travelagents.hilton.com Open in urlscan Pro
2a02:26f0:3500:1b::1724:a391 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://travelagents.hilton.com.admin-eu.cas.ms/
Effective URL:
https://travelagents.hilton.com/
Submission: On October 25 via api (October 25th 2022, 3:21:25 pm UTC) from US — Scanned from GB

Summary HTTP 147 Redirects Links 12 Behaviour Indicators

Summary

This website contacted 38 IPs in 7 countries across 42 domains to perform 147 HTTP transactions. The main IP is 2a02:26f0:3500:1b::1724:a391, located in Frankfurt am Main, Germany and belongs to AKAMAI-ASN1, NL. The main domain is travelagents.hilton.com.
TLS certificate: Issued by R3 on October 6th 2022. Valid for: 3 months.

This is the only time travelagents.hilton.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1	51.137.137.121 51.137.137.121	8075 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
3	2a02:26f0:170... 2a02:26f0:1700:d::1737:6e8f	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
50	2a02:26f0:350... 2a02:26f0:3500:1b::1724:a391	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
1	54.231.140.240 54.231.140.240	16509 (AMAZON-02) (AMAZON-02)
4	2a02:26f0:350... 2a02:26f0:3500:587::1e80	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
9	2606:4700::68... 2606:4700::6811:e14e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700::68... 2606:4700::6811:190e	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
1 17	34.249.106.217 34.249.106.217	16509 (AMAZON-02) (AMAZON-02)
5	13.225.78.53 13.225.78.53	16509 (AMAZON-02) (AMAZON-02)
1	13.226.153.11 13.226.153.11	16509 (AMAZON-02) (AMAZON-02)
1	2a02:26f0:480... 2a02:26f0:480:280::b58	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.36.162.87 23.36.162.87	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
2	23.35.236.144 23.35.236.144	16625 (AKAMAI-AS) (AKAMAI-AS)
2	15.236.176.210 15.236.176.210	16509 (AMAZON-02) (AMAZON-02)
1 1	54.74.40.111 54.74.40.111	16509 (AMAZON-02) (AMAZON-02)
2	2a00:1450:400... 2a00:1450:4001:82a::200e	15169 (GOOGLE) (GOOGLE)
2	54.160.100.205 54.160.100.205	14618 (AMAZON-AES) (AMAZON-AES)
1 2	13.224.189.63 13.224.189.63	16509 (AMAZON-02) (AMAZON-02)
20	13.225.78.23 13.225.78.23	16509 (AMAZON-02) (AMAZON-02)
1 1	34.252.144.191 34.252.144.191	16509 (AMAZON-02) (AMAZON-02)
2	2a03:2880:f12... 2a03:2880:f12d:83:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1	35.244.174.68 35.244.174.68	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:830::2002	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2003	15169 (GOOGLE) (GOOGLE)
1	108.157.4.31 108.157.4.31	16509 (AMAZON-02) (AMAZON-02)
2 3	185.89.211.84 185.89.211.84	29990 (ASN-APPNEX) (ASN-APPNEX)
1 1	2001:678:cb4:... 2001:678:cb4:bbbb::13	56396 (AMOBEE) (AMOBEE)
1	3.234.25.89 3.234.25.89	14618 (AMAZON-AES) (AMAZON-AES)
1 2	172.217.16.194 172.217.16.194	15169 (GOOGLE) (GOOGLE)
1 1	2620:116:800d... 2620:116:800d:21:93ca:31d8:d86e:38f6	16509 (AMAZON-02) (AMAZON-02)
1	44.208.109.123 44.208.109.123	14618 (AMAZON-AES) (AMAZON-AES)
1	35.186.236.204 35.186.236.204	15169 (GOOGLE) (GOOGLE)
1 1	2620:1ec:c11:... 2620:1ec:c11::200	8068 (MICROSOFT...) (MICROSOFT-CORP-MSN-AS-BLOCK)
1 1	209.197.3.19 209.197.3.19	20446 (STACKPATH...) (STACKPATH-CDN)
2 2	2606:4700::68... 2606:4700::6812:19ad	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	35.186.212.60 35.186.212.60	15169 (GOOGLE) (GOOGLE)
1 1	212.82.100.182 212.82.100.182	34010 (YAHOO-IRD) (YAHOO-IRD)
1	192.132.33.46 192.132.33.46	18568 (BIDTELLECT) (BIDTELLECT)
1 1	54.83.243.105 54.83.243.105	14618 (AMAZON-AES) (AMAZON-AES)
3	2600:9000:20e... 2600:9000:20eb:4e00:7:bffe:c3c0:21	16509 (AMAZON-02) (AMAZON-02)
1	3.209.248.234 3.209.248.234	14618 (AMAZON-AES) (AMAZON-AES)
2 2	34.251.218.252 34.251.218.252	16509 (AMAZON-02) (AMAZON-02)
1 1	216.223.26.58 216.223.26.58	32475 (SINGLEHOP...) (SINGLEHOP-LLC)
8 8	151.101.66.49 151.101.66.49	54113 (FASTLY) (FASTLY)
1	69.173.144.165 69.173.144.165	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	185.80.39.216 185.80.39.216	27381 (CASALE-MEDIA) (CASALE-MEDIA)
1	35.244.159.8 35.244.159.8	15169 (GOOGLE) (GOOGLE)
1	185.64.190.80 185.64.190.80	62713 (AS-PUBMATIC) (AS-PUBMATIC)
1 2	185.94.180.125 185.94.180.125	35220 (SPOTX-AMS) (SPOTX-AMS)
147	38

1 51.137.137.121 (Cardiff, United Kingdom)

ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

travelagents.hilton.com.admin-eu.cas.ms	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:26f0:1700:d::1737:6e8f (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

mcasproxy.azureedge.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

50 2a02:26f0:3500:1b::1724:a391 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

travelagents.hilton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.231.140.240 (Ashburn, United States)

ASN16509 (AMAZON-02, US)
PTR: s3-1.amazonaws.com

s3.amazonaws.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a02:26f0:3500:587::1e80 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

assets.adobedtm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2606:4700::6811:e14e (United States)

ASN13335 (CLOUDFLARENET, US)

fast.fonts.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700::6811:190e (United States)

ASN13335 (CLOUDFLARENET, US)

cdnjs.cloudflare.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

17 34.249.106.217 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-249-106-217.eu-west-1.compute.amazonaws.com

dpm.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
hilton.demdex.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 13.225.78.53 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-53.fra2.r.cloudfront.net

consent.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 13.226.153.11 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-226-153-11.dus51.r.cloudfront.net

4dc2aa82bc5e.cdn4.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:480:280::b58 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

www.hilton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.36.162.87 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)
PTR: a23-36-162-87.deploy.static.akamaitechnologies.com

fonts.hilton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 23.35.236.144 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a23-35-236-144.deploy.static.akamaitechnologies.com

c48c230edebef37baa0b-7924816fb41fd531ce97ed2a0e88770c.ssl.cf2.rackcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 15.236.176.210 (Paris, France)

ASN16509 (AMAZON-02, US)
PTR: ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

smetric.hilton.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.74.40.111 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-54-74-40-111.eu-west-1.compute.amazonaws.com

cm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 54.160.100.205 (United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-160-100-205.compute-1.amazonaws.com

cdn3.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 13.224.189.63 (United States) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: server-13-224-189-63.fra2.r.cloudfront.net

cdn9.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 13.225.78.23 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-13-225-78-23.fra2.r.cloudfront.net

consent-pref.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 34.252.144.191 (Dublin, Ireland) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-252-144-191.eu-west-1.compute.amazonaws.com

aa.agkn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:2880:f12d:83:face:b00c:0:25de (Frankfurt am Main, Germany)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.174.68 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 68.174.244.35.bc.googleusercontent.com

idsync.rlcdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:830::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.co.uk	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 108.157.4.31 (United States)

ASN16509 (AMAZON-02, US)
PTR: server-108-157-4-31.dus51.r.cloudfront.net

consent-st.trustarc.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 185.89.211.84 (Frankfurt am Main, Germany) 2 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:678:cb4:bbbb::13 (United Kingdom) 1 redirects

ASN56396 (AMOBEE, GB)

d.turn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.234.25.89 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-234-25-89.compute-1.amazonaws.com

14f627fd8dc349f3a5715c9bdc4dd01d-4dc2aa82bc5e.cdn.forter.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 172.217.16.194 (United States) 1 redirects

ASN15169 (GOOGLE, US)
PTR: fra16s65-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:116:800d:21:93ca:31d8:d86e:38f6 (United States) 1 redirects

ASN16509 (AMAZON-02, US)

cms.quantserve.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 44.208.109.123 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-44-208-109-123.compute-1.amazonaws.com

prefmgr-cookie.truste-svc.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.186.236.204 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 204.236.186.35.bc.googleusercontent.com

mpp.vindicosuite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2620:1ec:c11::200 (United States) 1 redirects

ASN8068 (MICROSOFT-CORP-MSN-AS-BLOCK, US)

c.bing.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 209.197.3.19 (United States) 1 redirects

ASN20446 (STACKPATH-CDN, US)
PTR: vip0x013.map2.ssl.hwcdn.net

servedby.flashtalking.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2606:4700::6812:19ad (United States) 2 redirects

ASN13335 (CLOUDFLARENET, US)

a.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
s.tribalfusion.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 35.186.212.60 (Kansas City, United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: 60.212.186.35.bc.googleusercontent.com

tag.yieldoptimizer.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 212.82.100.182 (Dublin, Ireland) 1 redirects

ASN34010 (YAHOO-IRD, GB)
PTR: spcms.pbp.vip.ir2.yahoo.com

cms.analytics.yahoo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 192.132.33.46 (United States)

ASN18568 (BIDTELLECT, US)
PTR: 46.bidtellect.com

bttrack.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 54.83.243.105 (Ashburn, United States) 1 redirects

ASN14618 (AMAZON-AES, US)
PTR: ec2-54-83-243-105.compute-1.amazonaws.com

get.truex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2600:9000:20eb:4e00:7:bffe:c3c0:21 (United States)

ASN16509 (AMAZON-02, US)

d3nocrch4qti4v.cloudfront.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 3.209.248.234 (Ashburn, United States)

ASN14618 (AMAZON-AES, US)
PTR: ec2-3-209-248-234.compute-1.amazonaws.com

rtb.adentifi.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 34.251.218.252 (Dublin, Ireland) 2 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-34-251-218-252.eu-west-1.compute.amazonaws.com

sync.crwdcntrl.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.223.26.58 (Secaucus, United States) 1 redirects

ASN32475 (SINGLEHOP-LLC, US)

pix-us.revjet.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 151.101.66.49 (United States) 8 redirects

ASN54113 (FASTLY, US)

sync-tm.everesttech.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.165 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

pixel.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.80.39.216 (Canada) 1 redirects

ASN27381 (CASALE-MEDIA, CA)

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 35.244.159.8 (Kansas City, United States)

ASN15169 (GOOGLE, US)
PTR: 8.159.244.35.bc.googleusercontent.com

us-u.openx.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.64.190.80 (United Kingdom)

ASN62713 (AS-PUBMATIC, US)

image2.pubmatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.94.180.125 (Amsterdam, Netherlands) 1 redirects

ASN35220 (SPOTX-AMS, US)

sync.search.spotxchange.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
55	hilton.com travelagents.hilton.com www.hilton.com — Cisco Umbrella Rank: 16768 fonts.hilton.com — Cisco Umbrella Rank: 125785 smetric.hilton.com — Cisco Umbrella Rank: 27493	4 MB
26	trustarc.com consent.trustarc.com — Cisco Umbrella Rank: 3107 consent-pref.trustarc.com — Cisco Umbrella Rank: 16677 consent-st.trustarc.com — Cisco Umbrella Rank: 31897	374 KB
17	demdex.net 1 redirects dpm.demdex.net — Cisco Umbrella Rank: 214 hilton.demdex.net — Cisco Umbrella Rank: 13408	20 KB
9	everesttech.net 9 redirects cm.everesttech.net — Cisco Umbrella Rank: 1073 sync-tm.everesttech.net — Cisco Umbrella Rank: 578	2 KB
9	fonts.net fast.fonts.net — Cisco Umbrella Rank: 3031	183 KB
6	forter.com 1 redirects 4dc2aa82bc5e.cdn4.forter.com — Cisco Umbrella Rank: 25997 cdn3.forter.com — Cisco Umbrella Rank: 4472 cdn9.forter.com — Cisco Umbrella Rank: 4970 14f627fd8dc349f3a5715c9bdc4dd01d-4dc2aa82bc5e.cdn.forter.com	45 KB
4	adobedtm.com assets.adobedtm.com — Cisco Umbrella Rank: 490	140 KB
3	cloudfront.net d3nocrch4qti4v.cloudfront.net	1 KB
3	adnxs.com 2 redirects ib.adnxs.com — Cisco Umbrella Rank: 232	3 KB
3	doubleclick.net 2 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 43 cm.g.doubleclick.net — Cisco Umbrella Rank: 215	2 KB
3	azureedge.net mcasproxy.azureedge.net — Cisco Umbrella Rank: 40022	44 KB
2	spotxchange.com 1 redirects sync.search.spotxchange.com — Cisco Umbrella Rank: 572	1 KB
2	casalemedia.com 1 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 542	1 KB
2	crwdcntrl.net 2 redirects sync.crwdcntrl.net — Cisco Umbrella Rank: 756	588 B
2	yieldoptimizer.com 2 redirects tag.yieldoptimizer.com — Cisco Umbrella Rank: 4523	889 B
2	tribalfusion.com 2 redirects a.tribalfusion.com — Cisco Umbrella Rank: 828 s.tribalfusion.com — Cisco Umbrella Rank: 2234	932 B
2	facebook.com www.facebook.com — Cisco Umbrella Rank: 107	256 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 32	20 KB
2	rackcdn.com c48c230edebef37baa0b-7924816fb41fd531ce97ed2a0e88770c.ssl.cf2.rackcdn.com
2	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 394	18 KB
1	pubmatic.com image2.pubmatic.com — Cisco Umbrella Rank: 894	225 B
1	openx.net us-u.openx.net — Cisco Umbrella Rank: 409	273 B
1	rubiconproject.com pixel.rubiconproject.com — Cisco Umbrella Rank: 347	239 B
1	revjet.com 1 redirects pix-us.revjet.com — Cisco Umbrella Rank: 19623	326 B
1	adentifi.com rtb.adentifi.com — Cisco Umbrella Rank: 1252	35 B
1	truex.com 1 redirects get.truex.com — Cisco Umbrella Rank: 20945	302 B
1	bttrack.com bttrack.com — Cisco Umbrella Rank: 750	263 B
1	yahoo.com 1 redirects cms.analytics.yahoo.com — Cisco Umbrella Rank: 871	673 B
1	flashtalking.com 1 redirects servedby.flashtalking.com — Cisco Umbrella Rank: 821	553 B
1	bing.com 1 redirects c.bing.com — Cisco Umbrella Rank: 236	537 B
1	vindicosuite.com mpp.vindicosuite.com — Cisco Umbrella Rank: 5735	308 B
1	truste-svc.net prefmgr-cookie.truste-svc.net — Cisco Umbrella Rank: 32646	2 KB
1	quantserve.com 1 redirects cms.quantserve.com — Cisco Umbrella Rank: 729	488 B
1	turn.com 1 redirects d.turn.com — Cisco Umbrella Rank: 1096	402 B
1	google.co.uk www.google.co.uk — Cisco Umbrella Rank: 3174	548 B
1	google.com 1 redirects www.google.com — Cisco Umbrella Rank: 2	586 B
1	rlcdn.com idsync.rlcdn.com — Cisco Umbrella Rank: 344	330 B
1	agkn.com 1 redirects aa.agkn.com — Cisco Umbrella Rank: 474	477 B
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 61	47 KB
1	cloudflare.com cdnjs.cloudflare.com — Cisco Umbrella Rank: 216	15 KB
1	amazonaws.com s3.amazonaws.com
1	cas.ms travelagents.hilton.com.admin-eu.cas.ms	1 KB
147	42

	Domain	Requested by
50	travelagents.hilton.com	travelagents.hilton.com
20	consent-pref.trustarc.com	consent.trustarc.com consent-pref.trustarc.com travelagents.hilton.com.admin-eu.cas.ms prefmgr-cookie.truste-svc.net
16	dpm.demdex.net	1 redirects travelagents.hilton.com
9	fast.fonts.net	travelagents.hilton.com fast.fonts.net
8	sync-tm.everesttech.net	8 redirects
5	consent.trustarc.com	travelagents.hilton.com.admin-eu.cas.ms consent.trustarc.com travelagents.hilton.com
4	assets.adobedtm.com	travelagents.hilton.com assets.adobedtm.com
3	d3nocrch4qti4v.cloudfront.net
3	ib.adnxs.com	2 redirects
3	mcasproxy.azureedge.net	travelagents.hilton.com.admin-eu.cas.ms mcasproxy.azureedge.net
2	sync.search.spotxchange.com	1 redirects
2	dsum-sec.casalemedia.com	1 redirects
2	sync.crwdcntrl.net	2 redirects
2	tag.yieldoptimizer.com	2 redirects
2	cm.g.doubleclick.net	1 redirects
2	www.facebook.com	travelagents.hilton.com
2	cdn9.forter.com	1 redirects travelagents.hilton.com
2	cdn3.forter.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	smetric.hilton.com	assets.adobedtm.com
2	c48c230edebef37baa0b-7924816fb41fd531ce97ed2a0e88770c.ssl.cf2.rackcdn.com	travelagents.hilton.com
2	fonts.hilton.com	travelagents.hilton.com
2	cdn.jsdelivr.net	travelagents.hilton.com
1	image2.pubmatic.com
1	us-u.openx.net
1	pixel.rubiconproject.com
1	pix-us.revjet.com	1 redirects
1	rtb.adentifi.com
1	get.truex.com	1 redirects
1	bttrack.com
1	cms.analytics.yahoo.com	1 redirects
1	s.tribalfusion.com	1 redirects
1	a.tribalfusion.com	1 redirects
1	servedby.flashtalking.com	1 redirects
1	c.bing.com	1 redirects
1	mpp.vindicosuite.com
1	prefmgr-cookie.truste-svc.net	travelagents.hilton.com.admin-eu.cas.ms
1	cms.quantserve.com	1 redirects
1	14f627fd8dc349f3a5715c9bdc4dd01d-4dc2aa82bc5e.cdn.forter.com
1	d.turn.com	1 redirects
1	consent-st.trustarc.com	consent-pref.trustarc.com
1	www.google.co.uk
1	www.google.com	1 redirects
1	googleads.g.doubleclick.net	1 redirects
1	idsync.rlcdn.com	travelagents.hilton.com
1	aa.agkn.com	1 redirects
1	cm.everesttech.net	1 redirects
1	hilton.demdex.net	assets.adobedtm.com
1	www.hilton.com	travelagents.hilton.com
1	4dc2aa82bc5e.cdn4.forter.com	travelagents.hilton.com.admin-eu.cas.ms
1	www.googletagmanager.com	travelagents.hilton.com
1	cdnjs.cloudflare.com	travelagents.hilton.com
1	s3.amazonaws.com	travelagents.hilton.com
1	travelagents.hilton.com.admin-eu.cas.ms
147	54

This site contains links to these domains. Also see Links.

Domain
www.hilton.com
secure3.hilton.com
hiltoneducation.com
meetings.hilton.com
hiltonhonors3.hilton.com
www.aboutads.info

Subject Issuer	Validity	Valid
*.azureedge.net Microsoft Azure ECC TLS Issuing CA 01	`2022-07-27` - `2023-07-22`	a year	crt.sh
fonts.hilton.com R3	`2022-10-06` - `2023-01-04`	3 months	crt.sh
s3.amazonaws.com Amazon	`2022-04-01` - `2023-03-30`	a year	crt.sh
assets.adobedtm.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-19` - `2023-08-19`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-05` - `2023-06-04`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2022-09-26` - `2022-12-19`	3 months	crt.sh
*.trustarc.com Amazon	`2022-05-17` - `2023-06-15`	a year	crt.sh
*.cdn4.forter.com GeoTrust RSA CA 2018	`2021-11-16` - `2022-12-16`	a year	crt.sh
www.hilton.com DigiCert ECC Extended Validation Server CA	`2022-04-08` - `2023-04-08`	a year	crt.sh
*.ssl.cf2.rackcdn.com DigiCert SHA2 Secure Server CA	`2022-01-30` - `2023-01-31`	a year	crt.sh
*.demdex.com DigiCert TLS RSA SHA256 2020 CA1	`2022-09-26` - `2023-10-27`	a year	crt.sh
smetric.hilton.com DigiCert TLS RSA SHA256 2020 CA1	`2022-07-30` - `2023-08-30`	a year	crt.sh
cdn3.forter.com GeoTrust RSA CA 2018	`2022-06-27` - `2023-07-04`	a year	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2022-08-03` - `2022-11-01`	3 months	crt.sh
*.rlcdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-03` - `2023-02-25`	a year	crt.sh
*.cdn.forter.com GeoTrust RSA CA 2018	`2022-06-27` - `2023-07-27`	a year	crt.sh
*.truste-svc.net Amazon	`2022-05-23` - `2023-06-21`	a year	crt.sh
mpp.vindicosuite.com GTS CA 1D4	`2022-10-06` - `2023-01-04`	3 months	crt.sh
*.bttrack.com Sectigo RSA Domain Validation Secure Server CA	`2022-03-21` - `2023-04-20`	a year	crt.sh
*.cloudfront.net Amazon	`2022-02-01` - `2023-01-31`	a year	crt.sh
adentifi.com Amazon	`2022-08-05` - `2023-09-03`	a year	crt.sh

This page contains 7 frames:

Primary Page: https://travelagents.hilton.com/
Frame ID: 19423BD24F0F7677786D6DDA5A1EA2C6
Requests: 100 HTTP requests in this frame

Frame: https://mcasproxy.azureedge.net/proxyweb/1.23.47/html/session-context-restore.html
Frame ID: 047C929B8D10F4B34DCC6F1ADC3956AA
Requests: 2 HTTP requests in this frame

Frame: https://hilton.demdex.net/dest5.html?d_nsid=0
Frame ID: F1840DBCEA12590B4DD8C172B844B645
Requests: 28 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=gb&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
Frame ID: C90C5A1B3135D0A031B99DCFC5AE6FCB
Requests: 20 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/defaultpreferencemanager/900F1BE3E033349C4A8AEE7E6836E50C.cache.html
Frame ID: 99240A4693AF820AD2F909F6AC4B237F
Requests: 1 HTTP requests in this frame

Frame: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=gb&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
Frame ID: F6AF627358167A5779BAC51C48501663
Requests: 1 HTTP requests in this frame

Frame: https://consent-pref.trustarc.com/cookie_inneriframe.html
Frame ID: E4E9EF6D755B486884BC61471A87A996
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Hilton Travel Agents | Travel Portal for Agents

Page URL History Show full URLs

http://travelagents.hilton.com.admin-eu.cas.ms/ Page URL
https://travelagents.hilton.com/ Page URL

Detected technologies

Akamai Bot Manager (Security) Expand

Overall confidence: 100%
Detected patterns

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

Forter (Analytics) Expand

Overall confidence: 100%
Detected patterns

forter\.com

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtm\.js

Modernizr (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js

Moment.js (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

moment(?:\.min)?\.js

OpenX (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.openx\.net

PubMatic (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.pubmatic\.com

Rubicon Project (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

https?://[^/]*\.rubiconproject\.com

TrustArc (Cookie compliance) Expand

Overall confidence: 100%
Detected patterns

consent\.trustarc\.com

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

//cdn\.jsdelivr\.net/

Page Statistics

147
Requests

82 %
HTTPS

35 %
IPv6

42
Domains

54
Subdomains

38
IPs

7
Countries

4509 kB
Transfer

7076 kB
Size

48
Cookies

12 Outgoing links

These are links going to different origins than the main page.

URL: https://www.hilton.com/en/book/reservation/find/
Title: Find reservation

Search URL Search Domain Scan URL

URL: https://secure3.hilton.com/en_US/hh/reservation/find/index.htm
Title: Find reservation

Search URL Search Domain Scan URL

URL: https://www.hilton.com/travelagentoffer
Title: Book Now

Search URL Search Domain Scan URL

URL: https://hiltoneducation.com/accounts/login/?next=/quizzes?cid=OM,TP,Homepage,Carousel,HiltonEducation,LearnMore
Title: Learning Center

Search URL Search Domain Scan URL

URL: http://meetings.hilton.com/?cid=OM,TP,Homepage,Other,MeetingsandEvents,PlanAnEvent
Title: Plan an Event

Search URL Search Domain Scan URL

URL: http://hiltonhonors3.hilton.com/en/promotions/privacy-policy/english.html
Title: Global Privacy Statement

Search URL Search Domain Scan URL

URL: http://hiltonhonors3.hilton.com/en/policy/cookies-statement/english.html
Title: Cookies Statement

Search URL Search Domain Scan URL

URL: http://hiltonhonors3.hilton.com/en_US/policy/site-usage-agreement/english.html
Title: Site Usage Agreement

Search URL Search Domain Scan URL

URL: https://www.hilton.com/en/hilton-honors/personal-data-requests/
Title: Do Not Sell My Information

Search URL Search Domain Scan URL

URL: https://www.hilton.com/en/corporate/msat-statement/
Title: Modern Slavery and Human Trafficking

Search URL Search Domain Scan URL

URL: http://www.aboutads.info/choices/
Title: AdChoices

Search URL Search Domain Scan URL

URL: https://www.hilton.com/en/corporate/coronavirus/
Title: See Latest

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://travelagents.hilton.com.admin-eu.cas.ms/ Page URL
https://travelagents.hilton.com/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 52

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1666711279610 HTTP 302
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1666711279610

Request Chain 87

https://cm.everesttech.net/cm/dd?d_uuid=19218456480829474193117637085299996451 HTTP 302
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1f_8AAAAH9uDQN6

Request Chain 96

https://cdn9.forter.com/vchk2 HTTP 301
https://cdn9.forter.com/vchk2/v1/7fbb0c9d3e4d7a2f3570e11918a750bca1b6990a2bdb4f37ecb5650bebc4c340ac7f4bc8651056e6dbf849d1a472

Request Chain 100

https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=19218456480829474193117637085299996451 HTTP 302
https://dpm.demdex.net/ibs:dpid=21&dpuuid=220073204315002654298

Request Chain 103

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1005930085/?value=0&guid=ON&script=0&data=23583573 HTTP 302
https://www.google.com/pagead/1p-user-list/1005930085/?value=0&guid=ON&script=0&data=23583573&is_vtc=1&random=581321438 HTTP 302
https://www.google.co.uk/pagead/1p-user-list/1005930085/?value=0&guid=ON&script=0&data=23583573&is_vtc=1&random=581321438&ipr=y

Request Chain 107

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID HTTP 302
https://dpm.demdex.net/ibs:dpid=358&dpuuid=7416363402887643939

Request Chain 111

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D HTTP 302
https://dpm.demdex.net/ibs:dpid=470&dpuuid=3229401479939270603

Request Chain 115

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTkyMTg0NTY0ODA4Mjk0NzQxOTMxMTc2MzcwODUyOTk5OTY0NTE= HTTP 302
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEB2BrzEot3pjB3SEv8l5wxI&google_cver=1?gdpr=0&gdpr_consent=

Request Chain 117

https://cms.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=tZCEbOXG12uuxYA4tZacbbrBgDiuk9JqssC7BN13

Request Chain 123

https://c.bing.com/c.gif?uid=19218456480829474193117637085299996451&Red3=MSAdobe_pd&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=010C628DFE3161850D8870C5FF5260E5

Request Chain 124

https://servedby.flashtalking.com/map/?key=a74thHgsfK627J6Ftt8sj5ks52bKe&gdpr=0&gdpr_consent=&url=https://dpm.demdex.net/ibs:dpid=3047&dpuuid=[%FT_GUID%]&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=3047&dpuuid=5411A8685D0104&gdpr=0&gdpr_consent=

Request Chain 125

https://a.tribalfusion.com/i.match?p=b13&u=19218456480829474193117637085299996451&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://s.tribalfusion.com/z/i.match?p=b13&u=19218456480829474193117637085299996451&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$ HTTP 302
https://dpm.demdex.net/ibs:dpid=22054

Request Chain 126

https://tag.yieldoptimizer.com/ps/ps?t=i&p=2233 HTTP 302
https://tag.yieldoptimizer.com/ps/ps?tc=349206109&t=i&p=2233 HTTP 302
https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3016302421596

Request Chain 128

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=19218456480829474193117637085299996451&gdpr=0&gdpr_consent= HTTP 302
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-wGfeAbhE2pHXZ5dzvD4uY8eL5irZ63AXe_w-~A

Request Chain 136

https://get.truex.com/adobe/audience_manager/sync HTTP 302
https://dpm.demdex.net/ibs:dpid=66013&dpuuid=

Request Chain 142

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=19218456480829474193117637085299996451?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=19218456480829474193117637085299996451?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id} HTTP 302
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

Request Chain 144

https://pix-us.revjet.com/idsync/adobe/1?aam_id=19218456480829474193117637085299996451&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D70027%26dpuuid%3D%24%24visitor_id%24%24 HTTP 302
https://dpm.demdex.net/ibs:dpid=70027&dpuuid=4748693980785140386

Request Chain 145

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_URLENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTFmXzhBQUFBSDl1RFFONg==

Request Chain 146

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90 HTTP 302
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y1f_8AAAAH9uDQN6&expires=90

Request Chain 147

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y1f_8AAAAH9uDQN6 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y1f_8AAAAH9uDQN6&C=1

Request Chain 148

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D HTTP 302
https://ib.adnxs.com/setuid?entity=158&code=Y1f_8AAAAH9uDQN6

Request Chain 149

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D HTTP 302
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y1f_8AAAAH9uDQN6

Request Chain 150

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER_ID%7D HTTP 302
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y1f_8AAAAH9uDQN6

Request Chain 151

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y1f_8AAAAH9uDQN6&img=1 HTTP 302
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y1f_8AAAAH9uDQN6&img=1&__user_check__=1&sync_id=af19ae9b-5478-11ed-ae8d-1ac054420406

Request Chain 152

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0 HTTP 302
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y1f_8AAAAH9uDQN6&t=2592000&o=0

147 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK / Show response
travelagents.hilton.com.admin-eu.cas.ms/ 1 KB
1 KB 156ms
35ms Document
text/html 51.137.137.121
MICROSOFT-CORP-MS...

General

Check archive.org

Show headers Download Go to

Full URL

http://travelagents.hilton.com.admin-eu.cas.ms/

Protocol

HTTP/1.1

Server

51.137.137.121 Cardiff, United Kingdom, ASN8075 (MICROSOFT-CORP-MSN-AS-BLOCK, US),

Reverse DNS

Software

openresty /

Resource Hash

0ed1d0603edc52e4cc52c69194493988ec9e706cc649bd8c86b3423cc43d5cde

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html; charset=utf-8
Date: Tue, 25 Oct 2022 15:21:18 GMT
Expires: Mon, 01-Jan-1990 00:00:00 GMT
Pragma: no-cache
Server: openresty
Strict-Transport-Security: max-age=31536000
Transfer-Encoding: chunked
X-MCAS-Cache-Status: MISS
X-MCAS-Processing-Time: 2
X-MCAS-Request-Id: 046c36b5a5fbacc9591e1632f51263eb
X-MCAS-Upstream-Time: n/a

GET
H2 200 session-context-store-helper.min.js Show response
mcasproxy.azureedge.net/proxyweb/1.23.47/js/ 5 KB
5 KB 138ms
47ms Script
application/javascript 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.23.47/js/session-context-store-helper.min.js
Requested by: Host: travelagents.hilton.com.admin-eu.cas.ms
URL: http://travelagents.hilton.com.admin-eu.cas.ms/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: 968d28d7b73b766de060de25723f0f37d27b7acc0978ff32652391de31c0d1e4

Request headers

accept-language: en-GB,en;q=0.9
Referer: http://travelagents.hilton.com.admin-eu.cas.ms/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 25 Oct 2022 15:21:18 GMT
last-modified: Mon, 17 Oct 2022 15:34:07 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: AaRzN2kCBiQORBVRFn9YLQ==
etag: 0x8DAB05507C46CE9
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: 7352a452-a01e-0023-79a6-e7a0e0000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31440179
x-ms-version: 2009-09-19
content-length: 4847

GET
H2 200 session-context-restore.html Show response
mcasproxy.azureedge.net/proxyweb/1.23.47/html/ Frame 047C 209 B
660 B 49ms
49ms Document
text/html 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.23.47/html/session-context-restore.html
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.23.47/js/session-context-store-helper.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash: a3c954e6d1422643abfe41e74b726918caa087460903ec4267bc4e5293132451

Request headers

Referer: http://travelagents.hilton.com.admin-eu.cas.ms/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

access-control-allow-origin: *
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31440184
content-length: 209
content-md5: xcQ/+x+i42xZPwR88wJc4A==
content-type: text/html
date: Tue, 25 Oct 2022 15:21:18 GMT
etag: 0x8DAB0553AE847DB
last-modified: Mon, 17 Oct 2022 15:35:33 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
x-ms-blob-type: BlockBlob
x-ms-lease-status: unlocked
x-ms-request-id: 6971d5b8-301e-0004-2ea6-e73aa9000000
x-ms-version: 2009-09-19

GET
H2 200 session-context-restore.min.js
mcasproxy.azureedge.net/proxyweb/1.23.47/js/ Frame 047C 38 KB
38 KB 51ms
51ms Script
application/javascript 2a02:26f0:1700:d::1737:6e8f
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://mcasproxy.azureedge.net/proxyweb/1.23.47/js/session-context-restore.min.js
Requested by: Host: mcasproxy.azureedge.net
URL: https://mcasproxy.azureedge.net/proxyweb/1.23.47/html/session-context-restore.html
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:1700:d::1737:6e8f Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0 /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://mcasproxy.azureedge.net/proxyweb/1.23.47/html/session-context-restore.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
date: Tue, 25 Oct 2022 15:21:19 GMT
last-modified: Mon, 17 Oct 2022 15:34:07 GMT
server: Windows-Azure-Blob/1.0 Microsoft-HTTPAPI/2.0
content-md5: zou6Dv3xuDmXlU6FhArkUg==
etag: 0x8DAB05507B775A9
content-type: application/javascript
access-control-allow-origin: *
x-ms-request-id: bf5285ed-b01e-0051-68a6-e7d1de000000
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
cache-control: public, max-age=31440121
x-ms-version: 2009-09-19
content-length: 38714

GET
H2 200 Primary Request / Show response
travelagents.hilton.com/ 75 KB
15 KB 166ms
44ms Document
text/html 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

32678aee57fc2626b646c548db3666c173802e6c5e5469ba8f33317d18e768dd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: http://travelagents.hilton.com.admin-eu.cas.ms/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

cache-control: no-cache, no-store, must-revalidate
content-encoding: gzip
content-length: 14868
content-type: text/html; charset=UTF-8
date: Tue, 25 Oct 2022 15:21:19 GMT
expires: Tue, 25 Oct 2022 15:21:19 GMT
pragma: no-cache
server: Apache
strict-transport-security: max-age=31536000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: sameorigin
x-rs-server: gla-us-3
x-xss-protection: 1; mode=block

GET
H/1.1 403
Forbidden style.css
s3.amazonaws.com/icomoon.io/67203/BrandBar-Black-EnterpriseUpdate/ 0
0 354ms
130ms Stylesheet
application/xml 54.231.140.240
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL: https://s3.amazonaws.com/icomoon.io/67203/BrandBar-Black-EnterpriseUpdate/style.css?sgeesd
Requested by: Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 54.231.140.240 Ashburn, United States, ASN16509 (AMAZON-02, US),
Reverse DNS: s3-1.amazonaws.com
Software: /
Resource Hash

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

GET
H2 200 sayt.min.css
travelagents.hilton.com/assets/css/ 23 KB
4 KB 66ms
62ms Stylesheet
text/css 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://travelagents.hilton.com/assets/css/sayt.min.css

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

fe910a0c461b557d28a1d416816c275dae3610e35c04b67c007b3cc605b0caf2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 15:21:19 GMT
x-rs-server: gla-us-3
content-length: 3960
x-xss-protection: 1; mode=block
last-modified: Mon, 12 Apr 2021 15:28:04 GMT
server: Apache
etag: "5d03-5bfc828e5bdfb-gzip"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
cache-control: max-age=74619
accept-ranges: bytes
expires: Wed, 26 Oct 2022 12:04:58 GMT

GET
H2 200 satelliteLib-5f15f2949f2a761b35db03f2b389a11d61654c4e.js Show response
assets.adobedtm.com/1a8b82639e97b4c8938c46c6ad045392048d00e5/ 560 KB
116 KB 179ms
49ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/1a8b82639e97b4c8938c46c6ad045392048d00e5/satelliteLib-5f15f2949f2a761b35db03f2b389a11d61654c4e.js
Requested by: Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 3e927ed316847052f97c5f40f2f03a42010b7e8867ed23d9461c16ba2807530e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:21:19 GMT
content-encoding: gzip
last-modified: Mon, 24 Oct 2022 17:03:49 GMT
server: AkamaiNetStorage
etag: "840b30005c04daf5e79db135e7701277:1666631029.864617"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://travelagents.hilton.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 118392
expires: Tue, 25 Oct 2022 16:21:19 GMT

GET
H2 200 normalize.css
travelagents.hilton.com/assets/css/ 8 KB
3 KB 72ms
69ms Stylesheet
text/css 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://travelagents.hilton.com/assets/css/normalize.css?asd=asd

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

69fcf7682b771176634dc54deb0c412cf9ec40df931d56a0480ee51b47ed1598

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 15:21:19 GMT
x-rs-server: gla-us-3
content-length: 2578
x-xss-protection: 1; mode=block
last-modified: Tue, 10 Jul 2018 14:59:20 GMT
server: Apache
etag: "1e1c-570a65ff00200-gzip"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
cache-control: max-age=68872
accept-ranges: bytes
expires: Wed, 26 Oct 2022 10:29:11 GMT

GET
H2 200 main.css
travelagents.hilton.com/assets/css/ 29 KB
7 KB 73ms
69ms Stylesheet
text/css 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://travelagents.hilton.com/assets/css/main.css?asd=asd

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

196082cb088031c0802979799b684de22707173118754b59dde7e362333ffd57

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 15:21:19 GMT
x-rs-server: gla-us-3
content-length: 6960
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Jun 2022 13:55:42 GMT
server: Apache
etag: "7464-5e0dbf1c1d394-gzip"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
cache-control: max-age=72985
accept-ranges: bytes
expires: Wed, 26 Oct 2022 11:37:44 GMT

GET
H2 200 site.css
travelagents.hilton.com/assets/css/ 140 KB
25 KB 107ms
104ms Stylesheet
text/css 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://travelagents.hilton.com/assets/css/site.css?asd=asd

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

27139a04d218fc7a4d17732d88755f7e8947f03fa662d5fa5b52cb22764d3499

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 15:21:19 GMT
x-rs-server: gla-us-3
content-length: 24730
x-xss-protection: 1; mode=block
last-modified: Tue, 26 Apr 2022 08:30:02 GMT
server: Apache
etag: "2312b-5dd8a7fc54744-gzip"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
cache-control: max-age=72972
accept-ranges: bytes
expires: Wed, 26 Oct 2022 11:37:31 GMT

GET
H2 200 mbl-booking-widget.css
travelagents.hilton.com/assets/css/ 15 KB
2 KB 149ms
146ms Stylesheet
text/css 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://travelagents.hilton.com/assets/css/mbl-booking-widget.css?asd=asd

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

13e0f1d162f0439e56875ab74a8f085e0f27244c6b42e3d4b7a8484ddf8aa7c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 15:21:19 GMT
x-rs-server: gla-us-3
content-length: 2021
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Sep 2021 17:12:55 GMT
server: Apache
etag: "3a9d-5cd2570e6333f-gzip"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: text/css
cache-control: max-age=72977
accept-ranges: bytes
expires: Wed, 26 Oct 2022 11:37:36 GMT

GET
H2 200 fd3e15ad-851f-4bc1-8bcb-ff6f6cfac280.css
fast.fonts.net/cssapi/ 20 KB
2 KB 113ms
46ms Stylesheet
text/css 2606:4700::6811:e14e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/cssapi/fd3e15ad-851f-4bc1-8bcb-ff6f6cfac280.css
Requested by: Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e14e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e20c7bc7c345030cbe18c4e037699ed7165523ef59b67b9eb697ceef9bdfee6e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Tue, 25 Oct 2022 15:26:19 GMT
date: Tue, 25 Oct 2022 15:21:19 GMT
x-amz-version-id: null
content-encoding: gzip
cf-cache-status: HIT
x-amz-request-id: TPRKPWAMX8Y79BJ9
age: 4009
x-amz-id-2: fFd/FpjK8hRm4pS4Ct4vWfqoqbZ8fenCmlZN7BGAu+Om9jUWkHOyfAzC2rVobi0m6mlBhTfhB1I=
last-modified: Thu, 18 Feb 2021 04:09:02 GMT
server: cloudflare
etag: W/"363c3677be043f4eaadae4c6cddcbc08"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=300
cf-ray: 75fbf0f7b8a106bd-LHR
x-amz-meta-mtime: 1441104844

GET
H2 200 flatpickr.min.css
cdn.jsdelivr.net/npm/flatpickr/dist/ 16 KB
4 KB 107ms
41ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/flatpickr/dist/flatpickr.min.css

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1b34a42552c96f10e4dfaaa4a367276b03868aacff63c1ac42ffe331352bc754

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:21:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 23943
x-jsd-version: 4.6.13
x-cache: HIT, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19179-FRA, cache-yyz4565-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"3f26-J8BN8VjBcy9mnostEH/TFP6t00A"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 75fbf0f7bcf3dc67-LHR

GET
H2 200 modernizr-2.6.2.min.js Show response
travelagents.hilton.com/assets/js/ 15 KB
6 KB 157ms
154ms Script
application/javascript 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://travelagents.hilton.com/assets/js/modernizr-2.6.2.min.js

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 15:21:19 GMT
x-rs-server: gla-us-3
content-length: 6246
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Jun 2015 11:08:16 GMT
server: Apache
etag: "3c36-517af3137a800-gzip"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=85182
accept-ranges: bytes
expires: Wed, 26 Oct 2022 15:01:01 GMT

GET
H2 200 jquery.js Show response
travelagents.hilton.com/assets/js/ 94 KB
33 KB 157ms
154ms Script
application/javascript 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://travelagents.hilton.com/assets/js/jquery.js

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 15:21:19 GMT
x-rs-server: gla-us-3
content-length: 33282
x-xss-protection: 1; mode=block
last-modified: Mon, 20 Apr 2015 15:53:30 GMT
server: Apache
etag: "176bb-51429ee6eb280-gzip"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=72988
accept-ranges: bytes
expires: Wed, 26 Oct 2022 11:37:47 GMT

GET
H2 200 jquery.cycle2.min.js Show response
travelagents.hilton.com/assets/js/ 22 KB
7 KB 162ms
160ms Script
application/javascript 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://travelagents.hilton.com/assets/js/jquery.cycle2.min.js

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

0e6cb40ec8e9171897f19cf3d686fdec20282b5510f42f9b403870f8c09cb3cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 15:21:19 GMT
x-rs-server: gla-us-3
content-length: 7105
x-xss-protection: 1; mode=block
last-modified: Thu, 04 Jun 2015 15:59:04 GMT
server: Apache
etag: "59a0-517b341330200-gzip"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=72969
accept-ranges: bytes
expires: Wed, 26 Oct 2022 11:37:28 GMT

GET
H2 200 jquery.cycle2.carousel.min.js Show response
travelagents.hilton.com/assets/js/ 4 KB
2 KB 76ms
74ms Script
application/javascript 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://travelagents.hilton.com/assets/js/jquery.cycle2.carousel.min.js

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

9f14bd5a8d478749fec7908827e1543c62599f154a5dd875fab9e0fac61e9575

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 15:21:19 GMT
x-rs-server: gla-us-3
content-length: 1614
x-xss-protection: 1; mode=block
last-modified: Wed, 06 May 2015 09:11:37 GMT
server: Apache
etag: "109a-515662ea58440-gzip"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=85296
accept-ranges: bytes
expires: Wed, 26 Oct 2022 15:02:55 GMT

GET
H2 200 jquery.cycle2.swipe.js Show response
travelagents.hilton.com/assets/js/ 3 KB
1 KB 179ms
177ms Script
application/javascript 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://travelagents.hilton.com/assets/js/jquery.cycle2.swipe.js

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

e5707589f706a1488de683eb2a3d30b733fff4ea26e6fac5994e37c0c658ed03

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 15:21:19 GMT
x-rs-server: gla-us-3
content-length: 878
x-xss-protection: 1; mode=block
last-modified: Fri, 12 Jun 2015 08:21:15 GMT
server: Apache
etag: "b07-5184dcaa654c0-gzip"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=85264
accept-ranges: bytes
expires: Wed, 26 Oct 2022 15:02:23 GMT

GET
H2 200 moment.min.js Show response
cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.2/ 50 KB
15 KB 115ms
50ms Script
application/javascript 2606:4700::6811:190e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.22.2/moment.min.js

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6811:190e , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

0aeb4ecf1091b9c52c9fa0ba4dc118b1abafbd88a51278935e574f6baff0bb49

Security Headers

Name	Value
Strict-Transport-Security	max-age=15780000
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:21:19 GMT
content-encoding: br
x-content-type-options: nosniff
cf-cache-status: HIT
strict-transport-security: max-age=15780000
age: 4058003
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 15247
last-modified: Mon, 04 May 2020 16:13:26 GMT
server: cloudflare
cf-cdnjs-via: cfworker/kv
etag: "5eb03f26-c9df"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=30672000
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 75fbf0f7beb375a5-LHR
expires: Sun, 15 Oct 2023 15:21:19 GMT

GET
H2 200 flatpickr Show response
cdn.jsdelivr.net/npm/ 49 KB
15 KB 109ms
44ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/flatpickr

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

1eeab1cb779471a0b0aaa93dd91c2eb1aa537d696f01ab05ea9dabc55e8525a1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:21:19 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
content-encoding: br
age: 8011
x-jsd-version: 4.6.13
x-cache: MISS, MISS
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19155-FRA, cache-yyz4536-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"c5f7-fVv7+SYe2JucqEJIf3pkZJZHRLk"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=604800, s-maxage=43200
timing-allow-origin: *
cf-ray: 75fbf0f7bcf6dc67-LHR

GET
H2 200 globe-icon.png
travelagents.hilton.com/assets/images/ 329 B
618 B 63ms
63ms Image
image/png 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/globe-icon.png

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

8dae7901b50b7848ec5e9e7dffff1c2defee056f45271d0a65cd54c532ac94ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 15:21:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 22 Apr 2015 09:45:56 GMT
server: Apache
x-rs-server: gla-us-3
etag: "149-5144d07981d00"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=9683
accept-ranges: bytes
content-length: 329
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 18:02:42 GMT

GET
H2 200 trav-ags-video-poster-1920x1080.jpg
travelagents.hilton.com/assets/images/homepage/ 190 KB
190 KB 57ms
49ms Image
image/jpeg 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/homepage/trav-ags-video-poster-1920x1080.jpg

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

ce42082caa01202b97830bbe535f76be667347389f4f4af816ed9e4e4cd25519

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 15:21:19 GMT
x-content-type-options: nosniff
last-modified: Thu, 09 Jun 2022 08:58:25 GMT
server: Apache
x-rs-server: gla-us-3
etag: "2f6d8-5e1000653e5db"
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: max-age=44935
accept-ranges: bytes
content-length: 194264
x-xss-protection: 1; mode=block
expires: Wed, 26 Oct 2022 03:50:14 GMT

GET
H2 200 hilton-white.svg
travelagents.hilton.com/assets/images/ 2 KB
1 KB 103ms
102ms Image
image/svg+xml 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/hilton-white.svg

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

53df42c464be45f7dc8c5e0a5bd2e21b029410b0a78d0fa616b8e6c08e144959

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 15:21:19 GMT
x-rs-server: gla-us-3
content-length: 851
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Feb 2017 14:37:02 GMT
server: Apache
etag: "768-547f1ae637f80"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=73015
accept-ranges: bytes
expires: Wed, 26 Oct 2022 11:38:14 GMT

GET
H2 200 scroll-more-arrow.png
travelagents.hilton.com/assets/images/ 426 B
716 B 88ms
75ms Image
image/png 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/scroll-more-arrow.png

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

011b24c96a943f5b08458bd35d202df084234f1e4af21197113f4486e7f18f39

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 15:21:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 May 2015 12:54:47 GMT
server: Apache
x-rs-server: gla-us-3
etag: "1aa-5166ed0b093c0"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=14819
accept-ranges: bytes
content-length: 426
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 19:28:18 GMT

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 123 KB
47 KB 157ms
52ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5GDSFJP

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

58276ab79c7113702eed8d82759938361ac3107df2281900a083ed4030723458

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:21:19 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47458
x-xss-protection: 0
last-modified: Tue, 25 Oct 2022 15:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 25 Oct 2022 15:21:19 GMT

GET
H2 200 unlimited-rewards.png
travelagents.hilton.com/assets/images/homepage/ 5 KB
5 KB 89ms
77ms Image
image/png 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/homepage/unlimited-rewards.png

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

2752f406f0e8372e8889cfe92650bd07ee8dbe20294d1e6ba971b54e81a74e08

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 15:21:19 GMT
x-content-type-options: nosniff
last-modified: Thu, 07 May 2015 10:32:30 GMT
server: Apache
x-rs-server: gla-us-3
etag: "12c4-5157b6dbfcb80"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=14815
accept-ranges: bytes
content-length: 4804
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 19:28:14 GMT

GET
H2 200 hilton-honors-white.svg
travelagents.hilton.com/assets/images/homepage/ 3 KB
2 KB 89ms
78ms Image
image/svg+xml 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/homepage/hilton-honors-white.svg

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

4c30e91bd3df8c63672ea741264cbf327b46ab1ff6ae1133ccda6aff0d7b5800

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 15:21:19 GMT
x-rs-server: gla-us-3
content-length: 1307
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Feb 2017 13:57:23 GMT
server: Apache
etag: "d53-547f12096d6c0"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=44883
accept-ranges: bytes
expires: Wed, 26 Oct 2022 03:49:22 GMT

GET
H2 200 dollars.png
travelagents.hilton.com/assets/images/homepage/ 18 KB
18 KB 92ms
80ms Image
image/png 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/homepage/dollars.png

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

8e09e2d8b20a0ede319057aff0d4f6cf2772a49191555fea643c7c5f38a7127d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 15:21:19 GMT
x-content-type-options: nosniff
last-modified: Fri, 08 May 2015 15:50:42 GMT
server: Apache
x-rs-server: gla-us-3
etag: "46d7-51593fd8ff880"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=14897
accept-ranges: bytes
content-length: 18135
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 19:29:36 GMT

GET
H2 200 waldorf.png
travelagents.hilton.com/assets/images/brands/logos/ 7 KB
8 KB 94ms
82ms Image
image/png 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/brands/logos/waldorf.png

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

9448515fe8480ccdfbfbe97e27235d99c9f93809a32a81cc36d26293959141f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 15:21:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Jun 2015 09:01:33 GMT
server: Apache
x-rs-server: gla-us-3
etag: "1d57-517994e33b540"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=14834
accept-ranges: bytes
content-length: 7511
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 19:28:33 GMT

GET
H2 200 LXR_Logo.png
travelagents.hilton.com/assets/images/brands/logos/ 5 KB
5 KB 94ms
82ms Image
image/png 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/brands/logos/LXR_Logo.png

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

e41b9610a95ee93504ea5fc9bc315828d8c58f12a52976afc2ebb508d85921e5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 15:21:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 29 Sep 2021 08:25:22 GMT
server: Apache
x-rs-server: gla-us-3
etag: "149b-5cd1e123e95fe"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=58202
accept-ranges: bytes
content-length: 5275
x-xss-protection: 1; mode=block
expires: Wed, 26 Oct 2022 07:31:21 GMT

GET
H2 200 conrad.png
travelagents.hilton.com/assets/images/brands/logos/ 4 KB
5 KB 95ms
83ms Image
image/png 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/brands/logos/conrad.png

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

edb8ba69fe162a13a329b58f865eda5da6923d3e346742b4d690968e14c7beaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 15:21:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Jun 2015 09:03:25 GMT
server: Apache
x-rs-server: gla-us-3
etag: "112e-5179954e0b140"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=58280
accept-ranges: bytes
content-length: 4398
x-xss-protection: 1; mode=block
expires: Wed, 26 Oct 2022 07:32:39 GMT

GET
H2 200 canopy.png
travelagents.hilton.com/assets/images/brands/logos/ 7 KB
8 KB 97ms
86ms Image
image/png 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/brands/logos/canopy.png

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

dfb267397f133130bcfda36885fc493fee5c1802af8302ce575e5e8474959382

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 15:21:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Mar 2019 15:29:02 GMT
server: Apache
x-rs-server: gla-us-3
etag: "1ccf-584742a29ab80"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=14839
accept-ranges: bytes
content-length: 7375
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 19:28:38 GMT

GET
H2 200 Signia_Color_RGB.png
travelagents.hilton.com/assets/images/brands/logos/ 15 KB
15 KB 99ms
88ms Image
image/png 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/brands/logos/Signia_Color_RGB.png

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

d8423bf4b5de35b52811e6b7068a7d8d30623e888b77cb563d791674e52f229c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 15:21:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 29 Sep 2021 08:26:40 GMT
server: Apache
x-rs-server: gla-us-3
etag: "3af6-5cd1e16eadad3"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=58224
accept-ranges: bytes
content-length: 15094
x-xss-protection: 1; mode=block
expires: Wed, 26 Oct 2022 07:31:43 GMT

GET
H2 200 hilton.png
travelagents.hilton.com/assets/images/brands/logos/ 6 KB
6 KB 100ms
89ms Image
image/png 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/brands/logos/hilton.png

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

4df37ceba56df32026121502f875eccd7cf811d423a628c277ab2cf91b6b2e4a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 15:21:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Jun 2015 08:59:30 GMT
server: Apache
x-rs-server: gla-us-3
etag: "1828-5179946dee080"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=56839
accept-ranges: bytes
content-length: 6184
x-xss-protection: 1; mode=block
expires: Wed, 26 Oct 2022 07:08:38 GMT

GET
H2 200 CurioCollection_byHilton_RGB_W.svg
travelagents.hilton.com/assets/images/brands/curio/ 5 KB
2 KB 101ms
90ms Image
image/svg+xml 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/brands/curio/CurioCollection_byHilton_RGB_W.svg

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

9755d39452a623f4bae5a2dafd739f3a9de710f8906dc91c54b336aac8b8969d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 15:21:19 GMT
x-rs-server: gla-us-3
content-length: 2218
x-xss-protection: 1; mode=block
last-modified: Tue, 19 Mar 2019 14:47:29 GMT
server: Apache
etag: "14e4-5847395918240"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=66197
accept-ranges: bytes
expires: Wed, 26 Oct 2022 09:44:36 GMT

GET
H2 200 doubletree.png
travelagents.hilton.com/assets/images/brands/logos/ 8 KB
9 KB 101ms
91ms Image
image/png 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/brands/logos/doubletree.png

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

137d2a86a0742fc383c2d69e6dc0fc440907a6767f75eb1c7002aa7f68b37d0a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 15:21:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Mar 2019 14:54:25 GMT
server: Apache
x-rs-server: gla-us-3
etag: "20fd-58473ae5d2a40"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=78585
accept-ranges: bytes
content-length: 8445
x-xss-protection: 1; mode=block
expires: Wed, 26 Oct 2022 13:11:04 GMT

GET
H2 200 tapestry.png
travelagents.hilton.com/assets/images/brands/logos/ 7 KB
7 KB 102ms
92ms Image
image/png 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/brands/logos/tapestry.png

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

2d850c1d78b2b35152f5f7c6527c6e91f3f350b1a3afabacfb6a33c6932ad04c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 15:21:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Mar 2019 14:56:07 GMT
server: Apache
x-rs-server: gla-us-3
etag: "1bda-58473b4718fc0"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=68822
accept-ranges: bytes
content-length: 7130
x-xss-protection: 1; mode=block
expires: Wed, 26 Oct 2022 10:28:21 GMT

GET
H2 200 embassy.png
travelagents.hilton.com/assets/images/brands/logos/ 7 KB
8 KB 104ms
94ms Image
image/png 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/brands/logos/embassy.png

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

92c10bebe77ca5588a84ec105739eb706c6d0b24645aaad513e1334b660ac41d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 15:21:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Mar 2019 15:14:56 GMT
server: Apache
x-rs-server: gla-us-3
etag: "1cce-58473f7bcbc00"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=58267
accept-ranges: bytes
content-length: 7374
x-xss-protection: 1; mode=block
expires: Wed, 26 Oct 2022 07:32:26 GMT

GET
H2 200 Tempo-Logos-Final-RGB_Charred-Walnut.png
travelagents.hilton.com/assets/images/brands/logos/ 20 KB
20 KB 105ms
96ms Image
image/png 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/brands/logos/Tempo-Logos-Final-RGB_Charred-Walnut.png

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

59ffa435b6596e695af9b41ae8939ade6bf3e420bf5fb56dd908033d132b24e3

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 15:21:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 29 Sep 2021 08:28:18 GMT
server: Apache
x-rs-server: gla-us-3
etag: "4e1e-5cd1e1cc03120"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=14892
accept-ranges: bytes
content-length: 19998
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 19:29:31 GMT

GET
H2 200 Motto_Brand_Logo-Endorse_Green.png
travelagents.hilton.com/assets/images/brands/logos/ 5 KB
5 KB 106ms
97ms Image
image/png 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/brands/logos/Motto_Brand_Logo-Endorse_Green.png

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

adaca36fc58d8220e4a05b655b1542f7df1a96010f52331b0cf17df5f3405d1e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 15:21:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 29 Sep 2021 08:30:34 GMT
server: Apache
x-rs-server: gla-us-3
etag: "143d-5cd1e24d6d1b8"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=66189
accept-ranges: bytes
content-length: 5181
x-xss-protection: 1; mode=block
expires: Wed, 26 Oct 2022 09:44:28 GMT

GET
H2 200 gardeninn.png
travelagents.hilton.com/assets/images/brands/logos/ 6 KB
6 KB 107ms
97ms Image
image/png 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/brands/logos/gardeninn.png

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

e64df378da99bb35cf9f065d40443123d8641d16b67fe03f08a2cb38cdc60480

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 15:21:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Jun 2015 09:14:16 GMT
server: Apache
x-rs-server: gla-us-3
etag: "1831-517997bae2a00"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=14849
accept-ranges: bytes
content-length: 6193
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 19:28:48 GMT

GET
H2 200 hampton.png
travelagents.hilton.com/assets/images/brands/logos/ 7 KB
7 KB 112ms
103ms Image
image/png 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/brands/logos/hampton.png

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

ff68bed447431c5933863a16b0a469a955d1512f3d880d2d785d4ea3924d927e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 15:21:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 09 Jun 2015 08:29:31 GMT
server: Apache
x-rs-server: gla-us-3
etag: "1bb1-518118eb090c0"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=66140
accept-ranges: bytes
content-length: 7089
x-xss-protection: 1; mode=block
expires: Wed, 26 Oct 2022 09:43:39 GMT

GET
H2 200 tru-175x120.png
travelagents.hilton.com/assets/images/brands/logos/ 7 KB
7 KB 112ms
103ms Image
image/png 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/brands/logos/tru-175x120.png

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

38f3da99991a618e08e1baf6bde25fbeb97d705fcc82556ac5b74f2bed5568a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 15:21:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 19 Mar 2019 15:27:53 GMT
server: Apache
x-rs-server: gla-us-3
etag: "1a01-58474260cd040"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=14862
accept-ranges: bytes
content-length: 6657
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 19:29:01 GMT

GET
H2 200 Homewood%20Brand%20Logo_DeepNight.svg
travelagents.hilton.com/assets/images/brands/logos/ 10 KB
4 KB 123ms
114ms Image
image/svg+xml 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/brands/logos/Homewood%20Brand%20Logo_DeepNight.svg

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

5a99f046c6ad412a55ad0463cf833f481ddcb3c507ebb2293b6a302debb84f36

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 15:21:19 GMT
x-rs-server: gla-us-3
content-length: 4275
x-xss-protection: 1; mode=block
last-modified: Wed, 29 Sep 2021 08:32:47 GMT
server: Apache
etag: "28cb-5cd1e2cce708b"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14827
accept-ranges: bytes
expires: Tue, 25 Oct 2022 19:28:26 GMT

GET
H2 200 home2.png
travelagents.hilton.com/assets/images/brands/logos/ 4 KB
4 KB 123ms
115ms Image
image/png 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/brands/logos/home2.png

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

98d5c358f231c0c11e3639fb5367b581dcf0a41af2e877a7434fb45b65b2ea51

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 15:21:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Jun 2015 09:20:33 GMT
server: Apache
x-rs-server: gla-us-3
etag: "10c5-517999226ba40"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=14781
accept-ranges: bytes
content-length: 4293
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 19:27:40 GMT

GET
H2 200 hgv.png
travelagents.hilton.com/assets/images/brands/logos/ 10 KB
11 KB 124ms
115ms Image
image/png 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/brands/logos/hgv.png

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

2fff4211eff3af4d41e0321371f68d1725412f0db56bcc7e240ba3fba0b82980

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 15:21:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 22 Sep 2021 07:31:25 GMT
server: Apache
x-rs-server: gla-us-3
etag: "29c7-5cc9080668e3e"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=14826
accept-ranges: bytes
content-length: 10695
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 19:28:25 GMT

GET
H2 200 hilton-honors-color.svg
travelagents.hilton.com/assets/images/homepage/ 3 KB
2 KB 124ms
116ms Image
image/svg+xml 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/homepage/hilton-honors-color.svg

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

2ea4b17fbe1de942b1d8b0a9de4a49f0336815c5d20baf2adafe64d3d52ec02a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 15:21:19 GMT
x-rs-server: gla-us-3
content-length: 1290
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Feb 2017 13:47:56 GMT
server: Apache
etag: "d40-547f0fecb1b00"
x-frame-options: sameorigin
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=14862
accept-ranges: bytes
expires: Tue, 25 Oct 2022 19:29:01 GMT

GET
H2 200 expert-icon.png
travelagents.hilton.com/assets/images/homepage/ 2 KB
2 KB 135ms
127ms Image
image/png 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/homepage/expert-icon.png

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

135c4579ea5b9b7c6832c94e5c0a8d30e6410f9a771ed875deb88118fbb860ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 15:21:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 May 2015 15:35:51 GMT
server: Apache
x-rs-server: gla-us-3
etag: "835-5156b8cc5a3c0"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=14862
accept-ranges: bytes
content-length: 2101
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 19:29:01 GMT

GET
H2 200 HWW-meetings-icon.png
travelagents.hilton.com/assets/images/homepage/ 2 KB
3 KB 136ms
128ms Image
image/png 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/homepage/HWW-meetings-icon.png

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

4d4eb76feee639eacabc367ec763adf72bb2bb6ca4f3274548f586aaf51f5577

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 15:21:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 May 2015 15:35:51 GMT
server: Apache
x-rs-server: gla-us-3
etag: "9ed-5156b8cc5a3c0"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=14849
accept-ranges: bytes
content-length: 2541
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 19:28:48 GMT

GET
H2 200 asset_3ppp.png
travelagents.hilton.com/assets/images/ 19 KB
19 KB 141ms
133ms Image
image/png 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/asset_3ppp.png

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

1cc52f91b6f704e42fa38e0183f6a46f4c4dddffc173788a74871d70b1237178

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 15:21:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 30 Apr 2019 11:53:53 GMT
server: Apache
x-rs-server: gla-us-3
etag: "4b66-587be0e0fb640"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=72861
accept-ranges: bytes
content-length: 19302
x-xss-protection: 1; mode=block
expires: Wed, 26 Oct 2022 11:35:40 GMT

GET
H2 200 plugins.js Show response
travelagents.hilton.com/assets/js/ 95 KB
28 KB 47ms
47ms Script
application/javascript 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://travelagents.hilton.com/assets/js/plugins.js

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

9d599d83777032d817cd3022b0a9b6b7227f3f9e14a043d8929d43168be95e35

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 15:21:19 GMT
x-rs-server: gla-us-3
content-length: 28047
x-xss-protection: 1; mode=block
last-modified: Mon, 12 Apr 2021 15:17:21 GMT
server: Apache
etag: "17a01-5bfc8029363f7-gzip"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=73012
accept-ranges: bytes
expires: Wed, 26 Oct 2022 11:38:11 GMT

GET
H2 200 main.js Show response
travelagents.hilton.com/assets/js/ 33 KB
6 KB 67ms
67ms Script
application/javascript 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://travelagents.hilton.com/assets/js/main.js

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

43bd8abafbd24e39fd7d23369cfd4fec88f742dd617d7f87eee499d9df3ebba4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 15:21:19 GMT
x-rs-server: gla-us-3
content-length: 6130
x-xss-protection: 1; mode=block
last-modified: Tue, 07 Jun 2022 13:41:30 GMT
server: Apache
etag: "8461-5e0dbbf025cf5-gzip"
vary: Accept-Encoding
x-frame-options: sameorigin
content-type: application/javascript
cache-control: max-age=72937
accept-ranges: bytes
expires: Wed, 26 Oct 2022 11:36:56 GMT

GET
H/1.1

200
OK

rd Show response
dpm.demdex.net/id/
Redirect Chain

https://dpm.demdex.net/id?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1666711279610
https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1666711279610

5 KB
2 KB

59ms
50ms

XHR
application/json

34.249.106.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1666711279610

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

HTTP/1.1

Server

34.249.106.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-106-217.eu-west-1.compute.amazonaws.com

Software

Resource Hash

4fc2a734c1185baad67510171d696c3e97714fae2c97095751cc9e067bc435fd

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v044-00915bc04.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-TID: Qn6tJCEJSvM=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://travelagents.hilton.com
Content-Type: application/json;charset=utf-8
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 1717
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

DCS: dcs-prod-irl1-1-v044-08f1122b4.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: 9QJtVUO/Txw=
Vary: Origin
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Access-Control-Allow-Origin: https://travelagents.hilton.com
Location: https://dpm.demdex.net/id/rd?d_visid_ver=5.4.0&d_fieldgroup=MC&d_rtbd=json&d_ver=2&d_verify=1&d_orgid=F0C120B3534685700A490D45%40AdobeOrg&d_nsid=0&ts=1666711279610
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Length: 0
Expires: Thu, 01 Jan 1970 00:00:00 UTC

GET
H2 200 EX37c772f5f3ff408f881a2e3f2af0cd83-libraryCode_source.min.js Show response
assets.adobedtm.com/5e68f1ab8856/6f5249f15557/59f8be312782/ 38 KB
14 KB 56ms
49ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/5e68f1ab8856/6f5249f15557/59f8be312782/EX37c772f5f3ff408f881a2e3f2af0cd83-libraryCode_source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/1a8b82639e97b4c8938c46c6ad045392048d00e5/satelliteLib-5f15f2949f2a761b35db03f2b389a11d61654c4e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: bd59a3806799aa7610972a2bb1f209c46a0c565c4923ea11805d4784f44ab319

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:21:19 GMT
content-encoding: gzip
last-modified: Mon, 24 Oct 2022 17:03:50 GMT
server: AkamaiNetStorage
etag: "0804c118a91c4e20438058fb7e96743b:1666631030.802123"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://travelagents.hilton.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 14051
expires: Tue, 25 Oct 2022 16:21:19 GMT

GET
H2 200 AppMeasurement_Module_AudienceManagement.min.js Show response
assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/ 25 KB
9 KB 57ms
50ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/extensions/EP171e731c9ba34f1c950c36d26e3efd61/AppMeasurement_Module_AudienceManagement.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/1a8b82639e97b4c8938c46c6ad045392048d00e5/satelliteLib-5f15f2949f2a761b35db03f2b389a11d61654c4e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 4858af0bdd1175d3f6c795eb053e7cae348ecb67f0633020d7d925c7672de871

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

unused62: 8096267
date: Tue, 25 Oct 2022 15:21:19 GMT
content-encoding: gzip
last-modified: Mon, 14 Feb 2022 16:35:31 GMT
server: AkamaiNetStorage
etag: "26a8cd142b539700557eb4710c3d56bd:1644856531.982003"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://travelagents.hilton.com
cache-control: no-cache
accept-ranges: bytes
timing-allow-origin: *
content-length: 8753
expires: Tue, 25 Oct 2022 16:21:19 GMT

GET
H2 200 1.css
fast.fonts.net/t/ 0
220 B 63ms
63ms Stylesheet
text/css 2606:4700::6811:e14e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/t/1.css?apiType=css&projectid=fd3e15ad-851f-4bc1-8bcb-ff6f6cfac280
Requested by: Host: fast.fonts.net
URL: https://fast.fonts.net/cssapi/fd3e15ad-851f-4bc1-8bcb-ff6f6cfac280.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e14e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://fast.fonts.net/cssapi/fd3e15ad-851f-4bc1-8bcb-ff6f6cfac280.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:21:19 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: 6KWGZDJ7V3RN5R35
age: 545779
content-length: 0
x-amz-id-2: QoRB38/KJjmAD8C+08WaUp2DQlKTsS5PssHIq9MUm1MkfEyY1M9mfHBvMDzmUKIkbaLeaNBvHew=
last-modified: Tue, 23 Mar 2021 12:59:23 GMT
server: cloudflare
etag: "d41d8cd98f00b204e9800998ecf8427e"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
cache-control: public, max-age=0, s-maxage=604800
accept-ranges: bytes
cf-ray: 75fbf0f9ec7006bd-LHR
x-amz-meta-mtime: 1519217722

GET
H2 200 notice Show response
consent.trustarc.com/ 11 KB
5 KB 142ms
43ms Script
text/javascript 13.225.78.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/notice?domain=hiltongdpr.com&c=teconsent&gtm=1&text=true&pcookie&js=nj&noticeType=bb&oc=1

Requested by

Host: travelagents.hilton.com.admin-eu.cas.ms
URL: http://travelagents.hilton.com.admin-eu.cas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-53.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

861d5aec75aa7053fcb885fd8bc97167229bfc7eb072258571a6a32475eae799

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:21:19 GMT
content-encoding: gzip
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
cloudfront-viewer-country: GB
content-length: 4199
x-xss-protection: 1; mode=block
server: nginx
x-frame-options: SAMEORIGIN
vary: Accept-Encoding, Origin
content-type: text/javascript;charset=UTF-8
cache-control: max-age=3600
cloudfront-viewer-country-region: ENG
timing-allow-origin: *
x-amz-cf-id: LfV5eHmR50wIQcd3E2gSHPFZzRteV-PjslF7hPlDrEhwIEHeBnJNqg==
expires: Tue, 25 Oct 2022 16:21:19 GMT

GET
H2 200 9b1fae67-8764-448a-a926-54b09bd0b06b.woff2
fast.fonts.net/dv2/14/ 37 KB
38 KB 207ms
131ms Font
application/octet-stream 2606:4700::6811:e14e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/dv2/14/9b1fae67-8764-448a-a926-54b09bd0b06b.woff2?d44f19a684109620e484157da090e8189644f32f9ba253814eee1842202638558c421b8c116d78837684765c2f8014bd7a1539688bf7fca467f3cdbcda0c7c23a8f72698a9469dad20aafc97fe7caa75b9ccbac78ccd969f9476fda3b5178bd9926fa1f4826f31234fd2c0741d74322a3185692e60f4ee7ad7f7da0c6a315883fa513a89feed738298ec04241fed7d866c27f1&projectId=fd3e15ad-851f-4bc1-8bcb-ff6f6cfac280
Requested by: Host: fast.fonts.net
URL: https://fast.fonts.net/cssapi/fd3e15ad-851f-4bc1-8bcb-ff6f6cfac280.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e14e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 166fbba110da9e6d0ff901beff2953d0d45631975909a2c84653538f6d326f0c

Request headers

Referer: https://fast.fonts.net/cssapi/fd3e15ad-851f-4bc1-8bcb-ff6f6cfac280.css
Origin: https://travelagents.hilton.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Tue, 25 Oct 2022 15:26:19 GMT
date: Tue, 25 Oct 2022 15:21:19 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: NW5DTBGS4CTWP2VP
age: 5309
content-length: 38368
x-amz-id-2: lc54FFvLKOGPbxC6VMIbYxZU07B49R9NwUqgDuDkBWO6gM+x44UMRfhApYkrfl0BMfk5VSpIMXU=
last-modified: Sat, 14 Nov 2020 08:10:05 GMT
server: cloudflare
etag: "f9b691cb5b8088478e91f11b9fe19997"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 75fbf0fb2abee624-LHR
x-amz-meta-mtime: 1418797570

GET
H2 200 4fb89ed5-baf5-425f-aba4-46e8c2c3aabe.woff2
fast.fonts.net/dv2/14/ 43 KB
43 KB 177ms
101ms Font
application/octet-stream 2606:4700::6811:e14e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/dv2/14/4fb89ed5-baf5-425f-aba4-46e8c2c3aabe.woff2?d44f19a684109620e484157da090e8189644f32f9ba253814eee1842202638558c421b8c116d78837684765c2f8014bd7a1539688bf7fca467f3cdbcda0c7c23a8f72698a9469dad20aafc97fe7caa75b9ccbac78ccd969f9476fda3b5178bd9926fa1f4826f31234fd2c0741d74322a3185692e60f4ee7ad7f7da0c6a315883fa513a89feed738298ec04241fed7d866c27f1&projectId=fd3e15ad-851f-4bc1-8bcb-ff6f6cfac280
Requested by: Host: fast.fonts.net
URL: https://fast.fonts.net/cssapi/fd3e15ad-851f-4bc1-8bcb-ff6f6cfac280.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e14e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 77a070e285e6872f82514f6ce29f46d543c017249230f6e599b400d3e8e60ee4

Request headers

Referer: https://fast.fonts.net/cssapi/fd3e15ad-851f-4bc1-8bcb-ff6f6cfac280.css
Origin: https://travelagents.hilton.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Tue, 25 Oct 2022 15:26:19 GMT
date: Tue, 25 Oct 2022 15:21:19 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: NW57NS3VA3AZB3C1
age: 5309
content-length: 43604
x-amz-id-2: uGRVk6e6SfpHP5RV7g5TKJA5+gE0UXgT66XAzjxTV5e4i9L86WIJn2/o7HdA5eWj4QooXD8taVM=
last-modified: Fri, 13 Nov 2020 14:33:36 GMT
server: cloudflare
etag: "7749ba67dff955f1efbcf13af711ebd0"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 75fbf0fb2ac3e624-LHR
x-amz-meta-mtime: 1418803358

GET
H2 200 65cde95a-ac33-4c65-8198-e37857968d1a.woff2
fast.fonts.net/dv2/14/ 16 KB
17 KB 202ms
127ms Font
application/octet-stream 2606:4700::6811:e14e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/dv2/14/65cde95a-ac33-4c65-8198-e37857968d1a.woff2?d44f19a684109620e484157da090e8189644f32f9ba253814eee1842202638558c421b8c116d78837684765c2f8014bd7a1539688bf7fca467f3cdbcda0c7c23a8f72698a9469dad20aafc97fe7caa75b9ccbac78ccd969f9476fda3b5178bd9926fa1f4826f31234fd2c0741d74322a3185692e60f4ee7ad7f7da0c6a315883fa513a89feed738298ec04241fed7d866c27f1&projectId=fd3e15ad-851f-4bc1-8bcb-ff6f6cfac280
Requested by: Host: fast.fonts.net
URL: https://fast.fonts.net/cssapi/fd3e15ad-851f-4bc1-8bcb-ff6f6cfac280.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e14e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: ff734158c5af55b218a31f69e4b0c7861e99a13d1311e1ebf337ca40a7183531

Request headers

Referer: https://fast.fonts.net/cssapi/fd3e15ad-851f-4bc1-8bcb-ff6f6cfac280.css
Origin: https://travelagents.hilton.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Tue, 25 Oct 2022 15:26:19 GMT
date: Tue, 25 Oct 2022 15:21:19 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: 81WNPYBHZ568J9EC
age: 5309
content-length: 16836
x-amz-id-2: AYleBO/dfqoPoypI9hGUgnbBPPGvkpEbKF8FhYTDeTnty2RXhdZTBjIB2M9MXmRS9O3ZyBE7e9U=
last-modified: Fri, 13 Nov 2020 20:49:17 GMT
server: cloudflare
etag: "88261f2e8f9441f81ce8f99c314dcb59"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 75fbf0fb2ac2e624-LHR
x-amz-meta-mtime: 1418524434

GET
H2 200 script.js Show response
4dc2aa82bc5e.cdn4.forter.com/sn/4dc2aa82bc5e/ 117 KB
43 KB 155ms
54ms Script
application/javascript 13.226.153.11
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://4dc2aa82bc5e.cdn4.forter.com/sn/4dc2aa82bc5e/script.js

Requested by

Host: travelagents.hilton.com.admin-eu.cas.ms
URL: http://travelagents.hilton.com.admin-eu.cas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.226.153.11 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-226-153-11.dus51.r.cloudfront.net

Software

Resource Hash

bbdd2d949277274cd5c44236484aab5740dfec2c1be5e0f752756e62da040a44

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Sun, 11 Sep 2022 23:36:19 GMT
strict-transport-security: max-age=86400; includeSubDomains
content-encoding: br
via: 1.1 9ed795ea7207c9add01c8c2ab17d8298.cloudfront.net (CloudFront)
x-amz-cf-pop: DUS51-C1
age: 3771900
x-cache: Hit from cloudfront
last-modified: Sun, 11 Sep 2022 23:36:19 GMT
x-sourcemap: https://cdn4.forter.com/map/suid/4dc2aa82bc5e/34023866104
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=300
timing-allow-origin: *
x-amz-cf-id: HteVakCdozTVOPAbUgWlbdkMCtyvMPPAka_91kG9cwgkkIBYQyasgQ==
expires: Sun, 11 Sep 2022 23:41:19 GMT

GET
H2 200 16695c2d-c755-45a2-bdcf-c54843f39afd.woff2
fast.fonts.net/dv2/14/ 16 KB
17 KB 159ms
96ms Font
application/octet-stream 2606:4700::6811:e14e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/dv2/14/16695c2d-c755-45a2-bdcf-c54843f39afd.woff2?d44f19a684109620e484157da090e8189644f32f9ba253814eee1842202638558c421b8c116d78837684765c2f8014bd7a1539688bf7fca467f3cdbcda0c7c23a8f72698a9469dad20aafc97fe7caa75b9ccbac78ccd969f9476fda3b5178bd9926fa1f4826f31234fd2c0741d74322a3185692e60f4ee7ad7f7da0c6a315883fa513a89feed738298ec04241fed7d866c27f1&projectId=fd3e15ad-851f-4bc1-8bcb-ff6f6cfac280
Requested by: Host: fast.fonts.net
URL: https://fast.fonts.net/cssapi/fd3e15ad-851f-4bc1-8bcb-ff6f6cfac280.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e14e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 3e41b62116935141d5db7d56979cf58d387bc277ec27ebdbcdc224ebcf71ccb0

Request headers

Referer: https://fast.fonts.net/cssapi/fd3e15ad-851f-4bc1-8bcb-ff6f6cfac280.css
Origin: https://travelagents.hilton.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Tue, 25 Oct 2022 15:26:19 GMT
date: Tue, 25 Oct 2022 15:21:19 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: YZDZW7PYYG5GGH73
age: 5309
content-length: 16532
x-amz-id-2: JKEeFsFaakp13Kl3gFHH/OyDv9An67MRPxifYPW/E9cbytyQYX0EzjyfdQMDSyUBjFX8DNpkrJg=
last-modified: Fri, 30 Oct 2020 02:12:28 GMT
server: cloudflare
etag: "7ea46641f8d302ea057e99c9ccb1fe24"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 75fbf0fb2ac4e624-LHR
x-amz-meta-mtime: 1418504601

OPTIONS
H2 403 token
www.hilton.com/dx-customer/auth/applications/ Frame 0
0 555ms
431ms Preflight 2a02:26f0:480:280::b58
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://www.hilton.com/dx-customer/auth/applications/token
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:480:280::b58 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: /
Resource Hash

Request headers

Accept: */*
Access-Control-Request-Headers: authorization,cache-control,content-type
Access-Control-Request-Method: POST
Origin: https://travelagents.hilton.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-length: 19
date: Tue, 25 Oct 2022 15:21:20 GMT

POST token
www.hilton.com/dx-customer/auth/applications/ 0
0

GET
DATA 200
OK truncated
/ 715 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 380 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 fall_hotsheet.jpg
travelagents.hilton.com/assets/images/homepage/ 302 KB
303 KB 109ms
106ms Image
image/jpeg 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/homepage/fall_hotsheet.jpg

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

6c13f0b0b794640aea51193982e26abc76993198aeb6e239450e493b36805aee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 15:21:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 12 Sep 2022 14:44:01 GMT
server: Apache
x-rs-server: gla-us-3
etag: "4b85f-5e87bed30e303"
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: max-age=66178
accept-ranges: bytes
content-length: 309343
x-xss-protection: 1; mode=block
expires: Wed, 26 Oct 2022 09:44:17 GMT

GET
H2 200 untitled_1680__720px.png
travelagents.hilton.com/assets/images/homepage/ 2 MB
2 MB 120ms
118ms Image
image/png 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/homepage/untitled_1680__720px.png

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

b42e7735dd913acebf161bd1ac04dd72ff228a0740513f936e52d2f6019c7deb

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 15:21:19 GMT
x-content-type-options: nosniff
last-modified: Fri, 04 Mar 2022 09:33:03 GMT
server: Apache
x-rs-server: gla-us-3
etag: "25fb3c-5d961338ffb7e"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=78657
accept-ranges: bytes
content-length: 2489148
x-xss-protection: 1; mode=block
expires: Wed, 26 Oct 2022 13:12:16 GMT

GET
H2 200 carousel-arrows.png
travelagents.hilton.com/assets/images/ 340 B
630 B 118ms
110ms Image
image/png 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/carousel-arrows.png

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/assets/css/site.css?asd=asd

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

94de9ee3da796e4cdc8287752e127bd68a3fe6fb40f662502f1d57031f03f9c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/assets/css/site.css?asd=asd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 15:21:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 May 2015 13:11:18 GMT
server: Apache
x-rs-server: gla-us-3
etag: "154-5156987d22980"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=58276
accept-ranges: bytes
content-length: 340
x-xss-protection: 1; mode=block
expires: Wed, 26 Oct 2022 07:32:35 GMT

GET
H2 200 reap-benefits-banner.jpg
travelagents.hilton.com/assets/images/homepage/ 37 KB
37 KB 118ms
111ms Image
image/jpeg 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/homepage/reap-benefits-banner.jpg

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

884a047805f359f91f460d7f4fb27f63c6c220e90d4b7aebc1a181cda64f24a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 15:21:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 06 May 2015 13:59:15 GMT
server: Apache
x-rs-server: gla-us-3
etag: "9471-5156a334db2c0"
x-frame-options: sameorigin
content-type: image/jpeg
cache-control: max-age=69522
accept-ranges: bytes
content-length: 38001
x-xss-protection: 1; mode=block
expires: Wed, 26 Oct 2022 10:40:01 GMT

GET
H2 200 commissions-banner.png
travelagents.hilton.com/assets/images/homepage/ 206 KB
207 KB 118ms
111ms Image
image/png 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/homepage/commissions-banner.png

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

66bc95f7f799802ad82d77734d98ae3e75aa8fb81d41835936317e754920157f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 15:21:19 GMT
x-content-type-options: nosniff
last-modified: Thu, 07 May 2015 12:57:07 GMT
server: Apache
x-rs-server: gla-us-3
etag: "337de-5157d72f04ec0"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=66171
accept-ranges: bytes
content-length: 210910
x-xss-protection: 1; mode=block
expires: Wed, 26 Oct 2022 09:44:10 GMT

GET
H2 200 home-explore-bg.gif
travelagents.hilton.com/assets/images/homepage/ 1 KB
1 KB 129ms
122ms Image
image/gif 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/homepage/home-explore-bg.gif

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

d35e81f16472f5165ee4f58d32d74a59a884c6c63f1bda9d926bfecd185dc093

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 15:21:19 GMT
x-content-type-options: nosniff
last-modified: Mon, 01 Jun 2015 15:26:02 GMT
server: Apache
x-rs-server: gla-us-3
etag: "4ae-517767189f680"
x-frame-options: sameorigin
content-type: image/gif
cache-control: max-age=58379
accept-ranges: bytes
content-length: 1198
x-xss-protection: 1; mode=block
expires: Wed, 26 Oct 2022 07:34:18 GMT

GET
H2 200 explore-bg-arrow.png
travelagents.hilton.com/assets/images/homepage/ 1 KB
2 KB 129ms
123ms Image
image/png 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/images/homepage/explore-bg-arrow.png

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

000ba6bbf2ea6bab352ea1306461ba1771098a0e52ed83aa0f2aaad29771fc67

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/?
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 15:21:19 GMT
x-content-type-options: nosniff
last-modified: Wed, 03 Jun 2015 09:40:08 GMT
server: Apache
x-rs-server: gla-us-3
etag: "5d2-51799d82fce00"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=66155
accept-ranges: bytes
content-length: 1490
x-xss-protection: 1; mode=block
expires: Wed, 26 Oct 2022 09:43:54 GMT

GET
H2 200 adchoiceslogo.png
travelagents.hilton.com/assets/css/img/ 350 B
639 B 129ms
123ms Image
image/png 2a02:26f0:3500:1b::1724:a391
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://travelagents.hilton.com/assets/css/img/adchoiceslogo.png

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/assets/css/site.css?asd=asd

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:26f0:3500:1b::1724:a391 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

Software

Apache /

Resource Hash

0bf42a9908eeeaf64b7a9599f64723d263e4e86f61ed17c7592512c311d6e5aa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/assets/css/site.css?asd=asd
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains; preload
date: Tue, 25 Oct 2022 15:21:19 GMT
x-content-type-options: nosniff
last-modified: Tue, 18 Aug 2015 08:56:40 GMT
server: Apache
x-rs-server: gla-us-3
etag: "15e-51d9218ad6200"
x-frame-options: sameorigin
content-type: image/png
cache-control: max-age=8789
accept-ranges: bytes
content-length: 350
x-xss-protection: 1; mode=block
expires: Tue, 25 Oct 2022 17:47:48 GMT

GET
H2 200 75c84254-5125-412c-bc24-56769ae3b627.woff2
fast.fonts.net/dv2/14/ 16 KB
17 KB 138ms
97ms Font
application/octet-stream 2606:4700::6811:e14e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/dv2/14/75c84254-5125-412c-bc24-56769ae3b627.woff2?d44f19a684109620e484157da090e8189644f32f9ba253814eee1842202638558c421b8c116d78837684765c2f8014bd7a1539688bf7fca467f3cdbcda0c7c23a8f72698a9469dad20aafc97fe7caa75b9ccbac78ccd969f9476fda3b5178bd9926fa1f4826f31234fd2c0741d74322a3185692e60f4ee7ad7f7da0c6a315883fa513a89feed738298ec04241fed7d866c27f1&projectId=fd3e15ad-851f-4bc1-8bcb-ff6f6cfac280
Requested by: Host: fast.fonts.net
URL: https://fast.fonts.net/cssapi/fd3e15ad-851f-4bc1-8bcb-ff6f6cfac280.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e14e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: c745b43f7ad54bdfa3b2e6ce8c9161e7fd807bdbbf12b8350bdcdc5e822a1a47

Request headers

Referer: https://fast.fonts.net/cssapi/fd3e15ad-851f-4bc1-8bcb-ff6f6cfac280.css
Origin: https://travelagents.hilton.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Tue, 25 Oct 2022 15:26:19 GMT
date: Tue, 25 Oct 2022 15:21:19 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: MPYAK3G4CFXNB7H6
age: 5309
content-length: 16764
x-amz-id-2: XZeqovO9WG5c/Xpquf7OUPxM8czpRDyd7uc0OZuFpmjh8qbnj0yIl5F9HmxyUsn7jUUGD5ylbJ4=
last-modified: Sat, 14 Nov 2020 00:21:06 GMT
server: cloudflare
etag: "136f310a33697acfbebcfe87c7888142"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 75fbf0fb2ac0e624-LHR
x-amz-meta-mtime: 1418525546

GET
H2 200 0ba225b7-666d-47f6-a047-725ba6a536e4.woff2
fast.fonts.net/dv2/14/ 24 KB
24 KB 674ms
632ms Font
application/octet-stream 2606:4700::6811:e14e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/dv2/14/0ba225b7-666d-47f6-a047-725ba6a536e4.woff2?d44f19a684109620e484157da090e8189644f32f9ba253814eee1842202638558c421b8c116d78837684765c2f8014bd7a1539688bf7fca467f3cdbcda0c7c23a8f72698a9469dad20aafc97fe7caa75b9ccbac78ccd969f9476fda3b5178bd9926fa1f4826f31234fd2c0741d74322a3185692e60f4ee7ad7f7da0c6a315883fa513a89feed738298ec04241fed7d866c27f1&projectId=fd3e15ad-851f-4bc1-8bcb-ff6f6cfac280
Requested by: Host: fast.fonts.net
URL: https://fast.fonts.net/cssapi/fd3e15ad-851f-4bc1-8bcb-ff6f6cfac280.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e14e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: eb9508f2d483676c9bee2b0993657ae32501de42a7853470eda5289b820b2434

Request headers

Referer: https://fast.fonts.net/cssapi/fd3e15ad-851f-4bc1-8bcb-ff6f6cfac280.css
Origin: https://travelagents.hilton.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Tue, 25 Oct 2022 15:26:20 GMT
date: Tue, 25 Oct 2022 15:21:20 GMT
x-amz-version-id: null
cf-cache-status: REVALIDATED
x-amz-request-id: 7GQ1RTSWBH4FDYCD
content-length: 24508
x-amz-id-2: xL6HmrciY0GOW7fh9BQhDtgoEayQe02K9ZHZoXjJVfmKX+L1f/csWWP6vV4KkrZFjhRYkFceUbI=
last-modified: Fri, 30 Oct 2020 02:07:17 GMT
server: cloudflare
etag: "8fb46465ce0a65f8162b9bbdc29336c5"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 75fbf0fb2ac7e624-LHR
x-amz-meta-mtime: 1431886192

GET
H2 200 5c3b481d-f872-4220-bdaf-5a120e5f16cd.woff2
fast.fonts.net/dv2/14/ 24 KB
25 KB 174ms
133ms Font
application/octet-stream 2606:4700::6811:e14e
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL: https://fast.fonts.net/dv2/14/5c3b481d-f872-4220-bdaf-5a120e5f16cd.woff2?d44f19a684109620e484157da090e8189644f32f9ba253814eee1842202638558c421b8c116d78837684765c2f8014bd7a1539688bf7fca467f3cdbcda0c7c23a8f72698a9469dad20aafc97fe7caa75b9ccbac78ccd969f9476fda3b5178bd9926fa1f4826f31234fd2c0741d74322a3185692e60f4ee7ad7f7da0c6a315883fa513a89feed738298ec04241fed7d866c27f1&projectId=fd3e15ad-851f-4bc1-8bcb-ff6f6cfac280
Requested by: Host: fast.fonts.net
URL: https://fast.fonts.net/cssapi/fd3e15ad-851f-4bc1-8bcb-ff6f6cfac280.css
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700::6811:e14e , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: cloudflare /
Resource Hash: 7e6156170771b7ed1e7ec8f410794f2c1f8f21f3970f18f557d36421b477c6ac

Request headers

Referer: https://fast.fonts.net/cssapi/fd3e15ad-851f-4bc1-8bcb-ff6f6cfac280.css
Origin: https://travelagents.hilton.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

expires: Tue, 25 Oct 2022 15:26:19 GMT
date: Tue, 25 Oct 2022 15:21:19 GMT
x-amz-version-id: null
cf-cache-status: HIT
x-amz-request-id: NW57WQ30BPTPMP79
age: 5309
content-length: 24460
x-amz-id-2: 7QQX8LWFJAsP7iyJEKd/HIQwMgL3JsEXgGvQy2GVBWfSZoZFv91MzoKnvc3EXPvVMdRYFKKkDVA=
last-modified: Fri, 13 Nov 2020 18:30:58 GMT
server: cloudflare
etag: "0b194cac48c2bd3927718d4908ce8c7e"
vary: Origin, Access-Control-Request-Headers, Access-Control-Request-Method, Accept-Encoding
access-control-allow-methods: GET, HEAD
content-type: application/octet-stream
access-control-allow-origin: *
access-control-expose-headers: Access-Control-Allow-Origin
cache-control: public, max-age=300
accept-ranges: bytes
cf-ray: 75fbf0fb2ac8e624-LHR
x-amz-meta-mtime: 1431888626

GET
H/1.1 200
OK loew-heavy-webfont.woff2
fonts.hilton.com/loew/loew-heavy/ 39 KB
40 KB 270ms
125ms Font
font/woff2 23.36.162.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.hilton.com/loew/loew-heavy/loew-heavy-webfont.woff2

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/assets/css/site.css?asd=asd

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.87 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-87.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

b444739d51f5f630511e5df4b3dfca22e20348a59b8be2ae75dd71a6f4042ac2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://travelagents.hilton.com/
Origin: https://travelagents.hilton.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Tue, 25 Oct 2022 15:21:19 GMT
X-Content-Type-Options: nosniff
X-RS-Server: gla-web-12
Connection: keep-alive
Content-Length: 39844
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 28 Mar 2022 14:34:53 GMT
Server: Apache
ETag: "9ba4-5db4837273d40"
X-Frame-Options: sameorigin
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: font/woff2
Access-Control-Allow-Origin: https://travelagents.hilton.com
Cache-Control: max-age=852464
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Expires: Fri, 04 Nov 2022 12:09:03 GMT

GET
H/1.1 200
OK loew-bold-webfont.woff2
fonts.hilton.com/loew/loew-bold/ 39 KB
40 KB 270ms
126ms Font
font/woff2 23.36.162.87
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.hilton.com/loew/loew-bold/loew-bold-webfont.woff2

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

HTTP/1.1

Security

TLS 1.3, , AES_256_GCM

Server

23.36.162.87 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),

Reverse DNS

a23-36-162-87.deploy.static.akamaitechnologies.com

Software

Apache /

Resource Hash

7da42a7d4e4a73a69bbb2420186f83ef0b718461fa8c98b749e1445aa8486cef

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	sameorigin
X-Xss-Protection	1; mode=block

Request headers

Referer: https://travelagents.hilton.com/
Origin: https://travelagents.hilton.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000; includeSubDomains; preload
Date: Tue, 25 Oct 2022 15:21:19 GMT
X-Content-Type-Options: nosniff
X-RS-Server: gla-web-12
Connection: keep-alive
Content-Length: 39864
X-XSS-Protection: 1; mode=block
Last-Modified: Mon, 28 Mar 2022 14:34:53 GMT
Server: Apache
ETag: "9bb8-5db4837273d40"
X-Frame-Options: sameorigin
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: font/woff2
Access-Control-Allow-Origin: https://travelagents.hilton.com
Cache-Control: max-age=715608
Accept-Ranges: bytes
Access-Control-Allow-Headers: origin, x-requested-with, content-type
Expires: Wed, 02 Nov 2022 22:08:07 GMT

GET
H/1.1 206
Partial Content Hilton_All%20Inclusive_Sizzle%20Video%200522%20(1)_Trim.mp4
c48c230edebef37baa0b-7924816fb41fd531ce97ed2a0e88770c.ssl.cf2.rackcdn.com/travelagents.hilton.com/ 357 KB
0 176ms
78ms Media
video/mp4 23.35.236.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c48c230edebef37baa0b-7924816fb41fd531ce97ed2a0e88770c.ssl.cf2.rackcdn.com/travelagents.hilton.com/Hilton_All%20Inclusive_Sizzle%20Video%200522%20(1)_Trim.mp4
Requested by: Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-144.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://travelagents.hilton.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 25 Oct 2022 15:21:19 GMT
Origin: https://mycloud.rackspace.com
Last-Modified: Wed, 08 Jun 2022 16:41:19 GMT
ETag: 04347a4124b5e0ebbbb66f1bb8970566
Content-Type: video/mp4
Content-Range: bytes 0-13208518/13208519
X-Timestamp: 1654706478.04486
Cache-Control: public, max-age=62321
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txa7a48176bf994d7ea9eb9-00633979dcord1
Content-Length: 13208519
Expires: Wed, 26 Oct 2022 08:40:00 GMT

GET
DATA 200
OK truncated
/ 547 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 552 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 177 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 351 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 242 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75

Request headers

accept-language: en-GB,en;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H/1.1 200
OK dest5.html Show response
hilton.demdex.net/ Frame F184 7 KB
3 KB 203ms
42ms Document
text/html 34.249.106.217
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://hilton.demdex.net/dest5.html?d_nsid=0

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/1a8b82639e97b4c8938c46c6ad045392048d00e5/satelliteLib-5f15f2949f2a761b35db03f2b389a11d61654c4e.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

34.249.106.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-106-217.eu-west-1.compute.amazonaws.com

Software

Resource Hash

7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://travelagents.hilton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

Accept-Ranges: bytes
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 2791
Content-Type: text/html;charset=UTF-8
DCS: dcs-prod-irl1-2-v044-0b97c4d8c.edge-irl1.demdex.com 0 ms
Expires: Thu, 01 Jan 1970 00:00:00 UTC
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
X-TID: z8NLj3TGTSw=
content-encoding: gzip
date: Tue, 25 Oct 2022 15:21:20 GMT
last-modified: Thu, 29 Sep 2022 16:47:44 GMT
vary: accept-encoding

GET
H2 200 id Show response
smetric.hilton.com/ 48 B
468 B 155ms
49ms XHR
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetric.hilton.com/id?d_visid_ver=5.4.0&d_fieldgroup=A&mcorgid=F0C120B3534685700A490D45%40AdobeOrg&mid=19194874480057866443120068392229930604&ts=1666711279955

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/1a8b82639e97b4c8938c46c6ad045392048d00e5/satelliteLib-5f15f2949f2a761b35db03f2b389a11d61654c4e.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

4f62d97920de18c31be9e5baf06f5726d6496747f040f876216d168702a23855

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://travelagents.hilton.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: application/x-www-form-urlencoded

Response headers

date: Tue, 25 Oct 2022 15:21:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
server: jag
vary: Origin
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: https://travelagents.hilton.com
p3p: CP="This is not a P3P policy"
cache-control: no-cache, no-store, max-age=0, no-transform, private
access-control-allow-credentials: true
content-length: 48
x-xss-protection: 1; mode=block

GET
H/1.1

200
OK

ibs:dpid=411&dpuuid=Y1f_8AAAAH9uDQN6
dpm.demdex.net/
Redirect Chain

https://cm.everesttech.net/cm/dd?d_uuid=19218456480829474193117637085299996451
https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1f_8AAAAH9uDQN6

42 B
942 B

73ms
42ms

Image
image/gif

34.249.106.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1f_8AAAAH9uDQN6

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

HTTP/1.1

Server

34.249.106.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-106-217.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v044-00b38d446.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: C4DVBXh9Q8o=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=411&dpuuid=Y1f_8AAAAH9uDQN6
Date: Tue, 25 Oct 2022 15:21:20 GMT
Cache-Control: no-cache
Server: AMO-cookiemap/1.1
Connection: keep-alive
Content-Length: 0
P3P: CP="NOI NID DEVa PSAa PSDa OUR IND PUR COM NAV INT DEM"

GET
H2 200 RCe267924711084c2ea517049a0a0b2543-source.min.js Show response
assets.adobedtm.com/5e68f1ab8856/6f5249f15557/59f8be312782/ 1 KB
1 KB 44ms
42ms Script
application/x-javascript 2a02:26f0:3500:587::1e80
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://assets.adobedtm.com/5e68f1ab8856/6f5249f15557/59f8be312782/RCe267924711084c2ea517049a0a0b2543-source.min.js
Requested by: Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/1a8b82639e97b4c8938c46c6ad045392048d00e5/satelliteLib-5f15f2949f2a761b35db03f2b389a11d61654c4e.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a02:26f0:3500:587::1e80 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: AkamaiNetStorage /
Resource Hash: 730e3c9b27e49d5225fa98fae92003d8570afbe4c6cfca5cb618657c91ce9fd8

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:21:19 GMT
content-encoding: gzip
last-modified: Mon, 24 Oct 2022 17:03:50 GMT
server: AkamaiNetStorage
etag: "0804c118a91c4e20438058fb7e96743b:1666631030.802123"
vary: Accept-Encoding
content-type: application/x-javascript
access-control-allow-origin: https://travelagents.hilton.com
cache-control: max-age=3600
accept-ranges: bytes
timing-allow-origin: *
content-length: 786
expires: Tue, 25 Oct 2022 16:21:19 GMT

GET
H/1.1 206
Partial Content Hilton_All%20Inclusive_Sizzle%20Video%200522%20(1)_Trim.mp4
c48c230edebef37baa0b-7924816fb41fd531ce97ed2a0e88770c.ssl.cf2.rackcdn.com/travelagents.hilton.com/ 16 KB
0 139ms
44ms Media
video/mp4 23.35.236.144
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://c48c230edebef37baa0b-7924816fb41fd531ce97ed2a0e88770c.ssl.cf2.rackcdn.com/travelagents.hilton.com/Hilton_All%20Inclusive_Sizzle%20Video%200522%20(1)_Trim.mp4
Requested by: Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 23.35.236.144 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a23-35-236-144.deploy.static.akamaitechnologies.com
Software: /
Resource Hash

Request headers

Referer: https://travelagents.hilton.com/
Accept-Encoding: identity;q=1, *;q=0
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Range: bytes=0-

Response headers

Date: Tue, 25 Oct 2022 15:21:20 GMT
Origin: https://mycloud.rackspace.com
Last-Modified: Wed, 08 Jun 2022 16:41:19 GMT
ETag: 04347a4124b5e0ebbbb66f1bb8970566
Content-Type: video/mp4
Content-Range: bytes 0-13208518/13208519
X-Timestamp: 1654706478.04486
Cache-Control: public, max-age=62320
Connection: keep-alive
Accept-Ranges: bytes
X-Trans-Id: txa7a48176bf994d7ea9eb9-00633979dcord1
Content-Length: 13208519
Expires: Wed, 26 Oct 2022 08:40:00 GMT

GET
H2 200 v1.7-9931 Show response
consent.trustarc.com/asset/notice.js/v/ 76 KB
24 KB 150ms
45ms Script
text/javascript 13.225.78.53
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent.trustarc.com/asset/notice.js/v/v1.7-9931

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/notice?domain=hiltongdpr.com&c=teconsent&gtm=1&text=true&pcookie&js=nj&noticeType=bb&oc=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-53.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

a2287bb22f8ed8285baec2e9b8cfd84ea46d0a142884bea029c7c396fa3a0d9f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://travelagents.hilton.com/
Origin: https://travelagents.hilton.com
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 14:45:37 GMT
content-encoding: gzip
via: 1.1 2fcedcc055e24d7ac99fbc19ed8fc8ec.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
age: 2143
x-cache: Hit from cloudfront
pragma: public
last-modified: Thu, 20 Oct 2022 05:43:25 GMT
server: nginx
vary: Accept-Encoding
content-type: text/javascript
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: yZjRZ8OhQZh14ugqD0lrvv9IlqqqpBUNhQdr8XXWP_NRV6hk84i7Qg==
expires: Thu, 24 Nov 2022 14:45:37 GMT

GET
H2 200 log
consent.trustarc.com/ 43 B
441 B 82ms
82ms Image
image/gif 13.225.78.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/log?domain=hiltongdpr.com&country=gb&state=&behavior=expressed&c=42d5

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-53.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 15:21:20 GMT
via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: FRA2-C2
vary: Origin
x-cache: Miss from cloudfront
content-type: image/gif
cache-control: private, no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-length: 43
x-amz-cf-id: ceXIVPcUTXAYqKVREERczlqEK5c5LY6rkFK-es-cmG9NflkFY3OSDw==
expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 137ms
40ms Script
text/javascript 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5GDSFJP

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Tue, 25 Oct 2022 15:15:54 GMT
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
server: Golfe2
age: 326
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20039
expires: Tue, 25 Oct 2022 17:15:54 GMT

GET
H2 200 s57345432727066 Show response
smetric.hilton.com/b/ss/hiltonglobalprod/10/JS-2.21.0-LCXS/ 6 KB
6 KB 68ms
66ms Script
application/x-javascript 15.236.176.210
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://smetric.hilton.com/b/ss/hiltonglobalprod/10/JS-2.21.0-LCXS/s57345432727066?AQB=1&ndh=1&pf=1&callback=s_c_il[1].doPostbacks&et=1&t=25%2F9%2F2022%2015%3A21%3A20%202%200&d.&nsid=0&jsonv=1&.d&mid=19194874480057866443120068392229930604&aamlh=6&ce=UTF-8&pageName=hilton-travel-agents%3Ahomepage%3Aindex&g=https%3A%2F%2Ftravelagents.hilton.com%2F%3F&r=http%3A%2F%2Ftravelagents.hilton.com.admin-eu.cas.ms%2F&c.&getQueryParam=4.0&getPreviousValue=3.0&.c&cc=USD&ch=homepage&products=%3BUNKNOWN&aamb=RKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y&c1=UNKNOWN&c2=D%3Dv59&c3=D%3Dv24&c4=Logged-out&c6=images%2Ctext&c8=hilton-travel-agents&c9=D%3Dv46&v10=%2B1&c11=D%3Dv40&c12=D%3Dv63&c13=D%3Dv150&c14=Hilton%20Travel%20Agents%20%7C%20Travel%20Portal%20for%20Agents&c15=D&c16=D%3Dv49&v17=D%3Dv18&c24=travelagents.hilton.com&v24=en&v25=Logged-out&v27=hilton-travel-agents%3Ahomepage%3Aindex&c28=D%3Dv9&c35=D%3Dv135&c37=D%3Dv24&c38=D%3Dv59&c39=D%3Dv46&v43=D%3Dc8&v46=homepage&v47=D%3Dc15&v49=P&c52=core.page-bottom%7CroomView%7Cundefined%7CGW%20-%20Global%20Standard%20%28AT%29&c53=2022-10-25%2015%3A21%3A20&v59=mb&v65=travelagents.hilton.com.admin-eu.cas.ms&v111=Control%20Group&v135=old%20hilton&v150=https%3A%2F%2Ftravelagents.hilton.com%2F&s=1600x1200&c=24&j=1.6&v=N&k=Y&bw=1600&bh=1200&mcorgid=F0C120B3534685700A490D45%40AdobeOrg&AQE=1

Requested by

Host: assets.adobedtm.com
URL: https://assets.adobedtm.com/5e68f1ab8856/6f5249f15557/59f8be312782/EX37c772f5f3ff408f881a2e3f2af0cd83-libraryCode_source.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

15.236.176.210 Paris, France, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-15-236-176-210.eu-west-3.compute.amazonaws.com

Software

jag /

Resource Hash

0784ada5af72a6a4576a4bc6360523f39b68d814ac829e5355ed0ce8a305b05c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-aam-tid: Q9JHi+pqTVs=
date: Tue, 25 Oct 2022 15:21:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy"
content-length: 5939
x-xss-protection: 1; mode=block
dcs: dcs-prod-irl1-2-v044-0f520ef78.edge-irl1.demdex.com 6 ms
pragma: no-cache
last-modified: Wed, 26 Oct 2022 15:21:20 GMT
server: jag
etag: 3579235220044447744-4619694668426485952
vary: *
content-type: application/x-javascript;charset=utf-8
access-control-allow-origin: *
cache-control: no-cache, no-store, max-age=0, no-transform, private
expires: Mon, 24 Oct 2022 15:21:20 GMT

POST
H2 200 events
cdn3.forter.com/ 0
245 B 343ms
114ms Ping
text/plain 54.160.100.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.160.100.205 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-160-100-205.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://travelagents.hilton.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 15:21:20 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Origin
access-control-allow-origin: https://travelagents.hilton.com
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
expires: -1

POST
H2 200 events
cdn3.forter.com/ 0
246 B 329ms
113ms Ping
text/plain 54.160.100.205
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn3.forter.com/events

Requested by

Host:
URL: (program):2

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

54.160.100.205 , United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-54-160-100-205.compute-1.amazonaws.com

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

Referer: https://travelagents.hilton.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain; charset=utf-8

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 15:21:20 GMT
strict-transport-security: max-age=86400; includeSubDomains
vary: Origin
access-control-allow-origin: https://travelagents.hilton.com
cache-control: private, no-cache, no-store
access-control-allow-credentials: true
timing-allow-origin: *
expires: -1

GET
H2

200

7fbb0c9d3e4d7a2f3570e11918a750bca1b6990a2bdb4f37ecb5650bebc4c340ac7f4bc8651056e6dbf849d1a472 Show response
cdn9.forter.com/vchk2/v1/
Redirect Chain

https://cdn9.forter.com/vchk2
https://cdn9.forter.com/vchk2/v1/7fbb0c9d3e4d7a2f3570e11918a750bca1b6990a2bdb4f37ecb5650bebc4c340ac7f4bc8651056e6dbf849d1a472

0
322 B

171ms
171ms

XHR
text/plain

13.224.189.63
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn9.forter.com/vchk2/v1/7fbb0c9d3e4d7a2f3570e11918a750bca1b6990a2bdb4f37ecb5650bebc4c340ac7f4bc8651056e6dbf849d1a472

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Server

13.224.189.63 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-224-189-63.fra2.r.cloudfront.net

Software

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:21:20 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
strict-transport-security: max-age=86400; includeSubDomains
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: r9rC3CARFSX4jy3wE0yRGq99IN8RmOAG43ogDfgoTYLoiUhfhK7b3Q==

Redirect headers

date: Tue, 25 Oct 2022 15:21:20 GMT
via: 1.1 8f20db43ba7579b7216cf908572d5054.cloudfront.net (CloudFront)
strict-transport-security: max-age=86400; includeSubDomains
x-amz-cf-pop: FRA2-C1
x-cache: Miss from cloudfront
location: https://cdn9.forter.com/vchk2/v1/7fbb0c9d3e4d7a2f3570e11918a750bca1b6990a2bdb4f37ecb5650bebc4c340ac7f4bc8651056e6dbf849d1a472
access-control-allow-origin: *
cache-control: private, s-maxage=0, proxy-revalidate
timing-allow-origin: *
x-amz-cf-id: GGAi1KNZCn79IRGd4CAUJq7ZaWs5w44JRb906eIjtuZsd4s9h8_Bbw==

GET
H2 200 / Show response
consent-pref.trustarc.com/ Frame C90C 5 KB
3 KB 134ms
42ms Document
text/html 13.225.78.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=gb&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/

Requested by

Host: consent.trustarc.com
URL: https://consent.trustarc.com/asset/notice.js/v/v1.7-9931

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-23.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://travelagents.hilton.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 62270
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 24 Oct 2022 22:03:37 GMT
etag: W/"5147-1666069570000"
expect-ct: max-age=86400; enforce;
last-modified: Tue, 18 Oct 2022 05:06:10 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
x-amz-cf-id: SHVfv_sQw2JM8Cn9mZZyxETY4IwKXVx353zWg-SogY12nT9YKMB3EA==
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

GET
H2 200 noticemsg
consent.trustarc.com/ 43 B
540 B 74ms
74ms Image
image/gif 13.225.78.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/noticemsg?action=consent&domain=hiltongdpr.com&behavior=expressed&country=gb&language=en&rand=0.860166808723033

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-53.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:21:20 GMT
via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
cloudfront-viewer-country: GB
content-length: 43
x-xss-protection: 1; mode=block
pragma: no-cache
server: nginx
x-frame-options: SAMEORIGIN
vary: Origin
content-type: image/gif
cache-control: max-age=3600
cloudfront-viewer-country-region: ENG
timing-allow-origin: *
x-amz-cf-id: zsxCU4KtZnkZjuCwzGoeTbks6ia48hzJG7ZrLtDwqheZkIH_at2A1g==
expires: Tue, 25 Oct 2022 16:21:20 GMT

POST
H2 200 collect Show response
www.google-analytics.com/j/ 1 B
211 B 56ms
55ms XHR
text/plain 2a00:1450:4001:82a::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j98&a=352881566&t=pageview&_s=1&dl=https%3A%2F%2Ftravelagents.hilton.com%2F&dr=http%3A%2F%2Ftravelagents.hilton.com.admin-eu.cas.ms%2F&ul=en-us&de=UTF-8&dt=Hilton%20Travel%20Agents%20%7C%20Travel%20Portal%20for%20Agents&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=1206125400&gjid=1166217006&cid=611180594.1666711280&tid=UA-58076041-2&_gid=2119525742.1666711280&_r=1&gtm=2wgaj05GDSFJP&z=1406759134

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://travelagents.hilton.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 15:21:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://travelagents.hilton.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=21&dpuuid=220073204315002654298
dpm.demdex.net/ Frame F184
Redirect Chain

https://aa.agkn.com/adscores/g.pixel?sid=9211132908&aam=19218456480829474193117637085299996451
https://dpm.demdex.net/ibs:dpid=21&dpuuid=220073204315002654298

42 B
942 B

50ms
49ms

Image
image/gif

34.249.106.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=21&dpuuid=220073204315002654298

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

HTTP/1.1

Server

34.249.106.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-106-217.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v044-03e6d069f.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: ZYa6tqRmT6U=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 15:21:20 GMT
server: AAWebServer
access-control-allow-methods: GET, POST, OPTIONS
p3p: policyref="https://www.agkn.com/p3p/p3p.xml",CP="NOI NID"
location: https://dpm.demdex.net/ibs:dpid=21&dpuuid=220073204315002654298
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-headers: accept, cache-control, origin, x-requested-with, x-file-name, content-type
expires: 0

GET
H2 200 /
www.facebook.com/tr/ Frame F184 0
185 B 187ms
65ms Image
text/plain 2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/tr/?id=967617709996912&ev=Adobe-Audience-Manager-Segment&cd[segID]=15300019,22365141&noscript=1

Requested by

Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

proxygen-bolt /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

strict-transport-security: max-age=31536000; includeSubDomains
date: Tue, 25 Oct 2022 15:21:20 GMT
server: proxygen-bolt
content-type: text/plain
access-control-allow-origin
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
content-length: 0

GET
H2 200 365868.gif
idsync.rlcdn.com/ Frame F184 42 B
330 B 126ms
40ms Image
image/gif 35.244.174.68
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://idsync.rlcdn.com/365868.gif?partner_uid=19218456480829474193117637085299996451
Requested by: Host: travelagents.hilton.com
URL: https://travelagents.hilton.com/?
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.244.174.68 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 68.174.244.35.bc.googleusercontent.com
Software: /
Resource Hash: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:21:20 GMT
via: 1.1 google
content-type: image/gif
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
cache-control: no-cache, no-store
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42

GET
H2

200

/
www.google.co.uk/pagead/1p-user-list/1005930085/ Frame F184
Redirect Chain

https://googleads.g.doubleclick.net/pagead/viewthroughconversion/1005930085/?value=0&guid=ON&script=0&data=23583573
https://www.google.com/pagead/1p-user-list/1005930085/?value=0&guid=ON&script=0&data=23583573&is_vtc=1&random=581321438
https://www.google.co.uk/pagead/1p-user-list/1005930085/?value=0&guid=ON&script=0&data=23583573&is_vtc=1&random=581321438&ipr=y

42 B
548 B

145ms
55ms

Image
image/gif

2a00:1450:4001:831::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.co.uk/pagead/1p-user-list/1005930085/?value=0&guid=ON&script=0&data=23583573&is_vtc=1&random=581321438&ipr=y

Protocol

Server

2a00:1450:4001:831::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 15:21:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 15:21:20 GMT
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
location: https://www.google.co.uk/pagead/1p-user-list/1005930085/?value=0&guid=ON&script=0&data=23583573&is_vtc=1&random=581321438&ipr=y
content-type: image/gif
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 defaultpreferencemanager.nocache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame C90C 5 KB
3 KB 75ms
74ms Script
application/javascript 13.225.78.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=gb&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-23.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

8cd45983252377ab47167a01dc25622b9a2ed372ccef7809b5b987e7f5804aee

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=gb&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:21:20 GMT
content-encoding: gzip
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 Oct 2022 05:06:28 GMT
server: nginx
etag: W/"4867-1666069588000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: no-cache
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: 8cCHEEmEwddvmj31dMr7saEPaGdoThyzaD9l0TI93ez7u3NHl61rew==
expires: Tue, 25 Oct 2022 15:21:19 GMT

GET
H2 200 get Show response
consent-st.trustarc.com/ Frame C90C 20 KB
5 KB 158ms
46ms Script
text/javascript 108.157.4.31
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-st.trustarc.com/get?name=combined_static_cm_minified.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

108.157.4.31 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-108-157-4-31.dus51.r.cloudfront.net

Software

nginx /

Resource Hash

f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Mon, 26 Sep 2022 02:01:53 GMT
content-encoding: gzip
via: 1.1 347732911156afff87ff95b6d55b9278.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: DUS51-P2
age: 2553567
vary: Accept-Encoding, Origin
x-cache: Hit from cloudfront
content-type: text/javascript
cache-control: max-age=2592000
timing-allow-origin: *
x-amz-cf-id: sJv_imXQ9NojMZMiiB7vGz3GVArDf3uzBqvqFIcrnFkL_CIm3-MsjA==
expires: Wed, 26 Oct 2022 02:01:53 GMT

GET
H2 200 loading.gif
consent-pref.trustarc.com/images/ Frame C90C 3 KB
3 KB 47ms
46ms Image
image/gif 13.225.78.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loading.gif

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-23.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=gb&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 21:06:27 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
age: 65699
x-cache: Hit from cloudfront
content-length: 2608
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 Oct 2022 05:06:10 GMT
server: nginx
etag: W/"2608-1666069570000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/gif
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: fLH08B6SXbJ048UOxmR6sb8dw7mJhmhNBMwR3Hp5Tg4F6WVExxSDew==

GET
H/1.1

200
OK

ibs:dpid=358&dpuuid=7416363402887643939
dpm.demdex.net/ Frame F184
Redirect Chain

https://ib.adnxs.com/getuid?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D358%26dpuuid%3D%24UID
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%253A%252F%252Fdpm.demdex.net%252Fibs%253Adpid%253D358%2526dpuuid%253D%2524UID
https://dpm.demdex.net/ibs:dpid=358&dpuuid=7416363402887643939

42 B
942 B

47ms
47ms

Image
image/gif

34.249.106.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=358&dpuuid=7416363402887643939

Protocol

HTTP/1.1

Server

34.249.106.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-106-217.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v044-038a43fef.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: PQ3stMhHQmU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 15:21:20 GMT
AN-X-Request-Uuid: efb561f3-92f5-4a87-81d4-bccb58752560
Server: nginx/1.21.3
Content-Type: text/html; charset=utf-8
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Location: https://dpm.demdex.net/ibs:dpid=358&dpuuid=7416363402887643939
Connection: keep-alive
X-Proxy-Origin: 217.138.196.99; 217.138.196.99; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 900F1BE3E033349C4A8AEE7E6836E50C.cache.html Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame 9924 139 KB
46 KB 48ms
47ms Document
text/html 13.225.78.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/900F1BE3E033349C4A8AEE7E6836E50C.cache.html

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/defaultpreferencemanager.nocache.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-23.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

f76a484bb66130b90832bfe73e4b5acb2da46d8dac2abb34b6d60ecab7f4365a

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=gb&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 466516
cache-control: max-age=315360000
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Thu, 20 Oct 2022 05:46:04 GMT
etag: W/"142492-1666069588000"
expect-ct: max-age=86400; enforce;
expires: Thu, 31 Dec 2037 23:55:55 GMT
last-modified: Tue, 18 Oct 2022 05:06:28 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
x-amz-cf-id: fpH7UGzSBVb-ZqFYkWdcaR_2UtURPj9QzsbW4gI5TcT3lhJqpBnIpw==
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame C90C 969 B
1 KB 67ms
66ms XHR
application/json 13.225.78.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/900F1BE3E033349C4A8AEE7E6836E50C.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-23.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

2bfe0bfebc6bf40e5f73c03389ba8285505bc2f45d739d1efd5ca830f940a51d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 900F1BE3E033349C4A8AEE7E6836E50C
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=gb&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Tue, 25 Oct 2022 15:21:20 GMT
content-encoding: gzip
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 468
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: 87K7PtYPDLgsiJE32A5LunqVqMVDL7TejAU_zi6Ofq6zz8swsMLmVw==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame C90C 48 B
620 B 68ms
67ms XHR
application/json 13.225.78.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/900F1BE3E033349C4A8AEE7E6836E50C.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-23.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

0655d14e7fe9eb2c94ea6e74f6daba5288b8dbe3c163c41cd5dbd8529e228609

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 900F1BE3E033349C4A8AEE7E6836E50C
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=gb&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Tue, 25 Oct 2022 15:21:20 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 48
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: pp_3EA1BCfyapNmacFmtOWahqyW0BL_USo547zn4qRHafg1QnP4ZxQ==

GET
H/1.1

200
OK

ibs:dpid=470&dpuuid=3229401479939270603
dpm.demdex.net/ Frame F184
Redirect Chain

https://d.turn.com/r/dd/id/L2NzaWQvMS9jaWQvMjM2NTYzMjkvdC8y/url/https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D470%26dpuuid%3D%24!%7BTURN_UUID%7D
https://dpm.demdex.net/ibs:dpid=470&dpuuid=3229401479939270603

42 B
942 B

44ms
44ms

Image
image/gif

34.249.106.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=470&dpuuid=3229401479939270603

Protocol

HTTP/1.1

Server

34.249.106.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-106-217.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v044-025937753.edge-irl1.demdex.com 4 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: zFxtC5ypTho=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

location: https://dpm.demdex.net/ibs:dpid=470&dpuuid=3229401479939270603
pragma: no-cache
date: Tue, 25 Oct 2022 15:21:20 GMT
cache-control: max-age=0, no-cache, no-store, private, must-revalidate, s-maxage=0
content-length: 0
p3p: policyref="/w3c/p3p.xml", CP="NOI CURa DEVa TAIa PSAa PSDa IVAa IVDa OUR IND UNI NAV"

POST
H/1.1 200
OK prop.json
14f627fd8dc349f3a5715c9bdc4dd01d-4dc2aa82bc5e.cdn.forter.com/ 2 B
631 B 382ms
115ms Ping
application/json 3.234.25.89
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL: https://14f627fd8dc349f3a5715c9bdc4dd01d-4dc2aa82bc5e.cdn.forter.com/prop.json
Requested by: Host:
URL: (program):2
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 3.234.25.89 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-234-25-89.compute-1.amazonaws.com
Software: Apache /
Resource Hash: 44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a

Request headers

Referer: https://travelagents.hilton.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

Date: Tue, 25 Oct 2022 15:21:20 GMT
Connection: close
Content-Length: 2
Pragma: no-cache
Last-Modified: Sat, 15 Oct 2022 12:05:48 GMT
Server: Apache
ETag: "2-5eb1190258813"
Access-Control-Allow-Methods: PUT, GET, POST, DELETE, OPTIONS
Content-Type: application/json
Access-Control-Allow-Origin: https://travelagents.hilton.com
Cache-Control: max-age=0, no-cache, no-store, must-revalidate
Access-Control-Allow-Credentials: true
Accept-Ranges: bytes
Timing-Allow-Origin: *
Access-Control-Allow-Headers: origin, x-requested-with, content-type, x-csrf-token
Expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 EuPreferenceManager.css
consent-pref.trustarc.com/ Frame C90C 28 KB
7 KB 86ms
85ms Stylesheet
text/css 13.225.78.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/EuPreferenceManager.css

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/900F1BE3E033349C4A8AEE7E6836E50C.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-23.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

11304b88bdf5cd5f42513b9aa8bd3206653770f4f125b852285db812c731cf24

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=gb&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:21:20 GMT
content-encoding: gzip
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
x-cache: RefreshHit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 Oct 2022 05:06:10 GMT
server: nginx
etag: W/"29043-1666069570000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: text/css
cache-control: no-cache
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: 9HvkRNZWhf3nXCgxEaXVCqGHbATqXx8wR_MrZjp1abH3OYUG9VUouw==
expires: Tue, 25 Oct 2022 15:21:19 GMT

GET
H2 200 10.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/900F1BE3E033349C4A8AEE7E6836E50C/ Frame C90C 253 KB
87 KB 44ms
44ms XHR
application/javascript 13.225.78.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/900F1BE3E033349C4A8AEE7E6836E50C/10.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/900F1BE3E033349C4A8AEE7E6836E50C.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-23.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

9a3922ab13028b40a17d282752146872724c3f994b88d7329227f1300f4de7b7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=gb&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 05:46:04 GMT
content-encoding: gzip
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
age: 466516
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 Oct 2022 05:06:28 GMT
server: nginx
etag: W/"259516-1666069588000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: Z5X7lGvqqPAuukTIQhA4j-FdoLzd_CSeTjZ47yWwG-jnBv6xDXJTxw==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1

200
OK

ibs:dpid=771&dpuuid=CAESEB2BrzEot3pjB3SEv8l5wxI&google_cver=1
dpm.demdex.net/ Frame F184
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=adobe_dmp&google_cm&gdpr=0&gdpr_consent=&google_hm=MTkyMTg0NTY0ODA4Mjk0NzQxOTMxMTc2MzcwODUyOTk5OTY0NTE=
https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEB2BrzEot3pjB3SEv8l5wxI&google_cver=1?gdpr=0&gdpr_consent=

42 B
942 B

49ms
49ms

Image
image/gif

34.249.106.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEB2BrzEot3pjB3SEv8l5wxI&google_cver=1?gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

34.249.106.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-106-217.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v044-025937753.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: 8BAjQp1zQDQ=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 15:21:20 GMT
server: HTTP server (unknown)
content-type: text/html; charset=UTF-8
location: https://dpm.demdex.net/ibs:dpid=771&dpuuid=CAESEB2BrzEot3pjB3SEv8l5wxI&google_cver=1?gdpr=0&gdpr_consent=
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 314
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 1.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/900F1BE3E033349C4A8AEE7E6836E50C/ Frame C90C 19 KB
8 KB 40ms
40ms XHR
application/javascript 13.225.78.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/900F1BE3E033349C4A8AEE7E6836E50C/1.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/900F1BE3E033349C4A8AEE7E6836E50C.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-23.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

7a2ffdbb208abc0c4162ae77535687b761c1e9a98a034cfe8dba4bff522c80c4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=gb&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 05:46:04 GMT
content-encoding: gzip
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
age: 466516
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 Oct 2022 05:06:28 GMT
server: nginx
etag: W/"19787-1666069588000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: ZGHzHUMZEoUA0SXHTqqKx-WFYZ8sw9R1oZ0NkG3hj8jLqILSVzh9zQ==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1

200
OK

ibs:dpid=1175&&dpuuid=tZCEbOXG12uuxYA4tZacbbrBgDiuk9JqssC7BN13
dpm.demdex.net/ Frame F184
Redirect Chain

https://cms.quantserve.com/pixel/p-vj4AYjBqd6VJ2.gif?idmatch=0&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=tZCEbOXG12uuxYA4tZacbbrBgDiuk9JqssC7BN13

42 B
942 B

46ms
46ms

Image
image/gif

34.249.106.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=tZCEbOXG12uuxYA4tZacbbrBgDiuk9JqssC7BN13

Protocol

HTTP/1.1

Server

34.249.106.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-106-217.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v044-020c6b503.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: s6lqcgAEQv8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 15:21:20 GMT
strict-transport-security: max-age=86400
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAo PSDo OUR SAMa IND COM NAV"
location: https://dpm.demdex.net/ibs:dpid=1175&&dpuuid=tZCEbOXG12uuxYA4tZacbbrBgDiuk9JqssC7BN13
cache-control: private, no-cache, no-store, proxy-revalidate
content-length: 0
expires: Fri, 04 Aug 1978 12:00:00 GMT

GET
H2 200 cookie_iframe.html Show response
prefmgr-cookie.truste-svc.net/cookie_js/ Frame F6AF 5 KB
2 KB 364ms
115ms Document
text/html 44.208.109.123
AMAZON-AES

General

Check archive.org

Show headers Download Go to

Full URL

https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=gb&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/

Requested by

Host: travelagents.hilton.com.admin-eu.cas.ms
URL: http://travelagents.hilton.com.admin-eu.cas.ms/

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

44.208.109.123 Ashburn, United States, ASN14618 (AMAZON-AES, US),

Reverse DNS

ec2-44-208-109-123.compute-1.amazonaws.com

Software

nginx /

Resource Hash

e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8

Security Headers

Name	Value
Content-Security-Policy	default-src 'self' 'unsafe-eval' ; font-src 'self' ; style-src 'self' 'unsafe-inline' ; img-src 'self' data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' ; frame-ancestors 'self' ; connect-src 'self' ; script-src 'self' 'unsafe-inline' 'unsafe-eval' ; object-src 'self' ; media-src 'self' ; child-src 'self' ; worker-src 'self' ; manifest-src 'self' ; prefetch-src 'self' ;
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://consent-pref.trustarc.com/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

content-encoding: gzip
content-security-policy: default-src 'self' 'unsafe-eval' *; font-src 'self' *; style-src 'self' 'unsafe-inline' *; img-src 'self' * data: https://cdn1.iconfinder.com https://js.userflow.com; frame-src 'self' *; frame-ancestors 'self' *; connect-src 'self' *; script-src 'self' 'unsafe-inline' 'unsafe-eval' *; object-src 'self' *; media-src 'self' *; child-src 'self' *; worker-src 'self' *; manifest-src 'self' *; prefetch-src 'self' *;
content-type: text/html; charset=UTF-8
cross-origin-embedder-policy: unsafe-none
cross-origin-opener-policy: unsafe-none
cross-origin-resource-policy: cross-origin
date: Tue, 25 Oct 2022 15:21:21 GMT
etag: W/"5014-1657163800000"
expect-ct: max-age=31536000
last-modified: Thu, 07 Jul 2022 03:16:40 GMT
permissions-policy: geolocation=(), microphone=(), payment=()
referrer-policy: origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame C90C 910 B
989 B 71ms
70ms XHR
application/json 13.225.78.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/900F1BE3E033349C4A8AEE7E6836E50C.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-23.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

1443f37c720d3ae02458092998be68bd1a1549864ed48a94104e245da65c3f85

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 900F1BE3E033349C4A8AEE7E6836E50C
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=gb&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Tue, 25 Oct 2022 15:21:20 GMT
content-encoding: gzip
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 398
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: IukL8McaXVYY2PYrAq4Ngv4gUitcjVBpQWLoQ4L3c5glj2_v_K5u0Q==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame C90C 14 KB
5 KB 75ms
74ms XHR
application/json 13.225.78.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/900F1BE3E033349C4A8AEE7E6836E50C.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-23.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

e99db7d2cb2d5bd2bf4e28499a9d48cd94731df7cbe14da008cdbe7ce10bd3f1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 900F1BE3E033349C4A8AEE7E6836E50C
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=gb&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Tue, 25 Oct 2022 15:21:20 GMT
content-encoding: gzip
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 4183
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: dqFtacu7NFXBrBS4zNXfdlnAPRP3pyb3IQBJe2VLrLKVkGj_0i2tYQ==

GET
H2 200 trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame C90C 4 KB
5 KB 45ms
44ms Image
image/png 13.225.78.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/trustarc-logo-small.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-23.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=gb&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 21:08:09 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
age: 65591
x-cache: Hit from cloudfront
content-length: 4197
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 Oct 2022 05:06:10 GMT
server: nginx
etag: W/"4197-1666069570000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/png
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: sdaa2uzyzDqhoG0HYZq3fIiS949i09BeY8hTrxFC2g6FmIgYo1eYtA==

GET
H2 200 /
mpp.vindicosuite.com/sync/ Frame F184 0
308 B 182ms
110ms Image
text/plain 35.186.236.204
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://mpp.vindicosuite.com/sync/?pid=27&fr=1
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 35.186.236.204 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 204.236.186.35.bc.googleusercontent.com
Software: 23bedf3be08dfe44fdd8a269043fb77218e182a5c5c86c11a38548e544aeab08 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 15:21:20 GMT
via: 1.1 google
server: 23bedf3be08dfe44fdd8a269043fb77218e182a5c5c86c11a38548e544aeab08
access-control-allow-methods: GET, HEAD, POST, TRACE, OPTIONS
access-control-allow-origin: *
cache-control: no-store,no-cache,must-revalidate,post-check=0,pre-check=0
access-control-allow-headers: Content-Type
content-length: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Thu, 01 Dec 1994 16:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=1957&dpuuid=010C628DFE3161850D8870C5FF5260E5
dpm.demdex.net/ Frame F184
Redirect Chain

https://c.bing.com/c.gif?uid=19218456480829474193117637085299996451&Red3=MSAdobe_pd&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=1957&dpuuid=010C628DFE3161850D8870C5FF5260E5

42 B
942 B

44ms
44ms

Image
image/gif

34.249.106.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=1957&dpuuid=010C628DFE3161850D8870C5FF5260E5

Protocol

HTTP/1.1

Server

34.249.106.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-106-217.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v044-0a314749e.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: QQ/3t33YTBA=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 15:21:20 GMT
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2F935C8FE3314BE48216F702DE050427 Ref B: LTSEDGE1008 Ref C: 2022-10-25T15:21:21Z
x-powered-by: ASP.NET
x-cache: CONFIG_NOCACHE
p3p: CP="BUS CUR CONo FIN IVDo ONL OUR PHY SAMo TELo"
location: https://dpm.demdex.net/ibs:dpid=1957&dpuuid=010C628DFE3161850D8870C5FF5260E5
cache-control: private, no-cache, proxy-revalidate, no-store
content-length: 0

GET
H/1.1

200
OK

ibs:dpid=3047&dpuuid=5411A8685D0104&gdpr=0&gdpr_consent=
dpm.demdex.net/ Frame F184
Redirect Chain

https://servedby.flashtalking.com/map/?key=a74thHgsfK627J6Ftt8sj5ks52bKe&gdpr=0&gdpr_consent=&url=https://dpm.demdex.net/ibs:dpid=3047&dpuuid=[%FT_GUID%]&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=3047&dpuuid=5411A8685D0104&gdpr=0&gdpr_consent=

42 B
942 B

45ms
45ms

Image
image/gif

34.249.106.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=3047&dpuuid=5411A8685D0104&gdpr=0&gdpr_consent=

Protocol

HTTP/1.1

Server

34.249.106.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-106-217.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v044-016996127.edge-irl1.demdex.com 4 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: fC5hkw2jTE8=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

Location: https://dpm.demdex.net/ibs:dpid=3047&dpuuid=5411A8685D0104&gdpr=0&gdpr_consent=
Pragma: no-cache
Date: Tue, 25 Oct 2022 15:21:21 GMT
Cache-Control: no-cache, no-store
Server: prod-xre-app29.lhr11
Connection: close
X-HW: 1666711281.dop204.lo4.t,1666711281.cds040.lo4.shn,1666711281.dop204.lo4.t,1666711281.cds082.lo4.sc,1666711281.cds082.lo4.p

GET
H/1.1

200
OK

ibs:dpid=22054
dpm.demdex.net/ Frame F184
Redirect Chain

https://a.tribalfusion.com/i.match?p=b13&u=19218456480829474193117637085299996451&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://s.tribalfusion.com/z/i.match?p=b13&u=19218456480829474193117637085299996451&redirect=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid=22054&dpuuid=$TF_USER_ID_ENC$
https://dpm.demdex.net/ibs:dpid=22054

42 B
956 B

41ms
41ms

Image
image/gif

34.249.106.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22054

Protocol

HTTP/1.1

Server

34.249.106.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-106-217.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v044-01c2009f5.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: yu32Lg2YS0k=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 300
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 15:21:21 GMT
cf-cache-status: DYNAMIC
x-function: 209
server: cloudflare
x-reuse-index: 63
content-type: text/html
location: https://dpm.demdex.net/ibs:dpid=22054
p3p: CP="NOI DEVo TAIa OUR BUS"
cache-control: no-cache, private
cf-ray: 75fbf106df3f889d-LHR
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H/1.1

200
OK

ibs:dpid=22069&dpuuid=3016302421596
dpm.demdex.net/ Frame F184
Redirect Chain

https://tag.yieldoptimizer.com/ps/ps?t=i&p=2233
https://tag.yieldoptimizer.com/ps/ps?tc=349206109&t=i&p=2233
https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3016302421596

42 B
942 B

43ms
43ms

Image
image/gif

34.249.106.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3016302421596

Protocol

HTTP/1.1

Server

34.249.106.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-106-217.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v044-08f1122b4.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Tua0nXCdRgo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 15:21:21 GMT
via: 1.1 google
server: Apache-Coyote/1.1
p3p: CP="NON DSP COR TAIo PSAo PSDo HISo OUR BUS UNI INT DEM OTC"
location: https://dpm.demdex.net/ibs:dpid=22069&dpuuid=3016302421596
cache-control: no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 4.cache.js Show response
consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/900F1BE3E033349C4A8AEE7E6836E50C/ Frame C90C 43 KB
14 KB 43ms
43ms XHR
application/javascript 13.225.78.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/deferredjs/900F1BE3E033349C4A8AEE7E6836E50C/4.cache.js

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/900F1BE3E033349C4A8AEE7E6836E50C.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-23.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

cfa4361cb8bee4c0a46ec59d4cf217b7bb14a3b2f1e6700b3b624c5b9f68b5c9

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=gb&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Thu, 20 Oct 2022 05:46:04 GMT
content-encoding: gzip
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
age: 466517
x-cache: Hit from cloudfront
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 Oct 2022 05:06:28 GMT
server: nginx
etag: W/"44317-1666069588000"
expect-ct: max-age=86400; enforce;
vary: Accept-Encoding, Origin
content-type: application/javascript; charset=UTF-8
cache-control: max-age=315360000
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: XaIRTQEgVl6bVaKhiB_Fw8rz5QQILyHU5ZgX-Ib9mvcR9XxosI7oQg==
expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1

200
OK

ibs:dpid=30646
dpm.demdex.net/ Frame F184
Redirect Chain

https://cms.analytics.yahoo.com/cms?partner_id=ADOBE&_hosted_id=19218456480829474193117637085299996451&gdpr=0&gdpr_consent=
https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-wGfeAbhE2pHXZ5dzvD4uY8eL5irZ63AXe_w-~A

42 B
942 B

43ms
43ms

Image
image/gif

34.249.106.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-wGfeAbhE2pHXZ5dzvD4uY8eL5irZ63AXe_w-~A

Protocol

HTTP/1.1

Server

34.249.106.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-106-217.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v044-0055adaf6.edge-irl1.demdex.com 2 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: FOM+MZqVQAI=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Tue, 25 Oct 2022 15:21:21 GMT
strict-transport-security: max-age=31536000
via: http/1.1 spdc0106.pbp.ir2.yahoo.com (ApacheTrafficServer)
server: ATS
age: 0
content-type: text/html;charset=utf-8
location: https://dpm.demdex.net/ibs:dpid=30646?dpuuid=y-wGfeAbhE2pHXZ5dzvD4uY8eL5irZ63AXe_w-~A
content-length: 0

GET
H2 200 loading.gif
consent-pref.trustarc.com/images/ Frame C90C 3 KB
3 KB 40ms
40ms Image
image/gif 13.225.78.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loading.gif

Requested by

Host: travelagents.hilton.com.admin-eu.cas.ms
URL: http://travelagents.hilton.com.admin-eu.cas.ms/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-23.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=gb&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 21:06:27 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
age: 65700
x-cache: Hit from cloudfront
content-length: 2608
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 Oct 2022 05:06:10 GMT
server: nginx
etag: W/"2608-1666069570000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/gif
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: LzaHQvTwx2q0pohN9gG3xhUt0TB--8ro10MhJaQYkplPrsv7V-9mRA==

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame C90C 2 KB
1 KB 66ms
66ms XHR
application/json 13.225.78.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/900F1BE3E033349C4A8AEE7E6836E50C.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-23.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

88413f61b5afa2ea6bcfa7b251576584f38af0b9c6dbe8fc263930da30635cba

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 900F1BE3E033349C4A8AEE7E6836E50C
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=gb&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Tue, 25 Oct 2022 15:21:21 GMT
content-encoding: gzip
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 744
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: MDeevPPDEuE6Qj7HClUmKJyK9-doF3ByIg2KPUFEaBI96qEZ48cErA==

GET
H2 200 get
consent.trustarc.com/ Frame C90C 7 KB
8 KB 42ms
41ms Image
image/png 13.225.78.53
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent.trustarc.com/get?name=HiltonLogo_Black_HR250.png

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.53 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-53.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

d3452ec1127967b4fce882b728a14e85f0b78d22024081936dfd4f25bfbc16c5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://consent-pref.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: public
date: Tue, 25 Oct 2022 14:57:07 GMT
via: 1.1 882f747f39885162595630c95dd0012c.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx
x-amz-cf-pop: FRA2-C2
age: 1454
vary: Origin
x-cache: Hit from cloudfront
content-type: image/png
cache-control: max-age=2592000
timing-allow-origin: *
content-length: 7323
x-amz-cf-id: CLbRFT9jjCwJ5YeyeHbkRkl-jPBUye3-bQEaXlVV9T9rplEFOfS6lQ==
expires: Thu, 24 Nov 2022 14:57:07 GMT

GET
H2 200 user
bttrack.com/dmp/adobe/ Frame F184 35 B
263 B 333ms
113ms Image
image/gif 192.132.33.46
BIDTELLECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bttrack.com/dmp/adobe/user?dd_uuid=19218456480829474193117637085299996451
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 192.132.33.46 , United States, ASN18568 (BIDTELLECT, US),
Reverse DNS: 46.bidtellect.com
Software: Microsoft-IIS/8.5 /
Resource Hash: 6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

x-servername: Track001-iad
pragma: no-cache
date: Tue, 25 Oct 2022 15:20:39 GMT
x-aspnetmvc-version: 5.2
server: Microsoft-IIS/8.5
x-aspnet-version: 4.0.30319
content-type: image/gif
p3p: CP="CAO DSP COR ADMo DEVo PSAo PSDo HISo IVAo IVDo OUR IND OTC"
cache-control: private,no-cache
content-length: 35
expires: -1

POST
H2 200 truste Show response
consent-pref.trustarc.com/defaultpreferencemanager/ Frame C90C 766 KB
134 KB 157ms
157ms XHR
application/json 13.225.78.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/defaultpreferencemanager/truste

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/900F1BE3E033349C4A8AEE7E6836E50C.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-23.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

1b8a874faf2df688da9111a7a5709c02cd12cb3c838dd91bff067199003bfcf6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

X-GWT-Module-Base: https://consent-pref.trustarc.com/defaultpreferencemanager/
X-GWT-Permutation: 900F1BE3E033349C4A8AEE7E6836E50C
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=gb&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
accept-language: en-GB,en;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
Content-Type: text/x-gwt-rpc; charset=UTF-8

Response headers

date: Tue, 25 Oct 2022 15:21:21 GMT
content-encoding: gzip
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
strict-transport-security: max-age=31536000; includeSubDomains
x-content-type-options: nosniff
x-amz-cf-pop: FRA2-C2
x-cache: Miss from cloudfront
content-disposition: attachment
content-length: 136929
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400; enforce;
content-type: application/json;charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
x-amz-cf-id: Qq8h_u194zRJI4X_9BWje8-TDI5yqfP0JVaoNVl4YAKndcUU1OIv2Q==

GET
H2 200 switchbg.png
consent-pref.trustarc.com/images/ Frame C90C 1 KB
2 KB 41ms
41ms Image
image/png 13.225.78.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/switchbg.png

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/EuPreferenceManager.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-23.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

1ffe0083c43292aaba8148fe6d7286bd27381ea13fef76b9e545a22d8bbd8af5

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://consent-pref.trustarc.com/EuPreferenceManager.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 00:36:46 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
age: 53075
x-cache: Hit from cloudfront
content-length: 1068
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 Oct 2022 05:06:10 GMT
server: nginx
etag: W/"1068-1666069570000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/png
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: 0P2ug68a0O4DaAyiW6D6OD1IVn0l9kcSR-WLRVlbY3plzfCzfGyqRQ==

GET
H2 200 loader.gif
consent-pref.trustarc.com/images/ Frame C90C 2 KB
2 KB 40ms
40ms Image
image/gif 13.225.78.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/loader.gif

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-23.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

ee53ada617f2674cbd706e3b24fc6738c7f53f2f7a3a959e71f611aa850dc946

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=gb&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 17:59:45 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
age: 76896
x-cache: Hit from cloudfront
content-length: 1737
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 Oct 2022 05:06:10 GMT
server: nginx
etag: W/"1737-1666069570000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/gif
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: 8030vcfAPJ7JD94BeEgoxsSiLaByL6r8waf2kVfj94SQ4Os0G_W2lg==

GET
H/1.1

200
OK

ibs:dpid=66013&dpuuid=
dpm.demdex.net/ Frame F184
Redirect Chain

https://get.truex.com/adobe/audience_manager/sync
https://dpm.demdex.net/ibs:dpid=66013&dpuuid=

42 B
960 B

42ms
42ms

Image
image/gif

34.249.106.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=66013&dpuuid=

Protocol

HTTP/1.1

Server

34.249.106.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-106-217.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v044-08f9cc93e.edge-irl1.demdex.com 0 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: utpRN8uMRzo=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 104,300
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

date: Tue, 25 Oct 2022 15:21:22 GMT
server: Goliath
content-type: application/json
location: https://dpm.demdex.net/ibs:dpid=66013&dpuuid=
access-control-allow-origin: *
cache-control: private, max-age=0, no-cache
access-control-allow-credentials: true
access-control-allow-headers: Authorization
content-length: 2

GET
H2 200 logo_small.gif
d3nocrch4qti4v.cloudfront.net/ 43 B
382 B 140ms
48ms Image
image/gif 2600:9000:20eb:4e00:7:bffe:c3c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3nocrch4qti4v.cloudfront.net/logo_small.gif?check=1666711281675&popunder=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4e00:7:bffe:c3c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Fri, 21 Oct 2022 10:07:04 GMT
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2017 14:48:30 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 364478
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 43
x-amz-cf-id: bZsKKby_MS4gxAFP5Md2n3UL63GhwM3dfRsec7BJ2m8bJ5YEjuyKkA==

GET
H2 200 logo_medium.gif
d3nocrch4qti4v.cloudfront.net/ 43 B
381 B 140ms
49ms Image
image/gif 2600:9000:20eb:4e00:7:bffe:c3c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3nocrch4qti4v.cloudfront.net/logo_medium.gif?check=1666711281675&refererPageDetail=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4e00:7:bffe:c3c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 17 Oct 2022 02:02:21 GMT
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2017 14:48:14 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 739141
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 43
x-amz-cf-id: 6m1rbTCCaOENKEtQ8yoUMlxTKz2Ov25lYiS0NNWBnW2xHjqUH7_JWg==

GET
H2 200 logo_large.gif
d3nocrch4qti4v.cloudfront.net/ 43 B
379 B 140ms
49ms Image
image/gif 2600:9000:20eb:4e00:7:bffe:c3c0:21
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://d3nocrch4qti4v.cloudfront.net/logo_large.gif?1666711281675&-linkd-32.
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2600:9000:20eb:4e00:7:bffe:c3c0:21 , United States, ASN16509 (AMAZON-02, US),
Reverse DNS
Software: AmazonS3 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://travelagents.hilton.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 05:28:31 GMT
via: 1.1 41f60102fc29156bc5001d6646f75c02.cloudfront.net (CloudFront)
last-modified: Thu, 16 Mar 2017 14:48:02 GMT
server: AmazonS3
x-amz-cf-pop: FRA2-C1
age: 121971
etag: "b4491705564909da7f9eaf749dbbfbb1"
x-cache: Hit from cloudfront
content-type: image/gif
cache-control: max-age=1296000
accept-ranges: bytes
content-length: 43
x-amz-cf-id: wLpsQ7pbXYHxGEN5W-ffzl_eejwpRpUZ6K3sD3cchhIAD8gshs2y6A==

GET
H2 204 CookieSyncAdobe
rtb.adentifi.com/ Frame F184 0
35 B 337ms
109ms Image
text/plain 3.209.248.234
AMAZON-AES

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://rtb.adentifi.com/CookieSyncAdobe
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 3.209.248.234 Ashburn, United States, ASN14618 (AMAZON-AES, US),
Reverse DNS: ec2-3-209-248-234.compute-1.amazonaws.com
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 15:21:22 GMT

GET
H2 200 cookie_inneriframe.html Show response
consent-pref.trustarc.com/ Frame E4E9 2 KB
1 KB 41ms
40ms Document
text/html 13.225.78.23
AMAZON-02

General

Check archive.org

Show headers Download Go to

Full URL

https://consent-pref.trustarc.com/cookie_inneriframe.html

Requested by

Host: prefmgr-cookie.truste-svc.net
URL: https://prefmgr-cookie.truste-svc.net/cookie_js/cookie_iframe.html?parent=https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=gb&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-23.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

Referer: https://prefmgr-cookie.truste-svc.net/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36
accept-language: en-GB,en;q=0.9

Response headers

age: 65696
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Mon, 24 Oct 2022 21:06:33 GMT
etag: W/"2008-1666069570000"
expect-ct: max-age=86400; enforce;
last-modified: Tue, 18 Oct 2022 05:06:10 GMT
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding Origin
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
x-amz-cf-id: ZFVmNG510KbwWhvPGTWaouiNRffWzrYDB4pdZLeTlDE7nptf8im8AQ==
x-amz-cf-pop: FRA2-C2
x-cache: Hit from cloudfront
x-content-type-options: nosniff
x-xss-protection: 1

GET
H/1.1

200
OK

ibs:dpid=121998&dpuuid=
dpm.demdex.net/ Frame F184
Redirect Chain

https://sync.crwdcntrl.net/map/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=19218456480829474193117637085299996451?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://sync.crwdcntrl.net/map/ct=y/c=9828/tp=ADBE/gdpr=0/gdpr_consent=/tpid=19218456480829474193117637085299996451?https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D121998%26dpuuid%3D${profile_id}
https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

42 B
960 B

41ms
41ms

Image
image/gif

34.249.106.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=121998&dpuuid=

Protocol

HTTP/1.1

Server

34.249.106.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-106-217.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-1-v044-03b75489a.edge-irl1.demdex.com 1 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: Myv5zvCFQdc=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
X-Error: 300,104
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

expires: 0
pragma: no-cache
date: Tue, 25 Oct 2022 15:21:22 GMT
server: Jetty(9.4.38.v20210224)
p3p: CP=NOI DSP COR NID PSAa PSDa OUR UNI COM NAV
location: https://dpm.demdex.net/ibs:dpid=121998&dpuuid=
cache-control: no-cache
x-server: 10.45.29.184
content-length: 0
x-consent: absent

GET
H2 200 trustarc-logo-small.png
consent-pref.trustarc.com/images/ Frame C90C 4 KB
5 KB 40ms
39ms Image
image/png 13.225.78.23
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://consent-pref.trustarc.com/images/trustarc-logo-small.png

Requested by

Host: consent-pref.trustarc.com
URL: https://consent-pref.trustarc.com/defaultpreferencemanager/900F1BE3E033349C4A8AEE7E6836E50C.cache.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

13.225.78.23 , United States, ASN16509 (AMAZON-02, US),

Reverse DNS

server-13-225-78-23.fra2.r.cloudfront.net

Software

nginx /

Resource Hash

91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://consent-pref.trustarc.com/?type=hiltongdpr&layout=gdpr&site=hiltongdpr.com&action=notice&country=gb&locale=en&behavior=expressed&gtm=1&irm=undefined&from=https://consent.trustarc.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Mon, 24 Oct 2022 21:08:09 GMT
via: 1.1 27f665df26bde4a7226480b4a2890ff8.cloudfront.net (CloudFront)
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains
x-amz-cf-pop: FRA2-C2
age: 65593
x-cache: Hit from cloudfront
content-length: 4197
x-xss-protection: 1
referrer-policy: strict-origin-when-cross-origin
last-modified: Tue, 18 Oct 2022 05:06:10 GMT
server: nginx
etag: W/"4197-1666069570000"
expect-ct: max-age=86400; enforce;
vary: Origin
content-type: image/png
permissions-policy: midi=(),accelerometer=(),autoplay=(),gyroscope=(),microphone=(),camera=(),fullscreen=(),magnetometer=(),payment=()
accept-ranges: bytes
x-amz-cf-id: 6pLuJMickrnZ4XhomZftsdygn46smMFfVaQmI6N0e_qNRzEeoz6Ffg==

GET
H/1.1

200
OK

ibs:dpid=70027&dpuuid=4748693980785140386
dpm.demdex.net/ Frame F184
Redirect Chain

https://pix-us.revjet.com/idsync/adobe/1?aam_id=19218456480829474193117637085299996451&rurl=https%3A%2F%2Fdpm.demdex.net%2Fibs%3Adpid%3D70027%26dpuuid%3D%24%24visitor_id%24%24
https://dpm.demdex.net/ibs:dpid=70027&dpuuid=4748693980785140386

42 B
942 B

96ms
96ms

Image
image/gif

34.249.106.217
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://dpm.demdex.net/ibs:dpid=70027&dpuuid=4748693980785140386

Protocol

HTTP/1.1

Server

34.249.106.217 Dublin, Ireland, ASN16509 (AMAZON-02, US),

Reverse DNS

ec2-34-249-106-217.eu-west-1.compute.amazonaws.com

Software

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

DCS: dcs-prod-irl1-2-v044-0f70348c4.edge-irl1.demdex.com 3 ms
Pragma: no-cache
Strict-Transport-Security: max-age=31536000; includeSubDomains
content-encoding: gzip
X-Content-Type-Options: nosniff
X-TID: q0XqSHJVSxU=
P3P: policyref="/w3c/p3p.xml", CP="NOI NID CURa ADMa DEVa PSAa PSDa OUR SAMa BUS PUR COM NAV INT"
Content-Type: image/gif
Cache-Control: no-cache,no-store,must-revalidate,max-age=0,proxy-revalidate,no-transform,private
Connection: keep-alive
Content-Length: 59
Expires: Thu, 01 Jan 1970 00:00:00 UTC

Redirect headers

pragma: no-cache
date: Tue, 25 Oct 2022 15:21:22 GMT
access-control-allow-methods: GET, POST, OPTIONS
location: https://dpm.demdex.net/ibs:dpid=70027&dpuuid=4748693980785140386
cache-control: no-store
access-control-allow-credentials: true
content-length: 0
expires: Sat, 01 Jan 2000 12:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame F184
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/5w3jqr4k?redir=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dg8f47s39e399f3fe%26google_push%26google_sc%26google_hm%3D%24%7BTM_USER_ID_BASE64ENC_...
https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTFmXzhBQUFBSDl1RFFONg==

170 B
188 B

143ms
56ms

Image
image/png

172.217.16.194
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTFmXzhBQUFBSDl1RFFONg==

Protocol

Server

172.217.16.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s65-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 15:21:22 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

x-served-by: cache-lcy19238-LCY
pragma: no-cache
date: Tue, 25 Oct 2022 15:21:22 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1666711282.285635,VS0,VE0
x-cache: HIT
location: https://cm.g.doubleclick.net/pixel?google_nid=g8f47s39e399f3fe&google_push&google_sc&google_hm=WTFmXzhBQUFBSDl1RFFONg==
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

204
No Content

tap.php
pixel.rubiconproject.com/ Frame F184
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/btu4jd3a?redir=https%3A%2F%2Fpixel.rubiconproject.com%2Ftap.php%3Fv%3D7941%26nid%3D2243%26put%3D%24%7BUSER_ID%7D%26expires%3D90
https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y1f_8AAAAH9uDQN6&expires=90

0
239 B

191ms
52ms

Image
image/gif

69.173.144.165
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y1f_8AAAAH9uDQN6&expires=90
Protocol: HTTP/1.1
Server: 69.173.144.165 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Content-Type: image/gif
Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
X-RPHost: 37b22a0c36bd84993dd2cda4a5e04b1d
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"

Redirect headers

x-served-by: cache-lcy19238-LCY
pragma: no-cache
date: Tue, 25 Oct 2022 15:21:22 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1666711282.285825,VS0,VE0
x-cache: HIT
location: https://pixel.rubiconproject.com/tap.php?v=7941&nid=2243&put=Y1f_8AAAAH9uDQN6&expires=90
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame F184
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ZMAwryCI?redir=https%3A%2F%2Fdsum-sec.casalemedia.com%2Frum%3Fcm_dsp_id%3D88%26external_user_id%3D%24%7BTM_USER_ID%7D
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y1f_8AAAAH9uDQN6
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y1f_8AAAAH9uDQN6&C=1

43 B
766 B

40ms
40ms

Image
image/gif

185.80.39.216
CASALE-MEDIA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=88&external_user_id=Y1f_8AAAAH9uDQN6&C=1
Protocol: HTTP/1.1
Server: 185.80.39.216 , Canada, ASN27381 (CASALE-MEDIA, CA),
Reverse DNS
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 15:21:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Content-Type: image/gif
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=499
Content-Length: 43
Expires: 0

Redirect headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 15:21:22 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: /rum?cm_dsp_id=88&external_user_id=Y1f_8AAAAH9uDQN6&C=1
Cache-Control: no-cache
Connection: Keep-Alive
Keep-Alive: timeout=1, max=500
Content-Length: 0
Expires: 0

GET
H/1.1

200
OK

setuid
ib.adnxs.com/ Frame F184
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/UH6TUt9n?redir=https%3A%2F%2Fib.adnxs.com%2Fsetuid%3Fentity%3D158%26code%3D%24%7BTM_USER_ID%7D
https://ib.adnxs.com/setuid?entity=158&code=Y1f_8AAAAH9uDQN6

43 B
1 KB

41ms
40ms

Image
image/gif

185.89.211.84
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/setuid?entity=158&code=Y1f_8AAAAH9uDQN6

Protocol

HTTP/1.1

Server

185.89.211.84 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Pragma: no-cache
Date: Tue, 25 Oct 2022 15:21:22 GMT
AN-X-Request-Uuid: 3d145aa6-4773-47f5-8a83-6456d374ab4c
Server: nginx/1.21.3
Content-Type: image/gif
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Cache-Control: no-store, no-cache, private
Connection: keep-alive
X-Proxy-Origin: 217.138.196.99; 217.138.196.99; 959.bm-nginx-loadbalancer.mgmt.ams3.adnexus.net; adnxs.com
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

x-served-by: cache-lcy19238-LCY
pragma: no-cache
date: Tue, 25 Oct 2022 15:21:22 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1666711282.419840,VS0,VE0
x-cache: HIT
location: https://ib.adnxs.com/setuid?entity=158&code=Y1f_8AAAAH9uDQN6
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

sd
us-u.openx.net/w/1.0/ Frame F184
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/ny75r2x0?redir=https%3A%2F%2Fus-u.openx.net%2Fw%2F1.0%2Fsd%3Fid%3D537148856%26val%3D%24%7BTM_USER_ID%7D
https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y1f_8AAAAH9uDQN6

43 B
273 B

102ms
37ms

Image
image/gif

35.244.159.8
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y1f_8AAAAH9uDQN6
Protocol: H2
Server: 35.244.159.8 Kansas City, United States, ASN15169 (GOOGLE, US),
Reverse DNS: 8.159.244.35.bc.googleusercontent.com
Software: OXGW/0.0.0 /
Resource Hash: 4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 25 Oct 2022 15:21:22 GMT
via: 1.1 google
server: OXGW/0.0.0
vary: Accept
content-type: image/gif
p3p: CP="CUR ADM OUR NOR STA NID"
cache-control: private, max-age=0, no-cache
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 43
expires: Mon, 26 Jul 1997 05:00:00 GMT

Redirect headers

x-served-by: cache-lcy19238-LCY
pragma: no-cache
date: Tue, 25 Oct 2022 15:21:22 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1666711283.519396,VS0,VE0
x-cache: HIT
location: https://us-u.openx.net/w/1.0/sd?id=537148856&val=Y1f_8AAAAH9uDQN6
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H2

200

Pug
image2.pubmatic.com/AdServer/ Frame F184
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/b9pj45k4?redir=https%3A%2F%2Fimage2.pubmatic.com%2FAdServer%2FPug%3Fvcode%3Dbz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA%3D%26piggybackCookie%3D%24%7BUSER...
https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y1f_8AAAAH9uDQN6

0
225 B

104ms
30ms

Image
text/html

185.64.190.80
AS-PUBMATIC

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y1f_8AAAAH9uDQN6
Protocol: H2
Server: 185.64.190.80 , United Kingdom, ASN62713 (AS-PUBMATIC, US),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

content-type: text/html; charset=utf-8
date: Tue, 25 Oct 2022 15:21:22 GMT
cache-control: no-store, no-cache, private
content-encoding: gzip
server: nginx
p3p: CP="NOI DSP COR LAW CUR ADMo DEVo TAIo PSAo PSDo IVAo IVDo HISo OTPo OUR SAMo BUS UNI COM NAV INT DEM CNT STA PRE LOC"

Redirect headers

x-served-by: cache-lcy19238-LCY
pragma: no-cache
date: Tue, 25 Oct 2022 15:21:22 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1666711283.624082,VS0,VE0
x-cache: HIT
location: https://image2.pubmatic.com/AdServer/Pug?vcode=bz0yJnR5cGU9MSZqcz0xJmNvZGU9MjE5MSZ0bD0yNTkyMDA=&piggybackCookie=Y1f_8AAAAH9uDQN6
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

GET
H/1.1

200

partner
sync.search.spotxchange.com/ Frame F184
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/h0r58thg?redir=https%3A%2F%2Fsync.search.spotxchange.com%2Fpartner%3Fadv_id%3D6409%26uid%3D%24%7BUSER_ID%7D%26img%3D1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y1f_8AAAAH9uDQN6&img=1
https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y1f_8AAAAH9uDQN6&img=1&__user_check__=1&sync_id=af19ae9b-5478-11ed-ae8d-1ac054420406

43 B
548 B

46ms
46ms

Image
image/gif

185.94.180.125
SPOTX-AMS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.search.spotxchange.com/partner?adv_id=6409&uid=Y1f_8AAAAH9uDQN6&img=1&__user_check__=1&sync_id=af19ae9b-5478-11ed-ae8d-1ac054420406
Protocol: HTTP/1.1
Server: 185.94.180.125 Amsterdam, Netherlands, ASN35220 (SPOTX-AMS, US),
Reverse DNS
Software: nginx /
Resource Hash: e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

Date: Tue, 25 Oct 2022 15:21:22 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 87
Connection: keep-alive
Content-Length: 43

Redirect headers

Date: Tue, 25 Oct 2022 15:21:22 GMT
Server: nginx
Access-Control-Allow-Methods: GET, POST, OPTIONS
Content-Type: text/plain
Location: /partner?adv_id=6409&uid=Y1f_8AAAAH9uDQN6&img=1&__user_check__=1&sync_id=af19ae9b-5478-11ed-ae8d-1ac054420406
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
Access-Control-Allow-Credentials: false
X-fe: 125
Connection: keep-alive
Content-Length: 0

GET
H3

200

b.php
www.facebook.com/fr/ Frame F184
Redirect Chain

https://sync-tm.everesttech.net/upi/pid/r7ifn0SL?redir=https%3A%2F%2Fwww.facebook.com%2Ffr%2Fb.php%3Fp%3D1531105787105294%26e%3D%24%7BTM_USER_ID%7D%26t%3D2592000%26o%3D0
https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y1f_8AAAAH9uDQN6&t=2592000&o=0

43 B
71 B

197ms
153ms

Image
image/gif

2a03:2880:f12d:83:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y1f_8AAAAH9uDQN6&t=2592000&o=0

Protocol

Server

2a03:2880:f12d:83:face:b00c:0:25de Frankfurt am Main, Germany, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: en-GB,en;q=0.9
Referer: https://hilton.demdex.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.119 Safari/537.36

Response headers

date: Tue, 25 Oct 2022 08:21:22 PDT
content-encoding: br
x-content-type-options: nosniff
strict-transport-security: max-age=15552000; preload
document-policy: force-load-at-top
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400
x-fb-rlafr: 0
pragma: public
x-fb-debug: oOyzKvFh0bAL6iaV8JPWaLgcarDREo9oWvpG299Gm0b/IJamQKf7QVyPOrzMsSz7Ik6ckleVUnrUxcOwilIOXA==
cross-origin-opener-policy: same-origin-allow-popups
vary: Accept-Encoding
report-to: {"max_age":259200,"endpoints":[{"url":"https:\/\/www.facebook.com\/ajax\/browser_error_reports\/?device_level=unknown"}]}
content-type: image/gif
cache-control: public, max-age=0
priority: u=3,i
expires: Tue, 25 Oct 2022 08:21:22 PDT

Redirect headers

x-served-by: cache-lcy19238-LCY
pragma: no-cache
date: Tue, 25 Oct 2022 15:21:22 GMT
via: 1.1 varnish
server: Varnish
x-timer: S1666711283.822435,VS0,VE0
x-cache: HIT
location: https://www.facebook.com/fr/b.php?p=1531105787105294&e=Y1f_8AAAAH9uDQN6&t=2592000&o=0
cache-control: no-cache
accept-ranges: bytes
content-length: 0
retry-after: 0
x-cache-hits: 0

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: www.hilton.com
URL: https://www.hilton.com/dx-customer/auth/applications/token

Verdicts & Comments Add Verdict or Comment

112 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

48 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.hilton.com/	1970-01-20 06:58:38	Name: ak_bmsc Value: 6D1B114978DC740B1ADFE4DDD18FE1E5~000000000000000000000000000000~YAAQkaEkF4rT9ciDAQAAata7DxGsulLPS84FwUYD/WmkorxQmFs2TYA0jju5Ru6x6oa1iwLUcntioQ9VCnS99TmPOHbJ9j7Z1avW3Ltd4fHEVJr7FuwhC9/r9MkDDUG7T6+3h3B4nFgZhgaX5MNp9xWb2ytZZU96iC4KS7BtBfd1qaIaqNGydn3GsMcd2KEvN2rv4fBc9aaoay3Liq79BbxNGpeOel4Bt72YBg5ivRnJuZmBw6uLMQ8H5B/rUaakjBizQ0YAD3NeSivzRaDRrS8nAjUVdtgSV4UVJr2ft48ZFfN3irURihqEU0hNiJG1QcV8XzE9OmCT9A4H2XRlP6JTjJwcme7WDjCMGKl7TWOhviia8+uoIlzU8j+M4qUhSLyU6LFTnkmo9M39Tg==
.fonts.net/	1970-01-20 06:58:33	Name: __cf_bm Value: bc5.O5yzuqh8q6PkNQnjm.3MW4pCAgDVwLU5OLQ7OAk-1666711279-0-AR95aXmhfL+hxYck22xSKmeuWlKg63nF9WQWr6Uxs7fiA1Byq/+nbocEe9Fwfv2NIfsVJG6gPsA5ZPMrPsY0rGw=
travelagents.hilton.com/	1969-12-31 23:59:59	Name: saytUUID Value: a4adf83b-58ed-4fdc-a0e8-415163409811
.demdex.net/	1970-01-20 11:17:43	Name: demdex Value: 19218456480829474193117637085299996451
.hilton.com/	1969-12-31 23:59:59	Name: AMCVS_F0C120B3534685700A490D45%40AdobeOrg Value: 1
.hilton.com/	1969-12-31 23:59:59	Name: notice_behavior Value: expressed,eu
.hilton.com/	1970-01-20 16:34:31	Name: s_ecid Value: MCMID%7C19194874480057866443120068392229930604
.hilton.com/	1970-01-20 06:58:33	Name: gpv_v9 Value: hilton-travel-agents%3Ahomepage%3Aindex
.hilton.com/	1969-12-31 23:59:59	Name: s_cc Value: true
.hilton.com/	1970-01-20 16:34:31	Name: forterToken Value: 14f627fd8dc349f3a5715c9bdc4dd01d_1666711279769__UDF43_9ck
.hilton.com/	1970-01-20 16:34:31	Name: ftr_ncd Value: 6
.hilton.com/	1970-01-20 06:58:35	Name: ftr_blst_1h Value: 1666711280171
.travelagents.hilton.com/	1970-01-20 16:34:31	Name: _ga Value: GA1.3.611180594.1666711280
.travelagents.hilton.com/	1970-01-20 06:59:57	Name: _gid Value: GA1.3.2119525742.1666711280
.travelagents.hilton.com/	1970-01-20 06:58:31	Name: _gat_UA-58076041-2 Value: 1
.travelagents.hilton.com/	1970-01-20 07:41:43	Name: TMS Value: web-app%3D21883278%2Cweb%3D17836316%2CWeb-app%3D19485237%2Cweb-app%3D15300019%2Cweb-app%3D21881915%2Cweb-app%3D23364969%2Cweb-app%3D24568600%2Cweb-app%3D17998836
.travelagents.hilton.com/	1970-01-20 07:41:43	Name: aam_uuid Value: 19218456480829474193117637085299996451
.agkn.com/	1970-01-20 15:44:07	Name: ab Value: 0001%3AorNs%2F3oAHiPQ6qKodf7eC07j3%2Byiq2d2
.everesttech.net/	1970-01-20 15:44:07	Name: everest_g_v2 Value: g_surferid~Y1f_8AAAAH9uDQN6
.dpm.demdex.net/	1970-01-20 11:17:43	Name: dpm Value: 19218456480829474193117637085299996451
.rlcdn.com/	1970-01-20 08:24:55	Name: pxrc Value: CAA=
.hilton.com/	1970-01-20 16:34:31	Name: AMCV_F0C120B3534685700A490D45%40AdobeOrg Value: 1176715910%7CMCIDTS%7C19291%7CMCMID%7C19194874480057866443120068392229930604%7CMCAAMLH-1667316079%7C6%7CMCAAMB-1667316079%7CRKhpRz8krg2tLO6pguXWp5olkAcUniQYPHaMWWgdJ3xzPWQmdj0y%7CMCOPTOUT-1666718480s%7CNONE%7CMCAID%7CNONE%7CMCSYNCSOP%7C411-19298%7CvVersion%7C5.4.0
.turn.com/	1970-01-20 11:17:43	Name: uid Value: 3229401479939270603
.adnxs.com/	1970-01-20 09:08:07	Name: uuid2 Value: 7416363402887643939
.doubleclick.net/	1970-01-20 16:20:07	Name: IDE Value: AHWqTUk-kFYwShkGvTywrqhUaLatPpgjZjahqU8pn1dysGPQeBv-dy3yj9cQJGY4ae8
.quantserve.com/	1970-01-20 09:08:07	Name: d Value: EPgBDAG1J7mvYA
.quantserve.com/	1970-01-20 16:28:45	Name: mc Value: 6357fef0-f1c65-69b1c-0c11c
.bing.com/	1970-01-20 16:20:07	Name: MUID Value: 010C628DFE3161850D8870C5FF5260E5
prefmgr-cookie.truste-svc.net/	1970-01-20 06:58:31	Name: cookie_3rdparty Value: enabled
.yieldoptimizer.com/	1970-01-20 15:44:07	Name: fbh0 Value: %7B%7D
.yieldoptimizer.com/	1970-01-20 15:44:07	Name: gcma Value: %7B%22t%22%3A0%2C%22o%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-20 15:44:07	Name: rmxc Value: %7B%22t%22%3A0%2C%22e%22%3A%22%22%2C%22i%22%3Afalse%7D
.yieldoptimizer.com/	1970-01-20 15:44:07	Name: cktst Value: 349206109
.flashtalking.com/	1970-01-20 16:34:31	Name: flashtalkingad1 Value: "GUID=5411A8685D0104"
.yahoo.com/	1970-01-20 15:44:28	Name: A3 Value: d=AQABBPH-V2MCEOpWpW9qEVat6ECTra909m8&S=AQAAAk4FWosSTriSiBS-J3QW5zM
.yieldoptimizer.com/	1970-01-20 15:44:07	Name: ckid Value: 3016302421596
.yieldoptimizer.com/	1970-01-20 15:44:07	Name: dph Value: %7B%22t%22%3A%5B121095%5D%2C%22dp%22%3A%5B2233%5D%7D
.yieldoptimizer.com/	1970-01-20 15:44:07	Name: ph Value: %7B%22p%22%3A%5B1025%5D%2C%22t%22%3A%5B121095%5D%7D
.tribalfusion.com/	1970-01-20 09:08:07	Name: ANON_ID Value: aVnr6ipyXagbqiVREF6yolaZdvyBkGcbX6YLsdZcYEQI5pnPscNOm952QpjJShWsPBUfEm3ZcCd
consent-pref.trustarc.com/	1970-01-20 06:58:31	Name: token_test Value: Tue Oct 25 2022 15:21:21 GMT+0000 (GMT)
.crwdcntrl.net/	1969-12-31 23:59:59	Name: _cc_cc Value: ctst
.revjet.com/	1970-01-20 16:34:31	Name: trx Value: 4748693980785140386
.casalemedia.com/	1970-01-20 15:44:07	Name: CMID Value: Y1f.8nI8aolJdeHs5BmsagAA
.casalemedia.com/	1970-01-20 09:08:07	Name: CMPS Value: 5185
.casalemedia.com/	1970-01-20 09:08:07	Name: CMPRO Value: 5185
.adnxs.com/	1970-01-20 09:08:07	Name: anj Value: dTM7k!M4.FErk#WF']wIg2In5uav=[!]tbPl1MwL(!R7qUY'CXB1kT9(=v@Gahmpy%'5WwMmsPZ9RFMZ9bmtwgM/]vGiOaFcD1<ODYw?IEBnq=!#_PXUR1!h
.demdex.net/	1970-01-20 11:17:43	Name: dextp Value: 21-1-1666711280321\|60-1-1666711280422\|358-1-1666711280543\|470-1-1666711280667\|771-1-1666711280767\|1175-1-1666711280868\|20-1-1666711280969\|1957-1-1666711281070\|3047-1-1666711281170\|22054-1-1666711281271\|22069-1-1666711281372\|30646-1-1666711281472\|49276-1-1666711281573\|66013-1-1666711281674\|81309-1-1666711281774\|121998-1-1666711281878\|70027-1-1666711282002\|144230-1-1666711282103\|144231-1-1666711282204\|144232-1-1666711282305\|144233-1-1666711282406\|144234-1-1666711282506\|144235-1-1666711282607\|144236-1-1666711282708\|144237-1-1666711282809
.spotxchange.com/	1970-01-20 07:38:50	Name: audience Value: af19ae5f-5478-11ed-ae8d-1ac054420406

3 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://s3.amazonaws.com/icomoon.io/67203/BrandBar-Black-EnterpriseUpdate/style.css?sgeesd Message: Failed to load resource: the server responded with a status of 403 (Forbidden)
javascript	error	URL: https://travelagents.hilton.com/? Message: Access to XMLHttpRequest at 'https://www.hilton.com/dx-customer/auth/applications/token' from origin 'https://travelagents.hilton.com' has been blocked by CORS policy: Response to preflight request doesn't pass access control check: No 'Access-Control-Allow-Origin' header is present on the requested resource.
network	error	URL: https://www.hilton.com/dx-customer/auth/applications/token Message: Failed to load resource: net::ERR_FAILED

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=31536000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

14f627fd8dc349f3a5715c9bdc4dd01d-4dc2aa82bc5e.cdn.forter.com
4dc2aa82bc5e.cdn4.forter.com
a.tribalfusion.com
aa.agkn.com
assets.adobedtm.com
bttrack.com
c.bing.com
c48c230edebef37baa0b-7924816fb41fd531ce97ed2a0e88770c.ssl.cf2.rackcdn.com
cdn.jsdelivr.net
cdn3.forter.com
cdn9.forter.com
cdnjs.cloudflare.com
cm.everesttech.net
cm.g.doubleclick.net
cms.analytics.yahoo.com
cms.quantserve.com
consent-pref.trustarc.com
consent-st.trustarc.com
consent.trustarc.com
d.turn.com
d3nocrch4qti4v.cloudfront.net
dpm.demdex.net
dsum-sec.casalemedia.com
fast.fonts.net
fonts.hilton.com
get.truex.com
googleads.g.doubleclick.net
hilton.demdex.net
ib.adnxs.com
idsync.rlcdn.com
image2.pubmatic.com
mcasproxy.azureedge.net
mpp.vindicosuite.com
pix-us.revjet.com
pixel.rubiconproject.com
prefmgr-cookie.truste-svc.net
rtb.adentifi.com
s.tribalfusion.com
s3.amazonaws.com
servedby.flashtalking.com
smetric.hilton.com
sync-tm.everesttech.net
sync.crwdcntrl.net
sync.search.spotxchange.com
tag.yieldoptimizer.com
travelagents.hilton.com
travelagents.hilton.com.admin-eu.cas.ms
us-u.openx.net
www.facebook.com
www.google-analytics.com
www.google.co.uk
www.google.com
www.googletagmanager.com
www.hilton.com
www.hilton.com
108.157.4.31
13.224.189.63
13.225.78.23
13.225.78.53
13.226.153.11
15.236.176.210
151.101.66.49
172.217.16.194
185.64.190.80
185.80.39.216
185.89.211.84
185.94.180.125
192.132.33.46
2001:678:cb4:bbbb::13
209.197.3.19
212.82.100.182
216.223.26.58
23.35.236.144
23.36.162.87
2600:9000:20eb:4e00:7:bffe:c3c0:21
2606:4700::6810:5914
2606:4700::6811:190e
2606:4700::6811:e14e
2606:4700::6812:19ad
2620:116:800d:21:93ca:31d8:d86e:38f6
2620:1ec:c11::200
2a00:1450:4001:813::2004
2a00:1450:4001:82a::2008
2a00:1450:4001:82a::200e
2a00:1450:4001:830::2002
2a00:1450:4001:831::2003
2a02:26f0:1700:d::1737:6e8f
2a02:26f0:3500:1b::1724:a391
2a02:26f0:3500:587::1e80
2a02:26f0:480:280::b58
2a03:2880:f12d:83:face:b00c:0:25de
3.209.248.234
3.234.25.89
34.249.106.217
34.251.218.252
34.252.144.191
35.186.212.60
35.186.236.204
35.244.159.8
35.244.174.68
44.208.109.123
51.137.137.121
54.160.100.205
54.231.140.240
54.74.40.111
54.83.243.105
69.173.144.165
000ba6bbf2ea6bab352ea1306461ba1771098a0e52ed83aa0f2aaad29771fc67
011b24c96a943f5b08458bd35d202df084234f1e4af21197113f4486e7f18f39
0655d14e7fe9eb2c94ea6e74f6daba5288b8dbe3c163c41cd5dbd8529e228609
0784ada5af72a6a4576a4bc6360523f39b68d814ac829e5355ed0ce8a305b05c
0aeb4ecf1091b9c52c9fa0ba4dc118b1abafbd88a51278935e574f6baff0bb49
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0bf42a9908eeeaf64b7a9599f64723d263e4e86f61ed17c7592512c311d6e5aa
0e6cb40ec8e9171897f19cf3d686fdec20282b5510f42f9b403870f8c09cb3cc
0ed1d0603edc52e4cc52c69194493988ec9e706cc649bd8c86b3423cc43d5cde
11304b88bdf5cd5f42513b9aa8bd3206653770f4f125b852285db812c731cf24
135c4579ea5b9b7c6832c94e5c0a8d30e6410f9a771ed875deb88118fbb860ce
137d2a86a0742fc383c2d69e6dc0fc440907a6767f75eb1c7002aa7f68b37d0a
13e0f1d162f0439e56875ab74a8f085e0f27244c6b42e3d4b7a8484ddf8aa7c5
1443f37c720d3ae02458092998be68bd1a1549864ed48a94104e245da65c3f85
145287b36883dd3061ca7aa9229a8fa9ace2cccd50e0382b4b6201f3916b57c5
166fbba110da9e6d0ff901beff2953d0d45631975909a2c84653538f6d326f0c
196082cb088031c0802979799b684de22707173118754b59dde7e362333ffd57
1b34a42552c96f10e4dfaaa4a367276b03868aacff63c1ac42ffe331352bc754
1b8a874faf2df688da9111a7a5709c02cd12cb3c838dd91bff067199003bfcf6
1cc52f91b6f704e42fa38e0183f6a46f4c4dddffc173788a74871d70b1237178
1eeab1cb779471a0b0aaa93dd91c2eb1aa537d696f01ab05ea9dabc55e8525a1
1f4513a435d6a3047d20a50c1e7d4263de42146c74be227f774b5e82e6357e75
1ffe0083c43292aaba8148fe6d7286bd27381ea13fef76b9e545a22d8bbd8af5
27139a04d218fc7a4d17732d88755f7e8947f03fa662d5fa5b52cb22764d3499
2752f406f0e8372e8889cfe92650bd07ee8dbe20294d1e6ba971b54e81a74e08
2bfe0bfebc6bf40e5f73c03389ba8285505bc2f45d739d1efd5ca830f940a51d
2d850c1d78b2b35152f5f7c6527c6e91f3f350b1a3afabacfb6a33c6932ad04c
2ea4b17fbe1de942b1d8b0a9de4a49f0336815c5d20baf2adafe64d3d52ec02a
2ecd295d295bec062cedebe177e54b9d6b19fc0a841dc5c178c654c9ccff09c0
2fff4211eff3af4d41e0321371f68d1725412f0db56bcc7e240ba3fba0b82980
32678aee57fc2626b646c548db3666c173802e6c5e5469ba8f33317d18e768dd
38f3da99991a618e08e1baf6bde25fbeb97d705fcc82556ac5b74f2bed5568a0
3e41b62116935141d5db7d56979cf58d387bc277ec27ebdbcdc224ebcf71ccb0
3e927ed316847052f97c5f40f2f03a42010b7e8867ed23d9461c16ba2807530e
43bd8abafbd24e39fd7d23369cfd4fec88f742dd617d7f87eee499d9df3ebba4
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
4858af0bdd1175d3f6c795eb053e7cae348ecb67f0633020d7d925c7672de871
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4c30e91bd3df8c63672ea741264cbf327b46ab1ff6ae1133ccda6aff0d7b5800
4d4eb76feee639eacabc367ec763adf72bb2bb6ca4f3274548f586aaf51f5577
4df37ceba56df32026121502f875eccd7cf811d423a628c277ab2cf91b6b2e4a
4e0705327480ad2323cb03d9c450ffcae4a98bf3a5382fa0c7882145ed620e49
4f62d97920de18c31be9e5baf06f5726d6496747f040f876216d168702a23855
4fc2a734c1185baad67510171d696c3e97714fae2c97095751cc9e067bc435fd
53df42c464be45f7dc8c5e0a5bd2e21b029410b0a78d0fa616b8e6c08e144959
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
58276ab79c7113702eed8d82759938361ac3107df2281900a083ed4030723458
59ffa435b6596e695af9b41ae8939ade6bf3e420bf5fb56dd908033d132b24e3
5a3f1dd74233f605e511f1b5b244bedf85ac88ba264caf4d6401bc7ec2017dcd
5a99f046c6ad412a55ad0463cf833f481ddcb3c507ebb2293b6a302debb84f36
5d59d71fa30604e26c815b2bcfea777bef1564467e2ff9b1b4dc45ca2ee0f6fe
62f3f809487194fcc55a3ebd88811a604ae496027bb425d4ebd15d9ae1921945
66bc95f7f799802ad82d77734d98ae3e75aa8fb81d41835936317e754920157f
69fcf7682b771176634dc54deb0c412cf9ec40df931d56a0480ee51b47ed1598
6adc3d4c1056996e4e8b765a62604c78b1f867cceb3b15d0b9bedb7c4857f992
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
6c13f0b0b794640aea51193982e26abc76993198aeb6e239450e493b36805aee
717f6bb5f6cc69c444f54376a72dee0ca7968b2a12e7c9475247ec85c0e75a53
730e3c9b27e49d5225fa98fae92003d8570afbe4c6cfca5cb618657c91ce9fd8
77a070e285e6872f82514f6ce29f46d543c017249230f6e599b400d3e8e60ee4
7a2ffdbb208abc0c4162ae77535687b761c1e9a98a034cfe8dba4bff522c80c4
7bea17a80a61ed0f54248b4ffc4c718f7c8ff2619742577a73591d62ce074da8
7da42a7d4e4a73a69bbb2420186f83ef0b718461fa8c98b749e1445aa8486cef
7e6156170771b7ed1e7ec8f410794f2c1f8f21f3970f18f557d36421b477c6ac
861d5aec75aa7053fcb885fd8bc97167229bfc7eb072258571a6a32475eae799
88413f61b5afa2ea6bcfa7b251576584f38af0b9c6dbe8fc263930da30635cba
884a047805f359f91f460d7f4fb27f63c6c220e90d4b7aebc1a181cda64f24a0
8cd45983252377ab47167a01dc25622b9a2ed372ccef7809b5b987e7f5804aee
8dae7901b50b7848ec5e9e7dffff1c2defee056f45271d0a65cd54c532ac94ce
8e09e2d8b20a0ede319057aff0d4f6cf2772a49191555fea643c7c5f38a7127d
91c4a6c4295f8889e8b04339a4a2c2e86d5eef71ba808164e641d0d8a6435004
92c10bebe77ca5588a84ec105739eb706c6d0b24645aaad513e1334b660ac41d
9448515fe8480ccdfbfbe97e27235d99c9f93809a32a81cc36d26293959141f1
94de9ee3da796e4cdc8287752e127bd68a3fe6fb40f662502f1d57031f03f9c5
968d28d7b73b766de060de25723f0f37d27b7acc0978ff32652391de31c0d1e4
9755d39452a623f4bae5a2dafd739f3a9de710f8906dc91c54b336aac8b8969d
98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a
98d5c358f231c0c11e3639fb5367b581dcf0a41af2e877a7434fb45b65b2ea51
9a3922ab13028b40a17d282752146872724c3f994b88d7329227f1300f4de7b7
9d599d83777032d817cd3022b0a9b6b7227f3f9e14a043d8929d43168be95e35
9f14bd5a8d478749fec7908827e1543c62599f154a5dd875fab9e0fac61e9575
a2287bb22f8ed8285baec2e9b8cfd84ea46d0a142884bea029c7c396fa3a0d9f
a2de091c86c5a7b6dcc572eb6e5a76c2cd72ce27a2042a8dc2974f15b33566ed
a3c954e6d1422643abfe41e74b726918caa087460903ec4267bc4e5293132451
adaca36fc58d8220e4a05b655b1542f7df1a96010f52331b0cf17df5f3405d1e
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b42e4a056cb5b80c5a315040826866445ec9332f0749e184509ab2d9d3b86719
b42e7735dd913acebf161bd1ac04dd72ff228a0740513f936e52d2f6019c7deb
b444739d51f5f630511e5df4b3dfca22e20348a59b8be2ae75dd71a6f4042ac2
bbdd2d949277274cd5c44236484aab5740dfec2c1be5e0f752756e62da040a44
bd59a3806799aa7610972a2bb1f209c46a0c565c4923ea11805d4784f44ab319
c745b43f7ad54bdfa3b2e6ce8c9161e7fd807bdbbf12b8350bdcdc5e822a1a47
ce42082caa01202b97830bbe535f76be667347389f4f4af816ed9e4e4cd25519
cf25ec18f223f4c51ce1128a42e644cdc2244d88f89d1a51440d9dbe51f4efe8
cfa4361cb8bee4c0a46ec59d4cf217b7bb14a3b2f1e6700b3b624c5b9f68b5c9
d3452ec1127967b4fce882b728a14e85f0b78d22024081936dfd4f25bfbc16c5
d35e81f16472f5165ee4f58d32d74a59a884c6c63f1bda9d926bfecd185dc093
d692a67352a3dfa80010c86a62761cfff05c0b1086618106a8576cc45a6a8115
d8423bf4b5de35b52811e6b7068a7d8d30623e888b77cb563d791674e52f229c
dfb267397f133130bcfda36885fc493fee5c1802af8302ce575e5e8474959382
e20c7bc7c345030cbe18c4e037699ed7165523ef59b67b9eb697ceef9bdfee6e
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e41b9610a95ee93504ea5fc9bc315828d8c58f12a52976afc2ebb508d85921e5
e5356c4d200584b116d9ac14f89d883b120dbe4d7878914a4fa22358074c74f8
e5707589f706a1488de683eb2a3d30b733fff4ea26e6fac5994e37c0c658ed03
e586a84d8523747f42e510d78e141015b6424cf67d612854e892a7bcedc8ec9e
e64df378da99bb35cf9f065d40443123d8641d16b67fe03f08a2cb38cdc60480
e99db7d2cb2d5bd2bf4e28499a9d48cd94731df7cbe14da008cdbe7ce10bd3f1
eb14baeac955bb11e33cd7fd3fd2f698cf20db1b450325f45ea843b6cdc82366
eb7cfd3d959b2e09c170f532e29f8b825f9bc770b2279fde58e595617753e244
eb9508f2d483676c9bee2b0993657ae32501de42a7853470eda5289b820b2434
edb8ba69fe162a13a329b58f865eda5da6923d3e346742b4d690968e14c7beaa
ee53ada617f2674cbd706e3b24fc6738c7f53f2f7a3a959e71f611aa850dc946
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f1ba71d3bf034aeceecb8895e71a44f4806dbb5bcc44e46fd8fc461a774eb880
f76a484bb66130b90832bfe73e4b5acb2da46d8dac2abb34b6d60ecab7f4365a
fe910a0c461b557d28a1d416816c275dae3610e35c04b67c007b3cc605b0caf2
ff68bed447431c5933863a16b0a469a955d1512f3d880d2d785d4ea3924d927e
ff734158c5af55b218a31f69e4b0c7861e99a13d1311e1ebf337ca40a7183531

travelagents.hilton.com Open in urlscan Pro 2a02:26f0:3500:1b::1724:a391 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

147 Requests

82 %HTTPS

35 %IPv6

42 Domains

54 Subdomains

38 IPs

7 Countries

4509 kBTransfer

7076 kBSize

48 Cookies

12 Outgoing links

Page URL History

Redirected requests

147 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

travelagents.hilton.com Open in urlscan Pro
2a02:26f0:3500:1b::1724:a391 Public Scan

Screenshot
Live screenshot

Full Image

147
Requests

82 %
HTTPS

35 %
IPv6

42
Domains

54
Subdomains

38
IPs

7
Countries

4509 kB
Transfer

7076 kB
Size

48
Cookies

147 HTTP transactions
7 data transactions