HTTP/1.1 301 Moved Permanently
Location: https://www.sonder.com/destinations/boston/search/
Date: Wed, 22 Dec 2021 22:56:27 GMT
Content-Type: text/html; charset=UTF-8
Server: ghs
Content-Length: 247
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
HTTP/2 308
date: Wed, 22 Dec 2021 22:56:28 GMT
content-security-policy: img-src 'self' *.adsymptotic.com *.atdmt.com *.cloudinary.com *.facebook.com *.google.ca/ads/ga-audiences *.google-analytics.com *.google.com *.googletagmanager.com *.liadm.com *.linkedin.com *.sonder.com data: https://googleads.g.doubleclick.net maps.googleapis.com maps.gstatic.com; connect-src 'self' *.bugsnag.com *.cookielaw.org *.doubleclick.net *.google-analytics.com *.greenhouse.io *.hotjar.com *.hotjar.io *.liadm.com *.segment.com *.segment.io *.sndr.to *.sonder.com *.sonder.test https://*.logs.datadoghq.com https://privacyportal.onetrust.com/request/v1/consentreceipts https://analytics.google.com ; script-src 'self' 'unsafe-inline' assets.sonder.com *.google-analytics.com *.greenhouse.io *.liadm.com https://cdn.cookielaw.org https://cdn.segment.com https://connect.facebook.net https://geolocation.onetrust.com https://googleads.g.doubleclick.net https://js.adsrvr.org https://maps.googleapis.com https://script.hotjar.com https://snap.licdn.com https://static.hotjar.com https://static.cloudflareinsights.com https://www.datadoghq-browser-agent.com https://www.googleadservices.com https://www.googletagmanager.com js.stripe.com ;
expect-ct: max-age=0
location: /destinations/boston/search
referrer-policy: no-referrer
refresh: 0;url=/destinations/boston/search
strict-transport-security: max-age=2592000; includeSubDomains; preload
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-envoy-upstream-service-time: 3
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-request-id: 3f5648eb-de1a-9f24-a60c-c20856264c99
x-response-time: 1.481ms
x-xss-protection: 0
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6c1cf18e28ec1841-EWR
HTTP/2 200
date: Wed, 22 Dec 2021 22:56:28 GMT
content-type: text/html; charset=utf-8
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
content-security-policy: img-src 'self' *.adsymptotic.com *.atdmt.com *.cloudinary.com *.facebook.com *.google.ca/ads/ga-audiences *.google-analytics.com *.google.com *.googletagmanager.com *.liadm.com *.linkedin.com *.sonder.com data: https://googleads.g.doubleclick.net maps.googleapis.com maps.gstatic.com; connect-src 'self' *.bugsnag.com *.cookielaw.org *.doubleclick.net *.google-analytics.com *.greenhouse.io *.hotjar.com *.hotjar.io *.liadm.com *.segment.com *.segment.io *.sndr.to *.sonder.com *.sonder.test https://*.logs.datadoghq.com https://privacyportal.onetrust.com/request/v1/consentreceipts https://analytics.google.com ; script-src 'self' 'unsafe-inline' assets.sonder.com *.google-analytics.com *.greenhouse.io *.liadm.com https://cdn.cookielaw.org https://cdn.segment.com https://connect.facebook.net https://geolocation.onetrust.com https://googleads.g.doubleclick.net https://js.adsrvr.org https://maps.googleapis.com https://script.hotjar.com https://snap.licdn.com https://static.hotjar.com https://static.cloudflareinsights.com https://www.datadoghq-browser-agent.com https://www.googleadservices.com https://www.googletagmanager.com js.stripe.com ;
expect-ct: max-age=0
referrer-policy: no-referrer
set-cookie: experiment_target_key=7dc03650-402e-48da-b721-f1d3121a8290; Domain=sonder.com; Path=/
set-cookie: X-CSRF-Token=yeFyoAbTQktYmjGPBC85DWn3Aa7ZV%2BjcaNbddRVFCMK38At2UncLngVwGihjniSLpQwGfAEh2UmRA4nEssaWCg%3D%3D; Path=/
set-cookie: _sndr_session_production=UzBGc3VsMXBkNlh5NjVxcFI0eEJOTm92Z2dGTGlLamp3TnE3UE4xRnNmdndlOFpyNU85VzlhUmlRakxPWEVSWU9SMVMzR3ZxM2sweDREdXZSbXk3cnRFaG02TW9saEczc0loTjQwS0NtZi9IMWM5d1FWM1BWeEEzcVNYbkNtTEwyQk5ETUMxdFV1WjdiTkpqZ2JaVlF0VzlaY1BXVEdBZVlaN3ROdmxjMTlyaFZVSlh1ZEFkVUVJNVpWQVpKclZ1LS12UTJja3paZVhRME9TdHhxeVpzcjZnPT0%3D--67bea02d34188d2e0764925a8fb48faf95942fe4; Domain=.sonder.com; Path=/; HttpOnly; Secure
strict-transport-security: max-age=2592000; includeSubDomains; preload
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: off
x-download-options: noopen
x-envoy-upstream-service-time: 32
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-powered-by: Next.js
x-request-id: e0446990-2364-9601-9212-0f04614410b8
x-response-time: 30.372ms
x-xss-protection: 0
cf-cache-status: DYNAMIC
server: cloudflare
cf-ray: 6c1cf18f6b441841-EWR
|