIU8_AB9s172Y&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

30ms
29ms

Image
image/gif

52.31.194.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGY6sPv2pJEIU8_AB9s172Y&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

52.31.194.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-194-68.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v046-03cf679dc.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: qWMxQ6/oQdk=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 08 Feb 2023 18:02:30 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEGY6sPv2pJEIU8_AB9s172Y&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=1175&&dpuuid=x-c_SpTnOE_c5mpKyeN3Scnhahzc7GhBlO14mN2b
dpm.demdex.net/ Frame 63D5
Redirect Chain

https://cms.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=x-c_SpTnOE_c5mpKyeN3Scnhahzc7GhBlO14mN2b

42 B
942 B

55ms
31ms

Image
image/gif

52.31.194.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=x-c_SpTnOE_c5mpKyeN3Scnhahzc7GhBlO14mN2b

Protocol

HTTP/1.1

Server

52.31.194.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-194-68.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v046-074cac5f7.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 6t1eL581QFI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 08 Feb 2023 18:02:30 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=x-c_SpTnOE_c5mpKyeN3Scnhahzc7GhBlO14mN2b
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 /
mpp.vindicosuite.com/sync/ Frame 63D5 24 B
24 B 155ms
104ms Image
text/plain 35.186.236.204
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mpp.vindicosuite.com/sync/?pid=27&fr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.236.186.35.bc.googleusercontent.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:30 GMT
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 24
content-type: text/plain; charset=utf-8

GET
H/1.1

200
OK

ibs:dpid=1957&dpuuid=0517B3F240D967EF152DA14041D966AF
dpm.demdex.net/ Frame 63D5
Redirect Chain

https://c.bing.com/c.gif?uid=28020279755585149850870251391735646046&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=0517B3F240D967EF152DA14041D966AF

42 B
942 B

30ms
30ms

Image
image/gif

52.31.194.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1957&dpuuid=0517B3F240D967EF152DA14041D966AF

Protocol

HTTP/1.1

Server

52.31.194.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-194-68.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v046-08c3cf452.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 7hL7CfeYR+I=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 08 Feb 2023 18:02:30 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: F5069FB37DAA4827BE1487DB101AAB25 Ref B: FRAEDGE1719 Ref C: 2023-02-08T18:02:30Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://dpm.demdex.net/ibs:dpid=1957&dpuuid=0517B3F240D967EF152DA14041D966AF
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H2 200 4.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/ Frame 67C1 43 KB
14 KB 16ms
16ms XHR
application/javascript 13.227.219.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/9F5DDAD4256889D2A2BB0A3140E8B74B/4.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-65.ams54.r.cloudfront.net

Software

nginx /

Resource Hash

a3356f50073753a8bccd8739e0c519e11b6ad382b935635f5ee4468862b99135

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 18 Jan 2023 05:03:30 GMT
content-encoding: gzip
via: 1.1 1bc76a14967a660022b25f573baec632.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS54-C1
age: 1861140
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 08:00:16 GMT
server: nginx
etag: W/"44335-1672992016000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: si2JOVw79vLTdsbfBJl7bJBnYtVjnlUYiYv-K9uolO4FksAbG60NtA==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H2 200 loading.gif
consent-pref.trustarc.com/images/ Frame 67C1 3 KB
3 KB 15ms
14ms Image
image/gif 13.227.219.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loading.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-65.ams54.r.cloudfront.net

Software

nginx /

Resource Hash

eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 07:19:25 GMT
via: 1.1 1bc76a14967a660022b25f573baec632.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS54-C1
age: 38586
x-cache: Hit from cloudfront
content-length: 2608
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
server: nginx
etag: W/"2608-1672991998000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/gif
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: fSN9mnBzahy36In1G_iJwhRrFm5HyxzjRiIxNe605M7wq70fY2T5Rg==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 67C1 2 KB
1 KB 34ms
33ms XHR
application/json 13.227.219.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-65.ams54.r.cloudfront.net

Software

nginx /

Resource Hash

63ca8acd92de82dd2090f15de8e247cf73d432d4d755c14862e6b3496f43ab42

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 9F5DDAD4256889D2A2BB0A3140E8B74B
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Wed, 08 Feb 2023 18:02:30 GMT
content-encoding: gzip
via: 1.1 1bc76a14967a660022b25f573baec632.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 880
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: 491_vef-1YMoGE9uBTUCRqL8YJNhWk9gmNOmjXZCAcHI4Ih6FRVH-A==

GET
H2 200 get
consent.trustarc.com/ Frame 67C1 7 KB
7 KB 17ms
17ms Image
image/png 13.227.219.116
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/get?name=HiltonLogo_Black_HR250.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.116 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-116.ams54.r.cloudfront.net

Software

Resource Hash

d3452ec1127967b4fce882b728a14e85f0b78d22024081936dfd4f25bfbc16c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: public
date: Wed, 08 Feb 2023 18:01:19 GMT
content-encoding: gzip
via: 1.1 4e4c50c641418e6aad9ec09cb0f22844.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS54-C1
age: 71
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: wfecCuWtwsc_qKKhsV5wn3mbiDAYgXR5-WbN86576vUjw43EYMF1tQ==
expires: Fri, 10 Mar 2023 18:01:19 GMT

GET
H/1.1

200
OK

ibs:dpid=3047&dpuuid=5517DC1498A273&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame 63D5
Redirect Chain

https://servedby.flashtalking.com/map/?key=a74thHgsfK627J6Ftt8sj5ks52bKe&gdpr=0&gdpr_consent=&url=https://dpm.demdex.net/ibs:dpid=3047&dpuuid=[%FT_GUID%]&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=3047&dpuuid=5517DC1498A273&gdpr=0&gdpr_consent=

42 B
942 B

30ms
30ms

Image
image/gif

52.31.194.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=3047&dpuuid=5517DC1498A273&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

52.31.194.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-194-68.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v046-02b6eeb14.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: OG6RjbIuQsE=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Wed, 08 Feb 2023 18:02:30 GMT
Strict-Transport-Security: max-age=86400
Server: prod-xre-app7.frk11
Location: https://dpm.demdex.net/ibs:dpid=3047&dpuuid=5517DC1498A273&gdpr=0&gdpr_consent=
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Length: 0
Expires: Wed, 08 Feb 2023 18:02:30 GMT

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 67C1 764 KB
134 KB 170ms
170ms XHR
application/json 13.227.219.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-65.ams54.r.cloudfront.net

Software

nginx /

Resource Hash

767c5a60a27d39a568b3dbe3974b46a0e35566ee686ac4cdf5255f94b670087c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 9F5DDAD4256889D2A2BB0A3140E8B74B
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Wed, 08 Feb 2023 18:02:30 GMT
content-encoding: gzip
via: 1.1 1bc76a14967a660022b25f573baec632.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: AMS54-C1
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 136311
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: VAq8VazAFybai_Hxfm-fMP1x2OPSj3OP0IM1Ic-AdicJzDp55pV2Sg==

GET
H2 200 switchbg.png
consent-pref.trustarc.com/images/ Frame 67C1 1 KB
2 KB 15ms
15ms Image
image/png 13.227.219.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/switchbg.png

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/EuPreferenceManager.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-65.ams54.r.cloudfront.net

Software

nginx /

Resource Hash

1ffe0083c43292aaba8148fe6d7286bd27381ea13fef76b9e545a22d8bbd8af5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/EuPreferenceManager.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 04:49:41 GMT
via: 1.1 1bc76a14967a660022b25f573baec632.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS54-C1
age: 47569
x-cache: Hit from cloudfront
content-length: 1068
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
server: nginx
etag: W/"1068-1672991998000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/png
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: upOmY3Js9sdf6KNp5mGWgGNNq6BT-o9wa9jrXwWe27fZZQLtxM2njA==

GET
H2 200 loader.gif
consent-pref.trustarc.com/images/ Frame 67C1 2 KB
2 KB 15ms
14ms Image
image/gif 13.227.219.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loader.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-65.ams54.r.cloudfront.net

Software

nginx /

Resource Hash

ee53ada617f2674cbd706e3b24fc6738c7f53f2f7a3a959e71f611aa850dc946

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 05:11:09 GMT
via: 1.1 1bc76a14967a660022b25f573baec632.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS54-C1
age: 46281
x-cache: Hit from cloudfront
content-length: 1737
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
server: nginx
etag: W/"1737-1672991998000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/gif
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: 5srV60Uz9QVAn-BGWPS3bIQHWbp8Sv7JxQlCFhJwyZaM4952ku9tyQ==

GET
H2 200 cookie_inneriframe.html Show response
consent-pref.trustarc.com/ Frame 7D06 2 KB
1 KB 16ms
14ms Document
text/html 13.227.219.65
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/cookie_inneriframe.html

Requested by

Host: prefmgr-cookie.truste-svc.net
URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-65.ams54.r.cloudfront.net

Software

nginx /

Resource Hash

a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://prefmgr-cookie.truste-svc.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

age: 78175
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Tue, 07 Feb 2023 20:19:35 GMT
etag: W/"2008-1672991998000"
expect-ct: max-age=86400; enforce;
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 1bc76a14967a660022b25f573baec632.cloudfront.net (CloudFront)
x-amz-cf-id: 0T3g-eeXVtEl5UkhQzbV4zy8PiodurCJDCsD7tEXj3OEGwKbkIaHkg==
x-amz-cf-pop: AMS54-C1
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

GET
H/1.1

200
OK

ibs:dpid=22054
dpm.demdex.net/ Frame 63D5
Redirect Chain

https://a.tribalfusion.com/i.match?p=b13&u=28020279755585149850870251391735646046&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://s.tribalfusion.com/z/i.match?p=b13&u=28020279755585149850870251391735646046&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://dpm.demdex.net/ibs:dpid=22054

42 B
956 B

29ms
28ms

Image
image/gif

52.31.194.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22054

Protocol

HTTP/1.1

Server

52.31.194.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-194-68.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v046-070ee2004.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 1gsoSn/3Ry4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 300
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 08 Feb 2023 18:02:30 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 190
content-type: text/html
location: https://dpm.demdex.net/ibs:dpid=22054
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 796646d6389d35e6-FRA
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=22069&dpuuid=3016658186670
dpm.demdex.net/ Frame 63D5
Redirect Chain

https://tag.yieldoptimizer.com/ps/ps?t=i&p=2233
https://tag.yieldoptimizer.com/ps/ps?tc=853328515&t=i&p=2233
https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3016658186670

42 B
942 B

32ms
32ms

Image
image/gif

52.31.194.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3016658186670

Protocol

HTTP/1.1

Server

52.31.194.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-194-68.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v046-02b6eeb14.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: X4hr694lTu4=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 08 Feb 2023 18:02:30 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location: https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3016658186670
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/4dc2aa82bc5e/7a9bc18e2f4949bab4d63fea95ad8ac8/ 20 B
358 B 455ms
209ms XHR
application/json 54.204.202.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4dc2aa82bc5e/7a9bc18e2f4949bab4d63fea95ad8ac8/prop.json?_=1675879350722
Requested by: Host: www.hilton.com
URL: https://www.hilton.com/dynjs/ruxitagentjs_ICA237NVfghjoqrtux_10257221222094147.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.204.202.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-202-163.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Feb 2023 18:02:31 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.hilton.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame 63D5
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=28020279755585149850870251391735646046&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-4uMe1CpE2pE6omxZFDSwc2FHOdMK24.GaiE-~A

42 B
942 B

30ms
30ms

Image
image/gif

52.31.194.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-4uMe1CpE2pE6omxZFDSwc2FHOdMK24.GaiE-~A

Protocol

HTTP/1.1

Server

52.31.194.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-194-68.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v046-0b57eb040.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: J9XvqKMRRg8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Wed, 08 Feb 2023 18:02:30 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0108.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-4uMe1CpE2pE6omxZFDSwc2FHOdMK24.GaiE-~A
content-length: 0

GET
H2 200 user
bttrack.com/dmp/adobe/ Frame 63D5 35 B
163 B 328ms
110ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bttrack.com/dmp/adobe/user?dd_uuid=28020279755585149850870251391735646046

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_256_GCM

Server

192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),

Reverse DNS

46.bidtellect.com

Software

Resource Hash

6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000;

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

x-servername: Track002-iad
pragma: no-cache
date: Wed, 08 Feb 2023 18:01:42 GMT
strict-transport-security: max-age=31536000;
content-type: image/gif
cache-control: private,no-cache
content-length: 35
expires: -1

GET
H2 200 trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame 67C1 4 KB
5 KB 15ms
14ms Image
image/png 13.227.219.65
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/trustarc-logo-small.png

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/9F5DDAD4256889D2A2BB0A3140E8B74B.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.227.219.65 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-227-219-65.ams54.r.cloudfront.net

Software

nginx /

Resource Hash

91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=de&locale=de&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 06:07:02 GMT
via: 1.1 1bc76a14967a660022b25f573baec632.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: AMS54-C1
age: 42951
x-cache: Hit from cloudfront
content-length: 4197
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Fri, 06 Jan 2023 07:59:58 GMT
server: nginx
etag: W/"4197-1672991998000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/png
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: uSlaJdEehjfX31yH_x4ADpUzDAuXV6DH-yx0jxqRyuD6d9HUp1Y7UA==

GET
H/1.1

200
OK

ibs:dpid=66013&dpuuid=
dpm.demdex.net/ Frame 63D5
Redirect Chain

https://get.truex.com/adobe/audience_manager/sync
https://dpm.demdex.net/ibs:dpid=66013&dpuuid=

42 B
960 B

28ms
28ms

Image
image/gif

52.31.194.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=66013&dpuuid=

Protocol

HTTP/1.1

Server

52.31.194.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-194-68.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v046-074cac5f7.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Ib7hpEzERuI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 104,300
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Wed, 08 Feb 2023 18:02:31 GMT
server: Goliath
content-type: application/json
location: https://dpm.demdex.net/ibs:dpid=66013&dpuuid=
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
access-control-allow-headers: Authorization
content-length: 2

GET
H2 204 CookieSyncAdobe
rtb.adentifi.com/ Frame 63D5 0
35 B 360ms
108ms Image
text/plain 54.172.144.228
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncAdobe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.172.144.228 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-172-144-228.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 18:02:31 GMT

GET
H2 404 tpid=28020279755585149850870251391735646046
sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/ Frame 63D5 49 B
265 B 115ms
31ms Image
image/gif 54.229.20.73
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=28020279755585149850870251391735646046?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.229.20.73 Dublin, Ireland, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-54-229-20-73.eu-west-1.compute.amazonaws.com
Software: Jetty(9.4.38.v20210224) /
Resource Hash: 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 18:02:31 GMT
server: Jetty(9.4.38.v20210224)
content-type: image/gif
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
access-control-allow-origin: *
cache-control: no-cache
x-server: 10.45.21.83
content-length: 49
expires: 0

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/4dc2aa82bc5e/7a9bc18e2f4949bab4d63fea95ad8ac8/ 20 B
358 B 105ms
104ms XHR
application/json 54.204.202.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4dc2aa82bc5e/7a9bc18e2f4949bab4d63fea95ad8ac8/prop.json?_=1675879351182
Requested by: Host: www.hilton.com
URL: https://www.hilton.com/dynjs/ruxitagentjs_ICA237NVfghjoqrtux_10257221222094147.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.204.202.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-202-163.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Feb 2023 18:02:31 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.hilton.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

POST
H/1.1 204
No Content /
0217991d.akstat.io/ 0
355 B 97ms
58ms Ping
image/gif 2a02:26f0:dc:18c::11a6
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://0217991d.akstat.io/

Requested by

Host: s2.go-mpulse.net
URL: https://s2.go-mpulse.net/boomerang/SBHYK-LK2AL-UW4L5-6RD2N-4TGQC

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_256_GCM

Server

2a02:26f0:dc:18c::11a6 Vienna, Austria, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Referer: https://www.hilton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

Pragma: no-cache
Date: Wed, 08 Feb 2023 18:02:31 GMT
Content-Type: image/gif
Access-Control-Allow-Origin: https://www.hilton.com
Cache-Control: max-age=0, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
X-XSS-Protection: 0
Expires: Wed, 08 Feb 2023 18:02:31 GMT

GET
H/1.1

200
OK

ibs:dpid=70027&dpuuid=5389040765876929750
dpm.demdex.net/ Frame 63D5
Redirect Chain

https://pix-us.revjet.com/idsync/adobe/1?aam_id=28020279755585149850870251391735646046&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D70027%26dpuuid%3D%24%24visitor_id%24%24
https://dpm.demdex.net/ibs:dpid=70027&dpuuid=5389040765876929750

42 B
942 B

30ms
29ms

Image
image/gif

52.31.194.68
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=70027&dpuuid=5389040765876929750

Protocol

HTTP/1.1

Server

52.31.194.68 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-52-31-194-68.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v046-077489ad8.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 2RsvSyhCQ5s=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Wed, 08 Feb 2023 18:02:31 GMT
access-control-allow-methods: GET, POST, OPTIONS
location: https://dpm.demdex.net/ibs:dpid=70027&dpuuid=5389040765876929750
cache-control: no-store
access-control-allow-credentials: true
content-length: 0
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H2

200

pixel
cm.g.doubleclick.net/ Frame 63D5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WV9QanRRQUFBSl83LUFOLQ==

170 B
243 B

80ms
79ms

Image
image/png

142.251.208.162
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WV9QanRRQUFBSl83LUFOLQ==

Protocol

Server

142.251.208.162 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

bud02s43-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 18:02:31 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220052-HHN
pragma: no-cache
date: Wed, 08 Feb 2023 18:02:31 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1675879351.438100,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WV9QanRRQUFBSl83LUFOLQ==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1 200
OK prop.json Show response
cdn0.forter.com/4dc2aa82bc5e/7a9bc18e2f4949bab4d63fea95ad8ac8/ 20 B
358 B 105ms
104ms XHR
application/json 54.204.202.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4dc2aa82bc5e/7a9bc18e2f4949bab4d63fea95ad8ac8/prop.json?_=1675879351393
Requested by: Host: www.hilton.com
URL: https://www.hilton.com/dynjs/ruxitagentjs_ICA237NVfghjoqrtux_10257221222094147.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.204.202.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-202-163.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Feb 2023 18:02:31 GMT
Vary: Origin
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.hilton.com
Cache-Control: no-cache
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Expires: -1

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame 63D5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y_PjtQAAAJ_7-AN-&expires=90

0
239 B

103ms
9ms

Image
image/gif

69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y_PjtQAAAJ_7-AN-&expires=90
Protocol: HTTP/1.1
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: f5982f4f9cc79eb2b489dda8b92e3144
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-hhn-etou8220052-HHN
pragma: no-cache
date: Wed, 08 Feb 2023 18:02:31 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1675879351.451472,VS0,VE0
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y_PjtQAAAJ_7-AN-&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame 63D5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y_PjtQAAAJ_7-AN-
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y_PjtQAAAJ_7-AN-&C=1

43 B
766 B

8ms
7ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y_PjtQAAAJ_7-AN-&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Feb 2023 18:02:31 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Wed, 08 Feb 2023 18:02:31 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=88&external_user_id=Y_PjtQAAAJ_7-AN-&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

POST
H/1.1 200
OK wpt.json Show response
cdn0.forter.com/4dc2aa82bc5e/7a9bc18e2f4949bab4d63fea95ad8ac8/ 20 B
415 B 105ms
105ms XHR
application/json 54.204.202.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4dc2aa82bc5e/7a9bc18e2f4949bab4d63fea95ad8ac8/wpt.json
Requested by: Host: www.hilton.com
URL: https://www.hilton.com/dynjs/ruxitagentjs_ICA237NVfghjoqrtux_10257221222094147.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.204.202.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-202-163.compute-1.amazonaws.com
Software: /
Resource Hash: 912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d

Request headers

Referer: https://www.hilton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: application/json; charset=UTF-8

Response headers

Pragma: no-cache
Date: Wed, 08 Feb 2023 18:02:31 GMT
ETag: W/"14-Y53wuE/mmbSikKcT/WualL1N65U"
Vary: Origin
Content-Type: application/json; charset=utf-8
Access-Control-Allow-Origin: https://www.hilton.com
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 20
Expires: -1

OPTIONS
H/1.1 204
No Content wpt.json
cdn0.forter.com/4dc2aa82bc5e/7a9bc18e2f4949bab4d63fea95ad8ac8/ Frame 0
0 109ms
109ms Preflight 54.204.202.163
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://cdn0.forter.com/4dc2aa82bc5e/7a9bc18e2f4949bab4d63fea95ad8ac8/wpt.json
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.204.202.163 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-54-204-202-163.compute-1.amazonaws.com
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://www.hilton.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Access-Control-Allow-Headers: content-type
Access-Control-Allow-Methods: GET,HEAD,PUT,PATCH,POST,DELETE
Access-Control-Allow-Origin: *
Connection: keep-alive
Content-Length: 0
Date: Wed, 08 Feb 2023 18:02:31 GMT
Vary: Access-Control-Request-Headers

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame 63D5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=Y_PjtQAAAJ_7-AN-

43 B
1 KB

7ms
6ms

Image
image/gif

37.252.173.215
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=Y_PjtQAAAJ_7-AN-

Protocol

HTTP/1.1

Server

37.252.173.215 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 08 Feb 2023 18:02:31 GMT
AN-X-Request-Uuid: 148441f3-b523-477e-a885-5a08df41296d
Server: nginx/1.21.3
Accept-CH: Sec-CH-UA-Full-Version-List,Sec-CH-UA-Arch,Sec-CH-UA-Model,Sec-CH-UA-Platform-Version,Sec-CH-UA-Bitness
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 185.213.155.163; 185.213.155.163; 867.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220052-HHN
pragma: no-cache
date: Wed, 08 Feb 2023 18:02:31 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1675879352.654766,VS0,VE0
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=Y_PjtQAAAJ_7-AN-
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame 63D5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y_PjtQAAAJ_7-AN-

43 B
273 B

99ms
27ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y_PjtQAAAJ_7-AN-
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 08 Feb 2023 18:02:31 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by: cache-hhn-etou8220052-HHN
pragma: no-cache
date: Wed, 08 Feb 2023 18:02:31 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1675879352.776002,VS0,VE0
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y_PjtQAAAJ_7-AN-
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

POST
H2 200 bf Show response
bf08412nhq.bf.dynatrace.com/ 225 B
489 B 351ms
108ms XHR
text/plain 3.228.88.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bf08412nhq.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_7_sn_0GIM4DMM71G1DU7PJMRHKMHSK8QGHIKR_perc_100000_ol_0_mul_1_app-3A0da30f11c94bda74_1_rcs-3Acss_0&svrid=7&flavor=cors&vi=PJCIUSCKADKNRFCGPBPWJDMPKFMMSPRJ-0&modifiedSince=1675868301297&rf=https%3A%2F%2Fwww.hilton.com%2Fen%2Fp%2Fwelcome-bonus%2F%3FWT.mc_id%3DzHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846%26commhistid%3D6031039531307945496%26customerid%3D1307945496%26hhonorsid%3D1736552769&bp=3&app=0da30f11c94bda74&crc=3125465256&en=3laikz13&end=1
Requested by: Host: www.hilton.com
URL: https://www.hilton.com/dynjs/ruxitagentjs_ICA237NVfghjoqrtux_10257221222094147.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.88.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-88-68.compute-1.amazonaws.com
Software: /
Resource Hash: 77fc9c076583db5036b102159f70b442a6b7ba7ddcec426c3944c9fe6514053c

Request headers

Referer: https://www.hilton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.hilton.com
x-oneagent-js-injection: true
date: Wed, 08 Feb 2023 18:02:32 GMT
cache-control: no-cache
content-length: 225
content-type: text/plain;charset=utf-8

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame 63D5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y_PjtQAAAJ_7-AN-

1 B
450 B

119ms
18ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y_PjtQAAAJ_7-AN-
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Wed, 08 Feb 2023 18:02:31 GMT
cache-control: no-store, no-cache, private
server: nginx
content-length: 1
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by: cache-hhn-etou8220052-HHN
pragma: no-cache
date: Wed, 08 Feb 2023 18:02:31 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1675879352.889563,VS0,VE0
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y_PjtQAAAJ_7-AN-
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame 63D5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y_PjtQAAAJ_7-AN-&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y_PjtQAAAJ_7-AN-&img=1&__user_check__=1&sync_id=c22ce3ae-a7da-11ed-8d66-1a7ccaea0106

43 B
548 B

17ms
16ms

Image
image/gif

185.94.180.126
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y_PjtQAAAJ_7-AN-&img=1&__user_check__=1&sync_id=c22ce3ae-a7da-11ed-8d66-1a7ccaea0106
Protocol: HTTP/1.1
Server: 185.94.180.126 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

Date: Wed, 08 Feb 2023 18:02:32 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 40
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Wed, 08 Feb 2023 18:02:32 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=6409&uid=Y_PjtQAAAJ_7-AN-&img=1&__user_check__=1&sync_id=c22ce3ae-a7da-11ed-8d66-1a7ccaea0106
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 94
Connection: keep-alive
Content-Length: 0

GET
H2

200

b.php
www.facebook.com/fr/ Frame 63D5
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y_PjtQAAAJ_7-AN-&t=2592000&o=0

43 B
673 B

37ms
36ms

Image
image/gif

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y_PjtQAAAJ_7-AN-&t=2592000&o=0

Protocol

Server

2a03:2880:f11c:8183:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36

Response headers

date: Wed, 08 Feb 2023 10:02:32 PST
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: public
x-fb-debug: 9aLDNM2/a3E5uYOjnsbf3ghGI7Nxcw8q9JjykzKtmC2NHxwolc5q5jQwsFMnQaE144CshYdwfM0WQGzMVQ/15Q==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/?minimize=0"}],"group":"coep_report"}, {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/gif
origin-agent-cluster: ?0
cache-control: public, max-age=0
expires: Wed, 08 Feb 2023 10:02:32 PST

Redirect headers

x-served-by: cache-hhn-etou8220052-HHN
pragma: no-cache
date: Wed, 08 Feb 2023 18:02:32 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1675879352.090257,VS0,VE0
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y_PjtQAAAJ_7-AN-&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

POST
H2 200 bf Show response
bf08412nhq.bf.dynatrace.com/ 225 B
488 B 217ms
216ms XHR
text/plain 3.228.88.68
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://bf08412nhq.bf.dynatrace.com/bf?type=js3&sn=v_4_srv_7_sn_0GIM4DMM71G1DU7PJMRHKMHSK8QGHIKR_app-3A0da30f11c94bda74_1_ol_0_perc_100000_mul_1_rcs-3Acss_0&svrid=7&flavor=cors&vi=PJCIUSCKADKNRFCGPBPWJDMPKFMMSPRJ-0&modifiedSince=1675868301297&rf=https%3A%2F%2Fwww.hilton.com%2Fen%2Fp%2Fwelcome-bonus%2F%3FWT.mc_id%3DzHH0WW1HH2OLE3HOS4MO1783x_HWEmail3__Feb5TileOne_WelcomeBonus_6MULTIBR7EN8i87846%26commhistid%3D6031039531307945496%26customerid%3D1307945496%26hhonorsid%3D1736552769&bp=3&app=0da30f11c94bda74&crc=4105326033&en=3laikz13&end=1
Requested by: Host: www.hilton.com
URL: https://www.hilton.com/dynjs/ruxitagentjs_ICA237NVfghjoqrtux_10257221222094147.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.228.88.68 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-228-88-68.compute-1.amazonaws.com
Software: /
Resource Hash: 77fc9c076583db5036b102159f70b442a6b7ba7ddcec426c3944c9fe6514053c

Request headers

Referer: https://www.hilton.com/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/110.0.5481.77 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.hilton.com
x-oneagent-js-injection: true
date: Wed, 08 Feb 2023 18:02:34 GMT
cache-control: no-cache
content-length: 225
content-type: text/plain;charset=utf-8

Verdicts & Comments Add Verdict or Comment

96 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

56 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hilton.com/	1970-01-20 09:31:22	Name: AKA_A2 Value: A
www.hilton.com/	1969-12-31 23:59:59	Name: akacd_ohw_prd_external Value: 3853332146~rv=11~id=5a1e5ba3a0949c939f8fcb3fd46e84f9
.hilton.com/	1970-01-20 09:31:33	Name: bm_sz Value: 58EB08F998005740AB8A0119B2AC6D64~YAAQt2EXAn3UzC+GAQAA1HYxMhJW2cICbFTUqrx3xxJZ8vhRfAVi39qK8ShyM+FcgdWeiJWXupUOVnnGgNCH/52MIa570f7aKCoGZ9QK/QdK7EVz8G43CEp4T0QW3X1wAFxq9RI63p9y+OMNBs4rHDXHaZ3W/uNCLjrX+rlMxoT73tIT++BcF2loBA/lHWLtrDxtzvskLZmVm6CehFZsZ/IeFVIH7O0aOgHknc0wAdvdBnv+EbwmVIrg842mng1Id/XzNuO/nsdypZsFRuVZ2zfxLOvnfq6/FIzx2nEAB1G6DP0=~3749431~4340024
.hilton.com/	1970-01-20 19:07:19	Name: rxVisitor Value: 1675879348436S5OJ7VD9OCV435UKCAESNGNDK1KNQFAQ
.hilton.com/	1969-12-31 23:59:59	Name: dtLatC Value: 19
.hilton.com/	1969-12-31 23:59:59	Name: dtSa Value: -
.hilton.com/	1970-01-20 11:40:55	Name: visitorId Value: f04bd654-c8f4-44b4-bd43-d9dbe713411c
.hilton.com/	1970-01-20 09:31:26	Name: ak_bmsc Value: 9051CFE4DC934711A4F02A15C5ED6A9C~000000000000000000000000000000~YAAQt2EXApTUzC+GAQAAzHoxMhIH7Fe2Pror5h5NRJl9kNPDE1E0pK6hf4fOaqx+2up8RO+tmXM6LHco8cuazRl/WKv1xPFJVmvOMmKTLKBhrSioe3GGcEJzJymh9tKJWjquiERT0QFWYc/JWGKyDNyrB0iOBAnKfk9dvIIrV6naWVOcok8iZwb/cghfwRy/moruhmnrZxrkXiMTUTe5czTZvs30IWPZ2db6Ro+svLvuPhGadt/drSsngZno6LvP48HLaOjDQbCr+nWOsJ12j+33ydomaYm58wATMArmog+jDAX+f1zxbc1LgunXKnjDN1937kqZ+CiyRbOkG7Mnsnzx68pXXrlA1X1HDXmCGUgQ9P4HjzgdhaWB0xdseDilTiVxC+YJPPFw7IdwGONk5YE=
.hilton.com/	1970-01-20 09:31:26	Name: bm_sv Value: 186F6B38792FE43EABEE32DC5B47EC77~YAAQt2EXAprUzC+GAQAAZnsxMhLIi8DvSxCiz9uraIJJyD+weAFfqgXyJENoPr848NbOTP1or31A+N3KEHaqbKRKk7OpMSyGxcIIxgTztQJUZsPC3tyjjRT46koxqRmpbt46ZlLpmD294RhjSU26wRXtXGvT7QeqTWYOjLfpig73/aRxr8VlYz0gh8g7+I7PSvj06GMvySat4y2VdNV+IopYcO1TVbxKfsHF1wi7Lk7FESn9bWEhTRNwsX8ybBMk~1
.hilton.com/	1969-12-31 23:59:59	Name: notice_behavior Value: expressed,eu
.demdex.net/	1970-01-20 13:50:31	Name: demdex Value: 28020279755585149850870251391735646046
.hilton.com/	1969-12-31 23:59:59	Name: AMCVS_F0C120B3534685700A490D45%40AdobeOrg Value: 1
.everesttech.net/	1970-01-20 18:16:55	Name: everest_g_v2 Value: g_surferid~Y_PjtQAAAJ_7-AN-
.hilton.com/	1970-01-20 19:07:19	Name: s_ecid Value: MCMID%7C28041706620986799100872403938712270353
.hilton.com/	1970-01-20 09:31:21	Name: gpv_v9 Value: Browser%3AEN%3AHilton%3ABrand%3ALanding%3AWelcome-Bonus
.hilton.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.dpm.demdex.net/	1970-01-20 13:50:31	Name: dpm Value: 28020279755585149850870251391735646046
.hilton.com/	1970-01-20 19:07:19	Name: AMCV_F0C120B3534685700A490D45%40AdobeOrg Value: 179643557%7CMCIDTS%7C19397%7CMCMID%7C28041706620986799100872403938712270353%7CMCAAMLH-1676484149%7C6%7CMCAAMB-1676484149%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1675886549s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19404%7CvVersion%7C5.5.0
.hilton.com/	1970-01-20 19:07:19	Name: ftr_ncd Value: 6
.hilton.com/	1970-01-20 19:07:19	Name: forterToken Value: 7a9bc18e2f4949bab4d63fea95ad8ac8_1675879349206__UDF43_9ck
.hilton.com/	1970-01-20 10:14:31	Name: TMS Value: web%3D17836315%2CWeb-app%3D19485237%2Cweb-app%3D15300019%2Cweb-app%3D21881915%2Cweb-app%3D24568600
.hilton.com/	1970-01-20 10:14:31	Name: aam_uuid Value: 28020279755585149850870251391735646046
.app.link/	1970-01-20 18:16:55	Name: _s Value: xj%2Bg5x5ryi32dTWRuybNrJCuuyk%2BiKkz5qokyWPlk4gIruO1y8oh5S1Jxa68zzuC
.agkn.com/	1970-01-20 18:16:55	Name: ab Value: 0001%3AxyazTqRAT%2F2O1fVCEL6uN%2BIc%2BecrOWL4
.hilton.com/	1969-12-31 23:59:59	Name: rxvt Value: 1675881149845\|1675879348437
.hilton.com/	1970-01-20 18:16:55	Name: _abck Value: BBFD7FE4B19937796CA3A3E8DB8887DB~-1~YAAQt2EXAqfUzC+GAQAAw34xMglUoTbYQydA3a1yacR+dsRgZBIwBB68uWwjpT5OgrcDfEZMcuoQZna0dJMZGmDuOn3ZV/wnZ8SIMzcva+AYc6WZSYmLJKjl7CLWgT2+eacZujHAoc3a6LaLZ4jEzcCzIuLQ/koAKNnKw7q0+4kCxrDYcLZiRK/To9PTeCKGYpA5mNmh/0gwsg/+72/4KbboMjVcsWIxgE7VoMOq6D+6W1oSbK5ZNtibQX2WNLgwLBvIRzW6/2YIGh1i39rTbZNqQ97ZuZfZ66pePM9DWUzKUrUgo4GqoNlzWKBcOms16Z4G7jQ7teEleRnv7h+nGgtWASwIh9xwusIsRcad/VlHxgBsJso6SVWlcz8tzCrInO9xFzZ/5I1WwEqLe75gTe8TpP0RuLZG7Ygm2aZJHmnaNX7p3alH/Rdm/g==~-1~-1~1675882927
.hilton.com/	1969-12-31 23:59:59	Name: dtPC Value: 7$79348433_395h-vPJCIUSCKADKNRFCGPBPWJDMPKFMMSPRJ-0e0
.adnxs.com/	1970-01-20 11:40:55	Name: uuid2 Value: 5626319825133662033
.turn.com/	1970-01-20 13:50:31	Name: uid Value: 3580847287377973543
.quantserve.com/	1970-01-20 11:40:55	Name: d Value: EN0BDAGfKLmvYA
.quantserve.com/	1970-01-20 19:01:33	Name: mc Value: 63e3e3b6-20387-0850e-828e9
.doubleclick.net/	1970-01-20 18:52:55	Name: IDE Value: AHWqTUn-bDTfNh7PemJl7dNNKJCPtxQ_ZOQLEUioe-egR3kDGn2SHZ7SdY7Lbj-Syxs
prefmgr-cookie.truste-svc.net/	1970-01-20 09:31:19	Name: cookie_3rdparty Value: enabled
.bing.com/	1970-01-20 18:52:55	Name: MUID Value: 0517B3F240D967EF152DA14041D966AF
.flashtalking.com/	1970-01-20 19:07:19	Name: flashtalkingad1 Value: "GUID=5517DC1498A273"
consent-pref.trustarc.com/	1970-01-20 09:31:19	Name: token_test Value: Wed Feb 08 2023 18:02:30 GMT+0000 (GMT)
.yieldoptimizer.com/	1970-01-20 18:16:55	Name: fbh0 Value: %7B%7D
.yieldoptimizer.com/	1970-01-20 18:16:55	Name: gcma Value: %7B%22t%22%3A0%2C%22o%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-20 18:16:55	Name: rmxc Value: %7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-20 18:16:55	Name: cktst Value: 853328515
.hilton.com/	1970-01-20 09:41:24	Name: RT Value: "z=1&dm=hilton.com&si=4bb9e556-7718-4d1b-b184-879dc14e6ccd&ss=ldvzakkg&sl=1&se=p0&tt=1l1&bcn=%2F%2F0217991d.akstat.io%2F&ld=2e8"
.yieldoptimizer.com/	1970-01-20 18:16:55	Name: ckid Value: 3016658186670
.yieldoptimizer.com/	1970-01-20 18:16:55	Name: dph Value: %7B%22t%22%3A%5B123642%5D%2C%22dp%22%3A%5B2233%5D%7D
.yieldoptimizer.com/	1970-01-20 18:16:55	Name: ph Value: %7B%22p%22%3A%5B1025%5D%2C%22t%22%3A%5B123642%5D%7D
.yahoo.com/	1970-01-20 18:17:16	Name: A3 Value: d=AQABBLbj42MCEIfmIGnzP4FwKg3JZxsfXcA&S=AQAAAq5vhrRbhUvskuEhmNyX_3Q
.tribalfusion.com/	1970-01-20 11:40:55	Name: ANON_ID Value: a4nr6iSZdIiiSTnMSYlk9SFwUJVYc2ntbCsM9VDZasO84gHpRqymK4hV4WZbGPZb3BVDQuZckSBVT
.revjet.com/	1970-01-20 19:07:19	Name: trx Value: 5389040765876929750
.adnxs.com/	1970-01-20 11:40:55	Name: anj Value: dTM7k!M4.FErk#WF']wIg2ImUHzQuE!@wnfH)iR8PMp-v=0BzV.OLi:iJ%BqmLa``>OPx%sh(C$(j#iP(Md+uBZ.Nkx3I%>Lt_AL<wEexQ67Oe!@G)'*L?Fu
.casalemedia.com/	1970-01-20 18:16:55	Name: CMID Value: Y.Pjt15wB3saeMgfT0C5kwAA
.casalemedia.com/	1970-01-20 11:40:55	Name: CMPS Value: 5167
.casalemedia.com/	1970-01-20 11:40:55	Name: CMPRO Value: 5167
.pubmatic.com/	1970-01-20 11:40:55	Name: KRTBCOOKIE_218 Value: 4056-Y_PjtQAAAJ_7-AN-&KRTB&22978-Y_PjtQAAAJ_7-AN-&KRTB&23194-Y_PjtQAAAJ_7-AN-&KRTB&23209-Y_PjtQAAAJ_7-AN-
.pubmatic.com/	1970-01-20 10:14:31	Name: PugT Value: 1675879351
.demdex.net/	1970-01-20 13:50:31	Name: dextp Value: 21-1-1675879349584\|60-1-1675879349685\|358-1-1675879349795\|470-1-1675879349897\|771-1-1675879349998\|1175-1-1675879350099\|20-1-1675879350206\|1957-1-1675879350307\|3047-1-1675879350422\|22054-1-1675879350522\|22069-1-1675879350623\|30646-1-1675879350726\|49276-1-1675879350835\|66013-1-1675879350940\|81309-1-1675879351040\|121998-1-1675879351141\|70027-1-1675879351243\|144230-1-1675879351346\|144231-1-1675879351448\|144232-1-1675879351550\|144233-1-1675879351651\|144234-1-1675879351774\|144235-1-1675879351886\|144236-1-1675879351987\|144237-1-1675879352088
.spotxchange.com/	1970-01-20 10:11:38	Name: audience Value: c22ce352-a7da-11ed-8d66-1a7ccaea0106
.hilton.com/	1969-12-31 23:59:59	Name: dtCookie Value: v_4_srv_7_sn_0GIM4DMM71G1DU7PJMRHKMHSK8QGHIKR_app-3A0da30f11c94bda74_1_ol_0_perc_100000_mul_1_rcs-3Acss_0

2 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://idsync.rlcdn.com/365868.gif?partner_uid=28020279755585149850870251391735646046 Message: Failed to load resource: the server responded with a status of 451 ()
network	error	URL: https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=28020279755585149850870251391735646046?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} Message: Failed to load resource: the server responded with a status of 404 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Content-Security-Policy	frame-ancestors 'self'
Strict-Transport-Security	max-age=31536000
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0217991d.akstat.io
4dc2aa82bc5e.cdn4.forter.com
7a9bc18e2f4949bab4d63fea95ad8ac8-4dc2aa82bc5e.cdn.forter.com
a.tribalfusion.com
aa.agkn.com
api2.branch.io
app.link
assets.adobedtm.com
bf08412nhq.bf.dynatrace.com
bttrack.com
c.bing.com
c.go-mpulse.net
cdn.branch.io
cdn0.forter.com
cdn9.forter.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
consent-pref.trustarc.com
consent-st.trustarc.com
consent.trustarc.com
d.turn.com
dpm.demdex.net
dsum-sec.casalemedia.com
get.truex.com
googleads.g.doubleclick.net
hilton.cdn-v3.conductrics.net
hilton.demdex.net
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
mpp.vindicosuite.com
pix-us.revjet.com
pixel.rubiconproject.com
prefmgr-cookie.truste-svc.net
rtb.adentifi.com
s.tribalfusion.com
s2.go-mpulse.net
servedby.flashtalking.com
smetric.hilton.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.search.spotxchange.com
tag.yieldoptimizer.com
us-u.openx.net
www.facebook.com
www.google.com
www.google.de
www.hilton.com
104.64.122.89
13.227.219.116
13.227.219.6
13.227.219.65
135.148.137.214
142.251.208.162
15.236.117.205
151.101.130.49
18.201.4.185
18.66.15.103
185.180.12.68
185.64.190.80
185.80.39.216
185.94.180.126
192.132.33.46
2001:678:cb4:bbbb::13
212.82.100.182
2600:9000:21c7:ba00:11:f728:3040:93a1
2600:9000:2204:ae00:19:9934:6a80:93a1
2606:4700::6812:18ad
2620:116:800d:21:de2e:c7b3:55c0:d5a0
2620:1ec:c11::200
2a00:1450:4001:811::2004
2a00:1450:400d:802::2002
2a00:1450:400d:804::2003
2a02:26f0:7100:585::11a6
2a02:26f0:dc:183::2682
2a02:26f0:dc:187::b58
2a02:26f0:dc:18c::11a6
2a02:26f0:f700:4b0::1e80
2a03:2880:f11c:8183:face:b00c:0:25de
3.214.130.6
3.228.88.68
3.234.25.89
34.254.165.240
35.186.212.60
35.186.236.204
35.244.159.8
35.244.174.68
37.252.173.215
44.195.150.192
52.222.139.58
52.31.194.68
54.172.144.228
54.204.202.163
54.229.20.73
54.78.245.184
69.173.144.139
99.86.4.5
026dd753d9f1a497edc39c33b432827701b7a9ee2d2d06093b6061db3e48f9a9
04b10ea1dc7b372ce5ac61a7105b0a1f98090c4f7f891843e418823f53161c9b
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0c2b9a20ab7c25818412807bb584b736cac78858c4fb9a4d5c4d227168f6c00d
0c34b422141d1bb84b8b083cf92debe9613f7698cb90baf6011f684b83e8fc2f
0f291b48c679e4c033b4710f137ca5382256b632d6e7521a2c92b4ad9f18790c
103617aa372df7126b40e43d7e3106d148d004d8d29f66ebb3089c0693f46aa3
11304b88bdf5cd5f42513b9aa8bd3206653770f4f125b852285db812c731cf24
19e6ec4050b2d44e2e69683eb2d949f773dd84b1e5dd514c046ea20d44e71c16
1bb0a294ccb83bcb350ace8804b9666d13d73d040567e09c9a794de938d7a429
1be5be627328fc78b074a7fef82d8fd4d7ed5c2986fa62ce4e8e724f4e8e6367
1ffe0083c43292aaba8148fe6d7286bd27381ea13fef76b9e545a22d8bbd8af5
212521d68cb7524cbf1e607a8e5a64880e7c629f22f942de6753f0a92b32bb86
22dd9cf2d818510af07946854ee6bea597b838c58ed97340ae65fbd15d061e2c
233a5cb7ccfbad3e40b0984592960920bdcf915fd9d987ae3d5ebabcb32e86c5
249adada92006dd2dd73ce849d964a6381c62c0ca279bbff4e3620aac13ef8df
27a31791a21300b9ddb7980f633f099c054dcb3fb58ae172f9993a9575525a1e
2b01ae0442a80d4aa980667743285340122c3432880a4979476fe7d88ef7c37b
2bfe0bfebc6bf40e5f73c03389ba8285505bc2f45d739d1efd5ca830f940a51d
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
326f15a7432bfb981dff98a01571e73ee1f0a0581ba22458514812adcde32244
3273b9752cefdffe59886aaf94985343b75ff9289d172ba9f4f788e003a748c0
3312edf4bcabe795bc1162537c905022512b90e62749ecf5d41e4d11fa98af93
358254413b06b2b83c1cd9d9e697a21e5316dcb99c980a964767f5e30e4811e1
36e7ec9b9ee9168735e75a543e8f2a174b9a0b658ecb49f03f4ec331609f802a
3a7c1e7aa1e19fa5700a8b89a73a7b7b36ae85d0703104b70b058cb743bef7fb
3c3bfa40d19356bfa0c8dff74fe17f3b84773b23c4cc8c1235509062ca23ae81
4115945d73ebe24bc0587e257ebfb210dd95007982ad85bf2bc397cbf3ef25af
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
515e511632df46396d203e9877f97fb6d737c79045ef289b0181a3d655a4dad1
53fab80350ce588120fefa6b9045a21264367a9556f1caa7a681f43d9397c040
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
57604fa5a2f6caf9ad495647e200addc53ca0bb4bf204a558516dbea77dd2b5d
579c0e329b6a1ba8a7d65f4f14d1532ced14c4171dd9f4eeb501bfb0eae7c955
59188719cc6ad45d39628fcc907d77a8cf763d68243612cfa3c6678ec374ea9d
5d549da391ad6d08ffd680907b2f8cf05cfab7e56f36d26ffd0a04763195e655
5d5542834ba2845dc38e09d621efd771f9251c3f879b0511ded7cf23f39383cc
5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe
5dda36da7625dfd7aaf2da92e100d92f0fa7a7d519e226b641cd0abaea8468e0
5e0610740a6d17707a9f81c141233374b3418bedb9aa0307c1331e6c169784ed
5f52906b2aabe4e6e26fd0fbdb6627254e05583b47939a9f36335e692d43d9cd
61791b1da70c30eb0e2540349a5a2d811eb896c2c63741023fd7f62d60bb0659
63ca8acd92de82dd2090f15de8e247cf73d432d4d755c14862e6b3496f43ab42
653f3e53e89b4f8548ff86c19e92bb3c6b84b6be7485a320b1e00893ed877479
68f8c2dd9b1cd1a9fe1b2c1d4d910b3ab0c8b05a235b71cc61a79f299aeadda6
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b60c61e99b6af0d327aeb286220ea7593002ff4058f3ad87577e4093bec9052
6e2dddc28075e0d31ef4963ac607062a7ccfb805823a030fe61c64f89262aa0c
6f069252d082560ebb79f4d1844bf473e94542e58daeb238a9c4fb591f95dfeb
74a6500c0809af9375ddedc95a98d36cfa81970346096273a554ca84d250f2d0
767c5a60a27d39a568b3dbe3974b46a0e35566ee686ac4cdf5255f94b670087c
76a688d93077aea9bfc66910692b490f8a521299e02a48bc6426c013f0f8753d
77d21fe6ff1de0c27114a96dd35088dce9b76119f0fb090d1c405674c94c9480
77fc9c076583db5036b102159f70b442a6b7ba7ddcec426c3944c9fe6514053c
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7bf1597c6cf6d497de06cb9337f10f4b560b19e99c7357668eb16b64fef281b9
7ec26bb449135c61ace348c704ced42e2111da2e7f1980a64484096223cdbbfd
7efdbea858a5543e271850d4a62e8893414f605d522bbe2bc6e4201d514d33f4
82c2894beb8fb0d7084ed84539960eaae15bca3c7f3590f839886b37b2982a56
83cad37f70113f7b8bbb98c2ef8ee949f9a611e402e55ee826aef65130f2ef77
84427a1da71ffc7308e726c7786c4ab1e2b9bb963ad251124bed5ed022ba3e33
8594fca92e528d2233cd5744d4916d2a0c191bff764d3496222e48945d42f2f0
8a5151a017c954b7b3945040b841aaf81f5b8d87c117b64f4b4b301db1bad5a1
8d9d99b6bab8d91b9883ccfdff4de77b0edcfc15f779ec5ad51ed29e6b6309a2
8e827e67746b9c86c9cb7411fb9fa63ddc75eb7bb4120eb80d5316da48f42996
8efb7d3120703f9d2a054a20a4576a74c7575726d36816a4def40089f2ba4c4b
903a46ee5c7582595197c74cbda644ca7e45ef90e0f89bdfce0d3d6cb3a3bc77
903ae518e851d447d5ac9c096975e8f1b0870815e7df13f738c76ea9a75bc280
912d0c07da7bdb22cdae025b96da26d01523aaab7362edb28544e3949deb369d
91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004
95a1075c5a11f9f834abf9be15ab1b9f3527c15f269c11228c6f618e7515fd40
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
9b2ff7e2eadc07a21925cf9eb1944c06702b4ffac45b5993964c71f7bacb07ba
9ba3827e3290d21e78d0958581510439b3406baf182cc0e76aab9f7758bf06ad
9cd49deb5c44953db866815ccf1831b32277cf2dedff5388cd7baacc891a96c1
a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed
a3356f50073753a8bccd8739e0c519e11b6ad382b935635f5ee4468862b99135
a35f23f2527318fb63862f2c96469ff946135dedabeda06b94a3e5c152a3d615
a3715f40344826e3d37ded41c32bf598d8a24a2385a1d30efeb52f37d314e7d4
abc3a46c34b8eaad299c8f1de34ea27fc50e1e4de16f113143143cb314b689e6
b01bd01687b15585b2740273c8c3c6674dd9f559cfe52eeffdf43b1f93a12d05
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b2509e99cef473eca91473779ad326b7292355b04d7c8c7c7106d809d0f3a5d7
b444739d51f5f630511e5df4b3dfca22e20348a59b8be2ae75dd71a6f4042ac2
b487932f299b6209ba6665c8bf358e714d4e6959150eebca947e1ef7b1a6abda
b4d64b83c0875c08b96e4bd1ba80319a3ca1731d30fc6182b8325bd1cd135e9c
b7c7fbe5d508c972a088e7da622a568641928e36323e32227292e49b1ac38821
bad277d6326bfb9555c57f7f075f7a9fefb0063240773b7f8554f4694fd06963
bef9393fcdfc7a7299c058ba2a69253c32e0964dd3e97834e17a8cdb5dce7cf6
c3dd5a6fff633c6393dca21ce74cd6dc95265943575b43d2d9616f020eea68fa
cbe55528c76d1b5f3295de26b8c544fe6801a8659a8a93ba50a2b603f5e172ed
d130832237337d881ba43c2c2d0f02b1905ea9ea8f764b5eddce1441e47eafad
d3452ec1127967b4fce882b728a14e85f0b78d22024081936dfd4f25bfbc16c5
d406b63a7d23bf0fc52e3dda58a28f048101c31f57d12cd164633d6832919d1f
dafc06c54a09e1c0488b88535aa3e2be5155ecad9e0396f0317984d9b8f517b0
e31c6a03cf6f842e0268c818db32401a84ac15aa4e5aa19c7fcd68a954ff018f
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8
e573ecfd15f14f6e0d0402ec7412128723db2d2ff241b8de3652a67acff6b15a
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e882309f376f3c15e6058fa35a11f1d3aaf956fc2f7d737e2640fbb9ef79d059
e9fcc2dba0833b1cc0eacf3113234283eff992e45c3dc695dfc8aef7ba905b84
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
ed073fba60261680cd5d32f1e796bf902c98067986fbea302d4645d25e0516ca
edd1902dd5765bbb64b84e96a299a11de755ab6f84f60239475b1841dd14b8fb
ee53ada617f2674cbd706e3b24fc6738c7f53f2f7a3a959e71f611aa850dc946
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef8f041ba80fc26b8b6c766082dd295c31344557ba230921d904189d0eb6bb39
f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880
f7a1823caa66fdd3f6c01ec493121534460c5b8df0ee1cf6143e0d8c977d6107
f8fad84c8342f0b34b92bcd56b47d9e73c83d75c440d003b5e99002d00798359

www.hilton.com Open in urlscan Pro 2a02:26f0:dc:187::b58 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

143 Requests

82 %HTTPS

31 %IPv6

38 Domains

50 Subdomains

36 IPs

9 Countries

2812 kBTransfer

7246 kBSize

56 Cookies

11 Outgoing links

Redirected requests

143 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

www.hilton.com Open in urlscan Pro
2a02:26f0:dc:187::b58 Public Scan

Screenshot
Live screenshot

Full Image

143
Requests

82 %
HTTPS

31 %
IPv6

38
Domains

50
Subdomains

36
IPs

9
Countries

2812 kB
Transfer

7246 kB
Size

56
Cookies

143 HTTP transactions
1 data transactions