Submitted URL: http://click.e.sonesta.com/?qs=880289f6765686ddfa43e87f86b620f02322f6bda18e98c46574221db405d98e5e50af3a505e6fe72f5f6eedec91...
Effective URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219...
Submission: On December 24 via api from US

Summary

This website contacted 11 IPs in 5 countries across 9 domains to perform 56 HTTP transactions. The main IP is 192.0.78.13, located in San Francisco, United States and belongs to AUTOMATTIC - Automattic, Inc, US. The main domain is blog.sonesta.com.
TLS certificate: Issued by Let's Encrypt Authority X3 on December 1st 2019. Valid for: 3 months.
This is the only time blog.sonesta.com was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 1 68.232.203.70 22606 (EXACT-7)
1 2 192.0.78.13 2635 (AUTOMATTIC)
10 192.0.77.32 2635 (AUTOMATTIC)
7 95.100.67.47 16625 (AKAMAI-AS)
11 2606:4700::68... 13335 (CLOUDFLAR...)
4 2a04:fa87:fff... 2635 (AUTOMATTIC)
4 192.0.76.3 2635 (AUTOMATTIC)
16 192.0.72.21 2635 (AUTOMATTIC)
1 2 2a00:1450:400... 15169 (GOOGLE)
1 192.0.78.18 2635 (AUTOMATTIC)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 1 2a00:1450:400... 15169 (GOOGLE)
1 2a00:1450:400... 15169 (GOOGLE)
56 11
Domain Requested by
16 sonestahotels.files.wordpress.com blog.sonesta.com
11 www.sonesta.com blog.sonesta.com
6 use.typekit.net s0.wp.com
use.typekit.net
5 s0.wp.com blog.sonesta.com
3 pixel.wp.com blog.sonesta.com
3 0.gravatar.com blog.sonesta.com
s1.wp.com
3 s1.wp.com blog.sonesta.com
2 ssl.google-analytics.com 1 redirects blog.sonesta.com
2 s2.wp.com blog.sonesta.com
2 blog.sonesta.com 1 redirects
1 p.typekit.net blog.sonesta.com
1 www.google.de blog.sonesta.com
1 www.google.com 1 redirects
1 stats.g.doubleclick.net 1 redirects
1 r-login.wordpress.com blog.sonesta.com
1 secure.gravatar.com blog.sonesta.com
1 stats.wp.com blog.sonesta.com
1 click.e.sonesta.com 1 redirects
56 18
Subject Issuer Validity Valid
tls.automattic.com
Let's Encrypt Authority X3
2019-12-01 -
2020-02-29
3 months crt.sh
*.wp.com
Go Daddy Secure Certificate Authority - G2
2018-04-10 -
2020-05-11
2 years crt.sh
*.typekit.net
DigiCert SHA2 Secure Server CA
2019-12-06 -
2021-12-10
2 years crt.sh
*.sonesta.com
Trusted Secure Certificate Authority DV
2018-11-14 -
2020-10-31
2 years crt.sh
*.gravatar.com
COMODO RSA Domain Validation Secure Server CA
2018-09-06 -
2020-09-05
2 years crt.sh
*.files.wordpress.com
Sectigo RSA Domain Validation Secure Server CA
2019-01-15 -
2021-01-14
2 years crt.sh
*.google-analytics.com
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh
*.wordpress.com
COMODO RSA Domain Validation Secure Server CA
2018-09-06 -
2020-09-05
2 years crt.sh
www.google.de
GTS CA 1O1
2019-12-03 -
2020-02-25
3 months crt.sh

This page contains 2 frames:

Primary Page: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Frame ID: CFEAC21E47569AF862F5FD24C4F8176D
Requests: 56 HTTP requests in this frame

Frame: https://r-login.wordpress.com/remote-login.php?wpcom_remote_login=key&origin=aHR0cHM6Ly9ibG9nLnNvbmVzdGEuY29t&wpcomid=70984434&time=1577146247
Frame ID: 99180B9E395878477191713D4EFE05E5
Requests: 1 HTTP requests in this frame

Screenshot


Page URL History Show full URLs

  1. http://click.e.sonesta.com/?qs=880289f6765686ddfa43e87f86b620f02322f6bda18e98c46574221db405d98e5e50af3a... HTTP 302
    http://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Ema... HTTP 301
    https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Ema... Page URL

Detected technologies

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • html /<link[^>]+s\d+\.wp\.com/i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • html /<link[^>]+s\d+\.wp\.com/i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i

Overall confidence: 100%
Detected patterns
  • html /<link rel=["']stylesheet["'] [^>]+\/wp-(?:content|includes)\//i
  • html /<link[^>]+s\d+\.wp\.com/i
  • script /\/wp-(?:content|includes)\//i
  • meta generator /^WordPress ?([\d.]+)?/i

Overall confidence: 100%
Detected patterns
  • headers server /nginx(?:\/([\d.]+))?/i

Overall confidence: 100%
Detected patterns
  • script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

Page Statistics

56
Requests

100 %
HTTPS

46 %
IPv6

9
Domains

18
Subdomains

11
IPs

5
Countries

2926 kB
Transfer

3742 kB
Size

6
Cookies

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

  1. http://click.e.sonesta.com/?qs=880289f6765686ddfa43e87f86b620f02322f6bda18e98c46574221db405d98e5e50af3a505e6fe72f5f6eedec9153422538ff0468aed5ac HTTP 302
    http://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021 HTTP 301
    https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021 Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 46
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1739202229&utmhn=blog.sonesta.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Sonesta%20Hotels%20%E2%80%93%20A%20blog%20from%20Sonesta&utmhid=981456405&utmr=-&utmp=%2F%3Futm_medium%3Demail%26utm_campaign%3D120219-WinterSale2%26utm_source%3DCorporate%252520Emails%26src%3Demail_120219-WinterSale2%26sv_svemi%3D106215021&utmht=1577146247568&utmac=UA-733428-1&utmcc=__utma%3D132172381.186422626.1577146248.1577146248.1577146248.1%3B%2B__utmz%3D132172381.1577146248.1.1.utmcsr%3DCorporate%2520Emails%7Cutmccn%3D120219-WinterSale2%7Cutmcmd%3Demail%3B&utmjid=121351036&utmredir=1&utmu=qAAAAAAAAAAAAAAAAAAAAAAE~ HTTP 302
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-733428-1&cid=186422626.1577146248&jid=121351036&_v=5.7.2&z=1739202229 HTTP 302
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-733428-1&cid=186422626.1577146248&jid=121351036&_v=5.7.2&z=1739202229 HTTP 302
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-733428-1&cid=186422626.1577146248&jid=121351036&_v=5.7.2&z=1739202229&slf_rd=1&random=3090445735

56 HTTP transactions

Resource
Path
Size
x-fer
Type
MIME-Type
Primary Request /
blog.sonesta.com/
Redirect Chain
  • http://click.e.sonesta.com/?qs=880289f6765686ddfa43e87f86b620f02322f6bda18e98c46574221db405d98e5e50af3a505e6fe72f5f6eedec9153422538ff0468aed5ac
  • http://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
  • https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
77 KB
19 KB
Document
General
Full URL
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.13 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
887323b40e8f7152c67fa1307fd55575d55c23bbeedb90dd32a0244bdeecc9f3
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

:method
GET
:authority
blog.sonesta.com
:scheme
https
:path
/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
none
sec-fetch-mode
navigate
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
server
nginx
date
Tue, 24 Dec 2019 00:10:47 GMT
content-type
text/html; charset=UTF-8
strict-transport-security
max-age=86400
vary
Accept-Encoding
x-hacker
If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
link
<https://wp.me/4NQie>; rel=shortlink
content-encoding
gzip
x-ac
1.ams _dfw

Redirect headers

Server
nginx
Date
Tue, 24 Dec 2019 00:10:46 GMT
Content-Type
text/html
Content-Length
162
Connection
keep-alive
Location
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
X-ac
1.ams _dfw
webfont.js
s0.wp.com/wp-content/plugins/custom-fonts/js/
12 KB
5 KB
Script
General
Full URL
https://s0.wp.com/wp-content/plugins/custom-fonts/js/webfont.js
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
cb8943abdc046f98c2a74cbe013552f1ed2a5746fd76546ed63f60d32dd83615

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Tue, 24 Dec 2019 00:10:47 GMT
content-encoding
gzip
server
nginx
etag
W/"5867460b-30cd"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
x-ac
4.5am _dfw
expires
Tue, 04 Feb 2020 04:32:47 GMT
/
s2.wp.com/_static/
284 KB
73 KB
Stylesheet
General
Full URL
https://s2.wp.com/_static/??-eJydU9tOwzAM/SHSrBK78ID4lrT1Mo9cqsRZ6b4ep+3YYKygvkS+nHNs2Y7sWlF7R+BI2iRakzS6KLu29lZEiwb6H15Rx/gkf6cZfIcoj0Ctqt/F4M3B0e3RIfVfxh34gtSJ3QqC5kwAuS3KYiWrhKaRlfFDrSqo0MtIvYF/yAysa6twYhjDk6PGd26pjFG9TyR0wGapRFCETseldEILBh38wd8nY0REAgEN5oLTTuSqKHd5pBzwkeIoLxuMJE8I3UPB2k+NlCzAuxkYY6gYWxm2tbChsRfDmrcN/YzOnVo+G47bVlFGWK6iwIBl2Bytw0YDMT1ebEHwMU8ZPktVtQFiFPxaTFbQgWvdf4YxLCeUbNP5bB7t7qaGBgcBOfHAHLkonacxdTHmRb3gMfL9effNEXujMMxRA+STYVMPk7q6cyRVZ/FKhau18Dy08ZXifB5b/jncdc3Hp9z9SUwDPzxPpAx4s6/lervZrVfly+b4CTf16ME=?cssminify=yes
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
859d9ad4246329cffcd6c71bd45bc3da8f23432624c9c32de85e0dd64a9374c8

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Tue, 24 Dec 2019 00:10:47 GMT
content-encoding
gzip
last-modified
Fri, 20 Dec 2019 13:56:57 GMT
server
nginx
etag
W/"5dfcd329-46f37"
vary
Accept-Encoding
content-type
text/css;charset=utf-8
status
200
cache-control
max-age=31536000
x-ac
3.ams _dfw
expires
Tue, 22 Dec 2020 17:30:13 GMT
/
s1.wp.com/_static/
171 KB
55 KB
Script
General
Full URL
https://s1.wp.com/_static/??-eJyFj9EKwjAMRX/Irsjo8EX8ljrjTF3a2qQO9/VWmehwKAQCyYF7rh6iQt/2+QCsXZlLhnSbVuV4pX8BirBLVqAi9C+4DV7Ay4ONgYWA2Xaw8KWwxx5UZkgF8FJijmGBmyuhvyIMfzEHEm17VgkYx690OUHx0jEBYSYd8zj28HSy7yKfrTku3+ehE7Wj7dqYTW2axtTuDtZKhBM=
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
fa3b43b9d4fad7acfcf745c3f36a549b43490484e7818d15119c4bfd32f90640

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Tue, 24 Dec 2019 00:10:47 GMT
content-encoding
gzip
last-modified
Mon, 20 May 2019 12:51:00 GMT
server
nginx
etag
W/"5ce2a2b4-2ac5f"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
x-ac
3.ams _dfw
expires
Tue, 19 May 2020 13:27:32 GMT
style.css
s0.wp.com/wp-content/mu-plugins/highlander-comments/
19 KB
4 KB
Stylesheet
General
Full URL
https://s0.wp.com/wp-content/mu-plugins/highlander-comments/style.css?m=1530132353h&cssminify=yes
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
89d01b152beefa0885d7821cea6cc319054d5e272549b004479a6ac81ecafee3

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Tue, 24 Dec 2019 00:10:47 GMT
content-encoding
gzip
server
nginx
etag
W/"5b33f7b7-5e1f"
vary
Accept-Encoding
content-type
text/css
status
200
cache-control
max-age=31536000
x-ac
4.5am _dfw
expires
Tue, 04 Feb 2020 04:32:40 GMT
/
s0.wp.com/
4 KB
1 KB
Stylesheet
General
Full URL
https://s0.wp.com/?custom-css=1&csblog=4NQie&cscache=6&csrev=159
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
f0f86f9b7df3fbb57ddfa3abab8d0a936e35a0094d421043a545f6ec1a1632e2

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-hacker
If you're reading this, you should visit automattic.com/jobs and apply to join the fun, mention this header.
date
Tue, 24 Dec 2019 00:10:47 GMT
content-encoding
gzip
server
nginx
vary
Accept-Encoding
content-type
text/css;charset=utf-8
status
200
expires
Thu, 03 Dec 2020 03:14:34 GMT
x-ac
3.ams _dfw
x-nc
HIT ams 1
wp-emoji-release.min.js
s0.wp.com/wp-includes/js/
14 KB
5 KB
Script
General
Full URL
https://s0.wp.com/wp-includes/js/wp-emoji-release.min.js?m=1573557586h&ver=5.3.2
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Tue, 24 Dec 2019 00:10:47 GMT
content-encoding
gzip
server
nginx
etag
W/"5dca955d-362a"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
x-ac
3.ams _dfw
expires
Fri, 18 Dec 2020 17:40:23 GMT
qjj8rno.js
use.typekit.net/
19 KB
8 KB
Script
General
Full URL
https://use.typekit.net/qjj8rno.js
Requested by
Host: s0.wp.com
URL: https://s0.wp.com/wp-content/plugins/custom-fonts/js/webfont.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
388d2de5a2826a62b4d222077e270e605264c2ac1a01e59837112d4c5bd488ce
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; includeSubDomains;

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=31536000; includeSubDomains;
content-encoding
gzip
server
nginx
access-control-allow-origin
*
date
Tue, 24 Dec 2019 00:10:47 GMT
vary
Accept-Encoding
content-type
text/javascript;charset=utf-8
status
200
cache-control
public, max-age=600, stale-while-revalidate=604800
timing-allow-origin
*
content-length
7467
makeareservation.png
www.sonesta.com/sites/default/files/
773 B
904 B
Image
General
Full URL
https://www.sonesta.com/sites/default/files/makeareservation.png
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1c37d25348135b4ef43c69184ab191bf926e227e75982520e9172c72290e0f7a
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 24 Dec 2019 00:10:47 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
age
445724
x-cache
HIT
status
200
x-ah-environment
prod
content-length
773
x-request-id
v-0da52258-21d4-11ea-b6ed-8f3f1856155c
last-modified
Fri, 10 Feb 2017 20:16:23 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
expires
Wed, 01 Jan 2020 20:22:03 GMT
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
549e5aae9a40cbc4-VIE
x-cache-hits
1053
twitter.png
www.sonesta.com/sites/default/files/
742 B
868 B
Image
General
Full URL
https://www.sonesta.com/sites/default/files/twitter.png
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0370314abc5fbb2cbfdf7aa3ff4e16a2314985f2c9daf3d1073f7bc091d1f386
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 24 Dec 2019 00:10:47 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
age
445723
x-cache
HIT
status
200
x-ah-environment
prod
content-length
742
x-request-id
v-0dc63a4c-21d4-11ea-ad2a-0739300aeae4
last-modified
Thu, 31 Mar 2016 02:56:27 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
expires
Wed, 01 Jan 2020 20:22:03 GMT
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
549e5aae9a49cbc4-VIE
x-cache-hits
64974
facebook.png
www.sonesta.com/sites/default/files/
527 B
682 B
Image
General
Full URL
https://www.sonesta.com/sites/default/files/facebook.png
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
248b82483f6d8d123fd9589de1d34015c499fe6e3096d2bbe440298de57e3e99
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 24 Dec 2019 00:10:47 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
age
445722
x-cache
HIT
status
200
x-ah-environment
prod
content-length
527
x-request-id
v-0ea5fa74-21d4-11ea-bb21-6f73c8aad532
last-modified
Thu, 31 Mar 2016 02:55:56 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
expires
Wed, 01 Jan 2020 20:22:05 GMT
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
549e5aae9a4acbc4-VIE
x-cache-hits
64810
pinterest.png
www.sonesta.com/sites/default/files/
954 B
1 KB
Image
General
Full URL
https://www.sonesta.com/sites/default/files/pinterest.png
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
afd541b9365d9916a8767f77f9e20dbd3d613830d1128b6a115ac05dca2c2192
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 24 Dec 2019 00:10:47 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
age
445711
x-cache
HIT
status
200
x-ah-environment
prod
content-length
954
x-request-id
v-155bad6e-21d4-11ea-9885-9b491381b4c7
last-modified
Thu, 31 Mar 2016 02:54:58 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
expires
Wed, 01 Jan 2020 20:22:16 GMT
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
549e5aae9a4dcbc4-VIE
x-cache-hits
26415
Instagram_0.png
www.sonesta.com/sites/default/files/
688 B
1 KB
Image
General
Full URL
https://www.sonesta.com/sites/default/files/Instagram_0.png
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
530b5f1f2046cfd0428c7b3e0ae242a80c53d214318fda43eadf99015eeb5c12
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 24 Dec 2019 00:10:47 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
age
445723
x-cache
HIT
status
200
x-ah-environment
prod
content-length
688
x-request-id
v-0ddd38dc-21d4-11ea-aec5-63182b2bfb74
last-modified
Wed, 08 Nov 2017 19:12:26 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/png
expires
Wed, 01 Jan 2020 20:22:03 GMT
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
549e5aae9a4ecbc4-VIE
x-cache-hits
57681
royal-sonesta.svg
www.sonesta.com/sites/all/themes/sonesta/components/footer-branding/
6 KB
3 KB
Image
General
Full URL
https://www.sonesta.com/sites/all/themes/sonesta/components/footer-branding/royal-sonesta.svg
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
1822af20ab4d3d2cc76bfa9483755cd4b68645b5d411cbe77950def9f17123ad
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 24 Dec 2019 00:10:47 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
age
445663
x-cache
HIT
status
200
x-ah-environment
prod
content-encoding
gzip
x-request-id
v-31db4706-21d4-11ea-853e-3fa1401da384
last-modified
Tue, 23 Jul 2019 06:37:54 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/svg+xml
expires
Wed, 01 Jan 2020 20:23:04 GMT
cache-control
max-age=1209600
cf-ray
549e5aae9a4fcbc4-VIE
x-cache-hits
587
sonesta-hotels.svg
www.sonesta.com/sites/all/themes/sonesta/components/footer-branding/
8 KB
3 KB
Image
General
Full URL
https://www.sonesta.com/sites/all/themes/sonesta/components/footer-branding/sonesta-hotels.svg
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
11dddae381e8b73fa9982f1170d005a687f85af7d3d5da538cd9c51deb602a80
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 24 Dec 2019 00:10:47 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
age
445654
x-cache
HIT
status
200
x-ah-environment
prod
content-encoding
gzip
x-request-id
v-374fc248-21d4-11ea-b761-abae47227ace
last-modified
Tue, 23 Jul 2019 06:22:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/svg+xml
expires
Wed, 01 Jan 2020 20:23:13 GMT
cache-control
max-age=1209600
cf-ray
549e5aae9a50cbc4-VIE
x-cache-hits
593
sonesta-es.svg
www.sonesta.com/sites/all/themes/sonesta/components/footer-branding/
5 KB
3 KB
Image
General
Full URL
https://www.sonesta.com/sites/all/themes/sonesta/components/footer-branding/sonesta-es.svg
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
23170efb89e199fb641df2536441e4ad47c8fa79f321eaac6a47c2e718d58258
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 24 Dec 2019 00:10:47 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
age
445724
x-cache
HIT
status
200
x-ah-environment
prod
content-encoding
gzip
x-request-id
v-0da78a34-21d4-11ea-b01b-db2c1bed8b52
last-modified
Tue, 23 Jul 2019 06:22:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/svg+xml
expires
Wed, 01 Jan 2020 20:22:03 GMT
cache-control
max-age=1209600
cf-ray
549e5aae9a51cbc4-VIE
x-cache-hits
586
sonesta-cruise.svg
www.sonesta.com/sites/all/themes/sonesta/components/footer-branding/
9 KB
3 KB
Image
General
Full URL
https://www.sonesta.com/sites/all/themes/sonesta/components/footer-branding/sonesta-cruise.svg
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
fab60a924196312709ba252e4b11d2537260873baf4c0fee5705e6ec68eefede
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 24 Dec 2019 00:10:47 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
age
445552
x-cache
HIT
status
200
x-ah-environment
prod
content-encoding
gzip
x-request-id
v-74400f3c-21d4-11ea-9aea-8f9662fc03c4
last-modified
Tue, 23 Jul 2019 06:20:39 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/svg+xml
expires
Wed, 01 Jan 2020 20:24:55 GMT
cache-control
max-age=1209600
cf-ray
549e5aae9a54cbc4-VIE
x-cache-hits
623
posadas-del-inca.svg
www.sonesta.com/sites/all/themes/sonesta/components/footer-branding/
8 KB
2 KB
Image
General
Full URL
https://www.sonesta.com/sites/all/themes/sonesta/components/footer-branding/posadas-del-inca.svg
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
257087e60a3919d2e0679919b9969fd04e9bc53f6a5be906252e137d83453574
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 24 Dec 2019 00:10:47 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
age
445663
x-cache
HIT
status
200
x-ah-environment
prod
content-encoding
gzip
x-request-id
v-31d8e2ae-21d4-11ea-9d3b-2709eed0d983
last-modified
Tue, 23 Jul 2019 06:22:37 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/svg+xml
expires
Wed, 01 Jan 2020 20:23:04 GMT
cache-control
max-age=1209600
cf-ray
549e5aae9a55cbc4-VIE
x-cache-hits
541
gprofiles.js
0.gravatar.com/js/
20 KB
7 KB
Script
General
Full URL
https://0.gravatar.com/js/gprofiles.js?ver=201952y
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
9c42615b9f87888a452f177c5ea19899fb8a835b8f6d0b458824e6c332a0adce

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 24 Dec 2019 00:10:47 GMT
content-encoding
gzip
last-modified
Thu, 23 Aug 2018 15:01:14 GMT
server
nginx
etag
W/"5b7ecc3a-50bc"
content-type
application/x-javascript
status
200
cache-control
max-age=604800
expires
Tue, 31 Dec 2019 00:10:47 GMT
wpgroho.js
s1.wp.com/wp-content/mu-plugins/gravatar-hovercards/
582 B
398 B
Script
General
Full URL
https://s1.wp.com/wp-content/mu-plugins/gravatar-hovercards/wpgroho.js?m=1380573781h
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
21c557180f1bd074974eb41ae4228b6aa9c41234ab1729d780bc8f05761110bb

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Tue, 24 Dec 2019 00:10:47 GMT
content-encoding
gzip
server
nginx
etag
W/"58674607-2f0"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
x-ac
4.5am _dfw
expires
Tue, 04 Feb 2020 04:32:40 GMT
/
s0.wp.com/_static/
42 KB
11 KB
Script
General
Full URL
https://s0.wp.com/_static/??/wp-content/js/jquery/jquery.autoresize.js,/wp-content/mu-plugins/highlander-comments/script.js?m=1573483029j
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
4a82bed4d069950b1f5e43cdfb5b107eee29ee9e60b6363543b3f3ee58e0f558

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Tue, 24 Dec 2019 00:10:47 GMT
content-encoding
gzip
last-modified
Mon, 11 Nov 2019 14:37:22 GMT
server
nginx
etag
W/"5dc97222-a830"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
x-ac
3.ams _dfw
expires
Tue, 10 Nov 2020 14:37:25 GMT
/
s1.wp.com/_static/
66 KB
7 KB
Stylesheet
General
Full URL
https://s1.wp.com/_static/??-eJx9jNEKwjAMRX/IGBRc9UH8lq6LpVvWljRB9vdOcKIvPp57OQcfFULJSlmxssWUG0ZbsSeJ0HMJU8ORtPowAfulmEKUNOD7ussq70NrO/wqzQZbLHgp1og/kW34J2liGiB6ZpLll17abb4eTq47uvOlc+MTkglIzA==?cssminify=yes
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
a51a4706178d5e9182a5d8d7520ad4a50c108a806edef2d867c0d0b649a850b2

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Tue, 24 Dec 2019 00:10:47 GMT
content-encoding
gzip
last-modified
Fri, 13 Dec 2019 23:16:18 GMT
server
nginx
etag
W/"5df41bc2-1090e"
vary
Accept-Encoding
content-type
text/css;charset=utf-8
status
200
cache-control
max-age=31536000
x-ac
3.ams _dfw
expires
Tue, 15 Dec 2020 20:41:58 GMT
/
s2.wp.com/_static/
316 KB
93 KB
Script
General
Full URL
https://s2.wp.com/_static/??-eJyVUstywjAM/KEawwFKD51+i7GVVEGRU0tOmr+vQyGTMpCZ3vTYXWll26EzPrICq23EBujRQ/e9aeTFLlptNh3lGlks4RnEfmXI8Ok4EKQVMHKFjDrOwQ2L7CmHIjQNRVHbA4eYplYXaayQaNMi30vfdKtMZAQVDARU5Po60W43u6M9USyFKCqmhP58nYAwPNOrc0lPkOpfQlkLtHP+bKDspQWeWUMc2F7bd+VHrrB1NQhFFyAsrSwxrZPIaXzkdHFEF0rfnFya8AqpRCb2kBJOMnPtnwqaij9ZI3nFyBNpjh55kKGKpwa8PrttX9aM1omAXgiXvEsga8O9SzEL0PwQt8IKR5EgmNpR+ZPj36ywPtr33f71cNxvd2+H5gf4cB34
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.77.32 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
wordpress.com
Software
nginx /
Resource Hash
e81dc533e32af517143100131bfd7329ce1de593bba6353cc73560e9e3f197cd

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 1
date
Tue, 24 Dec 2019 00:10:47 GMT
content-encoding
gzip
last-modified
Fri, 20 Dec 2019 13:56:57 GMT
server
nginx
etag
W/"5dfcd329-4efc1"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
x-ac
3.ams _dfw
expires
Sat, 19 Dec 2020 18:51:41 GMT
w.js
stats.wp.com/
13 KB
4 KB
Script
General
Full URL
https://stats.wp.com/w.js?60
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
050c2ca74a4941fedd88349d977d960b8ab384ebb83a3c9e4b233160476ee8f1

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 24 Dec 2019 00:10:47 GMT
content-encoding
gzip
server
nginx
etag
W/"5cb5925e-4f31"
vary
Accept-Encoding
content-type
application/x-javascript
status
200
cache-control
max-age=31536000
expires
Wed, 15 Apr 2020 08:43:53 GMT
soniconpatternabstractbgr21.jpg
sonestahotels.files.wordpress.com/2015/02/
1 MB
1 MB
Image
General
Full URL
https://sonestahotels.files.wordpress.com/2015/02/soniconpatternabstractbgr21.jpg
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.21 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
d460a3e7a064a1b66fd06a6ca2d79b3693e2b75e93df2fd06fea2a339d5b8bb8

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 21 np
date
Tue, 24 Dec 2019 00:10:47 GMT
last-modified
Tue, 24 Feb 2015 23:05:36 GMT
server
nginx
x-orig-src
01_mogdir
content-type
image/jpeg
status
200
accept-ranges
bytes
content-length
1461168
expires
Sun, 26 Jan 2020 06:10:38 GMT
BlogHeader.jpg
www.sonesta.com/sites/default/files/
10 KB
11 KB
Image
General
Full URL
https://www.sonesta.com/sites/default/files/BlogHeader.jpg
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
2606:4700::6810:5622 , United States, ASN13335 (CLOUDFLARENET - Cloudflare, Inc., US),
Reverse DNS
Software
cloudflare /
Resource Hash
0a3cfb0223fac364027b89df5394db65cc0606ac4fefd18848214889dccebe99
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://s0.wp.com/?custom-css=1&csblog=4NQie&cscache=6&csrev=159
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 24 Dec 2019 00:10:47 GMT
via
varnish
x-content-type-options
nosniff
cf-cache-status
DYNAMIC
age
445552
x-cache
HIT
status
200
x-ah-environment
prod
content-length
10625
x-request-id
v-74213c2e-21d4-11ea-ab50-9f6b011ff4dd
last-modified
Wed, 22 Feb 2017 20:57:42 GMT
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
content-type
image/jpeg
expires
Wed, 01 Jan 2020 20:24:55 GMT
cache-control
max-age=1209600
accept-ranges
bytes
cf-ray
549e5aaeaa61cbc4-VIE
x-cache-hits
542
chnola3.jpg
sonestahotels.files.wordpress.com/2019/12/
53 KB
53 KB
Image
General
Full URL
https://sonestahotels.files.wordpress.com/2019/12/chnola3.jpg?w=500&h=500&crop=1
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.21 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
27e58271d7bcb3f89701d99c240676f42361c44b746b7d344a1e5dda641a7d15

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
MISS ams 21 np
date
Tue, 24 Dec 2019 00:10:47 GMT
last-modified
Thu, 19 Dec 2019 15:03:20 GMT
server
nginx
vary
Accept
content-type
image/webp
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
54072
expires
Sat, 25 Jan 2020 22:05:25 GMT
image002.jpg
sonestahotels.files.wordpress.com/2019/12/
11 KB
11 KB
Image
General
Full URL
https://sonestahotels.files.wordpress.com/2019/12/image002.jpg?w=320&h=320&crop=1
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.21 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
202161f4dc77407a929dbd8b83bce8db0432a8c06cd37dcdd08d9f7dd3e62054

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
MISS ams 21 np
date
Tue, 24 Dec 2019 00:10:47 GMT
last-modified
Wed, 11 Dec 2019 12:51:11 GMT
server
nginx
vary
Accept
content-type
image/webp
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
10874
expires
Mon, 13 Jan 2020 10:09:51 GMT
sugarcookieday2.png
sonestahotels.files.wordpress.com/2019/12/
194 KB
194 KB
Image
General
Full URL
https://sonestahotels.files.wordpress.com/2019/12/sugarcookieday2.png?w=450&h=240&crop=1
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.21 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
5a6a66b73b8fbefa48cb479873a6474c8a0fa8160017a5b5560b50c0066832dd

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 21 np
date
Tue, 24 Dec 2019 00:10:47 GMT
last-modified
Tue, 17 Dec 2019 19:31:05 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
198531
expires
Wed, 08 Jan 2020 17:31:13 GMT
here-comes-hanukkah.jpg
sonestahotels.files.wordpress.com/2019/12/
27 KB
27 KB
Image
General
Full URL
https://sonestahotels.files.wordpress.com/2019/12/here-comes-hanukkah.jpg?w=450&h=240&crop=1
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.21 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
1d1744e4d1a89637af23761fd6e8f91bf9741e9849062c4d51cbfbdd84dd0105

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 21 np
date
Tue, 24 Dec 2019 00:10:47 GMT
last-modified
Fri, 13 Dec 2019 14:53:23 GMT
server
nginx
vary
Accept
content-type
image/webp
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
27142
expires
Thu, 16 Jan 2020 19:52:29 GMT
newsletter-banner_2.jpg
sonestahotels.files.wordpress.com/2019/12/
45 KB
45 KB
Image
General
Full URL
https://sonestahotels.files.wordpress.com/2019/12/newsletter-banner_2.jpg?w=320&h=320&crop=1
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.21 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
fce53ee0edf6b2114cba1e40342293e45ce4e401d75b3bd72ea23740e27a601a

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
MISS ams 21 np
date
Tue, 24 Dec 2019 00:10:47 GMT
last-modified
Mon, 16 Dec 2019 13:24:23 GMT
server
nginx
vary
Accept
content-type
image/webp
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
45788
expires
Tue, 28 Jan 2020 20:37:42 GMT
grill-off-steelpan-cofc.png
sonestahotels.files.wordpress.com/2019/12/
170 KB
170 KB
Image
General
Full URL
https://sonestahotels.files.wordpress.com/2019/12/grill-off-steelpan-cofc.png?w=450&h=240&crop=1
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.21 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
2b443f8a65cfdf7bcb25562754f8003f98865ca3322fe5f80b15f5ba3203b844

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT ams 21 np
date
Tue, 24 Dec 2019 00:10:47 GMT
last-modified
Mon, 16 Dec 2019 13:25:19 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
173770
expires
Thu, 09 Jan 2020 12:26:39 GMT
cin_es_suite_onebedroom.jpg
sonestahotels.files.wordpress.com/2019/12/
120 KB
120 KB
Image
General
Full URL
https://sonestahotels.files.wordpress.com/2019/12/cin_es_suite_onebedroom.jpg?w=500&h=500&crop=1
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.21 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
e15190d7ec7e062cacf096588264a17a910dd8227b1b1e48a68403daa99e4c1d

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
MISS ams 21 np
date
Tue, 24 Dec 2019 00:10:47 GMT
last-modified
Wed, 18 Dec 2019 19:19:30 GMT
server
nginx
vary
Accept
content-type
image/webp
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
122826
expires
Mon, 27 Jan 2020 15:05:01 GMT
day8.jpg
sonestahotels.files.wordpress.com/2019/12/
15 KB
15 KB
Image
General
Full URL
https://sonestahotels.files.wordpress.com/2019/12/day8.jpg?w=320&h=320&crop=1
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.21 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
b3a93c7c3bdaaeba6357d2551d480b46e8ecccf524b7b6f2c257e6a0b2d5e369

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
MISS ams 21 np
date
Tue, 24 Dec 2019 00:10:47 GMT
last-modified
Fri, 13 Dec 2019 16:18:03 GMT
server
nginx
vary
Accept
content-type
image/webp
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
15206
expires
Sat, 25 Jan 2020 16:45:36 GMT
frogpond.jpg
sonestahotels.files.wordpress.com/2019/12/
46 KB
46 KB
Image
General
Full URL
https://sonestahotels.files.wordpress.com/2019/12/frogpond.jpg?w=450&h=240&crop=1
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.21 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
f62f7baed77cac0df7b67478c0d56a0cd51a59c251d4776eaf5f51ab27eac5e1

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
MISS ams 21 np
date
Tue, 24 Dec 2019 00:10:47 GMT
last-modified
Thu, 12 Dec 2019 16:40:48 GMT
server
nginx
vary
Accept
content-type
image/webp
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
47092
expires
Sat, 25 Jan 2020 10:18:26 GMT
comfortcases2.png
sonestahotels.files.wordpress.com/2019/12/
218 KB
218 KB
Image
General
Full URL
https://sonestahotels.files.wordpress.com/2019/12/comfortcases2.png?w=320&h=320&crop=1
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.21 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
e8c03062b1aa3ad1a9c1abcdd928a9a51182f9a62e5e94d020ff0210fa34c436

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
MISS ams 21 np
date
Tue, 24 Dec 2019 00:10:47 GMT
last-modified
Mon, 09 Dec 2019 19:36:46 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
223265
expires
Tue, 21 Jan 2020 13:44:31 GMT
logo.png
sonestahotels.files.wordpress.com/2019/12/
42 KB
42 KB
Image
General
Full URL
https://sonestahotels.files.wordpress.com/2019/12/logo.png?w=239&h=238&crop=1
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.21 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
77d280923a2bb6dc4854749b9ec2000f2d0c234063d880f60cd91c6fa4261dd1

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
MISS ams 21 np
date
Tue, 24 Dec 2019 00:10:47 GMT
last-modified
Wed, 11 Dec 2019 13:19:32 GMT
server
nginx
vary
Accept
content-type
image/png
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
42595
expires
Mon, 20 Jan 2020 03:08:06 GMT
9142.jpg
sonestahotels.files.wordpress.com/2019/12/
58 KB
58 KB
Image
General
Full URL
https://sonestahotels.files.wordpress.com/2019/12/9142.jpg?w=320&h=320&crop=1
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.21 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
f049456f388b831cd674ad2d6776cc46819aa6810c2e0439a49ccc4329109545

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
MISS ams 21 np
date
Tue, 24 Dec 2019 00:10:47 GMT
last-modified
Thu, 05 Dec 2019 14:22:01 GMT
server
nginx
vary
Accept
content-type
image/webp
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
58948
expires
Mon, 27 Jan 2020 19:32:18 GMT
tony-pic.jpg
sonestahotels.files.wordpress.com/2019/12/
4 KB
4 KB
Image
General
Full URL
https://sonestahotels.files.wordpress.com/2019/12/tony-pic.jpg?w=154&h=154&crop=1
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.21 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
562080dd6213479898529923c6a4e97882a6dac0bc9f57831cb66535f3cb1bec

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
MISS ams 21 np
date
Tue, 24 Dec 2019 00:10:47 GMT
last-modified
Mon, 09 Dec 2019 15:00:43 GMT
server
nginx
vary
Accept
content-type
image/webp
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
3924
expires
Sun, 19 Jan 2020 22:09:40 GMT
sonestaphillyholidays.jpg
sonestahotels.files.wordpress.com/2019/11/
50 KB
51 KB
Image
General
Full URL
https://sonestahotels.files.wordpress.com/2019/11/sonestaphillyholidays.jpg?w=450&h=240&crop=1
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.21 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
106fb94e8720355c46045f5093ea5d87befc0338f44870236622109370c7838b

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
MISS ams 21 np
date
Tue, 24 Dec 2019 00:10:47 GMT
last-modified
Tue, 03 Dec 2019 15:20:52 GMT
server
nginx
vary
Accept
content-type
image/webp
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
51612
expires
Tue, 21 Jan 2020 08:50:57 GMT
b2c2f0e6-9646-45e9-b856-626d3d08d087.jpg
sonestahotels.files.wordpress.com/2019/11/
15 KB
15 KB
Image
General
Full URL
https://sonestahotels.files.wordpress.com/2019/11/b2c2f0e6-9646-45e9-b856-626d3d08d087.jpg?w=320&h=320&crop=1
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.72.21 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
f3b43f221ab1bb7e01ca88d0e179ad2ef90f637bcf17d5d50812d841bcee87cf

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
MISS ams 21 np
date
Tue, 24 Dec 2019 00:10:47 GMT
last-modified
Wed, 27 Nov 2019 14:12:44 GMT
server
nginx
vary
Accept
content-type
image/webp
status
200
x-orig-src
0_imageresize
accept-ranges
bytes
content-length
14928
expires
Wed, 22 Jan 2020 15:40:26 GMT
ga.js
ssl.google-analytics.com/
45 KB
17 KB
Script
General
Full URL
https://ssl.google-analytics.com/ga.js
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:815::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
Golfe2 /
Resource Hash
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Mon, 19 Aug 2019 17:22:41 GMT
server
Golfe2
age
5803
date
Mon, 23 Dec 2019 22:34:04 GMT
vary
Accept-Encoding
content-type
text/javascript
status
200
cache-control
public, max-age=7200
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
17168
expires
Tue, 24 Dec 2019 00:34:04 GMT
truncated
/
14 KB
14 KB
Font
General
Full URL
data:truncated
Protocol
DATA
Server
-, , ASN (),
Reverse DNS
Software
/
Resource Hash
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Origin
https://blog.sonesta.com

Response headers

Content-Type
application/x-font-woff;charset=utf-8
f09e9870752c2162c0d182561024bcf4
secure.gravatar.com/blavatar/
2 KB
2 KB
Image
General
Full URL
https://secure.gravatar.com/blavatar/f09e9870752c2162c0d182561024bcf4?s=50&d=https%3A%2F%2Fs2.wp.com%2Fi%2Flogo%2Fwpcom-gray-white.png
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
0073f47c4c47d02027c487667f58e7b277e8716a834cfe9ed890ff454ab043e7

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

x-nc
HIT vie 3
date
Tue, 24 Dec 2019 00:10:47 GMT
last-modified
Wed, 12 Nov 2014 18:31:58 GMT
server
nginx
access-control-allow-origin
*
source-age
1365161
content-type
image/jpeg
status
200
cache-control
max-age=300
content-disposition
inline; filename="f09e9870752c2162c0d182561024bcf4.jpeg"
accept-ranges
bytes
link
<https://www.gravatar.com/blavatar/f09e9870752c2162c0d182561024bcf4?s=50&d=https%3A%2F%2Fs2.wp.com%2Fi%2Flogo%2Fwpcom-gray-white.png>; rel="canonical"
content-length
2203
expires
Tue, 24 Dec 2019 00:15:47 GMT
hovercard.min.css
0.gravatar.com/dist/css/
7 KB
2 KB
Stylesheet
General
Full URL
https://0.gravatar.com/dist/css/hovercard.min.css?ver=201952y
Requested by
Host: s1.wp.com
URL: https://s1.wp.com/_static/??-eJyFj9EKwjAMRX/Irsjo8EX8ljrjTF3a2qQO9/VWmehwKAQCyYF7rh6iQt/2+QCsXZlLhnSbVuV4pX8BirBLVqAi9C+4DV7Ay4ONgYWA2Xaw8KWwxx5UZkgF8FJijmGBmyuhvyIMfzEHEm17VgkYx690OUHx0jEBYSYd8zj28HSy7yKfrTku3+ehE7Wj7dqYTW2axtTuDtZKhBM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
7b5e32cb325e9aaef357a421cd16ddf6d6ddb70fec74b6c35a73eccc6817664c

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 24 Dec 2019 00:10:47 GMT
content-encoding
gzip
last-modified
Thu, 22 Mar 2018 09:46:04 GMT
server
nginx
etag
W/"5ab37b5c-1a2e"
content-type
text/css
status
200
cache-control
max-age=604800
expires
Tue, 31 Dec 2019 00:10:47 GMT
services.min.css
0.gravatar.com/dist/css/
3 KB
564 B
Stylesheet
General
Full URL
https://0.gravatar.com/dist/css/services.min.css?ver=201952y
Requested by
Host: s1.wp.com
URL: https://s1.wp.com/_static/??-eJyFj9EKwjAMRX/Irsjo8EX8ljrjTF3a2qQO9/VWmehwKAQCyYF7rh6iQt/2+QCsXZlLhnSbVuV4pX8BirBLVqAi9C+4DV7Ay4ONgYWA2Xaw8KWwxx5UZkgF8FJijmGBmyuhvyIMfzEHEm17VgkYx690OUHx0jEBYSYd8zj28HSy7yKfrTku3+ehE7Wj7dqYTW2axtTuDtZKhBM=
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a04:fa87:fffe::c000:4902 , Ireland, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 24 Dec 2019 00:10:47 GMT
content-encoding
gzip
last-modified
Thu, 22 Mar 2018 09:46:04 GMT
server
nginx
etag
W/"5ab37b5c-a54"
content-type
text/css
status
200
cache-control
max-age=604800
expires
Tue, 31 Dec 2019 00:10:47 GMT
remote-login.php
r-login.wordpress.com/ Frame 9918
0
0
Document
General
Full URL
https://r-login.wordpress.com/remote-login.php?wpcom_remote_login=key&origin=aHR0cHM6Ly9ibG9nLnNvbmVzdGEuY29t&wpcomid=70984434&time=1577146247
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.78.18 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
Security Headers
Name Value
Strict-Transport-Security max-age=15552000

Request headers

:method
GET
:authority
r-login.wordpress.com
:scheme
https
:path
/remote-login.php?wpcom_remote_login=key&origin=aHR0cHM6Ly9ibG9nLnNvbmVzdGEuY29t&wpcomid=70984434&time=1577146247
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3
sec-fetch-site
cross-site
sec-fetch-mode
nested-navigate
referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021

Response headers

status
200
server
nginx
date
Tue, 24 Dec 2019 00:10:47 GMT
content-type
text/html; charset=utf-8
vary
Accept-Encoding Cookie
expires
Wed, 11 Jan 1984 05:00:00 GMT
cache-control
no-cache, must-revalidate, max-age=0
content-encoding
gzip
x-ac
2.ams _dfw
strict-transport-security
max-age=15552000
ga-audiences
www.google.de/ads/
Redirect Chain
  • https://ssl.google-analytics.com/r/__utm.gif?utmwv=5.7.2&utms=1&utmn=1739202229&utmhn=blog.sonesta.com&utmcs=UTF-8&utmsr=1600x1200&utmvp=1585x1200&utmsc=24-bit&utmul=en-us&utmje=0&utmfl=-&utmdt=Son...
  • https://stats.g.doubleclick.net/r/collect?v=1&aip=1&t=dc&_r=3&tid=UA-733428-1&cid=186422626.1577146248&jid=121351036&_v=5.7.2&z=1739202229
  • https://www.google.com/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-733428-1&cid=186422626.1577146248&jid=121351036&_v=5.7.2&z=1739202229
  • https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-733428-1&cid=186422626.1577146248&jid=121351036&_v=5.7.2&z=1739202229&slf_rd=1&random=3090445735
42 B
478 B
Image
General
Full URL
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-733428-1&cid=186422626.1577146248&jid=121351036&_v=5.7.2&z=1739202229&slf_rd=1&random=3090445735
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
2a00:1450:4001:81d::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE - Google LLC, US),
Reverse DNS
Software
cafe /
Resource Hash
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 24 Dec 2019 00:10:47 GMT
x-content-type-options
nosniff
content-type
image/gif
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
200
cache-control
no-cache, no-store, must-revalidate
timing-allow-origin
*
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
42
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

pragma
no-cache
date
Tue, 24 Dec 2019 00:10:47 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
location
https://www.google.de/ads/ga-audiences?v=1&aip=1&t=sr&_r=4&tid=UA-733428-1&cid=186422626.1577146248&jid=121351036&_v=5.7.2&z=1739202229&slf_rd=1&random=3090445735
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
status
302
cache-control
no-cache, no-store, must-revalidate
content-type
text/html; charset=UTF-8
alt-svc
quic=":443"; ma=2592000; v="46,43",h3-Q050=":443"; ma=2592000,h3-Q049=":443"; ma=2592000,h3-Q048=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
g.gif
pixel.wp.com/
50 B
74 B
Image
General
Full URL
https://pixel.wp.com/g.gif?x_stats-initial-visibility=visible&v=wpcom-no-pv&rand=0.8438414452374801
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 24 Dec 2019 00:10:47 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
g.gif
pixel.wp.com/
50 B
74 B
Image
General
Full URL
https://pixel.wp.com/g.gif?blog=70984434&v=wpcom&tz=-5&user_id=0&subd=sonestahotels&host=blog.sonesta.com&ref=&fcp=891&rand=0.5430837405551896
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 24 Dec 2019 00:10:47 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
g.gif
pixel.wp.com/
50 B
92 B
Image
General
Full URL
https://pixel.wp.com/g.gif?crypt=UE40eW5QN0p8M2Y%2FRE1TaVhzUzFMbjdWNHpwZGhTayxPSUFCMGNrd29%2BSmw0TDhnZmRTK0hlRi9QSGh6bi9GXVhBJWIlZlR5U1JMLU8%2FMkNtblkvY1dRfmJPS21wQUlRdkU4RExBai9xPVRHUW1HLnExZyssN2hpR1V4fE1DdSthV1pjS1dlQnJMc3Ytbk9YSERhZ0svYUx8WlhxV1Yzck90TkY9QXQzRmpGV0JFSndyVHYuR1NyekJ8RWJ1NERwdU9mfGxSR3VdU3JdJUU2dTMxTGQyM1RfcDdfaEhyRHRdNGxrU1JHQ3dGaS9RMElaLzRKWExrVT14Lk96WlUsRW5aLGt%2BSWZNaDZjN1YzYW96Tjh5NywuckMra19Td2g9eHw4OFpZTlo%2Ffjl%2BZC0lUzMmOUpJ&v=wpcom-no-pv&rand=0.7956991906697766
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
192.0.76.3 San Francisco, United States, ASN2635 (AUTOMATTIC - Automattic, Inc, US),
Reverse DNS
Software
nginx /
Resource Hash
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

status
200
date
Tue, 24 Dec 2019 00:10:47 GMT
cache-control
no-cache
server
nginx
content-length
50
content-type
image/gif
l
use.typekit.net/af/61f808/00000000000000003b9b3d63/27/
15 KB
15 KB
Font
General
Full URL
https://use.typekit.net/af/61f808/00000000000000003b9b3d63/27/l?subset_id=2&fvd=n4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qjj8rno.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
8f13d7453b1cfee9d30a46cfa2318880a232ad2fcc21ea7df76a709584bc6255

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Origin
https://blog.sonesta.com

Response headers

date
Tue, 24 Dec 2019 00:10:47 GMT
server
nginx
access-control-allow-origin
*
etag
"15b202d5c863986071003b7ecdb5b91ad5870210"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
15032
l
use.typekit.net/af/422d60/00000000000000003b9b3d67/27/
15 KB
15 KB
Font
General
Full URL
https://use.typekit.net/af/422d60/00000000000000003b9b3d67/27/l?subset_id=2&fvd=n7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qjj8rno.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
873206f65978dc6b81b82bb8a89f230a9be86e1ca79dfe332cc6df9dd797cd79

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Origin
https://blog.sonesta.com

Response headers

date
Tue, 24 Dec 2019 00:10:47 GMT
server
nginx
access-control-allow-origin
*
etag
"efe9e2c027acaa18386aa677674a2e1d150a71bf"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
15036
l
use.typekit.net/af/9373a0/00000000000000003b9b3d68/27/
14 KB
15 KB
Font
General
Full URL
https://use.typekit.net/af/9373a0/00000000000000003b9b3d68/27/l?subset_id=2&fvd=i7&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qjj8rno.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
80b0f90657139bc58f04aac30ca5e6d0f1c52ce3b36dd8fa196ecc0ed5651a30

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Origin
https://blog.sonesta.com

Response headers

date
Tue, 24 Dec 2019 00:10:47 GMT
server
nginx
access-control-allow-origin
*
etag
"fce56ddbba39398663274e704bc0128e17c40a81"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
14780
l
use.typekit.net/af/ffb1e2/00000000000000003b9b3d64/27/
14 KB
14 KB
Font
General
Full URL
https://use.typekit.net/af/ffb1e2/00000000000000003b9b3d64/27/l?subset_id=2&fvd=i4&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qjj8rno.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
414de6596f97ded75b9aa82a38220bf740fb4850df4e42d26dd851d504f6442a

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Origin
https://blog.sonesta.com

Response headers

date
Tue, 24 Dec 2019 00:10:47 GMT
server
nginx
access-control-allow-origin
*
etag
"f238a94a3bb6c3d1006fcb91b6999c1759c91bf5"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
14632
l
use.typekit.net/af/ca3a3d/00000000000000003b9b3d5f/27/
15 KB
15 KB
Font
General
Full URL
https://use.typekit.net/af/ca3a3d/00000000000000003b9b3d5f/27/l?subset_id=2&fvd=n2&v=3
Requested by
Host: use.typekit.net
URL: https://use.typekit.net/qjj8rno.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
93ccae8b4ca295b5f22383fe6c2713746991b1f711ab57c502e457b61888a97d

Request headers

User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Origin
https://blog.sonesta.com

Response headers

date
Tue, 24 Dec 2019 00:10:47 GMT
server
nginx
access-control-allow-origin
*
etag
"f900c01a22cd3f04343ae1afdb828e90bb5f1900"
content-type
application/font-woff2
status
200
cache-control
public, max-age=31536000
timing-allow-origin
*
content-length
14856
p.gif
p.typekit.net/
35 B
201 B
Image
General
Full URL
https://p.typekit.net/p.gif?s=1&k=qjj8rno&ht=tk&h=blog.sonesta.com&f=17265.17267.17268.17269.17275&a=418219&js=1.19.2&app=typekit&e=js&_=1577146247725
Requested by
Host: blog.sonesta.com
URL: https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
95.100.67.47 , Ascension Island, ASN16625 (AKAMAI-AS - Akamai Technologies, Inc., US),
Reverse DNS
a95-100-67-47.deploy.static.akamaitechnologies.com
Software
nginx /
Resource Hash
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39

Request headers

Referer
https://blog.sonesta.com/?utm_medium=email&utm_campaign=120219-WinterSale2&utm_source=Corporate%20Emails&src=email_120219-WinterSale2&sv_svemi=106215021
User-Agent
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36

Response headers

date
Tue, 24 Dec 2019 00:10:47 GMT
last-modified
Mon, 04 Feb 2019 21:28:53 GMT
server
nginx
access-control-allow-origin
*
etag
"5c58ae95-23"
content-type
image/gif
status
200
cache-control
max-age=604800
accept-ranges
bytes
content-length
35
expires
Mon, 19 Aug 2019 11:43:27 GMT

Verdicts & Comments Add Verdict or Comment

90 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| onformdata object| onpointerrawupdate object| WebFontConfig string| wpcom_remote_login_extra_auth function| wpcom_remote_login_remove_dom_node_id function| wpcom_remote_login_remove_dom_node_classes function| wpcom_remote_login_final_cleanup function| addLoadEvent object| _wpemojiSettings object| WebFont object| twemoji object| wp object| js_i18n object| NO_JQUERY object| wpcom_mobile_user_agent_info undefined| $ function| jQuery function| pm object| jQuery112408383672506766986 object| Jetpack function| Spinner object| _gaq object| infiniteScroll function| hex_md5 function| b64_md5 function| str_md5 function| hex_hmac_md5 function| b64_hmac_md5 function| str_hmac_md5 function| md5_vm_test function| core_md5 function| md5_cmn function| md5_ff function| md5_gg function| md5_hh function| md5_ii function| core_hmac_md5 function| safe_add function| bit_rol function| str2binl function| binl2str function| binl2hex function| binl2b64 object| Gravatar object| GProfile number| hexcase string| b64pad number| chrsz object| WPGroHo object| HighlanderComments object| actionbardata object| jetpackCarouselStrings object| wpcom_img_zoomer object| jetpackLikesWidgetQueue object| jetpackLikesWidgetBatch boolean| jetpackLikesMasterReady function| JetpackLikespostMessage function| JetpackLikesBatchHandler function| JetpackLikesMessageListener function| JetpackLikesWidgetQueueHandler object| wpcom object| swfobject object| detectZoom object| __core-js_shared__ object| core function| setImmediate function| clearImmediate object| regeneratorRuntime boolean| _babelPolyfill function| EventEmitter object| eventie function| imagesLoaded function| getStyleProperty function| getSize function| docReady function| matchesSelector object| fizzyUIUtils function| Outlayer function| Masonry object| _tkq object| _stq string| mobileStatsQueryString string| new_css object| _gat object| gaGlobal function| st_go function| ex_go function| re_go function| linktracker_init object| Typekit

6 Cookies

Domain/Path Name / Value
.blog.sonesta.com/ Name: __utmb
Value: 132172381.1.10.1577146248
.blog.sonesta.com/ Name: __utmt
Value: 1
.sonesta.com/ Name: __cfduid
Value: d5c7e7fd9cfa4735ee70848920bd523451577146247
.blog.sonesta.com/ Name: __utmz
Value: 132172381.1577146248.1.1.utmcsr=Corporate%20Emails|utmccn=120219-WinterSale2|utmcmd=email
.blog.sonesta.com/ Name: __utmc
Value: 132172381
.blog.sonesta.com/ Name: __utma
Value: 132172381.186422626.1577146248.1577146248.1577146248.1

1 Console Messages

Source Level URL
Text
console-api log URL: https://s1.wp.com/_static/??-eJyFj9EKwjAMRX/Irsjo8EX8ljrjTF3a2qQO9/VWmehwKAQCyYF7rh6iQt/2+QCsXZlLhnSbVuV4pX8BirBLVqAi9C+4DV7Ay4ONgYWA2Xaw8KWwxx5UZkgF8FJijmGBmyuhvyIMfzEHEm17VgkYx690OUHx0jEBYSYd8zj28HSy7yKfrTku3+ehE7Wj7dqYTW2axtTuDtZKhBM=(Line 8)
Message:
JQMIGRATE: Migrate is installed, version 1.4.1

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=86400

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

0.gravatar.com
blog.sonesta.com
click.e.sonesta.com
p.typekit.net
pixel.wp.com
r-login.wordpress.com
s0.wp.com
s1.wp.com
s2.wp.com
secure.gravatar.com
sonestahotels.files.wordpress.com
ssl.google-analytics.com
stats.g.doubleclick.net
stats.wp.com
use.typekit.net
www.google.com
www.google.de
www.sonesta.com
192.0.72.21
192.0.76.3
192.0.77.32
192.0.78.13
192.0.78.18
2606:4700::6810:5622
2a00:1450:4001:815::2008
2a00:1450:4001:81d::2003
2a00:1450:4001:820::2004
2a00:1450:400c:c00::9d
2a04:fa87:fffe::c000:4902
68.232.203.70
95.100.67.47
0073f47c4c47d02027c487667f58e7b277e8716a834cfe9ed890ff454ab043e7
0370314abc5fbb2cbfdf7aa3ff4e16a2314985f2c9daf3d1073f7bc091d1f386
050c2ca74a4941fedd88349d977d960b8ab384ebb83a3c9e4b233160476ee8f1
0a3cfb0223fac364027b89df5394db65cc0606ac4fefd18848214889dccebe99
106fb94e8720355c46045f5093ea5d87befc0338f44870236622109370c7838b
11dddae381e8b73fa9982f1170d005a687f85af7d3d5da538cd9c51deb602a80
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
1822af20ab4d3d2cc76bfa9483755cd4b68645b5d411cbe77950def9f17123ad
1a351abc3f3b435497ddb8a55f09268d3e641dc22455deac06cf0181a4de52ee
1c37d25348135b4ef43c69184ab191bf926e227e75982520e9172c72290e0f7a
1d1744e4d1a89637af23761fd6e8f91bf9741e9849062c4d51cbfbdd84dd0105
202161f4dc77407a929dbd8b83bce8db0432a8c06cd37dcdd08d9f7dd3e62054
21c557180f1bd074974eb41ae4228b6aa9c41234ab1729d780bc8f05761110bb
23170efb89e199fb641df2536441e4ad47c8fa79f321eaac6a47c2e718d58258
248b82483f6d8d123fd9589de1d34015c499fe6e3096d2bbe440298de57e3e99
257087e60a3919d2e0679919b9969fd04e9bc53f6a5be906252e137d83453574
27e58271d7bcb3f89701d99c240676f42361c44b746b7d344a1e5dda641a7d15
2b443f8a65cfdf7bcb25562754f8003f98865ca3322fe5f80b15f5ba3203b844
388d2de5a2826a62b4d222077e270e605264c2ac1a01e59837112d4c5bd488ce
414de6596f97ded75b9aa82a38220bf740fb4850df4e42d26dd851d504f6442a
4a82bed4d069950b1f5e43cdfb5b107eee29ee9e60b6363543b3f3ee58e0f558
530b5f1f2046cfd0428c7b3e0ae242a80c53d214318fda43eadf99015eeb5c12
562080dd6213479898529923c6a4e97882a6dac0bc9f57831cb66535f3cb1bec
5a6a66b73b8fbefa48cb479873a6474c8a0fa8160017a5b5560b50c0066832dd
77d280923a2bb6dc4854749b9ec2000f2d0c234063d880f60cd91c6fa4261dd1
7b5e32cb325e9aaef357a421cd16ddf6d6ddb70fec74b6c35a73eccc6817664c
80b0f90657139bc58f04aac30ca5e6d0f1c52ce3b36dd8fa196ecc0ed5651a30
859d9ad4246329cffcd6c71bd45bc3da8f23432624c9c32de85e0dd64a9374c8
873206f65978dc6b81b82bb8a89f230a9be86e1ca79dfe332cc6df9dd797cd79
887323b40e8f7152c67fa1307fd55575d55c23bbeedb90dd32a0244bdeecc9f3
89d01b152beefa0885d7821cea6cc319054d5e272549b004479a6ac81ecafee3
8f13d7453b1cfee9d30a46cfa2318880a232ad2fcc21ea7df76a709584bc6255
93ccae8b4ca295b5f22383fe6c2713746991b1f711ab57c502e457b61888a97d
970a3fa15876d16dcc0fd70eb7c9ab44d733108b3ddca1a449edd0356c1b79a7
9b9265c69a5cc295d1ab0d04e0273b3677db1a6216ce2ccf4efc8c277ed84b39
9c42615b9f87888a452f177c5ea19899fb8a835b8f6d0b458824e6c332a0adce
a51a4706178d5e9182a5d8d7520ad4a50c108a806edef2d867c0d0b649a850b2
afd541b9365d9916a8767f77f9e20dbd3d613830d1128b6a115ac05dca2c2192
b3a93c7c3bdaaeba6357d2551d480b46e8ecccf524b7b6f2c257e6a0b2d5e369
cb8943abdc046f98c2a74cbe013552f1ed2a5746fd76546ed63f60d32dd83615
d460a3e7a064a1b66fd06a6ca2d79b3693e2b75e93df2fd06fea2a339d5b8bb8
e15190d7ec7e062cacf096588264a17a910dd8227b1b1e48a68403daa99e4c1d
e81dc533e32af517143100131bfd7329ce1de593bba6353cc73560e9e3f197cd
e8c03062b1aa3ad1a9c1abcdd928a9a51182f9a62e5e94d020ff0210fa34c436
e9fc9b1878db1b13b973252b048d19a17abb34a8da464a552c6d401728ed1e86
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f049456f388b831cd674ad2d6776cc46819aa6810c2e0439a49ccc4329109545
f0f86f9b7df3fbb57ddfa3abab8d0a936e35a0094d421043a545f6ec1a1632e2
f3a8992acb9ab911e0fa4ae12f4b85ef8e61008619f13ee51c7a121ff87f63b1
f3b43f221ab1bb7e01ca88d0e179ad2ef90f637bcf17d5d50812d841bcee87cf
f62f7baed77cac0df7b67478c0d56a0cd51a59c251d4776eaf5f51ab27eac5e1
fa3b43b9d4fad7acfcf745c3f36a549b43490484e7818d15119c4bfd32f90640
fab60a924196312709ba252e4b11d2537260873baf4c0fee5705e6ec68eefede
fce53ee0edf6b2114cba1e40342293e45ce4e401d75b3bd72ea23740e27a601a