Overview

URL2.4ebd9.wn.wy5532.com/
IP 37.48.65.154 (Netherlands)
ASN#60781 LeaseWeb Netherlands B.V.
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-04 10:35:09 UTC
StatusLoading report..
IDS alerts0
Blocklist alert1
urlquery alerts No alerts detected
Tags None

Domain Summary (0)

No passive DNS data

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-04 2 2.4ebd9.wn.wy5532.com/ Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 37.48.65.154
Date UQ / IDS / BL URL IP
2023-02-04 02:31:32 +0000 0 - 2 - 7 dpndr.com/083a12c35501a8badec589e2123a0097782 (...) 37.48.65.154
2023-01-31 11:01:40 +0000 0 - 0 - 6 amazon.account-update.amazon.co.jp.c8f85ac13b (...) 37.48.65.154
2023-01-31 02:47:45 +0000 0 - 0 - 1 mjurr.92204.ys.wy5532.com/ 37.48.65.154
2023-01-29 13:31:31 +0000 0 - 0 - 1 nabadashamal.com/wp-includes/css/dist/nux/DEU (...) 37.48.65.154
2023-01-29 12:23:00 +0000 0 - 0 - 1 zcvbnnn.24348.yz.wy5532.com/ 37.48.65.154


Last 5 reports on ASN: LeaseWeb Netherlands B.V.
Date UQ / IDS / BL URL IP
2023-02-08 08:49:55 +0000 0 - 0 - 1 diahnnems.us/clif/admin.php 212.32.237.92
2023-02-08 08:25:48 +0000 0 - 0 - 1 civbooks.com/wp-includes/fonts/Ntflx.zip 81.171.28.43
2023-02-08 05:50:40 +0000 0 - 0 - 1 quantitivegoodsshop.com/usuivi/dhl/a1b2c3/d4a (...) 212.32.237.92
2023-02-08 05:50:29 +0000 0 - 0 - 1 lavewash.co/auth 212.32.237.92
2023-02-08 05:50:02 +0000 0 - 0 - 1 sunnybunk.com/0/2/3437/9c0f02b65c664055a83a34 (...) 212.32.237.90


Last 5 reports on domain: wy5532.com
Date UQ / IDS / BL URL IP
2023-02-08 09:24:48 +0000 0 - 0 - 4 ooburdv.wy5532.com/ 172.93.103.102
2023-02-08 08:43:17 +0000 0 - 2 - 7 lkljk.8c061.vo.wy5532.com/ 172.93.103.102
2023-02-08 07:09:52 +0000 0 - 2 - 7 ehsudfr.gov.wy5532.com/ 199.115.115.102
2023-02-08 06:33:13 +0000 0 - 0 - 1 8b23f.ymgjhj.wy5532.com/ 185.107.56.197
2023-02-08 04:47:59 +0000 0 - 0 - 3 437b7.ye.wy5532.com/ 185.107.56.197


No other reports with similar screenshot

JavaScript

Executed Scripts (66)

Executed Evals (0)

Executed Writes (0)


HTTP Transactions (150)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13073
Expires: Sun, 04 Dec 2022 14:12:50 GMT
Date: Sun, 04 Dec 2022 10:34:57 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4977
Cache-Control: max-age=91152
Date: Sun, 04 Dec 2022 10:34:57 GMT
Etag: "638b2570-1d7"
Expires: Mon, 05 Dec 2022 11:54:09 GMT
Last-Modified: Sat, 03 Dec 2022 10:31:12 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET / HTTP/1.1 
Host: 2.4ebd9.wn.wy5532.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: sid=17c98612-73ab-11ed-af06-3b63eac939c7
Upgrade-Insecure-Requests: 1

search
                                         172.93.103.100
HTTP/1.1 200 OK
content-type: text/html; charset=utf-8
                                        
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 482
date: Sun, 04 Dec 2022 10:34:57 GMT
server: nginx


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (482), with no line terminators
Size:   482
Md5:    038a320728ef6e56eb6164e7aad84c19
Sha1:   64af7cf42a181c1c71a552e2d5fb7780bd4dc58c
Sha256: 8d1072bed9ba938d20199208538d38cdbf7059d379b02add73c16858cd97878b

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Alert, Backoff, Content-Length, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 10:20:05 GMT
cache-control: public,max-age=3600
age: 892
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    14cd9a0afb6ba9a763651d5112760d1e
Sha1:   75d7b104ab9ab11fbb73c3f348b43b0119b5adfa
Sha256: 4e32a117106be587ffcd63239c16a8117eb7840830d4c9decf6527761967532e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8015
Expires: Sun, 04 Dec 2022 12:48:32 GMT
Date: Sun, 04 Dec 2022 10:34:57 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: M3OU31u/SZ2leS17KG9O1esCNyyRqo+ulx6yKtECZJ9Ob2mdKAvIzvOmtzeDH5Xr280lBENDE5Y=
x-amz-request-id: YNGZANN2MXADGV5W
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 09:46:56 GMT
age: 2881
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 04 Dec 2022 10:34:57 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: 2.4ebd9.wn.wy5532.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.4ebd9.wn.wy5532.com/
Cookie: sid=17c98612-73ab-11ed-af06-3b63eac939c7

search
                                         172.93.103.100
HTTP/1.1 404 Not Found
                                        
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Sun, 04 Dec 2022 10:34:57 GMT
server: nginx


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   9
Md5:    d8f4a1993546cc4b850cde3599e27aec
Sha1:   094b763b4cfcc0b05e5d040581cd513c3ca08067
Sha256: 907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Pragma, Last-Modified, ETag, Alert, Expires, Retry-After, Cache-Control, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 10:11:19 GMT
cache-control: public,max-age=3600
age: 1418
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4964
Cache-Control: max-age=86077
Date: Sun, 04 Dec 2022 10:34:58 GMT
Etag: "638b11ab-1d7"
Expires: Mon, 05 Dec 2022 10:29:35 GMT
Last-Modified: Sat, 03 Dec 2022 09:06:51 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3MDE1NzI5NywiaWF0IjoxNjcwMTUwMDk3LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIyc21wMWFoYmZnYm9wdWRudGc1Y28zbzIiLCJuYmYiOjE2NzAxNTAwOTcsInRzIjoxNjcwMTUwMDk3MzcyNjgyfQ.WDNBw-w37wNbO4dvjZkukGs4AbHDFBOZ37tUilx1wDQ&sid=17c98612-73ab-11ed-af06-3b63eac939c7 HTTP/1.1 
Host: 2.4ebd9.wn.wy5532.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://2.4ebd9.wn.wy5532.com/
Cookie: sid=17c98612-73ab-11ed-af06-3b63eac939c7
Upgrade-Insecure-Requests: 1

search
                                         172.93.103.100
HTTP/1.1 302 Found
                                        
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Sun, 04 Dec 2022 10:34:58 GMT
location: http://dipaka-ead.com/zcvisitor/4c6a5c22-73bf-11ed-850e-12688059a19d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=15e92720-c079-11ec-bea2-128084d1ce51
server: nginx
set-cookie: sid=17c98612-73ab-11ed-af06-3b63eac939c7; path=/; domain=.wy5532.com; expires=Fri, 22 Dec 2090 13:49:05 GMT; max-age=2147483647; HttpOnly


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   11
Md5:    32682312d17c7cbf18e73594f5570319
Sha1:   60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
Sha256: e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dQdOqzaydpSHcCySEMr5gg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         34.216.88.5
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: guErSf9hjSwQK51hgKTaBM2e4Y4=

                                        
                                            GET /zcvisitor/4c6a5c22-73bf-11ed-850e-12688059a19d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=15e92720-c079-11ec-bea2-128084d1ce51 HTTP/1.1 
Host: dipaka-ead.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://2.4ebd9.wn.wy5532.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         3.212.50.125
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Date: Sun, 04 Dec 2022 10:34:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: aVaGlhqH


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1100
Md5:    6d10e244109ab752f250bc0943b193b3
Sha1:   0bd53697ddbc7a73153d5ac6df09c4e75679b4f6
Sha256: e459b965d184dafcaf953f076b18c7a98907eb8bca877b997974e3dd05773156
                                        
                                            GET /zcredirect?visitid=4c6a5c22-73bf-11ed-850e-12688059a19d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1 
Host: dipaka-ead.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dipaka-ead.com/zcvisitor/4c6a5c22-73bf-11ed-850e-12688059a19d/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=15e92720-c079-11ec-bea2-128084d1ce51
Upgrade-Insecure-Requests: 1

search
                                         3.212.50.125
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Date: Sun, 04 Dec 2022 10:34:58 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: jFeIVydX


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (333)
Size:   752
Md5:    56ebf9a837d5d64ff3c6c3acc96ff2c6
Sha1:   5a78cf25580aa7093b47c0bf5e3f2f81274dd0ec
Sha256: 71bdece4410e21f1327059290c609890cd2868cbc088211612e5ad1d2a30fa8c
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "8A912103949EF8311EBE3005368BCC8F8738818851FB7418A2AA68721C441573"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6289
Expires: Sun, 04 Dec 2022 12:19:47 GMT
Date: Sun, 04 Dec 2022 10:34:58 GMT
Connection: keep-alive

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: dipaka-ead.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dipaka-ead.com/zcredirect?visitid=4c6a5c22-73bf-11ed-850e-12688059a19d&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

search
                                         3.212.50.125
HTTP/1.1 404
Content-Type: text/html;charset=utf-8
                                        
Date: Sun, 04 Dec 2022 10:34:58 GMT
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: ywBvwDfj


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Size:   653
Md5:    ba2732b1b2fa2626ffaa15f62f9e7d66
Sha1:   203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
Sha256: 879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "8A912103949EF8311EBE3005368BCC8F8738818851FB7418A2AA68721C441573"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6288
Expires: Sun, 04 Dec 2022 12:19:47 GMT
Date: Sun, 04 Dec 2022 10:34:59 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13635
Expires: Sun, 04 Dec 2022 14:22:14 GMT
Date: Sun, 04 Dec 2022 10:34:59 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13635
Expires: Sun, 04 Dec 2022 14:22:14 GMT
Date: Sun, 04 Dec 2022 10:34:59 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:38 GMT
age: 45741
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5681
Md5:    43309032a892c486f9985ef520df696e
Sha1:   36f4682ca6a33ff80ee02129c77e6f27e996ede0
Sha256: 24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 46258
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4666
Md5:    c01fe1cccdb3b672bbade6d98217ffe9
Sha1:   a9a529dc9894827f6243a1bf57f81caa4fe88fc2
Sha256: c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbe8e3477-9245-4318-82d9-b30607246872.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 6901
x-amzn-requestid: 5dd4545b-c48a-4fa2-8aa5-c7d0a5efeafe
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsByFqCoAMF4CA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc071-6b96e54876cde366748564d6;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:33 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Yy5pEWjBXne3kPQxZCLQdqdamtqa4udO00I6ro3bMUDTybHTZY_DgA==
via: 1.1 7f5e0d3b9ea85d0d75063a66c0ebc840.cloudfront.net (CloudFront), 1.1 61bc723adb3b1884ed759711e84e13a8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:53:43 GMT
age: 45676
etag: "e800712e4f8d9589670d8ee3a744ac0aedf7b6e3"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   6901
Md5:    89e5fc40e9e626a035abde2964ba0959
Sha1:   e800712e4f8d9589670d8ee3a744ac0aedf7b6e3
Sha256: 64a41309871b71682370e2b2f3735ac70039802fff4e1e46013f5aa1f15b4084
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kRs3oBWnSs5asyPdvz6kkooy7pqm2Yr8R_2x8EXCVn3dBz_aEJurRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 07:26:41 GMT
age: 11298
etag: "1d702df3a64258628f4124eafd580695f2d350af"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   16143
Md5:    14dcca2a9c4792d835ee709bcd947402
Sha1:   1d702df3a64258628f4124eafd580695f2d350af
Sha256: da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F61cc2744-b517-4404-bfa2-25fadadfa3f3.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 10431
x-amzn-requestid: f79ab5e7-8c1b-4827-a531-aaa19c1d80aa
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsCGEwxIAMF34g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc073-6358d2950955884c470c0a89;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PQ7xh995cd1UVi3z42EVZGjQjHLLvtAP5BBC-xLEEGr4mEiXS6fC-w==
via: 1.1 0c96ded7ff282d2dbcf47c918b6bb500.cloudfront.net (CloudFront), 1.1 aef00f14752da9aa504d392fd46eff94.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:47:06 GMT
age: 46073
etag: "8637105f41058bc0d2b259d462b560881928adb6"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   10431
Md5:    2636f91bb8fa4d9bb7bef114c248a9ae
Sha1:   8637105f41058bc0d2b259d462b560881928adb6
Sha256: 3d93fd8fcf1af31d00ccbd453142dbea5f2b91d7f58373095943ed40a31ed1f7
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:01 GMT
age: 45898
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8989
Md5:    a6e7b32ac999cf3c899a234c621fa91a
Sha1:   fc5d4f3163ebb9faf85968cbb1d194e8e68418be
Sha256: f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=101260
Date: Sun, 04 Dec 2022 10:34:59 GMT
Etag: "638b605f-116"
Expires: Mon, 05 Dec 2022 14:42:39 GMT
Last-Modified: Sat, 03 Dec 2022 14:42:39 GMT
Server: nginx
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1
Cache-Control: max-age=101260
Date: Sun, 04 Dec 2022 10:35:00 GMT
Etag: "638b605f-116"
Expires: Mon, 05 Dec 2022 14:42:40 GMT
Last-Modified: Sat, 03 Dec 2022 14:42:39 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1975
Cache-Control: max-age=157976
Date: Sun, 04 Dec 2022 10:35:00 GMT
Etag: "638c3635-116"
Expires: Tue, 06 Dec 2022 06:27:56 GMT
Last-Modified: Sun, 04 Dec 2022 05:55:01 GMT
Server: ECS (amb/6B90)
X-Cache: HIT
Content-Length: 278

                                        
                                            GET /a/bk?transaction_id=102e8ce97d9643e0f744250594ec98 HTTP/1.1 
Host: ji.hotelcomparly.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         188.114.96.1
HTTP/2 302 Found
content-type: text/html; charset=utf-8
                                        
date: Sun, 04 Dec 2022 10:35:01 GMT
location: https://www.afferental.com/?ref=https%3A%2F%2Fwww.booking.com%2Fen%2Findex.en.html%3Faid%3D2083685%26label%3D638c77d59e2ba903bf1ccb4a
x-powered-by: Express
access-control-allow-origin: *
access-control-allow-headers: Content-Type, Authorization
access-control-allow-methods: OPTIONS, HEAD, GET, POST, PUT, PATCH, DELETE
referrer-policy: no-referrer
referer-policy: no-referrer
vary: Accept, Accept-Encoding
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=Q4pingrtz1aXUVeG%2Bk%2BU%2BsLnx3RMfqXFpRdVDTteGhlPwuZjjB495TugRGEEP57i5G%2FFRZ8dIzwzQE%2B2e03AzA%2FtEzabTvY79COaTl0nA0WygUpQ3BSnbjw8iBJNGtNMCdlLkRd4jg%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7743e48fffb4fac0-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 10:35:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ajax/libs/jquery/3.4.1/jquery.min.js HTTP/1.1 
Host: ajax.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
timing-allow-origin: *
content-length: 30774
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Tue, 29 Nov 2022 13:29:29 GMT
expires: Wed, 29 Nov 2023 13:29:29 GMT
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
last-modified: Mon, 13 May 2019 14:37:17 GMT
age: 421532
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65451)
Size:   30774
Md5:    81182f4b684635f6bdcbdd907ee66f25
Sha1:   a1f2f151df72ede41397c8131bd47a3ce85575b3
Sha256: be40946c98d9a78a3c7c9ad097d379ab12549a195bd7a4766919a1d3fd987396
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.131
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 10:35:01 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 3178
Cache-Control: max-age=90073
Date: Sun, 04 Dec 2022 10:35:02 GMT
Etag: "638b2845-138"
Expires: Mon, 05 Dec 2022 11:36:15 GMT
Last-Modified: Sat, 03 Dec 2022 10:43:17 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 312

                                        
                                            GET /en/index.en.html?aid=2083685&label=638c77d59e2ba903bf1ccb4a HTTP/1.1 
Host: www.booking.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         185.28.222.11
HTTP/1.1 302 Found
                                        
server: nginx
date: Sun, 04 Dec 2022 10:35:02 GMT
transfer-encoding: chunked
location: /en/index.en-us.html?aid=2083685&label=638c77d59e2ba903bf1ccb4a&sid=4c2fa4b6679eaa4e9e0e6fdec368f4f7&keep_landing=1&sb_price_type=total&
nel: {"max_age":604800,"report_to":"default"}
report-to: {"group":"default","endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":604800}
set-cookie: _pxhd=SA2RuCPXyGJJRAqLdvk4yizbNxdWtTu2ZRg%252F3-NhcBaR-67U8mdmoY7wxkIILbroc8t3HYgmYeuDBgVgq2l4ZQ%253D%253D%253Ag6ggl8HCMvr3zulw3eCz7evIGBVkp8p4THwvg---16Gjo3JVmQfgQ8kZWzHOs3UMFHEl8JD8gOBHgyziNtcvNQ02XjBL68kKl1487ni4PW0%253D; domain=booking.com; path=/; expires=Mon, 04-Dec-2023 10:35:02 GMT px_init=0; domain=booking.com; expires=Sun, 05-Jan-2076 21:10:04 GMT; SameSite=Strict; secure; HttpOnly bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbbmD9q%2B5pe3UwXAs1TD8hE3keBzoOyZAfkmIb8CLoW%2F9GbcgrGjT6nS6bEe4b9R9GXmJFHdJN48xbyKrZSko3M2Kp2QJxfgHgqRQoatbaXo9Ccah%2BFLNxaxJqQBZce364hm3wUKeMkbM3xt3Bumcjg9Q2SUv13qhyP%2BkPQAy4A%2FU%3D; domain=.booking.com; path=/; expires=Fri, 03-Dec-2027 10:35:02 GMT; Secure; HTTPOnly; SameSite=None
strict-transport-security: max-age=604800
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 4757
Cache-Control: max-age=162219
Date: Sun, 04 Dec 2022 10:35:03 GMT
Etag: "638c3bed-117"
Expires: Tue, 06 Dec 2022 07:38:42 GMT
Last-Modified: Sun, 04 Dec 2022 06:19:25 GMT
Server: ECS (ska/F708)
X-Cache: HIT
Content-Length: 279

                                        
                                            GET /consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/OtAutoBlock.js HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         104.16.149.64
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Sun, 04 Dec 2022 10:35:03 GMT
content-length: 6671
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: ehYqM4XsLy++C+H91Vr94w==
last-modified: Tue, 15 Nov 2022 08:52:50 GMT
etag: 0x8DAC6E6C6719C76
x-ms-request-id: e8023ecf-a01e-001f-7acf-f803f6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 6085
expires: Mon, 05 Dec 2022 10:35:03 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7743e4a2dbd4b4f1-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (37276)
Size:   6671
Md5:    7a162a3385ec2f2fbe0be1fdd55afde3
Sha1:   5a37630a30526266cdaa387a32f50f20bae5ffd3
Sha256: f6143442002776683e3fe10ee2b1aa2fa3d3fba2e491ea7eb1044591adb8c515
                                        
                                            GET /static/js/crossorigin_check_cloudfront_sd/2454015045ef79168d452ff4e7f30bdadff0aa81.js HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 95
server: nginx
date: Thu, 10 Nov 2022 02:09:12 GMT
last-modified: Wed, 10 Apr 2019 11:21:38 GMT
etag: "5cadd1c2-5f"
expires: Sat, 10 Dec 2022 02:09:12 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 97GcHcgnydFB1yRWWQhRdRHxuYqiiM48Jso5lkEaYQaWXtvuU-BqRQ==
age: 2103951
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   95
Md5:    335be8900580e9c3875dba57334294ae
Sha1:   a86597d2ddfa410df13bceca86fdf9a2291fe798
Sha256: 8a882fd19a15567e53a5c3c08d22cdab714fa87734ed92d854c4e8fdf3940b1f
                                        
                                            GET /static/css/main_exps_cloudfront_sd.iq_ltr/2f016e6d5b41d7c6dcfb6e7fbd4a53c624f25fbd.css HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Wed, 30 Nov 2022 12:42:36 GMT
last-modified: Wed, 30 Nov 2022 12:37:22 GMT
etag: W/"63874e82-20b89"
expires: Fri, 30 Dec 2022 12:42:36 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Pg4_09UiRHgbdXmmlioaaJKN20cuYpHynIVsXFnsO4N5MNViJaH2Ng==
age: 337947
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   28090
Md5:    2ddb6543623d3bd45a86af6806f375e5
Sha1:   230e9f57697fb3cf24cfbbbd8dbf1b160197d1da
Sha256: 66e0c6f276d3a6d351f6c1eac3d71e323c2dbac3f72dd3e0386d786fb82aa82f
                                        
                                            GET /consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/3ea94870-d4b1-483a-b1d2-faf1d982bb31.json HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.149.64
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Sun, 04 Dec 2022 10:35:03 GMT
content-length: 1970
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: Ss97bz20U1kP1bvvaZSaZA==
last-modified: Tue, 15 Nov 2022 08:52:49 GMT
etag: 0x8DAC6E6C63E85AD
x-ms-request-id: 2535b6f6-b01e-0000-52cf-f8d8e6000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 6089
expires: Mon, 05 Dec 2022 10:35:03 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7743e4a3bce0b4f1-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (6106), with no line terminators
Size:   1970
Md5:    4acf7b6f3db453590fd5bbef69949a64
Sha1:   6a8b9148768a6af49e7a183b47f42a5b33569aa9
Sha256: 1e57187427b702038984f5c48618b51ff94617bd43cc7d340bd7411b5334aa03
                                        
                                            GET /static/css/xp-index-sb_cloudfront_sd.iq_ltr/24d785d9e222142b6e97779ff61f1549ab159dbd.css HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Wed, 30 Nov 2022 22:36:48 GMT
last-modified: Wed, 30 Nov 2022 12:37:23 GMT
etag: W/"63874e83-12b4d"
expires: Fri, 30 Dec 2022 22:36:48 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LvgJamFjLqQbHPbwMuOHmy2cE7OAtdICaUFieBYsQgOon-NNU_YbGQ==
age: 302295
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   12317
Md5:    591977eb4e01a8e2f91ccc853cc3f8a5
Sha1:   51f06f6932da76f729bf9e13cd1f61cf74d77f95
Sha256: a654ec7318aac34ca25942334b491b17fb28e561e3e1a344a315a53a06f64d2c
                                        
                                            GET /cookieconsentpub/v1/geo/location HTTP/1.1 
Host: geolocation.onetrust.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         104.18.27.85
HTTP/2 200 OK
content-type: application/json
                                        
date: Sun, 04 Dec 2022 10:35:03 GMT
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 7743e4a40af7b521-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (65383)
Size:   76018
Md5:    6f7776ece73f2f9cb9a7eba09bee007f
Sha1:   304bd2cd78d2de2979fff9e0990414692337872e
Sha256: 0a54b06a33e899b82f81910bdffa921b09305aab450209d1abcce0541bf35a61
                                        
                                            GET /consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/e1b8f75b-db25-46d6-8a45-749ed6c3e64c/en-us.json HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.149.64
HTTP/2 200 OK
content-type: application/x-javascript
                                        
date: Sun, 04 Dec 2022 10:35:03 GMT
content-length: 18041
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: u8ol+OCvxlwjXV5wG98I2Q==
last-modified: Tue, 15 Nov 2022 08:53:09 GMT
etag: 0x8DAC6E6D1C3CDC4
x-ms-request-id: afe69279-601e-008a-73cf-f862c5000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 5943
expires: Mon, 05 Dec 2022 10:35:03 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7743e4a4de41b4f1-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , Unicode text, UTF-8 text, with very long lines (65508), with no line terminators
Size:   18041
Md5:    bbca25f8e0afc65c235d5e701bdf08d9
Sha1:   b8a6c7c2a0081ae9dc7f50d3e6e29994fa1b3bf4
Sha256: e8a079b3f468ad274075e4ede5b2e541bcad8e1389c0d2c0170af9a431bbed44
                                        
                                            GET /scripttemplates/6.22.0/assets/otFlat.json HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.149.64
HTTP/2 200 OK
content-type: application/json
                                        
date: Sun, 04 Dec 2022 10:35:03 GMT
content-length: 2950
content-encoding: gzip
content-md5: eS/vZlhjCBp2QvELx7IrSQ==
last-modified: Thu, 19 Aug 2021 02:39:10 GMT
etag: 0x8D962BA867F281F
x-ms-request-id: 1ab7d2f4-a01e-003d-026c-c46dc0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 30752
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7743e4a52e9fb4f1-OSL
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (10843)
Size:   2950
Md5:    792fef665863081a7642f10bc7b22b49
Sha1:   f30de5899ad8675a26c5a1688c543e7044bce0ab
Sha256: af415b02ce1afa491d86bd1fafa2416302d69906ded37715ca425b6778cd7d9c
                                        
                                            GET /static/img/nobg_all_blue_iq/b700d9e3067c1186a3364012df4fe1c48ae6da44.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 73
server: nginx
date: Tue, 15 Nov 2022 02:17:13 GMT
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
etag: "5cadd1d3-49"
expires: Thu, 15 Dec 2022 02:17:13 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mDWU_fYanydvDsQKgLNJJzZNOZqVUiPm9AOWer0jbhFWMBVh52fVBw==
age: 1671471
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 1 x 100, 8-bit/color RGB, non-interlaced\012- data
Size:   73
Md5:    ff823944bc0bb9e4bf87f0ad14f687d1
Sha1:   4b68ba281b9ab171611569bf78971df6970efbc1
Sha256: 6153929734ec12ec07072f327c1112301828497e4dd356ca261461b0b7ba9621
                                        
                                            GET /static/img/flags/new/48-squared/us/fa2b2a0e643c840152ba856a8bb081c7ded40efa.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 642
server: nginx
date: Sun, 13 Nov 2022 07:27:58 GMT
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
etag: "5f55f887-282"
expires: Tue, 13 Dec 2022 07:27:58 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GUb7yvZ_3nFONbsrlglfAtuPSjGeTZjrAPhpOF-xtW3El0GsGTeCzA==
age: 1825626
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Size:   642
Md5:    41a0e840aa47c87e19d2bfe0b1231c3f
Sha1:   b5f588ca91fc9e67b5ea658c5ff943b0639e57b9
Sha256: a333d02eedde7a4dd8643d58b0ea7947268a1762f35f517eb6000ec9e7fcfae8
                                        
                                            GET /static/img/flags/new/48-squared/gb/daba79fdd4066d133e8bf59070fd6819b951c403.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 522
server: nginx
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
date: Tue, 29 Nov 2022 03:40:47 GMT
expires: Wed, 28 Dec 2022 03:46:16 GMT
cache-control: max-age=2592000
etag: "5f55f887-20a"
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: A1A0JgWQM9y_fHDSZUbZnH6DCdKkffzN7tWTiPg07OtvnFHXT--b0g==
age: 542928
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Size:   522
Md5:    925ee33071ef712bda608ef3bf50ef13
Sha1:   c7d8844e68d5c9bc0294dc5a69f8550c6d6d39d5
Sha256: 996b0e99fcc7a553eac6f51569be5429b1bf8c071a708289fab808d7660cf74c
                                        
                                            GET /static/img/flags/new/48-squared/de/668350ee17050ec21845c27503ae960695f341a9.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 146
server: nginx
date: Thu, 10 Nov 2022 01:09:28 GMT
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
etag: "5f55f887-92"
expires: Sat, 10 Dec 2022 01:09:28 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: pel-q_8g_YChtTMK5L9gqioV3m0nWenYtOPmOKjx-3EQYBTsoH9k5Q==
age: 2107536
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 4-bit colormap, non-interlaced\012- data
Size:   146
Md5:    ff1fb74ffba22eb6b6e3b91923874a92
Sha1:   498ebb536fd3a0d55b12c53de5c931a8859ca9d0
Sha256: 4c1f1497ae4ade7ce895bc174187b7c5f145d0924c082c86cfed4efda62f305c
                                        
                                            GET /static/img/flags/new/48-squared/nl/65e3bcc466c4026a08bdb2671799ca26c3228d19.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 133
server: nginx
date: Wed, 09 Nov 2022 04:18:22 GMT
last-modified: Mon, 07 Sep 2020 10:40:08 GMT
etag: "5f560e08-85"
expires: Fri, 09 Dec 2022 04:18:22 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XCQor9J13MBd5xCDSrpT4nwgKbwmt_gziYOs4RH9ZqesrLp3mo5VkA==
age: 2182602
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 4-bit colormap, non-interlaced\012- data
Size:   133
Md5:    d71004d18912ce962c083e4761b4edee
Sha1:   79aacce102a007f191df0fe753117764c1381d87
Sha256: d5d5badb50d07fe792765fc98388901290efc2cd2014b1afe513321acaa6710f
                                        
                                            GET /static/img/flags/new/48-squared/fr/c48bc65c9dc57035fa983df37e9732c0f0a2663f.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 153
server: nginx
date: Sun, 06 Nov 2022 07:45:49 GMT
last-modified: Mon, 07 Sep 2020 10:40:08 GMT
etag: "5f560e08-99"
expires: Tue, 06 Dec 2022 07:45:49 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1YUuJV5sWL8P2v9aYLWOQ1ZeNDztXV2O1BU8Vw93Aj-4yPPHrV5Yuw==
age: 2429355
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 4-bit colormap, non-interlaced\012- data
Size:   153
Md5:    d61a768803223e8ecabed2277992e21a
Sha1:   bfd3ddcedb47e691ce233c863d782f0ac7e2e414
Sha256: 8c823b6fe7ed7a0af5f592357f0512e43a86813159f095e7292489ba86c1e6d6
                                        
                                            GET /static/js/main_cloudfront_sd/84a58112ded9c5b91d3e5a705078b008dc9e86e8.js HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Wed, 30 Nov 2022 12:41:17 GMT
last-modified: Wed, 30 Nov 2022 12:37:23 GMT
etag: W/"63874e83-8682a"
expires: Fri, 30 Dec 2022 12:41:17 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tZQO-N2LVywQbauJU5JNf2NTwAjnnyP2aKuEaWBvuwjJAVj0_aZOjQ==
age: 338026
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (57572)
Size:   139687
Md5:    8964dc27c363954f893a53c61b947fca
Sha1:   55c31ce575059dad81b55169b031440e0e02b657
Sha256: a361d8c45116ae99d3330f5967b9a2b2f24d4841899726e76520c522c5e2d345
                                        
                                            GET /static/js/landingpage_cloudfront_sd/92ed703e1939dfeded3ccd4ea8a2fb39c766e2e9.js HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Tue, 15 Nov 2022 15:30:42 GMT
last-modified: Tue, 15 Nov 2022 15:27:21 GMT
etag: W/"6373afd9-67f01"
expires: Thu, 15 Dec 2022 15:30:42 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Tm-TkV5_0EmO5XjFKC-DiLHdJwbiGmn_mBIOhFPF_ecUdmHMjvbw-g==
age: 1623860
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (51645)
Size:   80106
Md5:    d1bede9d4fa1f00b13dffd71f7bcf313
Sha1:   07732e9766d09be7d05a76b69c33a72481aac947
Sha256: 4e90c2f842b8d486cf26cd4df698dced18084f2822420e3e488539176990d796
                                        
                                            GET /static/js/lazy_load_images_cloudfront_sd/77204d4da4aa41b08b1a4062c8e66e4629550994.js HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 11 Nov 2022 01:22:03 GMT
last-modified: Tue, 04 Feb 2020 10:19:57 GMT
etag: W/"5e39454d-15f3"
expires: Sun, 11 Dec 2022 01:22:03 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xNGmuWfdO6m_r_0EKkVFnazv6hl-_bfR41jKYtFGns2vewy1UETYpg==
age: 2020380
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5619), with no line terminators
Size:   2623
Md5:    42abfa0ce7a43fdf27f959742089f2cc
Sha1:   b436ee72b8b4077017de50ab94c095dd922111df
Sha256: 1f887ea117375e099d796d9423922cf0bce731b9d18302a79afa8e08506b75cb
                                        
                                            GET /static/img/flags/new/48-squared/catalonia/8578246a75d8b9dceaacb174072d0c6acafcc2df.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 155
server: nginx
date: Sun, 13 Nov 2022 05:25:11 GMT
last-modified: Mon, 07 Sep 2020 10:40:08 GMT
etag: "5f560e08-9b"
expires: Tue, 13 Dec 2022 05:25:11 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Qv6HbdDEZ5nOUL6Rs-63yS3qGW2BLstXSRU4usA3-e_KW5uYzqYmPQ==
age: 1832993
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 4-bit colormap, non-interlaced\012- data
Size:   155
Md5:    9aa827fa86c5f431d15c5b23a78f0f9d
Sha1:   7a82e7b12cb63ae4afabddd04a83c94c468dc777
Sha256: c6d8a7fe3c884ebb35313519fb7187cd6609b4c2ede2ddedcafb6ef8a9905310
                                        
                                            GET /static/img/flags/new/48-squared/it/b8db3771480bd0c7971b9f94cad3640c89521882.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 153
server: nginx
date: Fri, 25 Nov 2022 09:23:46 GMT
last-modified: Mon, 07 Sep 2020 10:40:08 GMT
etag: "5f560e08-99"
expires: Sun, 25 Dec 2022 09:23:46 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8Em9G1Q1zO-TMHufFqoiv6BWvtO9UiGMPwBnTzTd8p3n7Fg_VR5jgg==
age: 781878
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 4-bit colormap, non-interlaced\012- data
Size:   153
Md5:    4261fd05fa4ff2f6b27961be52f72502
Sha1:   30b359e2111f9509e89b4740af3aa6be24fcc812
Sha256: 861f2142293eb28de2c5f7c6f0035847ae176dc02470bfa7fbb157bf2b89339d
                                        
                                            GET /static/js/core-deps-inlinedet_cloudfront_sd/6da0bf621035bb8a2f9c756d6a89dda03b2f7864.js HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 04 Nov 2022 17:58:13 GMT
last-modified: Wed, 22 Jun 2022 10:40:45 GMT
etag: W/"62b2f1ad-949e"
expires: Sun, 04 Dec 2022 17:58:13 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zO0-h6g_wRBLCTS0jlrD9yMAWUdPli9gQBSgs15lN8kxLt1DUfIZFg==
age: 2565410
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (37718)
Size:   13510
Md5:    f9210a6822b536f73b7c55f7aed4e925
Sha1:   2168ee01014f29232e03c48ae015df62a8979d89
Sha256: 52f2d5c51ef85683e4a8d0177d1272b18d86e316c522fcfd5a2ee07d31a888b2
                                        
                                            GET /static/js/searchbox_cloudfront_sd/5d2edcc8d136dd8e0ef1a28d2d8495a87f39d811.js HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Mon, 14 Nov 2022 05:00:17 GMT
last-modified: Mon, 14 Nov 2022 03:58:32 GMT
etag: W/"6371bce8-398a1"
expires: Wed, 14 Dec 2022 05:00:17 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VCOMa4FX4gbe483pc0D3zdmakCr2PHc5zQCT-vki5LvVfuSpw1DQFA==
age: 1748086
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65528), with no line terminators
Size:   51693
Md5:    07cd2e05b14dd8f2459c3d049616cbc8
Sha1:   07b89482a3cc251ad47ece533c3d14d4d71032c0
Sha256: 39e449373e855e35bfbb89f7489889d5f7318f56181f03ecefc25b3f0bbc34c3
                                        
                                            GET /static/js/error_catcher_bec_cloudfront_sd/282f83b6049fe9bacd964cb6ea8a6d5447528b14.js HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Thu, 24 Nov 2022 08:55:08 GMT
last-modified: Mon, 06 Sep 2021 09:06:05 GMT
etag: W/"6135d9fd-178d"
expires: Sat, 24 Dec 2022 08:55:08 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sQFY8PZY36cj1vmMOvfQOtodgroGldDtNND-xiHROjsfqGOhcZ4Rhw==
age: 869995
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (6029), with no line terminators
Size:   2450
Md5:    7aa23725679afdff73598b3bac7642b8
Sha1:   687cefac46526251e92ab12bd452ef0e0cd9b0e1
Sha256: bcd0e7a9ffaa428b9844e628155641e2b1cd1973de1ebd96d5d6cdde02d3760a
                                        
                                            GET /scripttemplates/6.22.0/assets/otCommonStyles.css HTTP/1.1 
Host: cdn.cookielaw.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         104.16.149.64
HTTP/2 200 OK
content-type: text/css
                                        
date: Sun, 04 Dec 2022 10:35:03 GMT
content-md5: F/Fs54+x9bQK/ULkNRp4fA==
last-modified: Thu, 19 Aug 2021 02:39:24 GMT
x-ms-request-id: 6bc20948-001e-0159-656c-c49b35000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 31433
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 7743e4a52ea4b4f1-OSL
content-encoding: gzip
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   4320
Md5:    affeb970b6f3f57809d7a8cd5bebbda9
Sha1:   292b0f757c1774f22c4e78bc4e9d636b0cb7b360
Sha256: 580a7a567aa67c289a40d2dab86423f1624e65807377cac6598beaffededfc39
                                        
                                            GET /static/img/flags/new/48-squared/se/5e126775c25a54a24956ddcc72c8bbcaeed20872.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 198
server: nginx
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
date: Thu, 01 Dec 2022 03:40:09 GMT
expires: Fri, 30 Dec 2022 06:25:28 GMT
cache-control: max-age=2592000
etag: "5f55f887-c6"
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fohii4i49aJuuWphHQcmh0wDtoQwjqV199rq0h94D5WWzaJSoZuPhg==
age: 360576
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 4-bit colormap, non-interlaced\012- data
Size:   198
Md5:    13c8c96bf421d8616a6e22d2932a0b76
Sha1:   09c8720b6e8dec10ae55c6c71b83508a97d7103e
Sha256: 3e94a1d0a60d1870f9117b8b5ec1379df6040dead195531942a48a3ac57d11d9
                                        
                                            GET /static/img/flags/new/48-squared/dk/744575dd4e87590a543b7c8cbacaef6c3de4e4d2.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 175
server: nginx
date: Sat, 12 Nov 2022 05:49:06 GMT
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
etag: "5f55f887-af"
expires: Mon, 12 Dec 2022 05:49:06 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sajKbYt-Wugy7K7qDbeS9cY5S5rnKf1Cmotg0B-StuftAdYaAyjpoA==
age: 1917958
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 4-bit colormap, non-interlaced\012- data
Size:   175
Md5:    3275f76ec51c7d87571ef5a5f3e6ddea
Sha1:   995f9025c29c6ab965c3a29af50ae25c9a390ab0
Sha256: a60eac8ef0e0d0dddef152891451b215d955373071d2bd32db7d4b2053fbaf08
                                        
                                            GET /static/js/index_cloudfront_sd/bd68e5b299d11859b1945c5a93a09081c17a381a.js HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Fri, 02 Dec 2022 09:32:45 GMT
last-modified: Wed, 30 Nov 2022 12:37:23 GMT
etag: W/"63874e83-1291c"
expires: Sun, 01 Jan 2023 09:32:45 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: R8SgXaXHlt8mruzrCkTVZa0jjAcPhtN5qvFQQogdUMZCZFQ6yKyDBg==
age: 176538
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   17335
Md5:    109e95cef5c71ccd1bded22d51880089
Sha1:   c6d7ad145354d936e548c287db44beca14c6b3ee
Sha256: b2605c9c33556f7518293f8f05f0105eddbe23a2929bf5706e470ee30c472561
                                        
                                            GET /static/img/flags/new/48-squared/hu/fc7cb24c5c7cb9de74a74fad271d6838daabc4cb.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 133
server: nginx
date: Sat, 05 Nov 2022 09:14:33 GMT
last-modified: Mon, 07 Sep 2020 10:40:08 GMT
etag: "5f560e08-85"
expires: Mon, 05 Dec 2022 09:14:33 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: R1CcLsSdmYDonooepeeS78julLVtx3OCuCOrXc90BREYQJoKHaoHhg==
age: 2510431
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 4-bit colormap, non-interlaced\012- data
Size:   133
Md5:    9206b6715881ae75735ed659e808e94f
Sha1:   eed3ea9303a65b3b7f64f73d1a8499373aa26c0b
Sha256: 70c5cf7c80ec64caf926271a8832ca79342bd1d9203bae584f8c441aee10ddf0
                                        
                                            GET /static/img/flags/new/48-squared/ro/2d67b91f7beb87bd9286975da3e6dadc70d9c64b.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 153
server: nginx
date: Tue, 08 Nov 2022 03:00:00 GMT
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
etag: "5f55f887-99"
expires: Thu, 08 Dec 2022 03:00:00 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: FI_zHvFHoiEPrB3Tsap0XvkgkmAvvl9XYBugjnhS6-YJ1oQ5Vdmmkw==
age: 2273704
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 4-bit colormap, non-interlaced\012- data
Size:   153
Md5:    1b1f1d1d57a2cd65c38748ed1e165aa7
Sha1:   58f0710ccff2655b04eb6ed0a2c86ec64eea5223
Sha256: 881978c2d219d2d9e3f0c5584e489e06e1948d0b4f9c5d7d3104a61ddb2e7372
                                        
                                            GET /static/img/flags/new/48-squared/jp/9bf7e50bc6dc66599aeede9189ca16de461c60b6.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 333
server: nginx
date: Fri, 11 Nov 2022 01:20:39 GMT
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
etag: "5f55f887-14d"
expires: Sun, 11 Dec 2022 01:20:39 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KM9M3sylOTNsW4rlBrMEL4r9aRuL5hqdU0Qzpdme7H-4KMoMt498Zg==
age: 2020465
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Size:   333
Md5:    0430ec4fbfa9c9d0c02e4040873de949
Sha1:   6f5a96e43c5665af451ae5b0448ed5a7113e40d9
Sha256: ee8b36adb5cbd88a5819e742a813ae397ace8c319861ad8aa4d9caaae90812a0
                                        
                                            GET /static/img/flags/new/48-squared/cn/5a221730f540facc62563bfa6192ce155a9f677e.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 332
server: nginx
date: Mon, 28 Nov 2022 03:51:41 GMT
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
etag: "5f55f887-14c"
expires: Wed, 28 Dec 2022 03:51:41 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: I0tJwZDGzrhpgdFyMFApD3jRlmrvZ1-eH168JM9nsrGZB5Pnx-65fg==
age: 542603
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Size:   332
Md5:    a12df81751d392f648a2785d2de72a05
Sha1:   39156191b034cde7e591faa6677153fae77e6770
Sha256: 3e3cbba48022f930c07d6bdea530464cca93dd1c5473c2e75548cabd56c3d5bc
                                        
                                            GET /static/img/flags/new/48-squared/pl/4d6b6e962b0b049a03924fc618b959395d60ae39.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 121
server: nginx
date: Tue, 15 Nov 2022 01:39:24 GMT
last-modified: Mon, 07 Sep 2020 10:40:08 GMT
etag: "5f560e08-79"
expires: Thu, 15 Dec 2022 01:39:24 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JYadAlc-Vq3VpLyTAnfnyxwjueRBCpVDzmkJY0HlV7BJBEE3FmQdEA==
age: 1673740
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 2-bit colormap, non-interlaced\012- data
Size:   121
Md5:    f5426bca09243b610e38d3c14e677064
Sha1:   e2ab7e2d6380dc421aa64648c11ddab3b2233e49
Sha256: 2f404d211c6a0c69dcac5b38ae18a1fc57840c4bd330b1bd64def6bf8b748d64
                                        
                                            GET /static/img/flags/new/48-squared/z4/ced4751e6ac2cbb9884a5878fff59a4e24c3e386.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 547
server: nginx
date: Wed, 30 Nov 2022 05:05:04 GMT
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
etag: "5f55f887-223"
expires: Fri, 30 Dec 2022 05:05:04 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Pi5Rplj34cXk1ha8qDB9iTO_7DjV_Hbdy4l4Zq9TSsiRpP6uSqx4EA==
age: 365400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Size:   547
Md5:    b20acca9869722ee22594c1cb79aa80c
Sha1:   8547e31b2cb93793703caa352c4cc7c08daf9f39
Sha256: b93aa481a175851c5691c27239100c897b7e42e2d06c19df05f9b5de422fde26
                                        
                                            GET /static/img/flags/new/48-squared/gr/e0e42a97a7b860fc9be71954262902f2a4e94aa6.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 215
server: nginx
date: Fri, 25 Nov 2022 09:40:36 GMT
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
etag: "5f55f887-d7"
expires: Sun, 25 Dec 2022 09:40:36 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: u1JDs1d6oTcHQTCjfFiwtJiy2MS3BFj3UaJRXS2yG_LCgkztLM9dMQ==
age: 780868
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 4-bit colormap, non-interlaced\012- data
Size:   215
Md5:    0c3be548c24fe302a6765670af14cb20
Sha1:   b14e18e90b32ec75ee248f748dee5aa6d7609822
Sha256: 84b0beb08ce848e9e03e1e2ef34d5cb421a429661bb837750a1c37cb44b05145
                                        
                                            GET /static/img/flags/new/48-squared/ru/2277320023a64803843c36ca6aa48ad77523dd0d.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 139
server: nginx
date: Wed, 30 Nov 2022 06:25:28 GMT
last-modified: Mon, 07 Sep 2020 10:40:08 GMT
etag: "5f560e08-8b"
expires: Fri, 30 Dec 2022 06:25:28 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GFMde_H7BDMkZV2eMt-CdmSt1WN9e32hW_RW8--sEulmJBn6TuZwcg==
age: 360576
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 4-bit colormap, non-interlaced\012- data
Size:   139
Md5:    e788f0359c4ebb5d12da0db2e46b5cae
Sha1:   7ef0e8f52982a8fe7a25e27011fca7716231a52b
Sha256: 6f71c4adcbf4ee888f31ee757fd52cdb61881a9aca9f8a571c00470df055185c
                                        
                                            GET /static/img/flags/new/48-squared/tr/f7ad0cb74f4ea5e7193cb6029c7f977e9786cfa2.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 400
server: nginx
date: Thu, 01 Dec 2022 03:28:38 GMT
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
etag: "5f55f887-190"
expires: Sat, 31 Dec 2022 03:28:38 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KQ52PcpgYlH5MbouUZYCG2PFGO9BFoviMNeSwiGL8et1UOK5YnOa-Q==
age: 284786
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Size:   400
Md5:    87321ae6e71b9b09c681058e91a468b5
Sha1:   3fb7872894da2daef6f66e73d8fd2f7b78b3b533
Sha256: 2c1c4611b00fa1da5b4cf45ac2c7d25744c4bf0897fab2e00833ff0aefdf5023
                                        
                                            GET /static/img/flags/new/48-squared/bg/540f2da5fee31b7385af127619ab5ca4fc3783b5.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 99
server: nginx
date: Wed, 30 Nov 2022 03:36:47 GMT
last-modified: Mon, 07 Sep 2020 10:40:09 GMT
etag: "5f560e09-63"
expires: Fri, 30 Dec 2022 03:36:47 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8nWih3zfcjoOh1eC-efJ4nHtd9LstpHelotXBVcQFULLbnxi__A0nw==
age: 370697
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 2-bit colormap, non-interlaced\012- data
Size:   99
Md5:    49c081307e8d5ea32a47fb077905f2de
Sha1:   7b0a263172247879fd6255ab19f26aa45695f380
Sha256: 7ea8e075feac7c0c8a0cdecdf923fdab30b1b0d13336af312484b4f73b926dd9
                                        
                                            GET /static/img/flags/new/48-squared/sa/44ab510f37755d1d9d4c4dfa9b1f25bed9b2a95c.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 534
server: nginx
date: Mon, 07 Nov 2022 07:46:36 GMT
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
etag: "5f55f887-216"
expires: Wed, 07 Dec 2022 07:46:36 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gJc0JvhcyvKPdz-Qz_dWal6JO9XSPVcFX6cyRJGIBnXvkeQhSagH8w==
age: 2342908
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Size:   534
Md5:    c5ba34de4a5b15c8e5966ce4ac6dac7d
Sha1:   d87ca11092c06c059948bca64995703ce9646f98
Sha256: 3f32c4cf32cba619d3e8a5737d713c0d2633fd369f668a8fc038c525e6b20512
                                        
                                            GET /static/img/flags/new/48-squared/kr/4cb76b458a73ca4c1de034c7623475278d363ce6.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 870
server: nginx
date: Tue, 15 Nov 2022 01:39:24 GMT
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
etag: "5f55f887-366"
expires: Thu, 15 Dec 2022 01:39:24 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: d68uWQ9mu0dhlvK06FGmewtGvUN_fJZaxgUy43EKAfwa0mME01IItg==
age: 1673740
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Size:   870
Md5:    52c9301117c90f4f0f02957fb952f163
Sha1:   7e947ebefa1352e7282626e90e68442896c606e6
Sha256: 9f31f4ed393b17f37ea3ec9572bdda6ac8c1a3e3ee410743ac2b69f4717b4425
                                        
                                            GET /static/img/flags/new/48-squared/il/fc1907ccd86aa051f7fbe22649d1e31ac6aee016.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 325
server: nginx
date: Tue, 15 Nov 2022 01:39:24 GMT
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
etag: "5f55f887-145"
expires: Thu, 15 Dec 2022 01:39:24 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KpIbJ5-1WCiN80RKA3t_w1fhP1FNCeRz-S8CE8cs2vkIL82HBhYUQQ==
age: 1673740
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Size:   325
Md5:    6fedf345605f454aa06cc4d6cdf07c95
Sha1:   566b06216ad282e7b0a34b23803f9f459cf0fa8c
Sha256: 6ad5ceae28b78a9253cc023db0dc2dc95684e086c9c69672f4d61c64b483adf5
                                        
                                            GET /static/img/flags/new/48-squared/lv/393103a26c1d5f1fbd7d9674732bbdfc42296399.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 142
server: nginx
date: Sat, 12 Nov 2022 05:49:06 GMT
last-modified: Mon, 07 Sep 2020 10:40:08 GMT
etag: "5f560e08-8e"
expires: Mon, 12 Dec 2022 05:49:06 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7HQ0RYpx-aH0IQC2IMxjib-DrfGPpfEQ-D8PaH4MiuWQ7AwZEaiPgA==
age: 1917958
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 4-bit colormap, non-interlaced\012- data
Size:   142
Md5:    ddb2ed817fb9ff1e8fa103e303126d92
Sha1:   db7c6839bb7acec47406626cd0db92f5ae203a7f
Sha256: 90f140a70c71755fed1d533e2f837406fb1a6dde2d18d4318d65fb90bad9332c
                                        
                                            GET /static/img/flags/new/48-squared/ua/2ea50f1c1fb480c4557a5578f71657fc3152c3a1.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 134
server: nginx
date: Sat, 26 Nov 2022 09:32:25 GMT
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
etag: "5f55f887-86"
expires: Mon, 26 Dec 2022 09:32:25 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4gK3t2-lO9OPtylNTfBnCLIHGtznFTUpquLZlroCQmIpsZ70WPjJbQ==
age: 694959
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 4-bit colormap, non-interlaced\012- data
Size:   134
Md5:    f4db0dc55878fe02bb1efff8fc8dfe00
Sha1:   233ad877840f93216679c862e72be0d38a3c1132
Sha256: 4d5747ee4bfc01093d27ec5833305780e8797e361214269f85ca824274d7b4ed
                                        
                                            GET /static/img/flags/new/48-squared/in/20aa535a5d3c505dd02fea275ed1a36c0fb1fe08.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 344
server: nginx
date: Mon, 14 Nov 2022 04:13:56 GMT
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
etag: "5f55f887-158"
expires: Wed, 14 Dec 2022 04:13:56 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jDvE6PUd1giitlb64jWGWij_cj5ajJSS2KaisiHFFgMsXD6o-oSwWw==
age: 1750868
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Size:   344
Md5:    d393a8574f0e51fce295082d390baad2
Sha1:   bd9f6c20fc33d74ca2b49e828721298c1beaabe7
Sha256: fe628ee3822daace85b0d6b50b24295b25406735b724d65ac7813d3a23e35bb2
                                        
                                            GET /static/img/flags/new/48-squared/id/e7d3d00965d8c994a72807b43b21c648250cf906.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 121
server: nginx
date: Sat, 12 Nov 2022 04:15:28 GMT
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
etag: "5f55f887-79"
expires: Mon, 12 Dec 2022 04:15:28 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7XijWhPikAX5IaYpBl93whvjDM3tH-ogdil3jyvH7NWvVY6TeJpqQg==
age: 1923576
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 2-bit colormap, non-interlaced\012- data
Size:   121
Md5:    40b14f52ee0e84a6b7f2395438df4e89
Sha1:   3a1b4751f73b37112ea8abe9d8e1e43fb0b5dcc1
Sha256: 0839f5f4321e755f66f00aebe4ecad12e81de7d87b73600f621f3e4067bec79b
                                        
                                            GET /static/img/flags/new/48-squared/th/53a76d6856962953d739d07ac61f04adee50a3d1.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 150
server: nginx
date: Mon, 07 Nov 2022 07:46:36 GMT
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
etag: "5f55f887-96"
expires: Wed, 07 Dec 2022 07:46:36 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MKDNuHcjKccbzMS1LGOF8xqWu0uKmWXhe8ckrwa_HzYH2gI68jjRtA==
age: 2342908
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 4-bit colormap, non-interlaced\012- data
Size:   150
Md5:    ff949a5fc9c52cbb395e15afd6cbbf53
Sha1:   a63fbcbe8300ee1a16399b46c1fd300f1b9e6b8b
Sha256: 67b2c242d9fb8390f051c11070e23792de15f513d53175ce7730484a7c789ef9
                                        
                                            GET /static/img/flags/new/48-squared/my/6d811cf6127cea0a957ca0243546a03339fa19ac.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 499
server: nginx
date: Sat, 05 Nov 2022 03:13:19 GMT
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
etag: "5f55f887-1f3"
expires: Mon, 05 Dec 2022 03:13:19 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: eIx4oevkeIU1ygq7ScHiUhwho3O6R4IGzI-KE2ojEsyTFamXRHw5Zw==
age: 2532105
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Size:   499
Md5:    822b7bd88d4723227ae587567f978918
Sha1:   767884bb4c8904e55bd5c943aec9a867984137b4
Sha256: e5f05ae53de8b16cc10e8bc868e9c5d9786930973bdce663ee64d206c04388ef
                                        
                                            GET /static/img/flags/new/48-squared/hr/e7a46f4dad977aecafa6a3680972e0c137a1bc41.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 815
server: nginx
date: Thu, 01 Dec 2022 14:09:05 GMT
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
etag: "5f55f887-32f"
expires: Sat, 31 Dec 2022 14:09:05 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cn0FB3zak93Lc0J_VPh6fCsZfGFMtEM-kcf_ZY6GrjXqsvw7pJhM1w==
age: 246359
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Size:   815
Md5:    0964eedc0f19b195664c3f75bb22c6ab
Sha1:   22b1a1a6062e7f5fcad6bcb023bb5fd87d22e07d
Sha256: fff82225f56361a415858aa788a2d640331f82f6d9462ac9dbcf39e9023b5a6f
                                        
                                            GET /static/img/flags/new/48-squared/ee/509074558f4fe7c71ceed57584dec0382274dd16.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 139
server: nginx
date: Fri, 11 Nov 2022 07:18:26 GMT
last-modified: Mon, 07 Sep 2020 10:40:09 GMT
etag: "5f560e09-8b"
expires: Sun, 11 Dec 2022 07:18:26 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WDKx4ueP09X5B07LCmJueKN72WPgctN72U135SpsqDhD7IS8vzWvIg==
age: 1998997
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 4-bit colormap, non-interlaced\012- data
Size:   139
Md5:    12aaeead084db9341a3afbd71d0b123d
Sha1:   5e048ae4bd509d08cd5a17d99d5430e104da7013
Sha256: 8bc3c2630c36b9713f3d002ed54e49c7671ec960ef0d8b02e32f2fdba2af6cb6
                                        
                                            GET /static/img/flags/new/48-squared/lt/5bb712a60a82b7e075deba5b102aa36348bbb255.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 140
server: nginx
date: Fri, 02 Dec 2022 03:10:37 GMT
last-modified: Mon, 07 Sep 2020 10:40:08 GMT
etag: "5f560e08-8c"
expires: Sun, 01 Jan 2023 03:10:37 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JqudjhhV8mF26MNoDViUDpDgqXzMLUxVjgRJMb7k4kZmrGMpNOMFSg==
age: 199467
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 4-bit colormap, non-interlaced\012- data
Size:   140
Md5:    7c4ca938a6f3b20c4b24b24fc16afb3d
Sha1:   8e9569b41f3b36e88ddba9f85627dc6d48764e88
Sha256: f28938e268eb5573c2e34f320e61a80b20599684a3fc502a01e29ec696701c8e
                                        
                                            GET /static/css/main_cloudfront_sd.iq_ltr/571729221c8fdd1b5ac964ce2892c27f9c678bd8.css HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Wed, 30 Nov 2022 12:42:36 GMT
last-modified: Wed, 30 Nov 2022 12:37:22 GMT
etag: W/"63874e82-873a9"
expires: Fri, 30 Dec 2022 12:42:36 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7I6OMKqphEvhq0VulKb2yPU2S6lywOClg_iXmwlrEXNkIqeHg06aFg==
age: 337947
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   61849
Md5:    aae8b20b022e30e8011faf1f24595efe
Sha1:   8370f199c562e2bd16ab474b19a7cf201440f243
Sha256: 240d950364975c1f8692d4183e5c8a008210fe13c7c424da1a12add496a6e3b0
                                        
                                            GET /static/css/incentives_cloudfront_sd.iq_ltr/200d13c63f1a43e6ecc598ab2da5ed550e4df0ec.css HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Fri, 11 Nov 2022 10:12:53 GMT
last-modified: Fri, 11 Nov 2022 01:23:42 GMT
etag: W/"636da41e-1d1d"
expires: Sun, 11 Dec 2022 10:12:53 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: VdpA4djwEcQpZisRxNpyl80akzt6OcWme4o5o70WXSdotZsMJz_44g==
age: 1988530
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (7453), with no line terminators
Size:   2848
Md5:    e350273c799b30a46d00fa4b44c07d7e
Sha1:   2f8ab2467a24475201666b31df53c82498902afc
Sha256: 109a998dbe9a03ee8ded8a85d4f4274787470e9d457276579daa677437649036
                                        
                                            GET /libs/privacy-consent/releases/2.1.32/customer/cookie-banner.min.js HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Tue, 04 Oct 2022 23:02:37 GMT
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
date: Sun, 06 Nov 2022 23:20:43 GMT
expires: Tue, 06 Dec 2022 23:03:11 GMT
cache-control: max-age=2592000
etag: W/"633cbb8d-21be"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sF-t3Q8f4DC6-7Y7PeBwFN4jOmet3FOqj5w-bI6JNez6bRfVr5i32A==
age: 2374312
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (8638), with no line terminators
Size:   3284
Md5:    bf81f75250e5912837847bfe573e1f51
Sha1:   66d72aa736fa16f1057d1247fdcf83d5937d15db
Sha256: 69ae9cd1d288189a90de067ff559bf64615906dceb3647cbc38ac476af0a54d1
                                        
                                            GET /static/css/index_cloudfront_sd.iq_ltr/fe0a561f22d79e44176b64201d9fcc5073d680b9.css HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: text/css
                                        
server: nginx
date: Fri, 02 Dec 2022 09:32:45 GMT
last-modified: Wed, 30 Nov 2022 12:37:22 GMT
etag: W/"63874e82-5abcd"
expires: Sun, 01 Jan 2023 09:32:45 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sZ4WJO05DWhnhugC6bn43UZYe7IQKJifoNMC55798ulB2NVdD0dZew==
age: 176538
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   52180
Md5:    d19482ca561d26aae09bb9a9977c6c29
Sha1:   4c73d5aedb01e4bde41e2960229e5a1f6c742336
Sha256: 45d5298b01d38b803c6b3bc5d88f489e1cc8cb50cd7f4e6e98bd065765c2888c
                                        
                                            GET /static/img/flags/new/48-squared/is/7d644655f895f8e346b964dc18cf5b6608a98d52.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 298
server: nginx
date: Mon, 14 Nov 2022 04:52:02 GMT
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
etag: "5f55f887-12a"
expires: Wed, 14 Dec 2022 04:52:02 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1EZK5bkYnSfRkvSezrqIDdUhjSYajInRDHoC0lHRxqjH_9-OZVk6dQ==
age: 1748582
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Size:   298
Md5:    227c1e1707b8caf0b17266f188b3b099
Sha1:   294b9da49254731a4cb0fe538d9bc8ef44d1dd92
Sha256: e1e54eb27d785ff86901a728964f40183e845b8301f9196e163e5fe919bcfb5f
                                        
                                            GET /static/img/flags/new/48-squared/ph/7048127466891462116ee2774154585fb5607aba.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 663
server: nginx
last-modified: Mon, 07 Sep 2020 10:40:08 GMT
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
date: Sat, 03 Dec 2022 18:41:05 GMT
expires: Mon, 02 Jan 2023 01:43:32 GMT
cache-control: max-age=2592000
etag: "5f560e08-297"
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: egpLIN1tVpZDtkh68FEuQkBWD8IKi7TGX-9DnUVfAA_3hEDvHG8N1Q==
age: 118292
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Size:   663
Md5:    47f9d3fafada1c4125dd5abbef01d314
Sha1:   5e36976caec0396e0847c76c413a0189ff2cbbf6
Sha256: a99fa5dc87d4d9a32c930d644a790c6dfba9073d0a11f6cc000ce599b9ba00c7
                                        
                                            GET /static/img/deals/index_banner_offpeak_2019/ff85a3336bfc2b6ea366be8a2da749fcf7d705fc.jpg HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/jpeg
                                        
content-length: 24141
server: nginx
date: Sat, 12 Nov 2022 06:58:24 GMT
last-modified: Tue, 02 Jul 2019 09:11:32 GMT
etag: "5d1b1fc4-5e4d"
expires: Mon, 12 Dec 2022 06:58:24 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WLql0lQJQjEG4ZGKx4fl-DOXiyuXLLmoU1IvVoGPjV8hGYGi_gowRw==
age: 1913800
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 72x72, segment length 16, Exif Standard: [TIFF image data, big-endian, direntries=1], baseline, precision 8, 350x360, components 3\012- data
Size:   24141
Md5:    f3cd8819554bc770287fc6705a07ae7b
Sha1:   66a1e0a4144a868561496fbcdfe00d6d31d76b0d
Sha256: 00b9909a622cb3c003202b32a9a38dbf36a9754f8889b66b30b1c0460031f41a
                                        
                                            GET /xdata/images/city/square250/644310.webp?k=472fefd4c3c0aef36deb16adb91c965923d8b1078ab29056802f95aead0586bf&o= HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 13014
server: nginx
date: Wed, 09 Nov 2022 06:10:20 GMT
etag: "7220ed60de1e409920095655b5cf6dc4e0d92f39"
expires: Fri, 09 Dec 2022 06:10:20 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kHUhS2E9HU5ppa7yMGwJiTVDBL0d6KrImYsh5S9bzmziUEs2yuEECA==
age: 2175884
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 250x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   13014
Md5:    fc98564e400d3bd17e3f22b13e1b4ac7
Sha1:   504d945f247a1ed9d1e4f68416d2865d6558e5ad
Sha256: b7fa20f8bab44db9578a888fe75778bd6b24331b1f0c81356be50c4fc70157c6
                                        
                                            GET /xdata/images/city/square250/671694.webp?k=cd1e3603afe4edd09f829675efb1cdc9a5925bed25a642bfc4d909602c231624&o= HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 13820
server: nginx
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
date: Sat, 03 Dec 2022 07:28:52 GMT
expires: Sat, 31 Dec 2022 06:03:13 GMT
cache-control: max-age=2592000
etag: "cf950dea43cbc2e84cbf94450df274f733624e2d"
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: u6Ipdh_B0qqibMwC7s0IHxYmYjCliWreqNdk0IMndltwKMMl4qONEA==
age: 275511
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 250x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   13820
Md5:    ae6f21ca1e36bc750e27be252a59c000
Sha1:   c5896a0dba0a94a551569b4cd040897d5bd935da
Sha256: 29c33b1d0971d25f68cee3a5f098598bb0e6246746f62341c066eb3fc53054f9
                                        
                                            GET /xdata/images/city/square250/737551.webp?k=ad4ef19a2b979ef794b56d1901e6937b874b4726a4085d8ddbe795f5c6bfed73&o= HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 11708
server: nginx
date: Sun, 06 Nov 2022 08:46:01 GMT
etag: "0790aacd48db5f0b83aac324e38c6ff05169783c"
expires: Tue, 06 Dec 2022 08:46:01 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Er7O82IWR-jPUkTlrjhgF8_k-0ujizA5ej8eEGg7k3ofqMywh1H1cQ==
age: 2425743
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 250x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   11708
Md5:    443025206af2bd7174de9105a0d54e56
Sha1:   abed2877367f1a8e2ef8fcf107caee4ee915d095
Sha256: b3d2c4aaa4adfa189b01e662ba5674f003db543e55b43e5237a78edb74b523b6
                                        
                                            GET /xdata/images/region/square250/48107.webp?k=bc7ff9cf4d26882ff93f92643455885a88b9b0ae37b9ed109687ad0890af2dfd&o= HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 8182
server: nginx
date: Fri, 25 Nov 2022 12:03:57 GMT
etag: "6d99ecc6af0e84dde4b6593b6495affc93d67fcd"
expires: Sun, 25 Dec 2022 12:03:57 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jqmVr2podLKG0yt4p9wuT-nNl9hNfmlCt71ItsboE3yw6ddy_6OwoA==
age: 772267
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 250x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   8182
Md5:    771aeeaab19a95606d95d745b82c71a5
Sha1:   e0ea1f6e9d3213d1c9dc5776630581343c008efe
Sha256: 34ab25e12e5af40fb0361fbc2791c2b95ca19ff49f723c0670d1536e94167899
                                        
                                            GET /xdata/images/city/square250/930853.webp?k=85cc355550cdcf1ca77d1a7a635f4294e09dee696051866597a63fd7edd7af5a&o= HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 12010
server: nginx
date: Wed, 09 Nov 2022 09:28:09 GMT
etag: "ded732e07d4aa6f26e0071c34cc6945199c35d30"
expires: Fri, 09 Dec 2022 09:28:09 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: so3NKFmrMY3lChXSSsD9A5YB9xbGs5PIMbEy10hM6nYTGT1hoiGw_g==
age: 2164015
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 250x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   12010
Md5:    0867b4a18dd02f341467ac3cd9c87624
Sha1:   6dfa10bfc60382146a1cbdcdeaa1d2bf94ca8fe6
Sha256: abac49fbb301fb90860cc5c950d292473ac3db44a6fc2e62398e61bf2bf7655f
                                        
                                            GET /xdata/images/city/square250/954959.webp?k=37410091e9d0e74278ef7710d594a8ef5882decaf47e8f9a7ca30f9e85bbab75&o= HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 4970
server: nginx
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
date: Sat, 03 Dec 2022 07:28:52 GMT
expires: Mon, 02 Jan 2023 00:51:48 GMT
cache-control: max-age=2592000
etag: "d01d2f7b6c1a58e5ca1d1642dac3763bd18acdf2"
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WDjvatImjer2O81a8G3nQhTxzTpDnX-vGImPuyFISCBexvVMaLjMcg==
age: 121396
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 250x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   4970
Md5:    5f34caad9044fb6b97304bf376740090
Sha1:   d919e1aa423bdce0be6d91885666114f7093ee29
Sha256: 3ca928167fc0c1e2ffe56f5910307f715a69c7080d783492cd41ed1ebda75fd6
                                        
                                            GET /xdata/images/city/square250/967857.webp?k=5733a245dbb186ec0986c0a5c533acc704650d51cdfed7410cf0bcef375e5bc4&o= HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 12264
server: nginx
date: Wed, 09 Nov 2022 00:21:49 GMT
etag: "27586967e639a71d2ce539658f0a6fe60eece616"
expires: Fri, 09 Dec 2022 00:21:49 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UKXL4JRNo89DFooagTvRhEt29H0odtBf3G41kQyKPTC8vevsqqPVug==
age: 2196795
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 250x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   12264
Md5:    57d087e34bf07df0e6df2f13d870f2e2
Sha1:   47462553409d660454e9bee14f3f442d7e757e13
Sha256: d504a989b326836c6718ca6acb3806f60ad3e5a2cc48824a7b1c6d41691e8654
                                        
                                            GET /static/img/flags/24/no/6193a14e4d59f814f46ee6313cdd6e11811abeb3.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 405
server: nginx
date: Thu, 24 Nov 2022 01:31:22 GMT
last-modified: Wed, 10 Apr 2019 11:21:53 GMT
etag: "5cadd1d1-195"
expires: Sat, 24 Dec 2022 01:31:22 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hnwAhImJox-kpPMkRqbvWY6bKdOedbqitk8ejXav-fdnfEgW2uzESg==
age: 896622
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit colormap, non-interlaced\012- data
Size:   405
Md5:    be6379111ab8866c20c123b85af97d42
Sha1:   819ba2a2c986ed6f4ff309661b5c27ac172228df
Sha256: fecd6ef10eb5111323f3b1bb9d8e99e37a881abe33ae37f8e74f046c3634b25f
                                        
                                            GET /static/img/flags/24/fr/c3dafe717a0b4b97e6ddd0d791e8a018d8f96310.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 406
server: nginx
date: Tue, 29 Nov 2022 01:58:29 GMT
last-modified: Wed, 10 Apr 2019 11:21:53 GMT
etag: "5cadd1d1-196"
expires: Thu, 29 Dec 2022 01:58:29 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cDs2Qe-BrE4uVg3f6xHl8MJLe9rPFoUEnd0rxle7kPOZTOjtGMPYdQ==
age: 462995
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit colormap, non-interlaced\012- data
Size:   406
Md5:    6e35d53899b5a1260f946a00b691e0b7
Sha1:   5afcc2cca4ef34005fe1d22784f90b727fceeb08
Sha256: 2fd19cf58102989e49660b27b21605038d4282cf758add4841285c2c17f2dacd
                                        
                                            GET /static/img/flags/24/gb/b2f01d4fd94cb1420fcdbbef62c06ade1026fbbd.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 786
server: nginx
date: Tue, 15 Nov 2022 02:42:58 GMT
last-modified: Wed, 10 Apr 2019 11:21:53 GMT
etag: "5cadd1d1-312"
expires: Thu, 15 Dec 2022 02:42:58 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 32QpmXv7Q_u4_AY-vH7SNp2M87EAY1VRVgsHANBDZ_IYvBaIXsbqBw==
age: 1669926
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit colormap, non-interlaced\012- data
Size:   786
Md5:    b886858d3043782c8760367f40f31187
Sha1:   81bd3c37344c99a7ce8f29f685c770373aa6cc16
Sha256: c4827c36112be1d0773cbf4eb709f4b01b4ab4bc1a79c90aafc4b196c9445393
                                        
                                            GET /static/img/flags/24/es/a14721d7698af5131b08bd34227508c729ab11bc.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 490
server: nginx
date: Fri, 25 Nov 2022 05:38:35 GMT
last-modified: Wed, 10 Apr 2019 11:21:53 GMT
etag: "5cadd1d1-1ea"
expires: Sun, 25 Dec 2022 05:38:35 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LAB3SZGwgf5PJYnOvpsiUiLjTsJicJeIPZS-DR5hHX6Efh81X02Y1Q==
age: 795389
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit colormap, non-interlaced\012- data
Size:   490
Md5:    d2d4c6110399a8b2c4c1ea09b7f8eded
Sha1:   f846d4aee888c73998150452c3bde5ff71f7a0e7
Sha256: 630bbc6535a3d0cee406f52ee3664265adc2eaa51227fb8a3ff5c70af9e79b3a
                                        
                                            GET /static/img/tfl/group_logos/logo_booking/27c8d1832de6a3123b6ee45b59ae2f81b0d9d0d0.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 1628
server: nginx
date: Thu, 10 Nov 2022 01:34:56 GMT
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
etag: "5cadd1d3-65c"
expires: Sat, 10 Dec 2022 01:34:56 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Rd3-EEIQ4Ja-4jMPCYRTt1kgQRQ6k-oMkocch7fon7qV-_8uWAWhfw==
age: 2106008
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 91 x 26, 8-bit/color RGBA, non-interlaced\012- data
Size:   1628
Md5:    3e32efd25ac0214b375fc8a6a32890f2
Sha1:   cd46a79db7e53e19d5869b3cb3e7aa22ee523479
Sha256: 807c8a1b498e17d227cf48a640b778bdc4398a9852493cb2f40bf0f33651d0dd
                                        
                                            GET /static/img/genius-globe-with-badge_desktop/d807514761b3684aedebced9265c5548a063b7a0.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 7455
server: nginx
date: Mon, 28 Nov 2022 16:15:54 GMT
last-modified: Tue, 21 Sep 2021 07:46:56 GMT
etag: "61498df0-1d1f"
expires: Wed, 28 Dec 2022 16:15:54 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4uVnF-hTKOYlwOZtWqdFo8jQPnJ6vL7nCdPXrt90Z-apR2ww_c5lJw==
age: 497950
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 160 x 160, 8-bit colormap, non-interlaced\012- data
Size:   7455
Md5:    06184b155b03a3035384042b32a67174
Sha1:   3458ca2a84896f0f5c39e3fb705b5c51b41c6553
Sha256: b0999281a9703706445e24c253b75e9e36fc0d5d76f01b0842f902b08f00c2dd
                                        
                                            GET /static/img/tfl/group_logos/logo_priceline/f80e129541f2a952d470df2447373390f3dd4e44.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 1591
server: nginx
date: Sun, 27 Nov 2022 09:30:57 GMT
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
etag: "5cadd1d3-637"
expires: Tue, 27 Dec 2022 09:30:57 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: O1QKE-AFLnt6JGiV3fDkduY1p9J1upVsGpkVXOYJ6YKSDL3AlgRRWA==
age: 608647
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 91 x 26, 8-bit colormap, non-interlaced\012- data
Size:   1591
Md5:    b6d0b31340d7a113f63b936e23d06f78
Sha1:   268e3856da737f7e56e679258949ef70ddde47f4
Sha256: 18c62988860a8ffd90bab6376b4fe36a723bd39403c420d3943aa3eb5a0029c5
                                        
                                            GET /static/img/tfl/group_logos/logo_kayak/83ef7122074473a6566094e957ff834badb58ce6.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 1154
server: nginx
date: Fri, 02 Dec 2022 02:22:36 GMT
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
etag: "5cadd1d3-482"
expires: Sun, 01 Jan 2023 02:22:36 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: g-mZROSKYf01fW5-NxcFin12atjRpH2V-CbsF6ZiF3ZcHj-xv8XF2Q==
age: 202348
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 79 x 26, 8-bit/color RGBA, non-interlaced\012- data
Size:   1154
Md5:    6384185cbe9a4f106857a3cb85caea98
Sha1:   0e31a4fe2ce98a8b4fda60687aa71079b4d3a95b
Sha256: 5839f0330821cf08029beddd6d248170da1af16cd7aff253e7bd075d591f5d42
                                        
                                            GET /static/img/tfl/group_logos/logo_agoda/1c9191b6a3651bf030e41e99a153b64f449845ed.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 2146
server: nginx
last-modified: Thu, 12 Mar 2020 10:15:57 GMT
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
date: Sat, 26 Nov 2022 07:21:48 GMT
expires: Mon, 26 Dec 2022 07:21:48 GMT
cache-control: max-age=2592000
etag: "5e6a0bdd-862"
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4hjjF6BWBKlkqoYZ9A_ADy_gozduskGB3ycoGVnU3Y1jxcOBparlxA==
age: 702796
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 70 x 26, 8-bit/color RGBA, non-interlaced\012- data
Size:   2146
Md5:    27e71a5124018e16eae0b8897618623d
Sha1:   d0d54d88b04edfc71f338c19eab9994632bc6ced
Sha256: 1d6e86e59ab7235a8343f494c8e8da6cc02c5a98a75d682401340e6d06935f20
                                        
                                            GET /static/img/flags/24/it/b539a003f197845e447b9d00d91cd74dd57bf3dd.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 436
server: nginx
date: Mon, 07 Nov 2022 04:51:02 GMT
last-modified: Wed, 10 Apr 2019 11:21:53 GMT
etag: "5cadd1d1-1b4"
expires: Wed, 07 Dec 2022 04:51:02 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: I_tSy0ZoejBLulWn3X1opzciKUXrG4DzuYE48CVCgt9Y3UKPTB84Ag==
age: 2353442
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 24 x 24, 8-bit colormap, non-interlaced\012- data
Size:   436
Md5:    1416ab6009ad93f86e9cfc23a54e0c40
Sha1:   0578e45fadd1da2c26a4d5fe814a9239ff5eae97
Sha256: 88bb107350d5324906a2cf2b95847879ecf6bb09502d1186c38daaf15268830f
                                        
                                            GET /static/img/tfl/group_logos/logo_rentalcars/6bc5ec89d870111592a378bbe7a2086f0b01abc4.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 3221
server: nginx
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
date: Tue, 29 Nov 2022 06:36:28 GMT
expires: Wed, 28 Dec 2022 01:05:47 GMT
cache-control: max-age=2592000
etag: "5cadd1d3-c95"
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AqxIjRyMWjiteqH7nfnhjbiNTpG35mJKVjNb8Dy1nT7RkxmXhcl3AA==
age: 552557
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 109 x 26, 8-bit/color RGBA, non-interlaced\012- data
Size:   3221
Md5:    38784d782a29a302dab9135d63aef953
Sha1:   04db0e863a35062a355c4b2ea9585ec83c4ffc3e
Sha256: 8561e200a6a57195e480ed9d893b14579ef6acdeabfbb3fe22b5e4ec9b84b455
                                        
                                            GET /static/img/tfl/group_logos/logo_opentable/a4b50503eda6c15773d6e61c238230eb42fb050d.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 2344
server: nginx
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
date: Sat, 03 Dec 2022 00:31:56 GMT
expires: Mon, 02 Jan 2023 00:31:50 GMT
cache-control: max-age=2592000
etag: "5cadd1d3-928"
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mwYb0ptaj_yKHQAZy9W1K952bjK3YN99HOkmh54FkYhIrNTyRUNhKQ==
age: 122594
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 95 x 26, 8-bit/color RGBA, non-interlaced\012- data
Size:   2344
Md5:    d05a0ab9bf394439a1584a2b0d44db5c
Sha1:   183c28023d3ba3358a7a5df1db887582ae5340ed
Sha256: b23272a9692c4ec3c020935917e9d096490876c976abec1290bd3cc9aae13974
                                        
                                            GET /en/index.en-us.html?aid=2083685&label=638c77d59e2ba903bf1ccb4a&sid=4c2fa4b6679eaa4e9e0e6fdec368f4f7&keep_landing=1&sb_price_type=total& HTTP/1.1 
Host: www.booking.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: _pxhd=SA2RuCPXyGJJRAqLdvk4yizbNxdWtTu2ZRg%252F3-NhcBaR-67U8mdmoY7wxkIILbroc8t3HYgmYeuDBgVgq2l4ZQ%253D%253D%253Ag6ggl8HCMvr3zulw3eCz7evIGBVkp8p4THwvg---16Gjo3JVmQfgQ8kZWzHOs3UMFHEl8JD8gOBHgyziNtcvNQ02XjBL68kKl1487ni4PW0%253D; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbbmD9q%2B5pe3UwXAs1TD8hE3keBzoOyZAfkmIb8CLoW%2F9GbcgrGjT6nS6bEe4b9R9GXmJFHdJN48xbyKrZSko3M2Kp2QJxfgHgqRQoatbaXo9Ccah%2BFLNxaxJqQBZce364hm3wUKeMkbM3xt3Bumcjg9Q2SUv13qhyP%2BkPQAy4A%2FU%3D
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         185.28.222.11
HTTP/1.1 200 OK
content-type: text/html; charset=UTF-8
                                        
server: nginx
date: Sun, 04 Dec 2022 10:35:03 GMT
transfer-encoding: chunked
cache-control: private
vary: Accept-Encoding, User-Agent
content-encoding: br
link: <https://cf.bstatic.com/static/css/gprof_icons_cloudfront_sd.iq_ltr/beb34d6a0e8ed1e0a5a6a79fc03b31730c7dd059.css>; rel=preload; as=style, <https://cf.bstatic.com/static/css/incentives_cloudfront_sd.iq_ltr/200d13c63f1a43e6ecc598ab2da5ed550e4df0ec.css>; rel=preload; as=style, <https://cf.bstatic.com/static/css/index_cloudfront_sd.iq_ltr/fe0a561f22d79e44176b64201d9fcc5073d680b9.css>; rel=preload; as=style, <https://cf.bstatic.com/static/css/main_cloudfront_sd.iq_ltr/571729221c8fdd1b5ac964ce2892c27f9c678bd8.css>; rel=preload; as=style, <https://cf.bstatic.com/static/css/main_exps_cloudfront_sd.iq_ltr/2f016e6d5b41d7c6dcfb6e7fbd4a53c624f25fbd.css>; rel=preload; as=style, <https://cf.bstatic.com/static/css/xp-index-sb_cloudfront_sd.iq_ltr/24d785d9e222142b6e97779ff61f1549ab159dbd.css>; rel=preload; as=style
nel: {"max_age":604800,"report_to":"default"}
report-to: {"group":"default","endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":604800}
set-cookie: _pxhd=m6g1efj16JVVg-l5ZA6kOr4ef1gOEC97oB0aewzz4bQLRc965LdjUhbBQVbtyvO2teAWIuHvtHeUNLP2mG3d1A%253D%253D%253AlKI-OW5eM9Dj7mqPMqRLkpOrRU%252FsFw1FIxkt2Z1MBxB7jiSvJpYBXe9FvWsK835tO4z5HDuKcTx9ltfeHmKpgTOQzud2aKte2xatFRJ4qE8%253D; domain=booking.com; path=/; expires=Mon, 04-Dec-2023 10:35:03 GMT px_init=0; domain=booking.com; expires=Sun, 05-Jan-2076 21:10:06 GMT; SameSite=Strict; secure; HttpOnly bkng_frontend_sese_exp=1; domain=.booking.com; path=/; expires=Tue, 03-Jan-2023 10:35:03 GMT; secure; HttpOnly bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbnmKTRaewPBvwEmRJ9hEbNVY55DVlBNBbriz0rH0rbN8JX3MzXKCqbYatFA8g9t46vG%2Ff2uKx5T5OsR%2BCQ41YdGafpAz6PlCNa73cev0Tt7AURQKgCfiKm5T3GpcmHDJfmFHeyEzwE8aAvnkrLz6nSDv0E%2B75vzWyQ0V%2FGPLTMW4%3D; domain=.booking.com; path=/; expires=Fri, 03-Dec-2027 10:35:03 GMT; Secure; HTTPOnly; SameSite=None
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block


--- Additional Info ---
Magic:  data
Size:   23600
Md5:    33732427eae17faad3950d16a56bd1d4
Sha1:   b71ec639fd23492877892527f81334c568aa5597
Sha256: c93462cc65dbadac1456b7c6428ff3f9e08eba808c7372f420144fa56307b75b
                                        
                                            GET /xdata/images/city/540x270/844103.webp?k=b4ff3d17a962184dfa8823beec573fa3f679306e8b3fa897b901ba0dedb157bd&o= HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 24262
server: nginx
date: Thu, 01 Dec 2022 03:44:03 GMT
etag: "1317bd35f75cb8e92782083593522a0d00ea0b35"
expires: Sat, 31 Dec 2022 03:44:03 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QJL8Vmfn5z-lpkkSITw8YY3dudkUnTiocAVQqxE--XTtCDRIaoSE4g==
age: 283862
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 540x270, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   24262
Md5:    8da231dc5119fa2631196021b5b76b79
Sha1:   acc913dd71a600d59d1485aeaf478217e6efb323
Sha256: 0e422d4bd5462f934cf16f7cf8be46278492bc9f35f4765cbb2382ba9233588c
                                        
                                            GET /static/js/raf_cloudfront_sd/b9e5b0bcf00cff69d910550bedf9b680172d2b89.js HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
date: Sat, 12 Nov 2022 07:12:47 GMT
last-modified: Fri, 16 Sep 2022 13:33:46 GMT
etag: W/"63247b3a-1db04"
expires: Mon, 12 Dec 2022 07:12:47 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2WT5x2302GlA7QHSNhlSl1opkKqlrqnH6mE3RodQtag4K8bUnf9Kyg==
age: 1912937
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   40826
Md5:    ee078dab90b077f7f8bfdc02619f404d
Sha1:   5d4d044057f33205c86986796938ba1c2148104d
Sha256: 613817172e05e751a5b240d97a129ec8225226c50acc21630344631a55c2ed0a
                                        
                                            GET /xdata/images/city/540x270/693535.webp?k=39f09e1a64b76dc38b82fae5e51dd9728a68c06b8a0a26c2e6254a80eb792e72&o= HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 23244
server: nginx
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
date: Sun, 04 Dec 2022 01:01:22 GMT
expires: Tue, 13 Dec 2022 05:56:13 GMT
cache-control: max-age=2592000
etag: "673d2afb190a0526d5660f62be0e691e78ecaea8"
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2upfC7o2klItWekGUHZxkz-3RylORX_rGAvtOZ3b8mmdlGcFAU-TLg==
age: 1831132
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 540x270, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   23244
Md5:    1cf4d8802d8a7c29a1c6a8f84fb42743
Sha1:   f0517ef84d0f9c60d23155359835b7e7f208d000
Sha256: b75539e7d3b58a9a64ecfc01b01c0829392c6ccd991b3a9479c426bba4c4f6ac
                                        
                                            GET /xdata/images/hotel/540x270/65633294.webp?k=13eb1edcf90c9ee12f1f3b130c6435a9ec3175cb0633862a897a10ea25f2f029&o= HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/webp
                                        
content-length: 31426
server: nginx
date: Mon, 07 Nov 2022 21:32:55 GMT
etag: "88b2515442f414c687c54b05d4e7c54fdeae0596"
expires: Wed, 07 Dec 2022 21:32:55 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: f6mG3o5sSCmSBc14d92FNmd8wLlyV0MeAQBONB2Jq0jcxSGWqgXL8A==
age: 2293330
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 540x270, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   31426
Md5:    606367d465fa9ffa8f549514869c322b
Sha1:   7e70beeff754fa21a0946def72031833fee1ea50
Sha256: a4b97277078d575651a3745ddd9a0b4ecdec4c42591e16f2a873f8e680b6dd67
                                        
                                            GET /static/img/genius-banner-world-bg/2b5cdbad7b92073bc396b8b59d0bb421b3a01cba.png HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cf.bstatic.com/static/css/index_cloudfront_sd.iq_ltr/fe0a561f22d79e44176b64201d9fcc5073d680b9.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/png
                                        
content-length: 7367
server: nginx
date: Mon, 07 Nov 2022 15:23:36 GMT
last-modified: Tue, 21 Sep 2021 07:46:56 GMT
etag: "61498df0-1cc7"
expires: Wed, 07 Dec 2022 15:23:36 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sIjX_Fz89c0Z_AnxGsA9hRbUWAlmF_d2_t6s_EDK6TQQs2SHzFA9nA==
age: 2315489
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 520 x 340, 8-bit colormap, non-interlaced\012- data
Size:   7367
Md5:    a2bdd966488047aaa17dcebc5238432b
Sha1:   65c52eeb866eb2acbd183e5fb2dccc5205dbb6bf
Sha256: cfc71dcddda21b32c0ac5ba5322bd41612224261fecdc38cd20a45b6b502457c
                                        
                                            GET /static/img/cross_product_index/accommodation/07ca5cacc9d77a7b50ca3c424ecd606114d9be75.svg HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cf.bstatic.com/static/css/xp-index-sb_cloudfront_sd.iq_ltr/24d785d9e222142b6e97779ff61f1549ab159dbd.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: image/svg+xml
                                        
server: nginx
date: Fri, 04 Nov 2022 11:02:26 GMT
last-modified: Wed, 10 Apr 2019 11:21:51 GMT
etag: W/"5cadd1cf-7f2"
expires: Sun, 04 Dec 2022 11:02:26 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IoYvES92tRvgf0CO0DaujmJLEuN1oGrLz3UoY2JYMeQAYGUtTtvQrQ==
age: 2590359
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1446)
Size:   93929
Md5:    2205c5efc41d91cb69578c365ff4171e
Sha1:   14880011b72f2e4275ee991c851dd9b13f4957d0
Sha256: 5c33d1f92c2e5e05ecb10a7dc8363c3f935097742c7b53d998c935fb312a2e01
                                        
                                            OPTIONS /privacy-consents/implicit HTTP/1.1 
Host: account.booking.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.booking.com/
Origin: https://www.booking.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site

search
                                         54.230.111.55
HTTP/2 204 No Content
                                        
server: envoy
date: Sun, 04 Dec 2022 10:35:05 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.booking.com
access-control-max-age: 1728000
set-cookie: bkng_sso_ses=e30; domain=.booking.com; path=/; expires=Fri, 03-Dec-2027 10:35:05 GMT; secure; HttpOnly bkng_sso_session=e30; domain=.booking.com; path=/; expires=Fri, 03-Dec-2027 10:35:05 GMT; secure; HttpOnly bkng_ap_sso_session=eyJib29raW5nX2dsb2JhbCI6eyJkYXRhX3N1YmplY3RfaWQiOiIxNDg2N2I1NC04YjViLTQyZmMtODZjYi05YzBiMzViODI2ODYiLCJzZXNzaW9ucyI6W119fQ; domain=account.booking.com; path=/; expires=Fri, 03-Dec-2027 10:35:05 GMT; secure; HttpOnly
content-security-policy: report-uri https://nellie.booking.com/csp-report-uri?type=block&tag=42&pid=bd0f4a6cfd5d033d&e=UmFuZG9tSVYkc2RlIyh9YTVpYxb9mtJD3cReeqMXo_5qxpf4W7JwdaPywujlMqYClpEWWnp7GR_-kbA2HXm3PiRWopy3QrKMJMbZhg96Pj4F15TvX2AmS6O-MuirWpTEkB5sZLLqUPswAcqtMH3OKHjjGdhQ_48l; frame-ancestors https://*.booking.com 'self';
content-security-policy-report-only: style-src *.bstatic.com bstatic.com *.static.booking.cn 'self' 'unsafe-inline'; object-src 'none'; connect-src saa.booking.com secure.booking.com reports.booking.com privacyportal-eu.onetrust.com geolocation.onetrust.com cdn.cookielaw.org www.google-analytics.com *.perimeterx.net *.pxchk.net *.px-cdn.net *.px-client.net *.px-cloud.net 'self' 'report-sample'; img-src 'self' data: www.booking.com graph.facebook.com cdn.cookielaw.org account.booking.com *.bstatic.com bstatic.com *.static.booking.cn www.google-analytics.com www.google.com stats.g.doubleclick.net *.px-cloud.net *.perimeterx.net www.gstatic.com; base-uri 'none'; script-src saa.booking.com *.bstatic.com bstatic.com *.static.booking.cn www.google.com www.google-analytics.com cdn.cookielaw.org geolocation.onetrust.com 'self' 'nonce-X4QD90nPLVx3GOq' 'report-sample'; frame-src https://www.youtube.com/embed/Vv4w5SmRkss *.bstatic.com https://www.google.com bstatic.com www.booking.com secure.booking.com paymentcomponent.booking.com 'self'; default-src *.bstatic.com bstatic.com 'self'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=41&pid=bd0f4a6cfd5d033d&e=UmFuZG9tSVYkc2RlIyh9YTVpYxb9mtJD3cReeqMXo_5qxpf4W7JwdaPywujlMqYClpEWWnp7GR_-kbA2HXm3PiRWopy3QrKMJMbZhg96Pj4F15TvX2AmS6O-MuirWpTEkB5sZLLqUPswAcqtMH3OKHjjGdhQ_48l;
strict-transport-security: max-age=17280000
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 db0992ba349fc51d5151ec8330e36c28.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: k9zyznTa9fVq787pWCX0nye6ZOAaFgRd1idEGD6rxN-i5cdXaUm92A==
X-Firefox-Spdy: h2

                                        
                                            GET /logo?ver=1&sid=4c2fa4b6679eaa4e9e0e6fdec368f4f7&t=16701501031 HTTP/1.1 
Host: www.booking.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.booking.com/en/index.en-us.html?aid=2083685&label=638c77d59e2ba903bf1ccb4a&sid=4c2fa4b6679eaa4e9e0e6fdec368f4f7&keep_landing=1&sb_price_type=total&
Connection: keep-alive
Cookie: _pxhd=m6g1efj16JVVg-l5ZA6kOr4ef1gOEC97oB0aewzz4bQLRc965LdjUhbBQVbtyvO2teAWIuHvtHeUNLP2mG3d1A%253D%253D%253AlKI-OW5eM9Dj7mqPMqRLkpOrRU%252FsFw1FIxkt2Z1MBxB7jiSvJpYBXe9FvWsK835tO4z5HDuKcTx9ltfeHmKpgTOQzud2aKte2xatFRJ4qE8%253D; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbnmKTRaewPBvwEmRJ9hEbNVY55DVlBNBbriz0rH0rbN8JX3MzXKCqbYatFA8g9t46vG%2Ff2uKx5T5OsR%2BCQ41YdGafpAz6PlCNa73cev0Tt7AURQKgCfiKm5T3GpcmHDJfmFHeyEzwE8aAvnkrLz6nSDv0E%2B75vzWyQ0V%2FGPLTMW4%3D; bkng_frontend_sese_exp=1; cors_js=1; OptanonConsent=isGpcEnabled=0&datestamp=Sun+Dec+04+2022+10%3A35%3A02+GMT%2B0000+(Coordinated+Universal+Time)&version=6.22.0&isIABGlobal=false&hosts=&consentId=704bcf1a-5c7f-44c6-bbfd-e1f76c160bfa&interactionCount=0&landingPath=https%3A%2F%2Fwww.booking.com%2Fen%2Findex.en-us.html%3Faid%3D2083685%26label%3D638c77d59e2ba903bf1ccb4a%26sid%3D4c2fa4b6679eaa4e9e0e6fdec368f4f7%26keep_landing%3D1%26sb_price_type%3Dtotal%26&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin

search
                                         54.230.111.45
HTTP/2 200 OK
content-type: image/gif
                                        
content-length: 35
server: nginx
date: Sun, 04 Dec 2022 10:35:05 GMT
vary: Accept-Encoding, User-Agent
content-encoding: br
set-cookie: BJS=-; domain=booking.com; expires=Mon, 05-Dec-2022 10:35:05 GMT; Secure; HTTPOnly
strict-transport-security: max-age=604800
content-security-policy-report-only: report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=112&pid=d3a34a6ca06004f0&e=UmFuZG9tSVYkc2RlIyh9YbpBYTW1tHKz-hhsss_26dsBnjvhlBWcje8sc_8oj55f; frame-ancestors 'none';
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 92c4bb210eab82a152000047d3609a02.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sQ0naEu-CIN7mVu-kskravC_dP6MSc-i-tRoDC6m1IuHyqzdwDPAcA==
X-Firefox-Spdy: h2

                                        
                                            POST /c360/v1/track HTTP/1.1 
Host: www.booking.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.booking.com/en/index.en-us.html?aid=2083685&label=638c77d59e2ba903bf1ccb4a&sid=4c2fa4b6679eaa4e9e0e6fdec368f4f7&keep_landing=1&sb_price_type=total&
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Booking-Pageview-Id: c0284a6b729b0685
X-Booking-AID: 2083685
X-Booking-Session-Id: 4c2fa4b6679eaa4e9e0e6fdec368f4f7
X-Booking-SiteType-Id: 1
X-Partner-Channel-Id: 2
X-Booking-Label: 638c77d59e2ba903bf1ccb4a
X-Booking-CSRF: F7CMYwAAAAA=Zm3QY_bR-3L2VDPpZ85uMv6CXDvN-k2xoP3pOgwZOMmZowgRvuOEATGUz1Dx1LHOftCMh7yTnSPim3r2A8o3yNUIJ7IkbzkN0VnKfeWoT-GFoQT2H8bJ_937SfF1GvxF82LXqGlGk5iXTvGApZ1ApTo-Z39lsU0F5xA4lQXefgJL61po0TUaQMgmAcxPAt5qzxGyZI2DZwHN8wMk
X-Booking-Language-Code: en-us
X-Booking-Info: 1639610,1639350|1,1641760,1616480,1638370,1588860,1638430,1628410,1639350|3,1638370|1,1630360,1630600,1625600
X-Requested-With: XMLHttpRequest
Content-Length: 572
Origin: https://www.booking.com
Connection: keep-alive
Cookie: _pxhd=m6g1efj16JVVg-l5ZA6kOr4ef1gOEC97oB0aewzz4bQLRc965LdjUhbBQVbtyvO2teAWIuHvtHeUNLP2mG3d1A%253D%253D%253AlKI-OW5eM9Dj7mqPMqRLkpOrRU%252FsFw1FIxkt2Z1MBxB7jiSvJpYBXe9FvWsK835tO4z5HDuKcTx9ltfeHmKpgTOQzud2aKte2xatFRJ4qE8%253D; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbnmKTRaewPBvwEmRJ9hEbNVY55DVlBNBbriz0rH0rbN8JX3MzXKCqbYatFA8g9t46vG%2Ff2uKx5T5OsR%2BCQ41YdGafpAz6PlCNa73cev0Tt7AURQKgCfiKm5T3GpcmHDJfmFHeyEzwE8aAvnkrLz6nSDv0E%2B75vzWyQ0V%2FGPLTMW4%3D; bkng_frontend_sese_exp=1; cors_js=1; OptanonConsent=isGpcEnabled=0&datestamp=Sun+Dec+04+2022+10%3A35%3A02+GMT%2B0000+(Coordinated+Universal+Time)&version=6.22.0&isIABGlobal=false&hosts=&consentId=704bcf1a-5c7f-44c6-bbfd-e1f76c160bfa&interactionCount=0&landingPath=https%3A%2F%2Fwww.booking.com%2Fen%2Findex.en-us.html%3Faid%3D2083685%26label%3D638c77d59e2ba903bf1ccb4a%26sid%3D4c2fa4b6679eaa4e9e0e6fdec368f4f7%26keep_landing%3D1%26sb_price_type%3Dtotal%26&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin

search
                                         185.28.222.11
HTTP/1.1 200 OK
content-type: application/json; charset=UTF-8
                                        
server: nginx
date: Sun, 04 Dec 2022 10:35:05 GMT
content-length: 33
vary: User-Agent, Accept-Encoding
content-encoding: br
access-control-allow-credentials: true
access-control-allow-origin: https://www.booking.com
set-cookie: bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLblgO%2Fz4BDP5vvXCVnVvmvQ6unIaKUrr4EgTDcAUfn9iJKslgxOjyuTfIpbtosuBe5EinYd8OAeaTkm9TVLRv0I39YcA4hECvIdn%2Bw0Yyifhcqi4YefjsUJdaoPUSwE3J57F2o%2FT45ixEEmfZZ647UvkN7%2FPjbp5SBqWlH9oUzPys%3D; domain=.booking.com; path=/; expires=Fri, 03-Dec-2027 10:35:05 GMT; Secure; HTTPOnly; SameSite=None
strict-transport-security: max-age=604800
x-content-options: nosniff
x-xss-protection: 1; mode=block


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   33
Md5:    42fcc80d879dd35c0bbdd04c1414890b
Sha1:   f1dbf58d1b458f9c50995bb8d84da4a67f2d437b
Sha256: fb87565b58755d257fcf9af5b4b25e0dcfc682adb630dd2a32bbf56b91d2c325
                                        
                                            POST /privacy-consents/implicit HTTP/1.1 
Host: account.booking.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.booking.com/
Content-type: application/json;charset=UTF-8
Content-Length: 36
Origin: https://www.booking.com
Connection: keep-alive
Cookie: _pxhd=m6g1efj16JVVg-l5ZA6kOr4ef1gOEC97oB0aewzz4bQLRc965LdjUhbBQVbtyvO2teAWIuHvtHeUNLP2mG3d1A%253D%253D%253AlKI-OW5eM9Dj7mqPMqRLkpOrRU%252FsFw1FIxkt2Z1MBxB7jiSvJpYBXe9FvWsK835tO4z5HDuKcTx9ltfeHmKpgTOQzud2aKte2xatFRJ4qE8%253D; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbnmKTRaewPBvwEmRJ9hEbNVY55DVlBNBbriz0rH0rbN8JX3MzXKCqbYatFA8g9t46vG%2Ff2uKx5T5OsR%2BCQ41YdGafpAz6PlCNa73cev0Tt7AURQKgCfiKm5T3GpcmHDJfmFHeyEzwE8aAvnkrLz6nSDv0E%2B75vzWyQ0V%2FGPLTMW4%3D; bkng_frontend_sese_exp=1; cors_js=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers

search
                                         54.230.111.55
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
                                        
server: envoy
date: Sun, 04 Dec 2022 10:35:05 GMT
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: POST
access-control-allow-origin: https://www.booking.com
access-control-max-age: 1728000
set-cookie: bkng_sso_session=e30; domain=.booking.com; path=/; expires=Fri, 03-Dec-2027 10:35:05 GMT; secure; HttpOnly bkng_ap_sso_session=eyJib29raW5nX2dsb2JhbCI6eyJzZXNzaW9ucyI6W10sImRhdGFfc3ViamVjdF9pZCI6ImM3OTg1NjMxLWFlMjItNGIxNi04NDdmLTAyN2ZlNjcwNTZlMyJ9fQ; domain=account.booking.com; path=/; expires=Fri, 03-Dec-2027 10:35:05 GMT; secure; HttpOnly bkng_sso_ses=e30; domain=.booking.com; path=/; expires=Fri, 03-Dec-2027 10:35:05 GMT; secure; HttpOnly
content-security-policy: report-uri https://nellie.booking.com/csp-report-uri?type=block&tag=42&pid=c8a84a6cfdf903b5&e=UmFuZG9tSVYkc2RlIyh9YTVpYxb9mtJD3cReeqMXo_5qxpf4W7JwdaPywujlMqYClpEWWnp7GR_-kbA2HXm3PvFWRdnUFAhBYMXFCJXDh48JHUCCGzkjlgOcpV9tqBK3uGnkmEi6P5w0D6h1850uGA3rse8_hEq5; frame-ancestors https://*.booking.com 'self';
content-security-policy-report-only: frame-src https://www.youtube.com/embed/Vv4w5SmRkss *.bstatic.com https://www.google.com bstatic.com www.booking.com secure.booking.com paymentcomponent.booking.com 'self'; base-uri 'none'; default-src *.bstatic.com bstatic.com 'self'; img-src 'self' data: www.booking.com graph.facebook.com cdn.cookielaw.org account.booking.com *.bstatic.com bstatic.com *.static.booking.cn www.google-analytics.com www.google.com stats.g.doubleclick.net *.px-cloud.net *.perimeterx.net www.gstatic.com; object-src 'none'; style-src *.bstatic.com bstatic.com *.static.booking.cn 'self' 'unsafe-inline'; script-src saa.booking.com *.bstatic.com bstatic.com *.static.booking.cn www.google.com www.google-analytics.com cdn.cookielaw.org geolocation.onetrust.com 'self' 'nonce-mGvSfqaWGIVaEv2' 'report-sample'; connect-src saa.booking.com secure.booking.com reports.booking.com privacyportal-eu.onetrust.com geolocation.onetrust.com cdn.cookielaw.org www.google-analytics.com *.perimeterx.net *.pxchk.net *.px-cdn.net *.px-client.net *.px-cloud.net 'self' 'report-sample'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=41&pid=c8a84a6cfdf903b5&e=UmFuZG9tSVYkc2RlIyh9YTVpYxb9mtJD3cReeqMXo_5qxpf4W7JwdaPywujlMqYClpEWWnp7GR_-kbA2HXm3PvFWRdnUFAhBYMXFCJXDh48JHUCCGzkjlgOcpV9tqBK3uGnkmEi6P5w0D6h1850uGA3rse8_hEq5;
strict-transport-security: max-age=17280000
content-encoding: gzip
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 d9fb4c3794a085bb4ee2c5798c2cb1b8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hkUnXKCRQV_GEXLi5fyJ9QzlCOEqjJ5h_bmhSorfclxFEFNBAgDrpQ==
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   2988
Md5:    cea0c53480fa8af4ac2a72db63d90af5
Sha1:   255aa10e683960b465e6dc89f4043b51083f4d28
Sha256: 9a0680dc7cc498fe01a78ca07dea5f6618b5dc52a91ccf7eb0161f7150eb3280
                                        
                                            GET /static/js/async_index_postcards_c360_cloudfront_sd/2f24f2e1b80d43ef2ebc74a5f9807e5a9aff16e6.js HTTP/1.1 
Host: cf.bstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         54.230.111.115
HTTP/2 200 OK
content-type: application/javascript
                                        
server: nginx
last-modified: Thu, 27 Jan 2022 15:00:28 GMT
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
date: Mon, 28 Nov 2022 15:06:29 GMT
expires: Sat, 24 Dec 2022 06:58:13 GMT
cache-control: max-age=2592000
etag: W/"61f2b38c-71f"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 193a8c13b6e0a6b90db7172f6358335e.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6SI_Qg4kBF8zVgw4uaXYycJNA52LqJvOkG94ZFVPNg9WZCi_8hGZ3Q==
age: 877012
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1823), with no line terminators
Size:   2260
Md5:    25a671581d44f35f763c8ca74ab4fc59
Sha1:   09fd59b0feaa661ad66c7c7a822cfd451853bfc1
Sha256: b87144b7efddbd29398f90ad7869bb74e9ed1a37bb24b1c7da467cd5db436c21
                                        
                                            POST /get_handpicked_bh_properties?aid=2083685&label=638c77d59e2ba903bf1ccb4a&sid=4c2fa4b6679eaa4e9e0e6fdec368f4f7&keep_landing=1&sb_price_type=total HTTP/1.1 
Host: www.booking.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.booking.com/en/index.en-us.html?aid=2083685&label=638c77d59e2ba903bf1ccb4a&sid=4c2fa4b6679eaa4e9e0e6fdec368f4f7&keep_landing=1&sb_price_type=total&
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Booking-Pageview-Id: c0284a6b729b0685
X-Booking-AID: 2083685
X-Booking-Session-Id: 4c2fa4b6679eaa4e9e0e6fdec368f4f7
X-Booking-SiteType-Id: 1
X-Partner-Channel-Id: 2
X-Booking-Label: 638c77d59e2ba903bf1ccb4a
X-Booking-CSRF: F7CMYwAAAAA=Zm3QY_bR-3L2VDPpZ85uMv6CXDvN-k2xoP3pOgwZOMmZowgRvuOEATGUz1Dx1LHOftCMh7yTnSPim3r2A8o3yNUIJ7IkbzkN0VnKfeWoT-GFoQT2H8bJ_937SfF1GvxF82LXqGlGk5iXTvGApZ1ApTo-Z39lsU0F5xA4lQXefgJL61po0TUaQMgmAcxPAt5qzxGyZI2DZwHN8wMk
X-Booking-Language-Code: en-us
X-Booking-Client-Info: aaTBNZZJRLESPIDNJDPVBC|1,TDXDPZFRURURYVSGFGZJEHXT|2,TDXDPZFRURURYVSGFGZJEHXT|3,cCHObEfEITNPfbeQMITaSdFaLbFDXFZMIcCcCcCC|6,cCHObOOYKYYaDcOdJeaILYDdKNKNKWe|1,cCHObXKeNJAbINFPIWBccCcCcCC|4,cCHObOOYKYYaDcOdJeaILYDdKNKNKWe|3
X-Booking-Info: 1588860,1616480,1625600,1628410,1630360,1630600,1638370,1638430,1639610,1641760,aaTBNZZJRLESPIDNJDPVBC|1,1639350|1,1639350|3,1638370|1,TDXDPZFRURURYVSGFGZJEHXT|2,TDXDPZFRURURYVSGFGZJEHXT|3,cCHObEfEITNPfbeQMITaSdFaLbFDXFZMIcCcCcCC|6,cCHObOOYKYYaDcOdJeaILYDdKNKNKWe|1,cCHObXKeNJAbINFPIWBccCcCcCC|4,cCHObOOYKYYaDcOdJeaILYDdKNKNKWe|3
X-Requested-With: XMLHttpRequest
Content-Length: 43
Origin: https://www.booking.com
Connection: keep-alive
Cookie: _pxhd=m6g1efj16JVVg-l5ZA6kOr4ef1gOEC97oB0aewzz4bQLRc965LdjUhbBQVbtyvO2teAWIuHvtHeUNLP2mG3d1A%253D%253D%253AlKI-OW5eM9Dj7mqPMqRLkpOrRU%252FsFw1FIxkt2Z1MBxB7jiSvJpYBXe9FvWsK835tO4z5HDuKcTx9ltfeHmKpgTOQzud2aKte2xatFRJ4qE8%253D; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLblgO%2Fz4BDP5vvXCVnVvmvQ6unIaKUrr4EgTDcAUfn9iJKslgxOjyuTfIpbtosuBe5EinYd8OAeaTkm9TVLRv0I39YcA4hECvIdn%2Bw0Yyifhcqi4YefjsUJdaoPUSwE3J57F2o%2FT45ixEEmfZZ647UvkN7%2FPjbp5SBqWlH9oUzPys%3D; bkng_frontend_sese_exp=1; cors_js=1; OptanonConsent=isGpcEnabled=0&datestamp=Sun+Dec+04+2022+10%3A35%3A02+GMT%2B0000+(Coordinated+Universal+Time)&version=6.22.0&isIABGlobal=false&hosts=&consentId=704bcf1a-5c7f-44c6-bbfd-e1f76c160bfa&interactionCount=0&landingPath=https%3A%2F%2Fwww.booking.com%2Fen%2Findex.en-us.html%3Faid%3D2083685%26label%3D638c77d59e2ba903bf1ccb4a%26sid%3D4c2fa4b6679eaa4e9e0e6fdec368f4f7%26keep_landing%3D1%26sb_price_type%3Dtotal%26&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0&implicitConsentCountry=GDPR&implicitConsentDate=1670150103336; BJS=-; bkng_sso_session=e30; bkng_sso_ses=e30
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers