r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 3d0727e32cd103ddd4b73f28c81758aa
197a7bf43d63723fc532c23c6dced68d5cc36652
d3f75d03561d6a47d19370292e821a86e58381466f0c69386a21175de55882ff
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "D3F75D03561D6A47D19370292E821A86E58381466F0C69386A21175DE55882FF"
Last-Modified: Fri, 11 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3133
Expires: Sat, 12 Nov 2022 03:28:48 GMT
Date: Sat, 12 Nov 2022 02:36:35 GMT
Connection: keep-alive
ocsp.digicert.com/
200 OK 471 B IP
Hash 4edf853c470fcec0ab277c78527f3c2d
de93530ce15337e671c488d9fe05e7091d4956f0
b9d7976b398b1243ff8a571ddd3975d3a1317d69101061bdb1a755b3b56620e6
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5496
Cache-Control: max-age=120388
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:36:35 GMT
Etag: "636e247f-1d7"
Expires: Sun, 13 Nov 2022 12:03:03 GMT
Last-Modified: Fri, 11 Nov 2022 10:31:27 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
firefox.settings.services.mozilla.com/v1/
200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash d130218d0e2841f39c99610fe1a2ab90
29fbe1e177ee55c7a61ae0a206afff271cf5f945
6b6d74dccf10c2bc98a91c3388280d7ba1d9596bf8cadd7db0e2f63720b3d152
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Alert, Backoff, Content-Type, Retry-After
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 12 Nov 2022 01:44:07 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3148
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5076aaa9f4ccd602540286ce0590cb9a
bbf7936a8413a564478971d9e19beb6338cbc869
00e3b967c579b0ccf709b78d497a43d95646b16eb50925fef1e2694c58f290b2
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "00E3B967C579B0CCF709B78D497A43D95646B16EB50925FEF1E2694C58F290B2"
Last-Modified: Fri, 11 Nov 2022 09:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=16423
Expires: Sat, 12 Nov 2022 07:10:18 GMT
Date: Sat, 12 Nov 2022 02:36:35 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain
IP
File type PEM certificate\012- , ASCII text
Hash 67d5a988edcda47bc3b3b3f65d32b4b6
d4f0e0da8b3690cc7da925026d3414b68c7d954f
55e4848e3ec682e808ce7ee70950f86179c43af4f81926d826a95edfda395a78
GET /chains/remote-settings.content-signature.mozilla.org-2022-11-19-18-50-54.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: rgb/WV82h5Vl1SGhTYB/sSCMurgiYCbf51RNEpJghmjp1UZgjUdJDVl7dfHYR84VBHSrIcdPQws=
x-amz-request-id: HAHQHJBK5H6033JF
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 12 Nov 2022 01:50:03 GMT
age: 2792
last-modified: Fri, 30 Sep 2022 18:50:55 GMT
etag: "67d5a988edcda47bc3b3b3f65d32b4b6"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
hog.blatnet.com/
200 OK 4.6 kB IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 3a863a60ffa999f9039001f1ac6551cc
3c79ac587e61a6fe1149803636bb722389c57fb4
77b81728be7823a894124ec3054cb0a6303417dc9705abb72e131bcec8893778
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: hog.blatnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Sat, 12 Nov 2022 02:36:35 GMT
content-type: text/html; charset=utf-8
content-length: 4643
vary: Accept-Language
content-language: en
connection: close
contile.services.mozilla.com/v1/tiles
200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 12 Nov 2022 02:36:35 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
hog.blatnet.com/mtm/async/.eJxdi0EOwiAQRe8yy0rApdV4FjMlUyBhAOlYSYx3L1VX7t77L_8FjxrgDAYUYHVLx06VZqpUv-LzIreETF19dnqKKIlE28z7yVoq0pNQE-OFo8JSYrAoISfT9uXQ_leOl_v1qEcVGB0ZXMP8wydNRQ1m-PQTvDeoJDW6:1otgNn:UIUvcfUyvRjYIK-BOohS3mvqXXY/1/
200 OK 459 B URL HTTP/1.1 hog.blatnet.com/mtm/async/.eJxdi0EOwiAQRe8yy0rApdV4FjMlUyBhAOlYSYx3L1VX7t77L_8FjxrgDAYUYHVLx06VZqpUv-LzIreETF19dnqKKIlE28z7yVoq0pNQE-OFo8JSYrAoISfT9uXQ_leOl_v1qEcVGB0ZXMP8wydNRQ1m-PQTvDeoJDW6:1otgNn:UIUvcfUyvRjYIK-BOohS3mvqXXY/1/
IP
File type ASCII text, with very long lines (459), with no line terminators
Hash 71dad34e1c723dcaf826c4c0605f6bf6
34720bdde0cd58fd0d67142efe77dc877a52d2a2
24e47a52aea4c8a78430e7a093c7dc585fe22954c89d1943dde199ff82c903bf
Analyzer Verdict Alert fortinet Malware
GET /mtm/async/.eJxdi0EOwiAQRe8yy0rApdV4FjMlUyBhAOlYSYx3L1VX7t77L_8FjxrgDAYUYHVLx06VZqpUv-LzIreETF19dnqKKIlE28z7yVoq0pNQE-OFo8JSYrAoISfT9uXQ_leOl_v1qEcVGB0ZXMP8wydNRQ1m-PQTvDeoJDW6:1otgNn:UIUvcfUyvRjYIK-BOohS3mvqXXY/1/ HTTP/1.1
Host: hog.blatnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hog.blatnet.com/
Connection: keep-alive
HTTP/1.1 200 OK
server: openresty/1.13.6.1
date: Sat, 12 Nov 2022 02:36:35 GMT
content-type: text/html; charset=utf-8
content-length: 459
x-mtm-path: 0
vary: Accept-Language
content-language: en
set-cookie: mtm_delivered=WyJob2cuYmxhdG5ldC5jb20iLCJodHRwOi8vd3d3MS5ibGF0bmV0LmNvbS8_dG09MSZzdWJpZDQ9MTY2ODIyMDU5NS4wMjg3NTIwMDAwJmt3PW9wdGlvbnMmS1cxPU9ubGluZSUyMENhcmVlciUyMENvdW5zZWxpbmclMjBQcm9ncmFtcyZLVzI9RWxpdGUlMjBEYXRpbmclMjBTZXJ2aWNlcyZLVzM9RWxpdGUlMjBEYXRpbmclMjBTZXJ2aWNlcyZLVzQ9U29jaWFsJTIwTWVkaWElMjBBdXRvbWF0aW9uJTIwTWFya2V0aW5nJTIwU29mdHdhcmUmS1c1PU9ubGluZSUyMENhcmVlciUyMENvdW5zZWxpbmclMjBQcm9ncmFtcyZLVzY9QjJCJTIwVHJhdmVsJTIwQm9va2luZyUyMFN5c3RlbSZLVzc9U29jaWFsJTIwTWVkaWElMjBBdXRvbWF0aW9uJTIwTWFya2V0aW5nJTIwU29mdHdhcmUmS1c4PU9ubGluZSUyMENhcmVlciUyMENvdW5zZWxpbmclMjBQcm9ncmFtcyZLVzk9RWxpdGUlMjBEYXRpbmclMjBTZXJ2aWNlJnNlYXJjaGJveD0wJmJhY2tmaWxsPTAiLDEsIjIwMjItMTEtMTIgMDI6MzY6MzUiLDEsIjE2NjgyMjA1OTUuMDI4NzUyMDAwMCIsMzU1LG51bGwsbnVsbF0:1otgNn:cy-qTk2BFvt72yqRE52CYUn75h0; expires=Sat, 12-Nov-2022 03:36:35 GMT; Max-Age=3600; Path=/
connection: close
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Alert, Last-Modified, Cache-Control, Retry-After, Content-Length, Expires, ETag, Pragma, Backoff, Content-Type
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 12 Nov 2022 01:44:48 GMT
cache-control: public,max-age=3600
age: 3107
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash f7ff606fbc8634c858bbc04b69f55cf6
2441de2cba649239efd0dae7a878d7ef2245c0b4
95154e0dbb7e827b8f893cc141f986c29634ead618256470d753429aa65a0548
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5510
Cache-Control: max-age=115326
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:36:35 GMT
Etag: "636e10ac-1d7"
Expires: Sun, 13 Nov 2022 10:38:41 GMT
Last-Modified: Fri, 11 Nov 2022 09:06:52 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
push.services.mozilla.com/
101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: A/RwgdyFu6facfFoMW1jTQ==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: lObjQGIJQ9MiquvPIQZQCb5a2Z4=
www1.blatnet.com/?tm=1&subid4=1668220595.0287520000&kw=options&KW1=Online%20Career%20Counseling%20Programs&KW2=Elite%20Dating%20Services&KW3=Elite%20Dating%20Services&KW4=Social%20Media%20Automation%20Marketing%20Software&KW5=Online%20Career%20Counseling%20Programs&KW6=B2B%20Travel%20Booking%20System&KW7=Social%20Media%20Automation%20Marketing%20Software&KW8=Online%20Career%20Counseling%20Programs&KW9=Elite%20Dating%20Service&searchbox=0&backfill=0
200 OK 2.5 kB URL HTTP/1.1 www1.blatnet.com/?tm=1&subid4=1668220595.0287520000&kw=options&KW1=Online%20Career%20Counseling%20Programs&KW2=Elite%20Dating%20Services&KW3=Elite%20Dating%20Services&KW4=Social%20Media%20Automation%20Marketing%20Software&KW5=Online%20Career%20Counseling%20Programs&KW6=B2B%20Travel%20Booking%20System&KW7=Social%20Media%20Automation%20Marketing%20Software&KW8=Online%20Career%20Counseling%20Programs&KW9=Elite%20Dating%20Service&searchbox=0&backfill=0
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (2230)
Hash 0de04ef0b4b09717d766065a895970a8
18bb0392d2e8b56bc6cf398119aa7550e347e10b
1ef5b59de3959a230b85ddc7f6572106ff6883e2bcfb7fceebc4fef18dbd416b
GET /?tm=1&subid4=1668220595.0287520000&kw=options&KW1=Online%20Career%20Counseling%20Programs&KW2=Elite%20Dating%20Services&KW3=Elite%20Dating%20Services&KW4=Social%20Media%20Automation%20Marketing%20Software&KW5=Online%20Career%20Counseling%20Programs&KW6=B2B%20Travel%20Booking%20System&KW7=Social%20Media%20Automation%20Marketing%20Software&KW8=Online%20Career%20Counseling%20Programs&KW9=Elite%20Dating%20Service&searchbox=0&backfill=0 HTTP/1.1
Host: www1.blatnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hog.blatnet.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 02:36:36 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Redirect: zeropark_zeroclick
X-Template: tpl_CleanPeppermintBlack_twoclick
X-Language: norwegian
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Content-Encoding: gzip
d38psrni17bvxu.cloudfront.net/scripts/js3.js
200 OK 1.1 kB URL HTTP/1.1 d38psrni17bvxu.cloudfront.net/scripts/js3.js
IP
File type ASCII text, with very long lines (506)
Hash 64b79b43df8fbf2c5d082964b9116a68
dc3c763519baf0f4c32bb60bfc429651a491ea01
c57e9feec209e3ea5eb1d75a1ba6fa277242a3df250055be8446052b51e58637
Analyzer Verdict Alert fortinet Malware
GET /scripts/js3.js HTTP/1.1
Host: d38psrni17bvxu.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.blatnet.com/
HTTP/1.1 200 OK
Content-Type: application/javascript
Content-Length: 1134
Connection: keep-alive
Server: nginx
Date: Fri, 11 Nov 2022 08:20:19 GMT
Last-Modified: Tue, 17 Aug 2021 09:17:22 GMT
Accept-Ranges: bytes
ETag: "611b7ea2-46e"
X-Cache: Hit from cloudfront
Via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
X-Amz-Cf-Pop: OSL50-P1
X-Amz-Cf-Id: zBjZQb3-S9AHhKDOZmP4DAXICEwpInYFcY7eMUB5UN0CcMKRa9YTyw==
Age: 65777
www1.blatnet.com/track.php?domain=blatnet.com&toggle=browserjs&uid=MTY2ODIyMDU5NS44NDI1OjUxNjIyNmNmYWJhODQwYzY5YzM2MGI2ZjI3YTc3MDYzMmIzY2ZiYzE1YzYwZGIyMTQ1NzI0YzFlN2I0Zjc5OGU6NjM2ZjA2YjNjZGIwYg%3D%3D
200 OK 20 B URL HTTP/1.1 www1.blatnet.com/track.php?domain=blatnet.com&toggle=browserjs&uid=MTY2ODIyMDU5NS44NDI1OjUxNjIyNmNmYWJhODQwYzY5YzM2MGI2ZjI3YTc3MDYzMmIzY2ZiYzE1YzYwZGIyMTQ1NzI0YzFlN2I0Zjc5OGU6NjM2ZjA2YjNjZGIwYg%3D%3D
IP
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?domain=blatnet.com&toggle=browserjs&uid=MTY2ODIyMDU5NS44NDI1OjUxNjIyNmNmYWJhODQwYzY5YzM2MGI2ZjI3YTc3MDYzMmIzY2ZiYzE1YzYwZGIyMTQ1NzI0YzFlN2I0Zjc5OGU6NjM2ZjA2YjNjZGIwYg%3D%3D HTTP/1.1
Host: www1.blatnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.blatnet.com/?tm=1&subid4=1668220595.0287520000&kw=options&KW1=Online%20Career%20Counseling%20Programs&KW2=Elite%20Dating%20Services&KW3=Elite%20Dating%20Services&KW4=Social%20Media%20Automation%20Marketing%20Software&KW5=Online%20Career%20Counseling%20Programs&KW6=B2B%20Travel%20Booking%20System&KW7=Social%20Media%20Automation%20Marketing%20Software&KW8=Online%20Career%20Counseling%20Programs&KW9=Elite%20Dating%20Service&searchbox=0&backfill=0
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 02:36:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-Custom-Track: browserjs
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
www1.blatnet.com/ls.php
201 Created 0 B IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Analyzer Verdict Alert fortinet Malware
POST /ls.php HTTP/1.1
Host: www1.blatnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
Content-Length: 2182
Origin: http://www1.blatnet.com
Connection: keep-alive
Referer: http://www1.blatnet.com/?tm=1&subid4=1668220595.0287520000&kw=options&KW1=Online%20Career%20Counseling%20Programs&KW2=Elite%20Dating%20Services&KW3=Elite%20Dating%20Services&KW4=Social%20Media%20Automation%20Marketing%20Software&KW5=Online%20Career%20Counseling%20Programs&KW6=B2B%20Travel%20Booking%20System&KW7=Social%20Media%20Automation%20Marketing%20Software&KW8=Online%20Career%20Counseling%20Programs&KW9=Elite%20Dating%20Service&searchbox=0&backfill=0
HTTP/1.1 201 Created
Date: Sat, 12 Nov 2022 02:36:37 GMT
Content-Type: text/javascript;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
X-Log-Success: 636f06b5890a7d261b3710b1
Charset: utf-8
Access-Control-Allow-Origin: http://www1.blatnet.com
Access-Control-Allow-Methods: POST, OPTIONS
Access-Control-Max-Age: 86400
X-Adblock-Key: MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALquDFETXRn0Hr05fUP7EJT77xYnPmRbpMy4vk8KYiHnkNpednjOANJcaXDXcKQJN0nXKZJL7TciJD8AoHXK158CAwEAAQ==_O0sis4CrGZt/z14z2jJkN3slrHwuB2UW/tO82eW1sL7VZ0qQmEMWy5KkP4VF2faogoUXYSdH/jCbvLts1l8TeQ==
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3311
Expires: Sat, 12 Nov 2022 03:31:48 GMT
Date: Sat, 12 Nov 2022 02:36:37 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3311
Expires: Sat, 12 Nov 2022 03:31:48 GMT
Date: Sat, 12 Nov 2022 02:36:37 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3311
Expires: Sat, 12 Nov 2022 03:31:48 GMT
Date: Sat, 12 Nov 2022 02:36:37 GMT
Connection: keep-alive
r3.o.lencr.org/
200 OK 503 B IP
ASN #20940 Akamai International B.V.
Hash 5823b629e86542b63f4355ec5e67a126
97cbdbbb6b03e6ef7f3f45449245470ad8bd8292
96d8e39efb6eebd1413a4bc0fa6800781f636e70dc0ccadf6a546f26fa022755
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "96D8E39EFB6EEBD1413A4BC0FA6800781F636E70DC0CCADF6A546F26FA022755"
Last-Modified: Thu, 10 Nov 2022 12:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3311
Expires: Sat, 12 Nov 2022 03:31:48 GMT
Date: Sat, 12 Nov 2022 02:36:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffadd7839-d41e-4198-abc2-17384d90e28c.jpeg
200 OK 6.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffadd7839-d41e-4198-abc2-17384d90e28c.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 97c5c44bd44390f0c719f56ecee6d513
1d791a0dadbfbab7c9b377783587ff728b2008d8
5995012d66ee68690d198a0857848077bfe80d88b2f2987a54f2d896461f7275
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffadd7839-d41e-4198-abc2-17384d90e28c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6797
x-amzn-requestid: 3e8b7aaf-8e8a-4a04-8bc0-e18e6044a50a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdM6-F3DIAMFzfQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec1df-3bfa53123a76e84f210fea38;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: zz90ngWySbVf_cXv_HBcQpNfb4MCsTVTl5l5bBPL4MaPXAF4VIifdA==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 989017835f43d594873bde5a7ee7fe5e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:13 GMT
age: 17484
etag: "1d791a0dadbfbab7c9b377783587ff728b2008d8"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg
200 OK 6.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash faa8e3cf2ab3c1d53a1735def5bb7476
ccc1ec5ebb5090c6255dcb1e8899e95cdd91e12f
e81a8fa312ec478871427f1d04ba7fe563573c683809153f75dec8df979d6efe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F073ec866-b693-4f96-82bf-76ba051797c9.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6577
x-amzn-requestid: b4587cfb-6041-453c-9e74-fa35ecd31448
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMjIGHRoAMF26g=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec147-29e7ec741b0e6f6f674aef75;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:23 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: hsMmHIBEt_4cL455goPqDKQVQA75u4oGFbSxsGP_e_0uG7SZmSLBhQ==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 b8c4a4ca04bb1976e020396d211bc8dc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:00:57 GMT
age: 16540
etag: "ccc1ec5ebb5090c6255dcb1e8899e95cdd91e12f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe8955e1-907b-43ed-a437-d4ad1f5fe742.jpeg
200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe8955e1-907b-43ed-a437-d4ad1f5fe742.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 38e32fc94c445ff47da5d2907e61e3a4
c76588ccaf97fdfd6e73833083200cb49a01a4af
e4e3947b2248206c9dacfd35ff5619ca3b3ae56a7bcd565d40ed048839ffa075
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Ffe8955e1-907b-43ed-a437-d4ad1f5fe742.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5478
x-amzn-requestid: c06e47c6-da2a-4a70-af2a-c1268557b913
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdM67FEEIAMF-pA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec1df-0628d00244323ddf727e0b80;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:42:55 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: 3zeJU6wVmWDIbVDBlTYvTh8e78isxbmNC0GKWdKqdI5abbdERoyzpA==
via: 1.1 d1151317ba32afe0e6370fd69fed222e.cloudfront.net (CloudFront), 1.1 89791e6b21b9a30cc51cac1bc51cf098.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:13 GMT
age: 17484
etag: "c76588ccaf97fdfd6e73833083200cb49a01a4af"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash cd5bdc050716bb76afe8090fc81617e7
5109c156b180727767fc03c411190ccc0d3fb5fc
9b13e7838946c6654dda17886c2ca8d42de934acb93f4bddb1008dfa1bd1ea99
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af930b9-b854-4316-8425-07c6aa06477a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 11715
x-amzn-requestid: 20e508bd-6568-4225-9bee-c683a49d44f6
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdMhUHkpIAMFfJg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec13b-7dc726b94a37fc667e2e6646;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:40:11 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Miss from cloudfront
x-amz-cf-id: X3SUo1LP97TxraRav0ftskBhzWkTJInHaS44PW26yloF-dgD-bHBuA==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 d01e7742f82df0bbc1fb681d709ed69c.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:45:12 GMT
etag: "5109c156b180727767fc03c411190ccc0d3fb5fc"
content-type: image/jpeg
age: 17485
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbae1f7e5-4deb-446b-bef2-d4185563f449.jpeg
200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbae1f7e5-4deb-446b-bef2-d4185563f449.jpeg
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 43e4308988c320212eab6fb4d27c215e
2c2503ca7de1a0c9a4224131f9b0e4b990f7efcd
56efcb5d90ed224301384c850ec2f11317c2426fdc8ed6f88a211bbb75e6871e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fbae1f7e5-4deb-446b-bef2-d4185563f449.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12578
x-amzn-requestid: 60fda47c-9518-4ab3-8f94-4e925f0b6773
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdM8iHeHoAMFQFQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec1e9-62597e7b5c0f3b6b1e53bcce;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:05 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: FSquX2GRcCI4_Onwfi5qm_oBKl5EvL1RZJO84zJgyoEr7tPVTMy9dQ==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 91356d2137f5a7345e93da4516c49ec4.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 21:43:47 GMT
age: 17570
etag: "2c2503ca7de1a0c9a4224131f9b0e4b990f7efcd"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp
200 OK 9.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp
IP
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 516f1bfefb1c1a737ea2441f85343b32
0cc22d7bf9092fb30f31e2ca8f242c197b891669
733824d4f6f7c5b54ce4e02ecaf152cfc1e10f3f6a801d7e2c55a02460e40087
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F60d4e929-d0bb-41b7-bdcd-0e67258b428a.webp HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 9012
x-amzn-requestid: 83eac9e7-5387-4e11-9769-182fa3f7fffb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: bdNC6FxzoAMF80w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-636ec212-5ca277b90a5a9a4c437edc1e;Sampled=0
x-amzn-remapped-date: Fri, 11 Nov 2022 21:43:46 GMT
x-amz-cf-pop: HIO50-C1, SEA73-P1
x-cache: Hit from cloudfront
x-amz-cf-id: PrJoEROPymrtc0egNlWRoOMjohiCo3zReD01qAHwByaSiXarfRS0XQ==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 6396e88c437c096ef98930ce29f731a2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 11 Nov 2022 22:00:43 GMT
age: 16554
etag: "0cc22d7bf9092fb30f31e2ca8f242c197b891669"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www1.blatnet.com/favicon.ico
200 OK 0 B URL HTTP/1.1 www1.blatnet.com/favicon.ico
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www1.blatnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.blatnet.com/?tm=1&subid4=1668220595.0287520000&kw=options&KW1=Online%20Career%20Counseling%20Programs&KW2=Elite%20Dating%20Services&KW3=Elite%20Dating%20Services&KW4=Social%20Media%20Automation%20Marketing%20Software&KW5=Online%20Career%20Counseling%20Programs&KW6=B2B%20Travel%20Booking%20System&KW7=Social%20Media%20Automation%20Marketing%20Software&KW8=Online%20Career%20Counseling%20Programs&KW9=Elite%20Dating%20Service&searchbox=0&backfill=0
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 02:36:37 GMT
Content-Type: image/x-icon
Content-Length: 0
Connection: keep-alive
Server: nginx
Last-Modified: Tue, 12 May 2020 14:25:52 GMT
ETag: "5ebab1f0-0"
Accept-Ranges: bytes
www1.blatnet.com/track.php?click=7734c042495d131ef4c95617c4712d5c9f446293&domain=blatnet.com&uid=MTY2ODIyMDU5NS44NDI1OjUxNjIyNmNmYWJhODQwYzY5YzM2MGI2ZjI3YTc3MDYzMmIzY2ZiYzE1YzYwZGIyMTQ1NzI0YzFlN2I0Zjc5OGU6NjM2ZjA2YjNjZGIwYg%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2MzZmMDZiM2NkYWU4fHx8MTY2ODIyMDU5Ni4yMzU0fGUxMmIwZTc4M2M5MDZhN2QyMDljNDhlNjFmYTM3MDAyZmY1NmIzOTR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXwyMGZmNmQ1YjExNTc2YjA1NDQ1NzRkMzZkN2E4M2MzZDM2ZGE5Y2ZmfDB8ZHAtdGVhbWludGVybmV0MTJfM3BofDB8MA%3D%3D&kw=&search=&pcat=&rxid=&bucket=&clientID=&adtest=off
200 OK 20 B URL HTTP/1.1 www1.blatnet.com/track.php?click=7734c042495d131ef4c95617c4712d5c9f446293&domain=blatnet.com&uid=MTY2ODIyMDU5NS44NDI1OjUxNjIyNmNmYWJhODQwYzY5YzM2MGI2ZjI3YTc3MDYzMmIzY2ZiYzE1YzYwZGIyMTQ1NzI0YzFlN2I0Zjc5OGU6NjM2ZjA2YjNjZGIwYg%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2MzZmMDZiM2NkYWU4fHx8MTY2ODIyMDU5Ni4yMzU0fGUxMmIwZTc4M2M5MDZhN2QyMDljNDhlNjFmYTM3MDAyZmY1NmIzOTR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXwyMGZmNmQ1YjExNTc2YjA1NDQ1NzRkMzZkN2E4M2MzZDM2ZGE5Y2ZmfDB8ZHAtdGVhbWludGVybmV0MTJfM3BofDB8MA%3D%3D&kw=&search=&pcat=&rxid=&bucket=&clientID=&adtest=off
IP
Hash a4745abc5e7fdb89cc6df3069f3c6e69
74789f7ddbebd5b7323f6f8174005b4bf8c1f1ed
d1111b245f685176180e6f1631e6dc49badf6672368e9ce260c71355165effdf
GET /track.php?click=7734c042495d131ef4c95617c4712d5c9f446293&domain=blatnet.com&uid=MTY2ODIyMDU5NS44NDI1OjUxNjIyNmNmYWJhODQwYzY5YzM2MGI2ZjI3YTc3MDYzMmIzY2ZiYzE1YzYwZGIyMTQ1NzI0YzFlN2I0Zjc5OGU6NjM2ZjA2YjNjZGIwYg%3D%3D&ts=fENsZWFuUGVwcGVybWludEJsYWNrfHw1Y2U4NHxidWNrZXQwMTF8fHx8fHw2MzZmMDZiM2NkYWU4fHx8MTY2ODIyMDU5Ni4yMzU0fGUxMmIwZTc4M2M5MDZhN2QyMDljNDhlNjFmYTM3MDAyZmY1NmIzOTR8fHx8fDF8fDB8MHx8fHwxfHx8fHwwfDB8fHx8fHx8fHx8MHwwfHwwfHx8MHwwfFcxMD18fDF8VzEwPXwyMGZmNmQ1YjExNTc2YjA1NDQ1NzRkMzZkN2E4M2MzZDM2ZGE5Y2ZmfDB8ZHAtdGVhbWludGVybmV0MTJfM3BofDB8MA%3D%3D&kw=&search=&pcat=&rxid=&bucket=&clientID=&adtest=off HTTP/1.1
Host: www1.blatnet.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.blatnet.com/?tm=1&subid4=1668220595.0287520000&kw=options&KW1=Online%20Career%20Counseling%20Programs&KW2=Elite%20Dating%20Services&KW3=Elite%20Dating%20Services&KW4=Social%20Media%20Automation%20Marketing%20Software&KW5=Online%20Career%20Counseling%20Programs&KW6=B2B%20Travel%20Booking%20System&KW7=Social%20Media%20Automation%20Marketing%20Software&KW8=Online%20Career%20Counseling%20Programs&KW9=Elite%20Dating%20Service&searchbox=0&backfill=0
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 02:36:37 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: nginx
Vary: Accept-Encoding
X-View-Match: true
Accept-CH: viewport-width, dpr, device-memory, rtt, downlink, ect, ua, ua-full-version, ua-platform, ua-platform-version, ua-arch, ua-model, ua-mobile
Accept-CH-Lifetime: 30
Access-Control-Allow-Origin: *
Content-Encoding: gzip
dipaka-ead.com/zcvisitor/d3d2ae47-6232-11ed-af0a-12479a1c4e5b/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=69448440-0fb4-11eb-bafe-0afaf647e889
200 1.1 kB URL HTTP/1.1 dipaka-ead.com/zcvisitor/d3d2ae47-6232-11ed-af0a-12479a1c4e5b/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=69448440-0fb4-11eb-bafe-0afaf647e889
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 1cd47b90a7ddea4772e288bb230fa3b4
7c7206dc2c0f06e8dc1a86f20df3ecd445b40b16
d82c9ae551642bf270993d40e4edcc493678d2cd15650eec52b8a43d5c177c31
GET /zcvisitor/d3d2ae47-6232-11ed-af0a-12479a1c4e5b/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=69448440-0fb4-11eb-bafe-0afaf647e889 HTTP/1.1
Host: dipaka-ead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www1.blatnet.com/
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Sat, 12 Nov 2022 02:36:37 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: HmtapZKB
dipaka-ead.com/zcredirect?visitid=d3d2ae47-6232-11ed-af0a-12479a1c4e5b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
200 628 B URL HTTP/1.1 dipaka-ead.com/zcredirect?visitid=d3d2ae47-6232-11ed-af0a-12479a1c4e5b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash f44fb25989b83bf767abf532dcf6fbee
eda1e2b88caa4f2ec0a9267439f42027b68e2d34
acad2c1f84d1d53ea54d91622ef8ef63f5ce215f479efb62f44f5097f7f71aba
GET /zcredirect?visitid=d3d2ae47-6232-11ed-af0a-12479a1c4e5b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: dipaka-ead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dipaka-ead.com/zcvisitor/d3d2ae47-6232-11ed-af0a-12479a1c4e5b/85aefdc2-9ed0-48aa-922d-60f9f9fc0f2d?campaignid=69448440-0fb4-11eb-bafe-0afaf647e889
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Sat, 12 Nov 2022 02:36:37 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: NMZlbpMu
ocsp.digicert.com/
200 OK 471 B IP
Hash db967ed5e9ff5a028fd9831d90b31306
f78cb9e40d89770167cbf640b7e3fa5272f27da7
12bcc3674a56b2cd71199df1cecadb071e443b339f15da8b02c68b1cb8030903
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4246
Cache-Control: max-age=86016
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:36:37 GMT
Etag: "636da31f-1d7"
Expires: Sun, 13 Nov 2022 02:30:13 GMT
Last-Modified: Fri, 11 Nov 2022 01:19:27 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
ocsp.digicert.com/
200 OK 471 B IP
Hash 94d72207ed3df7b0b69da725fea6d2b3
a82e62154a50802b0037125955360642e1cd7200
b6a4cdf206a626f1e5b91fd63f5ab4c5a0ca77ef8f319501cbe81ecfe9f6ecd0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5990
Cache-Control: max-age=160087
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:36:37 GMT
Etag: "636ebda6-1d7"
Expires: Sun, 13 Nov 2022 23:04:44 GMT
Last-Modified: Fri, 11 Nov 2022 21:24:54 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
bit.ly/2zkHJsK?utm_content=charlie-old-kgjy4d4mm5&utm_keyword=online+career+counseling+programs%2Celite+dating+services%2Csocial+media+automation+marketing+software%2Cb2b+travel+booking+system%2Celite+dating+service
301 Moved Permanently 133 B URL HTTP/2 bit.ly/2zkHJsK?utm_content=charlie-old-kgjy4d4mm5&utm_keyword=online+career+counseling+programs%2Celite+dating+services%2Csocial+media+automation+marketing+software%2Cb2b+travel+booking+system%2Celite+dating+service
IP
ASN #396982 GOOGLE-CLOUD-PLATFORM
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash fac4f22819054b3bcc5318fbd82717e5
007e7754ba5b50b781cbcd63fc47142b2d7fba58
0a833b8649fca4d9cdc9d9ba7683ec8971f2a6538a64d5b658946331a7d4e931
GET /2zkHJsK?utm_content=charlie-old-kgjy4d4mm5&utm_keyword=online+career+counseling+programs%2Celite+dating+services%2Csocial+media+automation+marketing+software%2Cb2b+travel+booking+system%2Celite+dating+service HTTP/1.1
Host: bit.ly
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://dipaka-ead.com/
Cookie: _bit=m4n70G-fbf313ce899bb62166-00t
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 301 Moved Permanently
server: nginx
date: Sat, 12 Nov 2022 02:36:37 GMT
content-type: text/html; charset=utf-8
content-length: 133
cache-control: private, max-age=90
location: https://www.booking.com/index.html?aid=1858279
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 471 B IP
Hash db967ed5e9ff5a028fd9831d90b31306
f78cb9e40d89770167cbf640b7e3fa5272f27da7
12bcc3674a56b2cd71199df1cecadb071e443b339f15da8b02c68b1cb8030903
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4246
Cache-Control: max-age=86016
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:36:37 GMT
Etag: "636da31f-1d7"
Expires: Sun, 13 Nov 2022 02:30:13 GMT
Last-Modified: Fri, 11 Nov 2022 01:19:27 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
dipaka-ead.com/favicon.ico
404 653 B URL HTTP/1.1 dipaka-ead.com/favicon.ico
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: dipaka-ead.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dipaka-ead.com/zcredirect?visitid=d3d2ae47-6232-11ed-af0a-12479a1c4e5b&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
HTTP/1.1 404
Date: Sat, 12 Nov 2022 02:36:37 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: XiTkRefH
ocsp.digicert.com/
200 OK 471 B IP
Hash 94d72207ed3df7b0b69da725fea6d2b3
a82e62154a50802b0037125955360642e1cd7200
b6a4cdf206a626f1e5b91fd63f5ab4c5a0ca77ef8f319501cbe81ecfe9f6ecd0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 5990
Cache-Control: max-age=160087
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:36:37 GMT
Etag: "636ebda6-1d7"
Expires: Sun, 13 Nov 2022 23:04:44 GMT
Last-Modified: Fri, 11 Nov 2022 21:24:54 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 471
cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/OtAutoBlock.js
200 OK 6.7 kB URL HTTP/2 cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/OtAutoBlock.js
IP
File type ASCII text, with very long lines (37276)
Hash 7a162a3385ec2f2fbe0be1fdd55afde3
5a37630a30526266cdaa387a32f50f20bae5ffd3
f6143442002776683e3fe10ee2b1aa2fa3d3fba2e491ea7eb1044591adb8c515
GET /consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/OtAutoBlock.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:36:38 GMT
content-type: application/x-javascript
content-length: 6671
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: ehYqM4XsLy++C+H91Vr94w==
last-modified: Thu, 29 Sep 2022 08:34:29 GMT
etag: 0x8DAA1F56D1BE371
x-ms-request-id: b230c9bc-701e-015d-01de-d36eb7000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 2752
expires: Sun, 13 Nov 2022 02:36:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 768be1946a7fb505-OSL
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/js/crossorigin_check_cft/2454015045ef79168d452ff4e7f30bdadff0aa81.js
200 OK 95 B URL HTTP/2 t-cf.bstatic.com/static/js/crossorigin_check_cft/2454015045ef79168d452ff4e7f30bdadff0aa81.js
IP
File type ASCII text, with no line terminators
Hash 335be8900580e9c3875dba57334294ae
a86597d2ddfa410df13bceca86fdf9a2291fe798
8a882fd19a15567e53a5c3c08d22cdab714fa87734ed92d854c4e8fdf3940b1f
GET /static/js/crossorigin_check_cft/2454015045ef79168d452ff4e7f30bdadff0aa81.js HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
content-length: 95
server: nginx
date: Thu, 03 Nov 2022 07:39:41 GMT
last-modified: Wed, 10 Apr 2019 11:21:38 GMT
etag: "5cadd1c2-5f"
expires: Sat, 03 Dec 2022 07:39:41 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TJXUMLez19AGLoaZUhRj2AWhDSK1R8A_z3kR8xUBKNlvYuo4J2vdkg==
age: 759417
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/otSDKStub.js
200 OK 7.2 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/otSDKStub.js
IP
File type ASCII text, with very long lines (21747)
Hash 1cdc786dd1264609f9834f4aba53e2ef
fff15e833ab27c356e7723dce3441e194b6350bf
70768bac474def6b0ed3e517083dd9c2f1ae3f0fe714ea550c406ce89906adc9
GET /scripttemplates/otSDKStub.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:36:38 GMT
content-type: application/javascript
content-length: 7151
content-encoding: gzip
content-md5: HNx4bdEmRgn5g09KulPi7w==
last-modified: Thu, 10 Nov 2022 22:15:45 GMT
etag: 0x8DAC3691D5A9489
x-ms-request-id: 69d9ff0c-501e-00cd-6162-f5bdae000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 2845
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 768be194db4eb505-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/3ea94870-d4b1-483a-b1d2-faf1d982bb31.json
200 OK 2.0 kB URL HTTP/2 cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/3ea94870-d4b1-483a-b1d2-faf1d982bb31.json
IP
File type JSON data\012- , ASCII text, with very long lines (6106), with no line terminators
Hash 39f38f3bfc0a07ae0cd95267c2f99d73
14b3e0265838d752d5096aef22e223003091b976
4982c65156112674be92fcc6c29caf850639a39f58629a98f351302ce00941c4
GET /consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/3ea94870-d4b1-483a-b1d2-faf1d982bb31.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:36:38 GMT
content-type: application/x-javascript
content-length: 1966
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: OfOPO/wKB64M2VJnwvmdcw==
last-modified: Thu, 29 Sep 2022 08:34:29 GMT
etag: 0x8DAA1F56CF09415
x-ms-request-id: ce7485a4-101e-000d-3dde-d337ea000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 2767
expires: Sun, 13 Nov 2022 02:36:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 768be1951b64b505-OSL
X-Firefox-Spdy: h2
ocsp.digicert.com/
200 OK 278 B IP
Hash c53af63388577508c33932afe95aec04
7232ab9848e293c8f4ee5f5335c7f2910819d04c
22c885d0423b55c8ec0b1b5ab81e40e5236bcf0085040d5a882ba5d7967c71e8
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 6057
Cache-Control: max-age=126330
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:36:38 GMT
Etag: "636e3987-116"
Expires: Sun, 13 Nov 2022 13:42:08 GMT
Last-Modified: Fri, 11 Nov 2022 12:01:11 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 278
cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js
200 OK 76 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.22.0/otBannerSdk.js
IP
File type ASCII text, with very long lines (65455)
Hash 523e98a35ea92fd6e6d32d6728a8c98e
e0951a7bfa0700679aa41a03394286723e697d93
a746202b022948dfc0461cf24b3be5b01d0c08b924b23545f3cba6e2d15b41a9
GET /scripttemplates/6.22.0/otBannerSdk.js HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:36:38 GMT
content-type: application/javascript
content-length: 75930
content-encoding: gzip
content-md5: Uj6Yo16pL9bm0y1nKKjJjg==
last-modified: Thu, 19 Aug 2021 02:39:18 GMT
etag: 0x8D962BA8ADAEF03
x-ms-request-id: 18163f5d-b01e-0083-086c-c4784b000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 2811
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 768be195cbbdb505-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/28fe90b0-2a5a-4cf9-8e33-f3878e80e202/en-us.json
200 OK 18 kB URL HTTP/2 cdn.cookielaw.org/consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/28fe90b0-2a5a-4cf9-8e33-f3878e80e202/en-us.json
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (65508), with no line terminators
Hash 7f16e40ce3eb729de2cd642eb8ab4984
90f3968bd0e0afd9329b4858f3a6e2954a0b290b
8ce84bcd36f7922545956c7aa3889234aaf5e843ec7f0e8875fc99c4bcfd201d
GET /consent/3ea94870-d4b1-483a-b1d2-faf1d982bb31/28fe90b0-2a5a-4cf9-8e33-f3878e80e202/en-us.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:36:38 GMT
content-type: application/x-javascript
content-length: 18222
cache-control: public, max-age=86400
content-encoding: gzip
content-md5: fxbkDOPrcp3izWQuuKtJhA==
last-modified: Thu, 29 Sep 2022 08:35:11 GMT
etag: 0x8DAA1F58645F23C
x-ms-request-id: 1ec73252-a01e-00be-38de-d3cd6d000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Cache-Control,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cf-cache-status: HIT
age: 85934
expires: Sun, 13 Nov 2022 02:36:38 GMT
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 768be1963c07b505-OSL
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.22.0/assets/otFlat.json
200 OK 3.0 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.22.0/assets/otFlat.json
IP
File type JSON data\012- , ASCII text, with very long lines (10843)
Hash 792fef665863081a7642f10bc7b22b49
f30de5899ad8675a26c5a1688c543e7044bce0ab
af415b02ce1afa491d86bd1fafa2416302d69906ded37715ca425b6778cd7d9c
GET /scripttemplates/6.22.0/assets/otFlat.json HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:36:38 GMT
content-type: application/json
content-length: 2950
content-encoding: gzip
content-md5: eS/vZlhjCBp2QvELx7IrSQ==
last-modified: Thu, 19 Aug 2021 02:39:10 GMT
etag: 0x8D962BA867F281F
x-ms-request-id: 1ab7d2f4-a01e-003d-026c-c46dc0000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Content-Encoding,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 2449
accept-ranges: bytes
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 768be1966c26b505-OSL
X-Firefox-Spdy: h2
t-cf.bstatic.com/psb/capla/static/css/736.6d8c9c3c.chunk.css
200 OK 852 B URL HTTP/2 t-cf.bstatic.com/psb/capla/static/css/736.6d8c9c3c.chunk.css
IP
File type ASCII text, with very long lines (738)
Hash 7a373db1d52f9aecd313d2e91e36aae3
4a69e416f297d2186f1580bbd0e996a9d3b932e5
4a8eebe3cc8acedc73afe8b068140753dd564e94dc3feb049a9d354638cd94bb
GET /psb/capla/static/css/736.6d8c9c3c.chunk.css HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 852
server: nginx
date: Sun, 30 Oct 2022 03:39:47 GMT
etag: "7a373db1d52f9aecd313d2e91e36aae3"
x-amz-meta-x-deployment-hash: foo
x-amz-server-side-encryption: AES256
last-modified: Thu, 02 Jun 2022 10:36:44 GMT
x-amz-expiration: expiry-date="Fri, 30 Sep 2022 10:36:44 GMT", rule-id=""
expires: Tue, 29 Nov 2022 03:39:47 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _q3Bm-Alb4-_BP_grJgES98nZh5zN1EP9nIGcCKLelukVrRCqzASJQ==
age: 1119412
X-Firefox-Spdy: h2
t-cf.bstatic.com/psb/capla/static/css/541.60bd0f47.chunk.css
200 OK 349 B URL HTTP/2 t-cf.bstatic.com/psb/capla/static/css/541.60bd0f47.chunk.css
IP
Hash 3463768f1eada6681938129f4ac1f0cd
0e94fd7afdcf474745329e76795462278d22fb79
9ce1783fb0eb2bffa218d02d92cd320087f6bb3132dbf1e20b3443a87306412b
GET /psb/capla/static/css/541.60bd0f47.chunk.css HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
content-length: 349
server: nginx
date: Wed, 09 Nov 2022 03:01:48 GMT
etag: "3463768f1eada6681938129f4ac1f0cd"
x-amz-meta-x-deployment-hash: foo
x-amz-server-side-encryption: AES256
last-modified: Tue, 01 Nov 2022 10:18:55 GMT
x-amz-expiration: expiry-date="Wed, 01 Mar 2023 10:18:55 GMT", rule-id=""
expires: Fri, 09 Dec 2022 03:01:48 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sZkHuI4BDm4R4spqsxfyP-mTfxORZKiumglSfAuHvPz47GK7BgPHJA==
age: 257691
X-Firefox-Spdy: h2
t-cf.bstatic.com/psb/capla/static/css/579.534ee6de.chunk.css
200 OK 2.3 kB URL HTTP/2 t-cf.bstatic.com/psb/capla/static/css/579.534ee6de.chunk.css
IP
File type ASCII text, with very long lines (5711)
Hash 03523b21db409034bc401ed72952ddf9
1f9e1ea3cb242be9e18cddf6ccc0edf0f5f26a21
a241c3c86589b92e5aa003a3d00e390a4c6145ff27594a7882ad032d2381f8e2
GET /psb/capla/static/css/579.534ee6de.chunk.css HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Wed, 09 Nov 2022 03:01:48 GMT
etag: W/"694ab61c354e799838488c1253971703"
x-amz-meta-x-deployment-hash: foo
x-amz-server-side-encryption: AES256
last-modified: Thu, 03 Nov 2022 14:56:30 GMT
x-amz-expiration: expiry-date="Fri, 03 Mar 2023 14:56:30 GMT", rule-id=""
expires: Fri, 09 Dec 2022 03:01:48 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: F61-tVe92T4gjV0Zm827pV_Vo0BqHNBOOwH0DZJWNhm9zKmjwaeKqw==
age: 257691
X-Firefox-Spdy: h2
geolocation.onetrust.com/cookieconsentpub/v1/geo/location
200 OK 610 B URL HTTP/2 geolocation.onetrust.com/cookieconsentpub/v1/geo/location
IP
Hash f6f8a0e5c1975d1f9c9cbba65291bcc8
b9d35f5bc31e14efc9fbf9d5e4b8b769190cf900
8c32a31a36fc976b657a6782b9ad6c0c9541a596853497cc00443359982a7fb5
GET /cookieconsentpub/v1/geo/location HTTP/1.1
Host: geolocation.onetrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:36:38 GMT
content-type: application/json
access-control-allow-origin: *
access-control-allow-headers: Content-Type
access-control-allow-methods: GET, OPTIONS
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 768be195a91ab4f4-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
t-cf.bstatic.com/psb/capla/static/css/513.67992ef6.chunk.css
200 OK 1.4 kB URL HTTP/2 t-cf.bstatic.com/psb/capla/static/css/513.67992ef6.chunk.css
IP
File type ASCII text, with very long lines (4139)
Hash 14f81fd590f2d59887731e6cf5c42b3e
c6aba30bf2d7ebbcd4d5321e42bc7f6739e6b4e0
a4f3f3000b604e293ba4cf4f6d9bd80d7ec0fcbbb9fc2badd8c8f185574a021b
GET /psb/capla/static/css/513.67992ef6.chunk.css HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Sat, 05 Nov 2022 03:32:16 GMT
etag: W/"fd62035d6489dce6fa68bb70d6449135"
x-amz-meta-x-deployment-hash: foo
x-amz-server-side-encryption: AES256
last-modified: Thu, 02 Jun 2022 10:36:44 GMT
x-amz-expiration: expiry-date="Fri, 30 Sep 2022 10:36:44 GMT", rule-id=""
expires: Mon, 05 Dec 2022 03:32:16 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Qp43Z1o0ZQrrFvs0jcCIrnLyCZ6FQqaQmRhyjAWZmyEQrl3UEvNYEw==
age: 601463
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/flags/new/48-squared/nl/65e3bcc466c4026a08bdb2671799ca26c3228d19.png
200 OK 133 B URL HTTP/2 t-cf.bstatic.com/static/img/flags/new/48-squared/nl/65e3bcc466c4026a08bdb2671799ca26c3228d19.png
IP
File type PNG image data, 48 x 48, 4-bit colormap, non-interlaced\012- data
Hash d71004d18912ce962c083e4761b4edee
79aacce102a007f191df0fe753117764c1381d87
d5d5badb50d07fe792765fc98388901290efc2cd2014b1afe513321acaa6710f
GET /static/img/flags/new/48-squared/nl/65e3bcc466c4026a08bdb2671799ca26c3228d19.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 133
server: nginx
date: Mon, 07 Nov 2022 07:13:42 GMT
last-modified: Mon, 07 Sep 2020 10:40:08 GMT
etag: "5f560e08-85"
expires: Wed, 07 Dec 2022 07:13:42 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: zxZQ6HUUj45YHwnyhLXpBp7HcuHb-YEVaG4qgZw-7v51Ynqc2Y0DFw==
age: 415377
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/flags/new/48-squared/fr/c48bc65c9dc57035fa983df37e9732c0f0a2663f.png
200 OK 153 B URL HTTP/2 t-cf.bstatic.com/static/img/flags/new/48-squared/fr/c48bc65c9dc57035fa983df37e9732c0f0a2663f.png
IP
File type PNG image data, 48 x 48, 4-bit colormap, non-interlaced\012- data
Hash d61a768803223e8ecabed2277992e21a
bfd3ddcedb47e691ce233c863d782f0ac7e2e414
8c823b6fe7ed7a0af5f592357f0512e43a86813159f095e7292489ba86c1e6d6
GET /static/img/flags/new/48-squared/fr/c48bc65c9dc57035fa983df37e9732c0f0a2663f.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 153
server: nginx
date: Sun, 06 Nov 2022 05:04:49 GMT
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
etag: "5f55f887-99"
expires: Tue, 06 Dec 2022 05:04:49 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KD8CvXjr5ZNbSifeiauarPNPdy5MsEZ3GMHYc_ZPyurXcUA5DczN4A==
age: 509510
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/flags/new/48-squared/es/b3bd4690290a78b1303198dd6576bdab8d7f9a80.png
200 OK 913 B URL HTTP/2 t-cf.bstatic.com/static/img/flags/new/48-squared/es/b3bd4690290a78b1303198dd6576bdab8d7f9a80.png
IP
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash bf945804423b44b5acd2942719e4baf1
a94db5335a984d9b8633cbcdb22137bac8b4284b
2b311f37975788c34490b9fbd42602b3c2eb24bb87c1d7f4fc7fce70a230815f
GET /static/img/flags/new/48-squared/es/b3bd4690290a78b1303198dd6576bdab8d7f9a80.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 913
server: nginx
date: Sat, 05 Nov 2022 02:48:20 GMT
last-modified: Mon, 07 Sep 2020 10:40:08 GMT
etag: "5f560e08-391"
expires: Mon, 05 Dec 2022 02:48:20 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AiDhB3fJh5NWS57WRT2PYOHcZc_M7j0wPLtkgkC_CtS_oLKLmtatYA==
age: 604099
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/flags/new/48-squared/ar/9cce2b91336709016282f06432a8b6366069e0c2.png
200 OK 476 B URL HTTP/2 t-cf.bstatic.com/static/img/flags/new/48-squared/ar/9cce2b91336709016282f06432a8b6366069e0c2.png
IP
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash d9198265fdc862184216b90209391ce3
6bf0123a310523ff9b392f5ef7bdb159ac3633fa
687a7e5fd4c9d0ecf220bc143a6b473dd3c2bfda30e7ac01fde79d39b5791720
GET /static/img/flags/new/48-squared/ar/9cce2b91336709016282f06432a8b6366069e0c2.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 476
server: nginx
date: Thu, 03 Nov 2022 01:36:51 GMT
last-modified: Mon, 07 Sep 2020 10:40:08 GMT
etag: "5f560e08-1dc"
expires: Sat, 03 Dec 2022 01:36:51 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fKvEhPMmV0u0bzvhPV-3B3kXkuHDHBjM8tIt7SiwaoGHlxVolmrwAQ==
age: 781188
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/flags/new/48-squared/mx/f3a3f562a0185d68fb04b2ec01db2062ca6bdb76.png
200 OK 945 B URL HTTP/2 t-cf.bstatic.com/static/img/flags/new/48-squared/mx/f3a3f562a0185d68fb04b2ec01db2062ca6bdb76.png
IP
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash 91f0a044160310ec2a0fdd15a5e9db95
411b206915a7fcbc18ba67bb5013cd4b9c97c5c3
11eb78212272b10379a315971ed01e31ffa796378c12eae4116f47e7bc50bd4f
GET /static/img/flags/new/48-squared/mx/f3a3f562a0185d68fb04b2ec01db2062ca6bdb76.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 945
server: nginx
date: Sun, 06 Nov 2022 17:33:47 GMT
last-modified: Mon, 07 Sep 2020 10:40:08 GMT
etag: "5f560e08-3b1"
expires: Tue, 06 Dec 2022 17:33:47 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4HHx490qbCVEIzxJ5JIeaxPhS7w3Q5YejauNBvsKAo1lPJ28PagBzg==
age: 464572
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/flags/new/48-squared/catalonia/8578246a75d8b9dceaacb174072d0c6acafcc2df.png
200 OK 155 B URL HTTP/2 t-cf.bstatic.com/static/img/flags/new/48-squared/catalonia/8578246a75d8b9dceaacb174072d0c6acafcc2df.png
IP
File type PNG image data, 48 x 48, 4-bit colormap, non-interlaced\012- data
Hash 9aa827fa86c5f431d15c5b23a78f0f9d
7a82e7b12cb63ae4afabddd04a83c94c468dc777
c6d8a7fe3c884ebb35313519fb7187cd6609b4c2ede2ddedcafb6ef8a9905310
GET /static/img/flags/new/48-squared/catalonia/8578246a75d8b9dceaacb174072d0c6acafcc2df.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 155
server: nginx
date: Wed, 09 Nov 2022 02:29:15 GMT
last-modified: Mon, 07 Sep 2020 10:40:08 GMT
etag: "5f560e08-9b"
expires: Fri, 09 Dec 2022 02:29:15 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HEnTahZydM6EtVyycZSQdltUzcEFE1PVo242bvVgi3sffUamhkyytQ==
age: 259644
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/flags/new/48-squared/it/b8db3771480bd0c7971b9f94cad3640c89521882.png
200 OK 153 B URL HTTP/2 t-cf.bstatic.com/static/img/flags/new/48-squared/it/b8db3771480bd0c7971b9f94cad3640c89521882.png
IP
File type PNG image data, 48 x 48, 4-bit colormap, non-interlaced\012- data
Hash 4261fd05fa4ff2f6b27961be52f72502
30b359e2111f9509e89b4740af3aa6be24fcc812
861f2142293eb28de2c5f7c6f0035847ae176dc02470bfa7fbb157bf2b89339d
GET /static/img/flags/new/48-squared/it/b8db3771480bd0c7971b9f94cad3640c89521882.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 153
server: nginx
date: Thu, 27 Oct 2022 07:45:28 GMT
last-modified: Mon, 07 Sep 2020 10:40:08 GMT
etag: "5f560e08-99"
expires: Sat, 26 Nov 2022 07:45:28 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wd6PVxonInrs185gr_qdxczFXNAyNimd24as1itzKf6EyBMQR1roOg==
age: 1363871
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/flags/new/48-squared/pt/6542345c7408e3bd0d4c2e8f38d4396bba9b0e69.png
200 OK 1.2 kB URL HTTP/2 t-cf.bstatic.com/static/img/flags/new/48-squared/pt/6542345c7408e3bd0d4c2e8f38d4396bba9b0e69.png
IP
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash fc9f3351718ecc0c40483fcc805b7004
24aad85601f4ed40c3cd66921a4d12d965855c13
06ee7ee0128fbc6c5700382476bf91e704ca66f00c2dc2f99fd5b00da0c3fd64
GET /static/img/flags/new/48-squared/pt/6542345c7408e3bd0d4c2e8f38d4396bba9b0e69.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1179
server: nginx
date: Tue, 08 Nov 2022 04:07:40 GMT
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
etag: "5f55f887-49b"
expires: Thu, 08 Dec 2022 04:07:40 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: p0KekVlMWzkmUg4bC8rCnemD3YEsWDwg8pk-1CIWVzQgmbCR-5pRfQ==
age: 340139
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/flags/new/48-squared/br/0cf5e55d996fdcf96a2d31733addf5c10bad1f74.png
200 OK 717 B URL HTTP/2 t-cf.bstatic.com/static/img/flags/new/48-squared/br/0cf5e55d996fdcf96a2d31733addf5c10bad1f74.png
IP
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash 26d9170b24250c48a61e05da682d06ee
42c33ea1b9376b9fb627d44fc56822672d5c0ac7
6873da5317b00141936efa7ff6b53e80aa1323ccff9c6a89f846534b725225b0
GET /static/img/flags/new/48-squared/br/0cf5e55d996fdcf96a2d31733addf5c10bad1f74.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 717
server: nginx
date: Sun, 06 Nov 2022 06:32:47 GMT
last-modified: Mon, 07 Sep 2020 10:40:09 GMT
etag: "5f560e09-2cd"
expires: Tue, 06 Dec 2022 06:32:47 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0HKKDxOMFTiAeY8-LhKlsF2qiCIco_2BgCEDfnT8YVrGl9ynFJlbCQ==
age: 504232
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/flags/new/48-squared/no/827be8d24af5667778b4bc651fe03f738a812b60.png
200 OK 266 B URL HTTP/2 t-cf.bstatic.com/static/img/flags/new/48-squared/no/827be8d24af5667778b4bc651fe03f738a812b60.png
IP
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash ff013df9d8ed912796746aacd4cb18b9
e6bdb0e3516c2edbe53af0157b7db7ed08b7b376
c9b9d24d817a48351e24f4e5499e96a69d1cb8d783f57c9bdd1747cee64e50d8
GET /static/img/flags/new/48-squared/no/827be8d24af5667778b4bc651fe03f738a812b60.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 266
server: nginx
date: Wed, 09 Nov 2022 03:09:18 GMT
last-modified: Mon, 07 Sep 2020 10:40:08 GMT
etag: "5f560e08-10a"
expires: Fri, 09 Dec 2022 03:09:18 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7ayeppsiVKzgI58fK26Pk2N1O8fxXuNDWqwZ4-R9tAUnCcxt1H5wkQ==
age: 257241
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/flags/new/48-squared/fi/465d3b73ff07d1d696cb5dd26fbb91097c175e1b.png
200 OK 206 B URL HTTP/2 t-cf.bstatic.com/static/img/flags/new/48-squared/fi/465d3b73ff07d1d696cb5dd26fbb91097c175e1b.png
IP
File type PNG image data, 48 x 48, 4-bit colormap, non-interlaced\012- data
Hash 9a822a64512f9ddc675a4225c98c7a3c
53f9de2996c049705b7f67f3e6b644e4e665b3bc
10b4eec5fd4c999a3d217c78ad0037396263602c5ad035613063a2b147231318
GET /static/img/flags/new/48-squared/fi/465d3b73ff07d1d696cb5dd26fbb91097c175e1b.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 206
server: nginx
date: Mon, 31 Oct 2022 06:44:55 GMT
last-modified: Mon, 07 Sep 2020 10:40:08 GMT
etag: "5f560e08-ce"
expires: Wed, 30 Nov 2022 06:44:55 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7GxKp3fHU77sXDhJZuT5OV_DEdyfXTG311HosTTKBS1MrSoOIzw5Kg==
age: 1021904
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/flags/new/48-squared/se/5e126775c25a54a24956ddcc72c8bbcaeed20872.png
200 OK 198 B URL HTTP/2 t-cf.bstatic.com/static/img/flags/new/48-squared/se/5e126775c25a54a24956ddcc72c8bbcaeed20872.png
IP
File type PNG image data, 48 x 48, 4-bit colormap, non-interlaced\012- data
Hash 13c8c96bf421d8616a6e22d2932a0b76
09c8720b6e8dec10ae55c6c71b83508a97d7103e
3e94a1d0a60d1870f9117b8b5ec1379df6040dead195531942a48a3ac57d11d9
GET /static/img/flags/new/48-squared/se/5e126775c25a54a24956ddcc72c8bbcaeed20872.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 198
server: nginx
date: Mon, 31 Oct 2022 01:01:39 GMT
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
etag: "5f55f887-c6"
expires: Wed, 30 Nov 2022 01:01:39 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: h_NGtDQNaouO-E8w07eb2WshoeZBm-tpr4YWsrbuyY-zzr1czYPVzg==
age: 1042500
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/flags/new/48-squared/dk/744575dd4e87590a543b7c8cbacaef6c3de4e4d2.png
200 OK 175 B URL HTTP/2 t-cf.bstatic.com/static/img/flags/new/48-squared/dk/744575dd4e87590a543b7c8cbacaef6c3de4e4d2.png
IP
File type PNG image data, 48 x 48, 4-bit colormap, non-interlaced\012- data
Hash 3275f76ec51c7d87571ef5a5f3e6ddea
995f9025c29c6ab965c3a29af50ae25c9a390ab0
a60eac8ef0e0d0dddef152891451b215d955373071d2bd32db7d4b2053fbaf08
GET /static/img/flags/new/48-squared/dk/744575dd4e87590a543b7c8cbacaef6c3de4e4d2.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 175
server: nginx
date: Mon, 07 Nov 2022 07:26:46 GMT
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
etag: "5f55f887-af"
expires: Wed, 07 Dec 2022 07:26:46 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 9TwsoJm0DrLDyEP1xvBKR_GsVhEzBhznhYnaDriSiRZND2f-wtSkgw==
age: 414593
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/flags/new/48-squared/cz/32002e60fead55ce886ff9827dfcf4af8cf4e277.png
200 OK 342 B URL HTTP/2 t-cf.bstatic.com/static/img/flags/new/48-squared/cz/32002e60fead55ce886ff9827dfcf4af8cf4e277.png
IP
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash 20b632d22c7839d87dd7ab7628839ee7
e9d3232561f2812c02b6fb4e33251aaf620cd40b
ad11693269039a9a7ded88cb46a03eb85ee6f4cf29fa76376ba32c5dd9eb6612
GET /static/img/flags/new/48-squared/cz/32002e60fead55ce886ff9827dfcf4af8cf4e277.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 342
server: nginx
date: Tue, 25 Oct 2022 17:19:03 GMT
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
etag: "5f55f887-156"
expires: Thu, 24 Nov 2022 17:19:03 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nVdGVoWNbOXiliQBylRlFbuqkrgC3gqQOQoM4cqjMcHKxkxUzgjGsQ==
age: 1502256
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/flags/new/48-squared/hu/fc7cb24c5c7cb9de74a74fad271d6838daabc4cb.png
200 OK 133 B URL HTTP/2 t-cf.bstatic.com/static/img/flags/new/48-squared/hu/fc7cb24c5c7cb9de74a74fad271d6838daabc4cb.png
IP
File type PNG image data, 48 x 48, 4-bit colormap, non-interlaced\012- data
Hash 9206b6715881ae75735ed659e808e94f
eed3ea9303a65b3b7f64f73d1a8499373aa26c0b
70c5cf7c80ec64caf926271a8832ca79342bd1d9203bae584f8c441aee10ddf0
GET /static/img/flags/new/48-squared/hu/fc7cb24c5c7cb9de74a74fad271d6838daabc4cb.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 133
server: nginx
date: Sat, 29 Oct 2022 07:43:03 GMT
last-modified: Mon, 07 Sep 2020 10:40:08 GMT
etag: "5f560e08-85"
expires: Mon, 28 Nov 2022 07:43:03 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yEeo4pM-9sSScy0UQvjQbhEAELM-6XhPgPcO7sLamXhnfPY9IsbxBA==
age: 1191216
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/flags/new/48-squared/ro/2d67b91f7beb87bd9286975da3e6dadc70d9c64b.png
200 OK 153 B URL HTTP/2 t-cf.bstatic.com/static/img/flags/new/48-squared/ro/2d67b91f7beb87bd9286975da3e6dadc70d9c64b.png
IP
File type PNG image data, 48 x 48, 4-bit colormap, non-interlaced\012- data
Hash 1b1f1d1d57a2cd65c38748ed1e165aa7
58f0710ccff2655b04eb6ed0a2c86ec64eea5223
881978c2d219d2d9e3f0c5584e489e06e1948d0b4f9c5d7d3104a61ddb2e7372
GET /static/img/flags/new/48-squared/ro/2d67b91f7beb87bd9286975da3e6dadc70d9c64b.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 153
server: nginx
date: Tue, 01 Nov 2022 06:10:44 GMT
last-modified: Mon, 07 Sep 2020 10:40:08 GMT
etag: "5f560e08-99"
expires: Thu, 01 Dec 2022 06:10:44 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OmDg10M3F0Zhr0nDiFu5HQfLib1UxYMDewvSBv61RgcMdYOcXgo50w==
age: 937555
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/flags/new/48-squared/jp/9bf7e50bc6dc66599aeede9189ca16de461c60b6.png
200 OK 333 B URL HTTP/2 t-cf.bstatic.com/static/img/flags/new/48-squared/jp/9bf7e50bc6dc66599aeede9189ca16de461c60b6.png
IP
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash 0430ec4fbfa9c9d0c02e4040873de949
6f5a96e43c5665af451ae5b0448ed5a7113e40d9
ee8b36adb5cbd88a5819e742a813ae397ace8c319861ad8aa4d9caaae90812a0
GET /static/img/flags/new/48-squared/jp/9bf7e50bc6dc66599aeede9189ca16de461c60b6.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 333
server: nginx
date: Mon, 07 Nov 2022 07:58:21 GMT
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
etag: "5f55f887-14d"
expires: Wed, 07 Dec 2022 07:58:21 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hlXEMwmROWpbzxQ1FISTKa7ODujWjOFSzN7l-E_Hmver-C3pjIA_xA==
age: 412698
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/css/gprof_icons_cft.iq_ltr/4b538a7f9b7e4b4916c881259774821f33d5220a.css
200 OK 28 kB URL HTTP/2 t-cf.bstatic.com/static/css/gprof_icons_cft.iq_ltr/4b538a7f9b7e4b4916c881259774821f33d5220a.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 00293610c91e44a6389ebf8475a98749
d95826e0f0669e97fef9070dd0d39485adb24869
8255944337464734eb7c0b8c4f7e50b2c4862a0ef411323be52fa52bc6628492
GET /static/css/gprof_icons_cft.iq_ltr/4b538a7f9b7e4b4916c881259774821f33d5220a.css HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Fri, 11 Nov 2022 10:13:42 GMT
last-modified: Fri, 11 Nov 2022 01:23:42 GMT
etag: W/"636da41e-2977a"
expires: Sun, 11 Dec 2022 10:13:42 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _xqvCCUqz1XQLUVkP4faCk4YE057w6_uDe52Q-Ojr_w_5zOwAHgOqA==
age: 58976
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/css/incentives_cft.iq_ltr/70c3660043e199f2e3a2b9d17b15dc773dca7b8e.css
200 OK 2.0 kB URL HTTP/2 t-cf.bstatic.com/static/css/incentives_cft.iq_ltr/70c3660043e199f2e3a2b9d17b15dc773dca7b8e.css
IP
File type ASCII text, with very long lines (7463), with no line terminators
Hash 0ed3debebeac5cee3afb2d4c8259c61c
a9036479dc44e644579c0d1ef402296ce6b69f86
4f360f6c8e7aa752316779435a76119548d82c2d0f30f0291b28a0bac446562a
GET /static/css/incentives_cft.iq_ltr/70c3660043e199f2e3a2b9d17b15dc773dca7b8e.css HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Fri, 11 Nov 2022 10:13:41 GMT
last-modified: Fri, 11 Nov 2022 01:23:42 GMT
etag: W/"636da41e-1d27"
expires: Sun, 11 Dec 2022 10:13:41 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2fg8197hpj5noOdgpLvGEtgOaoG8FFN8I9Uz4G5slGLpEXKxqmd3SQ==
age: 58977
X-Firefox-Spdy: h2
cdn.cookielaw.org/scripttemplates/6.22.0/assets/otCommonStyles.css
200 OK 5.5 kB URL HTTP/2 cdn.cookielaw.org/scripttemplates/6.22.0/assets/otCommonStyles.css
IP
Hash 70648b34fac7af6a462af6043943b110
078892de3bd815d27d9dc52c4bfe1bc540a0a12a
2a96f1f14f2839e8d365822e96ea6b014f194cdd74359de781bec391f7e5eaa5
GET /scripttemplates/6.22.0/assets/otCommonStyles.css HTTP/1.1
Host: cdn.cookielaw.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:36:38 GMT
content-type: text/css
content-md5: F/Fs54+x9bQK/ULkNRp4fA==
last-modified: Thu, 19 Aug 2021 02:39:24 GMT
x-ms-request-id: 6bc20948-001e-0159-656c-c49b35000000
x-ms-version: 2009-09-19
x-ms-lease-status: unlocked
x-ms-blob-type: BlockBlob
access-control-expose-headers: x-ms-request-id,Server,x-ms-version,Content-Type,Last-Modified,ETag,Content-MD5,x-ms-lease-status,x-ms-blob-type,Content-Length,Date,Transfer-Encoding
access-control-allow-origin: *
cache-control: max-age=86400
cf-cache-status: HIT
age: 2789
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
server: cloudflare
cf-ray: 768be1966c27b505-OSL
content-encoding: gzip
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/css/sp_loyalty_cft.iq_ltr/c7c6b342312a9d5364889a78d1971cf24c388e48.css
200 OK 2.5 kB URL HTTP/2 t-cf.bstatic.com/static/css/sp_loyalty_cft.iq_ltr/c7c6b342312a9d5364889a78d1971cf24c388e48.css
IP
File type ASCII text, with very long lines (14322), with no line terminators
Hash 659bab7991bb1e392c31275fc077c4f5
cd6f3e392c0f9fda4182231d2325474ff5cf25d3
2e74a07cf5b9f5cb949da3c4dffee96a5ca4c578354f96a4c309f87d67fef55e
GET /static/css/sp_loyalty_cft.iq_ltr/c7c6b342312a9d5364889a78d1971cf24c388e48.css HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Fri, 11 Nov 2022 10:56:17 GMT
last-modified: Fri, 11 Nov 2022 01:23:43 GMT
etag: W/"636da41f-37f2"
expires: Sun, 11 Dec 2022 10:56:17 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kUd-if0gV97rH0pGbuasJESwhICAlFwRzv9PGMZbLLnjfyccNN3FvQ==
age: 56421
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/flags/new/48-squared/ru/2277320023a64803843c36ca6aa48ad77523dd0d.png
200 OK 139 B URL HTTP/2 t-cf.bstatic.com/static/img/flags/new/48-squared/ru/2277320023a64803843c36ca6aa48ad77523dd0d.png
IP
File type PNG image data, 48 x 48, 4-bit colormap, non-interlaced\012- data
Hash e788f0359c4ebb5d12da0db2e46b5cae
7ef0e8f52982a8fe7a25e27011fca7716231a52b
6f71c4adcbf4ee888f31ee757fd52cdb61881a9aca9f8a571c00470df055185c
GET /static/img/flags/new/48-squared/ru/2277320023a64803843c36ca6aa48ad77523dd0d.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 139
server: nginx
date: Sat, 29 Oct 2022 14:42:39 GMT
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
etag: "5f55f887-8b"
expires: Mon, 28 Nov 2022 14:42:39 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AGbln14G7wYuQP93MJbcbDc1IQShODe75cDCACgjSQEdbVS2yfxOLw==
age: 1166040
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/flags/new/48-squared/tr/f7ad0cb74f4ea5e7193cb6029c7f977e9786cfa2.png
200 OK 400 B URL HTTP/2 t-cf.bstatic.com/static/img/flags/new/48-squared/tr/f7ad0cb74f4ea5e7193cb6029c7f977e9786cfa2.png
IP
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash 87321ae6e71b9b09c681058e91a468b5
3fb7872894da2daef6f66e73d8fd2f7b78b3b533
2c1c4611b00fa1da5b4cf45ac2c7d25744c4bf0897fab2e00833ff0aefdf5023
GET /static/img/flags/new/48-squared/tr/f7ad0cb74f4ea5e7193cb6029c7f977e9786cfa2.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 400
server: nginx
date: Thu, 03 Nov 2022 04:41:45 GMT
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
etag: "5f55f887-190"
expires: Sat, 03 Dec 2022 04:41:45 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aKzmh9WkNnFvQpmJoh4cEG3XTLav1yf8yTCdVEc7NY8jCIIFz-VXIQ==
age: 770094
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/css/index_cft.iq_ltr/ef25fcb54cd6b780a46bcfe0263dfba2991aae8d.css
200 OK 52 kB URL HTTP/2 t-cf.bstatic.com/static/css/index_cft.iq_ltr/ef25fcb54cd6b780a46bcfe0263dfba2991aae8d.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 96e5a7f79ab60120022280726528e671
71e403b017cbf011438ec14027b566c53b167256
2a8bcc10e5f0939afb8d7b2dd8d02530ce38de0c256d4ba36beea8f4c39166f4
GET /static/css/index_cft.iq_ltr/ef25fcb54cd6b780a46bcfe0263dfba2991aae8d.css HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Fri, 11 Nov 2022 10:13:41 GMT
last-modified: Fri, 11 Nov 2022 01:23:42 GMT
etag: W/"636da41e-5a59f"
expires: Sun, 11 Dec 2022 10:13:41 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: o2YgavhB_89L6AcEqH0e0R2y0U0l3m5EmqKVUTIbo1w2sdRE6zzqYg==
age: 58975
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/css/xp-index-sb_cft.iq_ltr/ede1612fb0e53edbbe47d72b47f704968515c9b7.css
200 OK 12 kB URL HTTP/2 t-cf.bstatic.com/static/css/xp-index-sb_cft.iq_ltr/ede1612fb0e53edbbe47d72b47f704968515c9b7.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 5d0068b650cb0ba0d2a7089c70de5b45
59d880345fe81370b466e26f92929a0bc8bf569d
2ed127c3937e4ae6b685a61f8f4e16e6065cfc73cb1db7ce618a229077fe0f85
GET /static/css/xp-index-sb_cft.iq_ltr/ede1612fb0e53edbbe47d72b47f704968515c9b7.css HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Fri, 11 Nov 2022 10:13:41 GMT
last-modified: Fri, 11 Nov 2022 01:23:44 GMT
etag: W/"636da420-126da"
expires: Sun, 11 Dec 2022 10:13:41 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AWqtzWiXzfGa-t23URR5o9-WeN2Ugs5n657aPcatY06HVyfoiiwCPw==
age: 58976
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/flags/new/48-squared/kr/4cb76b458a73ca4c1de034c7623475278d363ce6.png
200 OK 870 B URL HTTP/2 t-cf.bstatic.com/static/img/flags/new/48-squared/kr/4cb76b458a73ca4c1de034c7623475278d363ce6.png
IP
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash 52c9301117c90f4f0f02957fb952f163
7e947ebefa1352e7282626e90e68442896c606e6
9f31f4ed393b17f37ea3ec9572bdda6ac8c1a3e3ee410743ac2b69f4717b4425
GET /static/img/flags/new/48-squared/kr/4cb76b458a73ca4c1de034c7623475278d363ce6.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 870
server: nginx
date: Wed, 09 Nov 2022 01:55:38 GMT
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
etag: "5f55f887-366"
expires: Fri, 09 Dec 2022 01:55:38 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DB4Qa4e1eDCHBmvlbyRUGxdTRhXpSX6wx-XdMctwpLw_5G3HpeIGXw==
age: 261661
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/css/main_cft.iq_ltr/11af65abb6dba73480d32d183f9b6f6c0a9b9315.css
200 OK 61 kB URL HTTP/2 t-cf.bstatic.com/static/css/main_cft.iq_ltr/11af65abb6dba73480d32d183f9b6f6c0a9b9315.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 749d02d3f3f9993db2597a24a26e4259
b18be3b8d1376762580d819c1b780401ea31019b
0c8bfac2e358fb572e58adf7187f82a56315326608a334f4a20cc9c5d40495f7
GET /static/css/main_cft.iq_ltr/11af65abb6dba73480d32d183f9b6f6c0a9b9315.css HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Fri, 11 Nov 2022 10:13:41 GMT
last-modified: Fri, 11 Nov 2022 01:23:42 GMT
etag: W/"636da41e-81d22"
expires: Sun, 11 Dec 2022 10:13:41 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _Ss9GENWmHpowDdEIxoKV_pN5rH2YVHENufz4JXuB7-h2SPsEeWMeQ==
age: 58976
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/css/main_exps_cft.iq_ltr/7726bdb18e488663b338bf0e64385bc7f6fb825c.css
200 OK 21 kB URL HTTP/2 t-cf.bstatic.com/static/css/main_exps_cft.iq_ltr/7726bdb18e488663b338bf0e64385bc7f6fb825c.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash e89c7f81532e7722f878141b0a1930b9
41bfbf9c8fa4669d80ef1b3cd52de9cf09dcd5c4
6568c8bc2bedb66729dd368f7b58253d8e4793fd8cbf163404b37132e42d07c7
GET /static/css/main_exps_cft.iq_ltr/7726bdb18e488663b338bf0e64385bc7f6fb825c.css HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Fri, 11 Nov 2022 10:13:41 GMT
last-modified: Fri, 11 Nov 2022 10:09:48 GMT
etag: W/"636e1f6c-20a86"
expires: Sun, 11 Dec 2022 10:13:41 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hBrhFE7JAK1sVsPt3oOU-4nc-T71B1Ren3iKKRdTGjoGD3HPO3H_Qg==
age: 58976
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/flags/new/48-squared/ua/2ea50f1c1fb480c4557a5578f71657fc3152c3a1.png
200 OK 134 B URL HTTP/2 t-cf.bstatic.com/static/img/flags/new/48-squared/ua/2ea50f1c1fb480c4557a5578f71657fc3152c3a1.png
IP
File type PNG image data, 48 x 48, 4-bit colormap, non-interlaced\012- data
Hash f4db0dc55878fe02bb1efff8fc8dfe00
233ad877840f93216679c862e72be0d38a3c1132
4d5747ee4bfc01093d27ec5833305780e8797e361214269f85ca824274d7b4ed
GET /static/img/flags/new/48-squared/ua/2ea50f1c1fb480c4557a5578f71657fc3152c3a1.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 134
server: nginx
date: Tue, 01 Nov 2022 06:10:44 GMT
last-modified: Mon, 07 Sep 2020 10:40:08 GMT
etag: "5f560e08-86"
expires: Thu, 01 Dec 2022 06:10:44 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SAQ0exRGZcXheDVEsp51glp347cB_FmHGtnAqdNpOdHycQY0lAreSw==
age: 937555
X-Firefox-Spdy: h2
t-cf.bstatic.com/psb/capla/static/css/664.bf31623f.chunk.css
200 OK 2.1 kB URL HTTP/2 t-cf.bstatic.com/psb/capla/static/css/664.bf31623f.chunk.css
IP
File type ASCII text, with very long lines (6802)
Hash f55b32879c670ce684652c89b28c26c7
9579e865a38d8871fa51824562da61836bd5eb47
9ea9632b95b874eeeb93c97d17a87712d83ec25fa5813fe4565385f89fe9ecbb
GET /psb/capla/static/css/664.bf31623f.chunk.css HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Wed, 09 Nov 2022 03:01:48 GMT
etag: W/"41c772e915615a2a242550b78850899d"
x-amz-meta-x-deployment-hash: foo
x-amz-server-side-encryption: AES256
last-modified: Mon, 26 Sep 2022 13:29:51 GMT
x-amz-expiration: expiry-date="Tue, 24 Jan 2023 13:29:51 GMT", rule-id=""
expires: Fri, 09 Dec 2022 03:01:48 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _QW93gjHb82hBfjtudetDoYQx5ojgvJFeoiAdG0JMhNhC-MZhHOQPg==
age: 257691
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/flags/new/48-squared/id/e7d3d00965d8c994a72807b43b21c648250cf906.png
200 OK 121 B URL HTTP/2 t-cf.bstatic.com/static/img/flags/new/48-squared/id/e7d3d00965d8c994a72807b43b21c648250cf906.png
IP
File type PNG image data, 48 x 48, 2-bit colormap, non-interlaced\012- data
Hash 40b14f52ee0e84a6b7f2395438df4e89
3a1b4751f73b37112ea8abe9d8e1e43fb0b5dcc1
0839f5f4321e755f66f00aebe4ecad12e81de7d87b73600f621f3e4067bec79b
GET /static/img/flags/new/48-squared/id/e7d3d00965d8c994a72807b43b21c648250cf906.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 121
server: nginx
date: Thu, 03 Nov 2022 06:26:07 GMT
last-modified: Mon, 07 Sep 2020 10:40:08 GMT
etag: "5f560e08-79"
expires: Sat, 03 Dec 2022 06:26:07 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bGAp-PP--uekaykw5J0EvgK7p0MezhCsgipj0pDlOnePcKNbP3oLGw==
age: 763832
X-Firefox-Spdy: h2
t-cf.bstatic.com/libs/privacy-consent/releases/2.1.32/customer/cookie-banner.min.js
200 OK 3.1 kB URL HTTP/2 t-cf.bstatic.com/libs/privacy-consent/releases/2.1.32/customer/cookie-banner.min.js
IP
File type ASCII text, with very long lines (8638), with no line terminators
Hash c4855c83f02bb288dc95cd49808d9153
f7a8c0292f2a4775e2fb0d758ed016714acaa1db
e67173abf27cfe5184aac474f1c39d87b8c704dd0df3f92dd1a22d6b6348122c
GET /libs/privacy-consent/releases/2.1.32/customer/cookie-banner.min.js HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Thu, 03 Nov 2022 03:41:38 GMT
last-modified: Tue, 04 Oct 2022 23:02:37 GMT
etag: W/"633cbb8d-21be"
expires: Sat, 03 Dec 2022 03:41:38 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: r43D4LDV_hxa8Et7jmB8xzid9B1XBhb-J9lOiEbl079scC-LjzUK0Q==
age: 773700
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/flags/new/48-squared/ee/509074558f4fe7c71ceed57584dec0382274dd16.png
200 OK 139 B URL HTTP/2 t-cf.bstatic.com/static/img/flags/new/48-squared/ee/509074558f4fe7c71ceed57584dec0382274dd16.png
IP
File type PNG image data, 48 x 48, 4-bit colormap, non-interlaced\012- data
Hash 12aaeead084db9341a3afbd71d0b123d
5e048ae4bd509d08cd5a17d99d5430e104da7013
8bc3c2630c36b9713f3d002ed54e49c7671ec960ef0d8b02e32f2fdba2af6cb6
GET /static/img/flags/new/48-squared/ee/509074558f4fe7c71ceed57584dec0382274dd16.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 139
server: nginx
date: Sat, 29 Oct 2022 14:56:22 GMT
last-modified: Mon, 07 Sep 2020 10:40:09 GMT
etag: "5f560e09-8b"
expires: Mon, 28 Nov 2022 14:56:22 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8vbEUV-ce9-_hwOzev78yb4aKS-aPYl1d4ifnBfER1QTCGY7Aq9KDw==
age: 1165217
X-Firefox-Spdy: h2
t-cf.bstatic.com/psb/capla/static/css/bui-react.d483e7af.css
200 OK 17 kB URL HTTP/2 t-cf.bstatic.com/psb/capla/static/css/bui-react.d483e7af.css
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash efdc04c5174c2ac3644edf4b438d1a36
1f6c0ec72c5197e16d15d6aa64fa59e3b82fc806
c62f67be8c690d4505f3750a946ee6ddce918921b4c3f092b39bda1cb36a82c0
GET /psb/capla/static/css/bui-react.d483e7af.css HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Thu, 10 Nov 2022 10:11:28 GMT
etag: W/"45eb498e3d4a1aee9c20f9f213c7ab93"
x-amz-meta-x-deployment-hash: foo
x-amz-server-side-encryption: AES256
last-modified: Thu, 10 Nov 2022 09:15:06 GMT
x-amz-expiration: expiry-date="Fri, 10 Mar 2023 09:15:06 GMT", rule-id=""
expires: Sat, 10 Dec 2022 10:11:28 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yaX5IDuXg4-wo5Khqzbk0z6yqrJEJIeblgE-V8u7_AvjA8_HyNRD-g==
age: 145511
X-Firefox-Spdy: h2
t-cf.bstatic.com/psb/capla/static/css/797.f251747a.chunk.css
200 OK 1.4 kB URL HTTP/2 t-cf.bstatic.com/psb/capla/static/css/797.f251747a.chunk.css
IP
File type ASCII text, with very long lines (4478)
Hash 3c996458dbad5131c5855d3fc4e850f1
d7f79fc6d7d0d5d269ffbf78fb6af438955398f8
9d9c75c467918b84dd8dda1dfdf34f714d2c653bdafcad541ef985ae67506b89
GET /psb/capla/static/css/797.f251747a.chunk.css HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Sun, 06 Nov 2022 09:25:00 GMT
etag: W/"1d6809463c81866a247d5705214328fc"
x-amz-meta-x-deployment-hash: foo
x-amz-server-side-encryption: AES256
last-modified: Thu, 13 Oct 2022 12:42:47 GMT
x-amz-expiration: expiry-date="Fri, 10 Feb 2023 12:42:47 GMT", rule-id=""
expires: Tue, 06 Dec 2022 09:25:00 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3fyCjZ5l0VvJEhQ4OnS4-7THp1ApVB_QfdrQ9JoREWTByuSYXN59xA==
age: 493899
X-Firefox-Spdy: h2
t-cf.bstatic.com/psb/capla/static/css/778.c05dd01c.chunk.css
200 OK 3.6 kB URL HTTP/2 t-cf.bstatic.com/psb/capla/static/css/778.c05dd01c.chunk.css
IP
File type ASCII text, with very long lines (13729)
Hash b7aa3cdff6155a961d543d494bf79486
2fb0e477ca830828fba7f8d84151b0517ca637a5
f998b3c5334008505cc1564ddd03b00fd0e4dd3965b01402218493e91141d93e
GET /psb/capla/static/css/778.c05dd01c.chunk.css HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Thu, 10 Nov 2022 15:49:38 GMT
etag: W/"f49e762a73ee30cc02a00b32cd2e1ff8"
x-amz-meta-x-deployment-hash: foo
x-amz-server-side-encryption: AES256
last-modified: Thu, 10 Nov 2022 10:11:07 GMT
x-amz-expiration: expiry-date="Fri, 10 Mar 2023 10:11:07 GMT", rule-id=""
expires: Sat, 10 Dec 2022 15:49:38 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XMOC8kXh1bJefV2gb4-coO7b6QY1Ppl0dkug_IGgIODVYCTbZdGPTQ==
age: 125221
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/flags/new/48-squared/rs/c1bc4fc1d782713cfec17a071dadca6b755a233e.png
200 OK 1.4 kB URL HTTP/2 t-cf.bstatic.com/static/img/flags/new/48-squared/rs/c1bc4fc1d782713cfec17a071dadca6b755a233e.png
IP
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash b9379a24299e89e8a3a7f67e055583f3
9fcee25113376edc2308bd7e28d30a4a924cbd58
b2d098301fdd75a1c93c85f1f349262d5f7ca3de8a6eaad518095258c19e8a1b
GET /static/img/flags/new/48-squared/rs/c1bc4fc1d782713cfec17a071dadca6b755a233e.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1386
server: nginx
date: Fri, 04 Nov 2022 22:36:25 GMT
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
etag: "5f55f887-56a"
expires: Sun, 04 Dec 2022 22:36:25 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: T0_V-BGZ8HyIyMwbkdqDfDsBwOh1G6TDXxiAM75_ZzZewZikhkinSQ==
age: 619214
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/flags/new/48-squared/si/f0619cdd45548522566c6d72a660ddc011906184.png
200 OK 442 B URL HTTP/2 t-cf.bstatic.com/static/img/flags/new/48-squared/si/f0619cdd45548522566c6d72a660ddc011906184.png
IP
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash 05cbcc07c185368a084a9309aa914d61
8e11596590eacbb80269c99400b4a87e02e2583b
211e73d3bad99d5286e8f2378547adbf522b0f047e45aeed0d5dea6741488444
GET /static/img/flags/new/48-squared/si/f0619cdd45548522566c6d72a660ddc011906184.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 442
server: nginx
date: Mon, 07 Nov 2022 07:18:44 GMT
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
etag: "5f55f887-1ba"
expires: Wed, 07 Dec 2022 07:18:44 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dKf4up5oOzbJm11S3FRVQHJVBi6FY0n1dQtKDSbFHgNj1C7VwCQR5Q==
age: 415075
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/flags/new/48-squared/vn/90b17da2aafaebce7b0c34189747e1e10dba8041.png
200 OK 333 B URL HTTP/2 t-cf.bstatic.com/static/img/flags/new/48-squared/vn/90b17da2aafaebce7b0c34189747e1e10dba8041.png
IP
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash 3a0135828216d13780bbd76bc0d6617c
613be32ee6beabb7a18a107f6c9bdd0c5d6dada9
37cb08ba3ee531e1f6b5a8a3fbf4be6013a3a9a0442286b07aeb2c947530cf04
GET /static/img/flags/new/48-squared/vn/90b17da2aafaebce7b0c34189747e1e10dba8041.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 333
server: nginx
date: Sat, 29 Oct 2022 14:42:40 GMT
last-modified: Mon, 07 Sep 2020 10:40:08 GMT
etag: "5f560e08-14d"
expires: Mon, 28 Nov 2022 14:42:40 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uRq5lNwSSJ7delEAeFMkhmu7jrgdeihc1_v9gdqbhVk2GbLsFAnRag==
age: 1166039
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/flags/new/48-squared/ph/7048127466891462116ee2774154585fb5607aba.png
200 OK 663 B URL HTTP/2 t-cf.bstatic.com/static/img/flags/new/48-squared/ph/7048127466891462116ee2774154585fb5607aba.png
IP
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash 47f9d3fafada1c4125dd5abbef01d314
5e36976caec0396e0847c76c413a0189ff2cbbf6
a99fa5dc87d4d9a32c930d644a790c6dfba9073d0a11f6cc000ce599b9ba00c7
GET /static/img/flags/new/48-squared/ph/7048127466891462116ee2774154585fb5607aba.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 663
server: nginx
date: Thu, 03 Nov 2022 00:36:22 GMT
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
etag: "5f55f887-297"
expires: Sat, 03 Dec 2022 00:36:22 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kheJgkfDhKJGBfzjy4EfrmaVmvmmuXYdN-fN1S1s3IMr0AjgLeOyYQ==
age: 784817
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/flags/new/48-squared/is/7d644655f895f8e346b964dc18cf5b6608a98d52.png
200 OK 298 B URL HTTP/2 t-cf.bstatic.com/static/img/flags/new/48-squared/is/7d644655f895f8e346b964dc18cf5b6608a98d52.png
IP
File type PNG image data, 48 x 48, 8-bit colormap, non-interlaced\012- data
Hash 227c1e1707b8caf0b17266f188b3b099
294b9da49254731a4cb0fe538d9bc8ef44d1dd92
e1e54eb27d785ff86901a728964f40183e845b8301f9196e163e5fe919bcfb5f
GET /static/img/flags/new/48-squared/is/7d644655f895f8e346b964dc18cf5b6608a98d52.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 298
server: nginx
date: Tue, 18 Oct 2022 23:13:22 GMT
last-modified: Mon, 07 Sep 2020 09:08:23 GMT
etag: "5f55f887-12a"
expires: Thu, 17 Nov 2022 23:13:22 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lPssjPV8oVlA_3sXqdcXQUY2iamFuKNz9DHEaX9XZO0AMP9JFCUxLA==
age: 2085797
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/city/square250/644293.webp?k=24c08396bd44343c9dcc78f0df41e114bf7e6aeda3d339101c37e7ba3aa707db&o=
200 OK 11 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/city/square250/644293.webp?k=24c08396bd44343c9dcc78f0df41e114bf7e6aeda3d339101c37e7ba3aa707db&o=
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 250x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash e61daadd9f2361db8bea014c640fc26b
8e637a06e40e6d0d780cf55b0982fd82d2dfbacc
941706cdc14e54f8ec6c3bacc8b5bad26dd5553d0bbd34490450e67387acb132
GET /xdata/images/city/square250/644293.webp?k=24c08396bd44343c9dcc78f0df41e114bf7e6aeda3d339101c37e7ba3aa707db&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 10668
server: nginx
date: Mon, 07 Nov 2022 09:19:28 GMT
etag: "e984a8fd673340869b931f90e66a4b897efdf3a4"
expires: Wed, 07 Dec 2022 09:19:28 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: p8O-2GEbUUYhJI19xgIck9hVEMhLCP2koBHGoinjbmby9jr_niiYqA==
age: 407831
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/city/square250/740935.webp?k=d90fa40b53bd16d8d06214496648ebbbccb96cff3946793c569e50103d363ec1&o=
200 OK 10 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/city/square250/740935.webp?k=d90fa40b53bd16d8d06214496648ebbbccb96cff3946793c569e50103d363ec1&o=
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 250x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash f46894a16ebb993b489c7eb4947b2321
a3ebffea1f61cb837f7512345ea899a5908cbf0a
ea3005e0d81b1ad9fded26293f7442ee24413818af379d68bed7d717e8b5f7f2
GET /xdata/images/city/square250/740935.webp?k=d90fa40b53bd16d8d06214496648ebbbccb96cff3946793c569e50103d363ec1&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 10180
server: nginx
date: Wed, 09 Nov 2022 05:35:05 GMT
etag: "dbd978f6507c1d3c933eec820fee0f3195453b8c"
expires: Fri, 09 Dec 2022 05:35:05 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DwpGEj7vstntVU6HZvQAvHuxZxiVHD0jrhjSgmDIYNg_6BT017z__A==
age: 248494
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/city/square250/644310.webp?k=472fefd4c3c0aef36deb16adb91c965923d8b1078ab29056802f95aead0586bf&o=
200 OK 13 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/city/square250/644310.webp?k=472fefd4c3c0aef36deb16adb91c965923d8b1078ab29056802f95aead0586bf&o=
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 250x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash fc98564e400d3bd17e3f22b13e1b4ac7
504d945f247a1ed9d1e4f68416d2865d6558e5ad
b7fa20f8bab44db9578a888fe75778bd6b24331b1f0c81356be50c4fc70157c6
GET /xdata/images/city/square250/644310.webp?k=472fefd4c3c0aef36deb16adb91c965923d8b1078ab29056802f95aead0586bf&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 13014
server: nginx
date: Tue, 01 Nov 2022 10:06:38 GMT
etag: "819802f9b8bd40ed05d9f23aa44874a4e1ac1e88"
expires: Thu, 01 Dec 2022 10:06:38 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4y760z3uV2QhjUqzTHxI0XNS3AhcMkkAbHDytXW1Y-clX3KHF-aJPw==
age: 923401
X-Firefox-Spdy: h2
t-cf.bstatic.com/psb/capla/static/css/534.6997c244.chunk.css
200 OK 16 kB URL HTTP/2 t-cf.bstatic.com/psb/capla/static/css/534.6997c244.chunk.css
IP
File type ASCII text, with very long lines (4478)
Hash b72a240c4676feabb98631ec5323471d
b02fce5570933d1be94b29b7b386a6ec963d552e
196695b3ef61e4f8646759a67458dd94809267ca69e62ab778822368f2b52827
GET /psb/capla/static/css/534.6997c244.chunk.css HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Fri, 04 Nov 2022 02:08:55 GMT
etag: W/"453932fef0c31eb188aebfa09f661ee5"
x-amz-meta-x-deployment-hash: foo
x-amz-server-side-encryption: AES256
last-modified: Thu, 13 Oct 2022 12:42:46 GMT
x-amz-expiration: expiry-date="Fri, 10 Feb 2023 12:42:46 GMT", rule-id=""
expires: Sun, 04 Dec 2022 02:08:55 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ojI9D9RpM1s2BStiHQQHkGfujQJVjkwhLTRWdzrkwvkbiH5v_40xkg==
age: 692864
X-Firefox-Spdy: h2
t-cf.bstatic.com/psb/capla/static/css/186.c3c0de4f.chunk.css
200 OK 13 kB URL HTTP/2 t-cf.bstatic.com/psb/capla/static/css/186.c3c0de4f.chunk.css
IP
File type ASCII text, with very long lines (4237)
Hash 8ce52a783173567b8ec80c8b0e006cb5
f99909678eb9ae52823464aab7cba4d3718227b5
51a99c15e7e3aefd5e0b01040bd79e552a53ca2353079c2d0c4be515b0d08158
GET /psb/capla/static/css/186.c3c0de4f.chunk.css HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Sat, 29 Oct 2022 01:44:02 GMT
etag: W/"bc1724443d5ead75f4747b3f87e9c9ee"
x-amz-meta-x-deployment-hash: foo
x-amz-server-side-encryption: AES256
last-modified: Wed, 20 Jul 2022 03:28:27 GMT
x-amz-expiration: expiry-date="Thu, 17 Nov 2022 03:28:27 GMT", rule-id=""
expires: Mon, 28 Nov 2022 01:44:02 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5idHZGwECvsxfgNe1SoeAEOw0vWy6CHttpMeg9TYxv85i2FLtQDlZA==
age: 1212757
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/region/square250/48107.webp?k=bc7ff9cf4d26882ff93f92643455885a88b9b0ae37b9ed109687ad0890af2dfd&o=
200 OK 8.2 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/region/square250/48107.webp?k=bc7ff9cf4d26882ff93f92643455885a88b9b0ae37b9ed109687ad0890af2dfd&o=
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 250x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 771aeeaab19a95606d95d745b82c71a5
e0ea1f6e9d3213d1c9dc5776630581343c008efe
34ab25e12e5af40fb0361fbc2791c2b95ca19ff49f723c0670d1536e94167899
GET /xdata/images/region/square250/48107.webp?k=bc7ff9cf4d26882ff93f92643455885a88b9b0ae37b9ed109687ad0890af2dfd&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 8182
server: nginx
date: Tue, 01 Nov 2022 14:45:30 GMT
etag: "80ce9ee2992b58b44410701570269af46aca5c9f"
expires: Thu, 01 Dec 2022 14:45:30 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 5YYvsf9ht33ErmmuiHT4imOiiC2dK_ZGFZ8o0JGM7xJw6OqMydPplg==
age: 906669
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/city/square250/930853.webp?k=85cc355550cdcf1ca77d1a7a635f4294e09dee696051866597a63fd7edd7af5a&o=
200 OK 12 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/city/square250/930853.webp?k=85cc355550cdcf1ca77d1a7a635f4294e09dee696051866597a63fd7edd7af5a&o=
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 250x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 0867b4a18dd02f341467ac3cd9c87624
6dfa10bfc60382146a1cbdcdeaa1d2bf94ca8fe6
abac49fbb301fb90860cc5c950d292473ac3db44a6fc2e62398e61bf2bf7655f
GET /xdata/images/city/square250/930853.webp?k=85cc355550cdcf1ca77d1a7a635f4294e09dee696051866597a63fd7edd7af5a&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 12010
server: nginx
date: Fri, 04 Nov 2022 12:53:39 GMT
etag: "ded732e07d4aa6f26e0071c34cc6945199c35d30"
expires: Sun, 04 Dec 2022 12:53:39 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nWZARJ-jdqsZRVWkFKDVkV27U4Vtqw0J48Mx1dbxBDMP1OeOSnnxpA==
age: 654180
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/city/square250/967857.webp?k=5733a245dbb186ec0986c0a5c533acc704650d51cdfed7410cf0bcef375e5bc4&o=
200 OK 12 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/city/square250/967857.webp?k=5733a245dbb186ec0986c0a5c533acc704650d51cdfed7410cf0bcef375e5bc4&o=
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 250x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 57d087e34bf07df0e6df2f13d870f2e2
47462553409d660454e9bee14f3f442d7e757e13
d504a989b326836c6718ca6acb3806f60ad3e5a2cc48824a7b1c6d41691e8654
GET /xdata/images/city/square250/967857.webp?k=5733a245dbb186ec0986c0a5c533acc704650d51cdfed7410cf0bcef375e5bc4&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 12264
server: nginx
date: Sun, 06 Nov 2022 11:15:47 GMT
etag: "27586967e639a71d2ce539658f0a6fe60eece616"
expires: Tue, 06 Dec 2022 11:15:47 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ySMW9rwnGXB-wt5uP2Q3sN5TeBEcZvfsnSUoJ_ov6Yo22DLGZCdKvw==
age: 487252
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/city/square250/954959.webp?k=37410091e9d0e74278ef7710d594a8ef5882decaf47e8f9a7ca30f9e85bbab75&o=
200 OK 5.0 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/city/square250/954959.webp?k=37410091e9d0e74278ef7710d594a8ef5882decaf47e8f9a7ca30f9e85bbab75&o=
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 250x250, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 5f34caad9044fb6b97304bf376740090
d919e1aa423bdce0be6d91885666114f7093ee29
3ca928167fc0c1e2ffe56f5910307f715a69c7080d783492cd41ed1ebda75fd6
GET /xdata/images/city/square250/954959.webp?k=37410091e9d0e74278ef7710d594a8ef5882decaf47e8f9a7ca30f9e85bbab75&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 4970
server: nginx
date: Tue, 01 Nov 2022 14:45:30 GMT
etag: "3c13091e058816c654814e91a2285bf1112f4dd5"
expires: Thu, 01 Dec 2022 14:45:30 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LGSQtpuUgJEFzsECUYSO-MnoYY-o9eNoGYn_Ykkj5BI8Z8XW5CEFTg==
age: 906669
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/flags/24/no/6193a14e4d59f814f46ee6313cdd6e11811abeb3.png
200 OK 405 B URL HTTP/2 t-cf.bstatic.com/static/img/flags/24/no/6193a14e4d59f814f46ee6313cdd6e11811abeb3.png
IP
File type PNG image data, 24 x 24, 8-bit colormap, non-interlaced\012- data
Hash be6379111ab8866c20c123b85af97d42
819ba2a2c986ed6f4ff309661b5c27ac172228df
fecd6ef10eb5111323f3b1bb9d8e99e37a881abe33ae37f8e74f046c3634b25f
GET /static/img/flags/24/no/6193a14e4d59f814f46ee6313cdd6e11811abeb3.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 405
server: nginx
date: Wed, 09 Nov 2022 05:35:05 GMT
last-modified: Wed, 10 Apr 2019 11:21:53 GMT
etag: "5cadd1d1-195"
expires: Fri, 09 Dec 2022 05:35:05 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8PUpGbKg3dCRjL8Xxb61h0tAycpvW-C9poWik_bda-IogzvzQvFhRA==
age: 248494
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/flags/24/gb/b2f01d4fd94cb1420fcdbbef62c06ade1026fbbd.png
200 OK 786 B URL HTTP/2 t-cf.bstatic.com/static/img/flags/24/gb/b2f01d4fd94cb1420fcdbbef62c06ade1026fbbd.png
IP
File type PNG image data, 24 x 24, 8-bit colormap, non-interlaced\012- data
Hash b886858d3043782c8760367f40f31187
81bd3c37344c99a7ce8f29f685c770373aa6cc16
c4827c36112be1d0773cbf4eb709f4b01b4ab4bc1a79c90aafc4b196c9445393
GET /static/img/flags/24/gb/b2f01d4fd94cb1420fcdbbef62c06ade1026fbbd.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 786
server: nginx
date: Wed, 09 Nov 2022 03:01:54 GMT
last-modified: Wed, 10 Apr 2019 11:21:53 GMT
etag: "5cadd1d1-312"
expires: Fri, 09 Dec 2022 03:01:54 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nOe_dnOBEhJDP_FlfGJQtdxF05oSMoKAOtbHWrr-fAM7MdoLntH5OQ==
age: 257685
X-Firefox-Spdy: h2
t-cf.bstatic.com/psb/capla/static/js/435.d7d2ad66.chunk.js
200 OK 606 B URL HTTP/2 t-cf.bstatic.com/psb/capla/static/js/435.d7d2ad66.chunk.js
IP
File type ASCII text, with very long lines (496)
Hash 8e50eb739eb0de9201e290b6e2536531
74fc9ff33c6a1ebd009f2c48c91758051fabb122
7f88db97062ec44499eaebdbd54bfb24ef61243be585505adfc7b8414ff181f5
GET /psb/capla/static/js/435.d7d2ad66.chunk.js HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
content-length: 606
server: nginx
date: Mon, 07 Nov 2022 09:44:05 GMT
etag: "8e50eb739eb0de9201e290b6e2536531"
x-amz-meta-x-deployment-hash: foo
x-amz-server-side-encryption: AES256
last-modified: Sun, 06 Nov 2022 18:29:41 GMT
x-amz-expiration: expiry-date="Mon, 06 Mar 2023 18:29:41 GMT", rule-id=""
expires: Wed, 07 Dec 2022 09:44:05 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gpDnIgtBjC69oqA6Hwvhn8IXBYtMRza2XXSizHWQdOE6Z25aJ797AQ==
age: 406354
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/flags/24/fr/c3dafe717a0b4b97e6ddd0d791e8a018d8f96310.png
200 OK 406 B URL HTTP/2 t-cf.bstatic.com/static/img/flags/24/fr/c3dafe717a0b4b97e6ddd0d791e8a018d8f96310.png
IP
File type PNG image data, 24 x 24, 8-bit colormap, non-interlaced\012- data
Hash 6e35d53899b5a1260f946a00b691e0b7
5afcc2cca4ef34005fe1d22784f90b727fceeb08
2fd19cf58102989e49660b27b21605038d4282cf758add4841285c2c17f2dacd
GET /static/img/flags/24/fr/c3dafe717a0b4b97e6ddd0d791e8a018d8f96310.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 406
server: nginx
date: Tue, 08 Nov 2022 02:26:06 GMT
last-modified: Wed, 10 Apr 2019 11:21:53 GMT
etag: "5cadd1d1-196"
expires: Thu, 08 Dec 2022 02:26:06 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: N-PGsShpT4y7p9IGcOHwqy_Vv8eidkiFlDZJLEefktys1ZJ0cNTaNA==
age: 346233
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/flags/24/it/b539a003f197845e447b9d00d91cd74dd57bf3dd.png
200 OK 436 B URL HTTP/2 t-cf.bstatic.com/static/img/flags/24/it/b539a003f197845e447b9d00d91cd74dd57bf3dd.png
IP
File type PNG image data, 24 x 24, 8-bit colormap, non-interlaced\012- data
Hash 1416ab6009ad93f86e9cfc23a54e0c40
0578e45fadd1da2c26a4d5fe814a9239ff5eae97
88bb107350d5324906a2cf2b95847879ecf6bb09502d1186c38daaf15268830f
GET /static/img/flags/24/it/b539a003f197845e447b9d00d91cd74dd57bf3dd.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 436
server: nginx
date: Tue, 01 Nov 2022 02:55:43 GMT
last-modified: Wed, 10 Apr 2019 11:21:53 GMT
etag: "5cadd1d1-1b4"
expires: Thu, 01 Dec 2022 02:55:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 44aaSui0XyOWrEDp6Y_2d4D9HtWAYuBt6eqVULeNuoKFqyr2ypmUeg==
age: 949256
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/genius-globe-with-badge_desktop/d807514761b3684aedebced9265c5548a063b7a0.png
200 OK 7.5 kB URL HTTP/2 t-cf.bstatic.com/static/img/genius-globe-with-badge_desktop/d807514761b3684aedebced9265c5548a063b7a0.png
IP
File type PNG image data, 160 x 160, 8-bit colormap, non-interlaced\012- data
Hash 06184b155b03a3035384042b32a67174
3458ca2a84896f0f5c39e3fb705b5c51b41c6553
b0999281a9703706445e24c253b75e9e36fc0d5d76f01b0842f902b08f00c2dd
GET /static/img/genius-globe-with-badge_desktop/d807514761b3684aedebced9265c5548a063b7a0.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 7455
server: nginx
date: Wed, 09 Nov 2022 06:31:30 GMT
last-modified: Tue, 21 Sep 2021 07:46:56 GMT
etag: "61498df0-1d1f"
expires: Fri, 09 Dec 2022 06:31:30 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cV7PYW5-VGbW6ilCo-oJG5HBNeoXF8cZJ9ZUZhOSZhpUQYoXU2JAOA==
age: 245109
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/flags/24/es/a14721d7698af5131b08bd34227508c729ab11bc.png
200 OK 490 B URL HTTP/2 t-cf.bstatic.com/static/img/flags/24/es/a14721d7698af5131b08bd34227508c729ab11bc.png
IP
File type PNG image data, 24 x 24, 8-bit colormap, non-interlaced\012- data
Hash d2d4c6110399a8b2c4c1ea09b7f8eded
f846d4aee888c73998150452c3bde5ff71f7a0e7
630bbc6535a3d0cee406f52ee3664265adc2eaa51227fb8a3ff5c70af9e79b3a
GET /static/img/flags/24/es/a14721d7698af5131b08bd34227508c729ab11bc.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 490
server: nginx
date: Wed, 02 Nov 2022 07:51:30 GMT
last-modified: Wed, 10 Apr 2019 11:21:53 GMT
etag: "5cadd1d1-1ea"
expires: Fri, 02 Dec 2022 07:51:30 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -b_ELUYSwRBGyiKWn7FrNvNdADOKEldyq5oMagzTsdyjdUy7uNej7w==
age: 845109
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/tfl/group_logos/logo_booking/27c8d1832de6a3123b6ee45b59ae2f81b0d9d0d0.png
200 OK 1.6 kB URL HTTP/2 t-cf.bstatic.com/static/img/tfl/group_logos/logo_booking/27c8d1832de6a3123b6ee45b59ae2f81b0d9d0d0.png
IP
File type PNG image data, 91 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash 3e32efd25ac0214b375fc8a6a32890f2
cd46a79db7e53e19d5869b3cb3e7aa22ee523479
807c8a1b498e17d227cf48a640b778bdc4398a9852493cb2f40bf0f33651d0dd
GET /static/img/tfl/group_logos/logo_booking/27c8d1832de6a3123b6ee45b59ae2f81b0d9d0d0.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1628
server: nginx
date: Mon, 07 Nov 2022 09:16:31 GMT
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
etag: "5cadd1d3-65c"
expires: Wed, 07 Dec 2022 09:16:31 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dHiVNND61TEgijPrGnaMN6uxsfUf4qwsj8wT-1W9rKbocQudtVz_gg==
age: 408008
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/tfl/group_logos/logo_priceline/f80e129541f2a952d470df2447373390f3dd4e44.png
200 OK 1.6 kB URL HTTP/2 t-cf.bstatic.com/static/img/tfl/group_logos/logo_priceline/f80e129541f2a952d470df2447373390f3dd4e44.png
IP
File type PNG image data, 91 x 26, 8-bit colormap, non-interlaced\012- data
Hash b6d0b31340d7a113f63b936e23d06f78
268e3856da737f7e56e679258949ef70ddde47f4
18c62988860a8ffd90bab6376b4fe36a723bd39403c420d3943aa3eb5a0029c5
GET /static/img/tfl/group_logos/logo_priceline/f80e129541f2a952d470df2447373390f3dd4e44.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1591
server: nginx
date: Mon, 07 Nov 2022 09:16:31 GMT
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
etag: "5cadd1d3-637"
expires: Wed, 07 Dec 2022 09:16:31 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UFNETOBArpAB3NEZYFSvRrPROQQM5YaI-gnOiNXbh_cNmYXHczz96g==
age: 408008
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/tfl/group_logos/logo_kayak/83ef7122074473a6566094e957ff834badb58ce6.png
200 OK 1.2 kB URL HTTP/2 t-cf.bstatic.com/static/img/tfl/group_logos/logo_kayak/83ef7122074473a6566094e957ff834badb58ce6.png
IP
File type PNG image data, 79 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash 6384185cbe9a4f106857a3cb85caea98
0e31a4fe2ce98a8b4fda60687aa71079b4d3a95b
5839f0330821cf08029beddd6d248170da1af16cd7aff253e7bd075d591f5d42
GET /static/img/tfl/group_logos/logo_kayak/83ef7122074473a6566094e957ff834badb58ce6.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 1154
server: nginx
date: Wed, 09 Nov 2022 03:01:54 GMT
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
etag: "5cadd1d3-482"
expires: Fri, 09 Dec 2022 03:01:54 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NnFzt-KZ1WqDQbB6to6SLf4m74MHAWOU6JOLSl4wJBnm9gVpW2uJKw==
age: 257685
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/tfl/group_logos/logo_agoda/1c9191b6a3651bf030e41e99a153b64f449845ed.png
200 OK 2.1 kB URL HTTP/2 t-cf.bstatic.com/static/img/tfl/group_logos/logo_agoda/1c9191b6a3651bf030e41e99a153b64f449845ed.png
IP
File type PNG image data, 70 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash 27e71a5124018e16eae0b8897618623d
d0d54d88b04edfc71f338c19eab9994632bc6ced
1d6e86e59ab7235a8343f494c8e8da6cc02c5a98a75d682401340e6d06935f20
GET /static/img/tfl/group_logos/logo_agoda/1c9191b6a3651bf030e41e99a153b64f449845ed.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2146
server: nginx
date: Fri, 04 Nov 2022 09:06:24 GMT
last-modified: Thu, 12 Mar 2020 10:15:57 GMT
etag: "5e6a0bdd-862"
expires: Sun, 04 Dec 2022 09:06:24 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: bMNO0uodOws7h2uh0BZnmYZO7xMyFjPwTb3dbIFEa4aK7RWqpXS4OQ==
age: 667815
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/tfl/group_logos/logo_rentalcars/6bc5ec89d870111592a378bbe7a2086f0b01abc4.png
200 OK 3.2 kB URL HTTP/2 t-cf.bstatic.com/static/img/tfl/group_logos/logo_rentalcars/6bc5ec89d870111592a378bbe7a2086f0b01abc4.png
IP
File type PNG image data, 109 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash 38784d782a29a302dab9135d63aef953
04db0e863a35062a355c4b2ea9585ec83c4ffc3e
8561e200a6a57195e480ed9d893b14579ef6acdeabfbb3fe22b5e4ec9b84b455
GET /static/img/tfl/group_logos/logo_rentalcars/6bc5ec89d870111592a378bbe7a2086f0b01abc4.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 3221
server: nginx
date: Wed, 09 Nov 2022 03:01:55 GMT
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
etag: "5cadd1d3-c95"
expires: Fri, 09 Dec 2022 03:01:55 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RHle0thCFQAlfJhQzk1pA2iL8Dtmnr8EGMhUdXqV4ZjhCfRz8jTxUg==
age: 257684
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/tfl/group_logos/logo_opentable/a4b50503eda6c15773d6e61c238230eb42fb050d.png
200 OK 2.3 kB URL HTTP/2 t-cf.bstatic.com/static/img/tfl/group_logos/logo_opentable/a4b50503eda6c15773d6e61c238230eb42fb050d.png
IP
File type PNG image data, 95 x 26, 8-bit/color RGBA, non-interlaced\012- data
Hash d05a0ab9bf394439a1584a2b0d44db5c
183c28023d3ba3358a7a5df1db887582ae5340ed
b23272a9692c4ec3c020935917e9d096490876c976abec1290bd3cc9aae13974
GET /static/img/tfl/group_logos/logo_opentable/a4b50503eda6c15773d6e61c238230eb42fb050d.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 2344
server: nginx
date: Wed, 09 Nov 2022 03:01:55 GMT
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
etag: "5cadd1d3-928"
expires: Fri, 09 Dec 2022 03:01:55 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: QcSSOAlP5u3nsXRpxDrXhkuswBoRXT3p-zyI1kWcKiVbMC_75Et3Mg==
age: 257684
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/nobg_all_blue_iq/b700d9e3067c1186a3364012df4fe1c48ae6da44.png
200 OK 73 B URL HTTP/2 t-cf.bstatic.com/static/img/nobg_all_blue_iq/b700d9e3067c1186a3364012df4fe1c48ae6da44.png
IP
File type PNG image data, 1 x 100, 8-bit/color RGB, non-interlaced\012- data
Hash ff823944bc0bb9e4bf87f0ad14f687d1
4b68ba281b9ab171611569bf78971df6970efbc1
6153929734ec12ec07072f327c1112301828497e4dd356ca261461b0b7ba9621
GET /static/img/nobg_all_blue_iq/b700d9e3067c1186a3364012df4fe1c48ae6da44.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 73
server: nginx
date: Wed, 09 Nov 2022 03:21:55 GMT
last-modified: Wed, 10 Apr 2019 11:21:55 GMT
etag: "5cadd1d3-49"
expires: Fri, 09 Dec 2022 03:21:55 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4RvrWIoFvrMUqyDVXAUstCJbMWkm94YuGZFd9-YZJ6MT6bV6SCQHng==
age: 256484
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/cross_product_index/guest/b2e5f2aa32b71ca0fc66aa671e4e958bcd69b7d0.svg
200 OK 24 kB URL HTTP/2 t-cf.bstatic.com/static/img/cross_product_index/guest/b2e5f2aa32b71ca0fc66aa671e4e958bcd69b7d0.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (392)
Hash 8da5b14ba79efeafabf2b6b11f0dddeb
22d675463de824da6d759aabe2a26cb3b5152fb3
3d44cefc65a00dde6c2bbc4cc691dc6cd0f3f1c6fb599e9f2c33152c49eedbf8
GET /static/img/cross_product_index/guest/b2e5f2aa32b71ca0fc66aa671e4e958bcd69b7d0.svg HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-cf.bstatic.com/static/css/xp-index-sb_cft.iq_ltr/ede1612fb0e53edbbe47d72b47f704968515c9b7.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Wed, 09 Nov 2022 03:01:50 GMT
last-modified: Wed, 10 Apr 2019 11:21:51 GMT
etag: W/"5cadd1cf-63d"
expires: Fri, 09 Dec 2022 03:01:50 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nd5od23vhb3TqvcQ_DdTbjh8el4C997VoT4Ah5IR5DBZXDTId9i3hQ==
age: 257689
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/city/540x270/844103.webp?k=b4ff3d17a962184dfa8823beec573fa3f679306e8b3fa897b901ba0dedb157bd&o=
200 OK 24 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/city/540x270/844103.webp?k=b4ff3d17a962184dfa8823beec573fa3f679306e8b3fa897b901ba0dedb157bd&o=
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 540x270, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8da231dc5119fa2631196021b5b76b79
acc913dd71a600d59d1485aeaf478217e6efb323
0e422d4bd5462f934cf16f7cf8be46278492bc9f35f4765cbb2382ba9233588c
GET /xdata/images/city/540x270/844103.webp?k=b4ff3d17a962184dfa8823beec573fa3f679306e8b3fa897b901ba0dedb157bd&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 24262
server: nginx
date: Wed, 26 Oct 2022 04:24:08 GMT
etag: "54008e3601207ff3ed07c301b8bd26fbfe29ada3"
expires: Fri, 25 Nov 2022 04:24:08 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: K5T06M-hv8wHTwwxDXrZVpKrwONVEuX9Gb9FAmonhHXhpnTvHx28Sg==
age: 1462351
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/city/540x270/879406.webp?k=dd541d1e78f3b12096d858880a21807954f88849a62946cca580a95ae81c99fb&o=
200 OK 19 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/city/540x270/879406.webp?k=dd541d1e78f3b12096d858880a21807954f88849a62946cca580a95ae81c99fb&o=
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 540x270, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash b025c3e84da52e3a72be62b260253c10
d5f3416d6ff4cc224478a75718b543399839a02a
c50c5c5c0aa92f4411da494d76937f79499e88e1eb6569835a3946ef08828ee2
GET /xdata/images/city/540x270/879406.webp?k=dd541d1e78f3b12096d858880a21807954f88849a62946cca580a95ae81c99fb&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 18586
server: nginx
date: Wed, 09 Nov 2022 03:29:29 GMT
etag: "8514a2d69fa24033b61a5d0d5bb0b4d263435e38"
expires: Fri, 09 Dec 2022 03:29:29 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jy93Wslbyx_KKmqptcudYTpuaCxUJJJh365TtAYfjxtFAbfBSug1AA==
age: 256030
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/cross_product_index/accommodation/07ca5cacc9d77a7b50ca3c424ecd606114d9be75.svg
200 OK 24 kB URL HTTP/2 t-cf.bstatic.com/static/img/cross_product_index/accommodation/07ca5cacc9d77a7b50ca3c424ecd606114d9be75.svg
IP
File type SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (1446)
Hash c5f018cba1b69a3d5f35cd18e18afafe
27cb734f41fcdc856412aa4d6739f84a2be2270f
a5cf4d851ed05b47c4d7be7af247075177b8496e6e623ab55263e7699456505b
GET /static/img/cross_product_index/accommodation/07ca5cacc9d77a7b50ca3c424ecd606114d9be75.svg HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-cf.bstatic.com/static/css/xp-index-sb_cft.iq_ltr/ede1612fb0e53edbbe47d72b47f704968515c9b7.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/svg+xml
server: nginx
date: Thu, 13 Oct 2022 08:57:31 GMT
last-modified: Wed, 10 Apr 2019 11:21:51 GMT
etag: W/"5cadd1cf-7f2"
expires: Sat, 12 Nov 2022 08:57:31 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: dcVYhZp5pPccfpmV4Rrj8h2_qfmY764NeBI3NlJoLzOi92OdXXwhbw==
age: 2569148
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/hotel/540x270/65633294.webp?k=13eb1edcf90c9ee12f1f3b130c6435a9ec3175cb0633862a897a10ea25f2f029&o=
200 OK 31 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/hotel/540x270/65633294.webp?k=13eb1edcf90c9ee12f1f3b130c6435a9ec3175cb0633862a897a10ea25f2f029&o=
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 540x270, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 606367d465fa9ffa8f549514869c322b
7e70beeff754fa21a0946def72031833fee1ea50
a4b97277078d575651a3745ddd9a0b4ecdec4c42591e16f2a873f8e680b6dd67
GET /xdata/images/hotel/540x270/65633294.webp?k=13eb1edcf90c9ee12f1f3b130c6435a9ec3175cb0633862a897a10ea25f2f029&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 31426
server: nginx
date: Mon, 07 Nov 2022 09:55:52 GMT
etag: "88b2515442f414c687c54b05d4e7c54fdeae0596"
expires: Wed, 07 Dec 2022 09:55:52 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: tTzBvAfejF7RejUUiUubxzSNIiUq2vcFRHTpB_ibnfAeuvfLiU6gpQ==
age: 405647
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/genius-banner-world-bg/2b5cdbad7b92073bc396b8b59d0bb421b3a01cba.png
200 OK 7.4 kB URL HTTP/2 t-cf.bstatic.com/static/img/genius-banner-world-bg/2b5cdbad7b92073bc396b8b59d0bb421b3a01cba.png
IP
File type PNG image data, 520 x 340, 8-bit colormap, non-interlaced\012- data
Hash a2bdd966488047aaa17dcebc5238432b
65c52eeb866eb2acbd183e5fb2dccc5205dbb6bf
cfc71dcddda21b32c0ac5ba5322bd41612224261fecdc38cd20a45b6b502457c
GET /static/img/genius-banner-world-bg/2b5cdbad7b92073bc396b8b59d0bb421b3a01cba.png HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-cf.bstatic.com/static/css/index_cft.iq_ltr/ef25fcb54cd6b780a46bcfe0263dfba2991aae8d.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/png
content-length: 7367
server: nginx
date: Fri, 04 Nov 2022 06:02:42 GMT
last-modified: Tue, 21 Sep 2021 07:46:56 GMT
etag: "61498df0-1cc7"
expires: Sun, 04 Dec 2022 06:02:42 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: okx70bwS_jKQJnRNQ5ncVhamJtDDtxrRdDU-B34rErqgyVwRCSFrJw==
age: 678837
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/fonts/booking-iconset-original/29bca18dce5a8e111855e31314a9b1d750ea9beb.woff2
200 OK 93 kB URL HTTP/2 t-cf.bstatic.com/static/fonts/booking-iconset-original/29bca18dce5a8e111855e31314a9b1d750ea9beb.woff2
IP
File type Web Open Font Format (Version 2), TrueType, length 92724, version 1.0\012- data
Hash f132633e65809ec36c0f01b8a29fa457
e68a5b0de3e08ac85a13426ce3d8c13ad21d38ff
a98c20990fe3e31203fe2db8384af8e05e7b358cdae3c28b034e1f02b47db630
GET /static/fonts/booking-iconset-original/29bca18dce5a8e111855e31314a9b1d750ea9beb.woff2 HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://t-cf.bstatic.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/plain
content-length: 92724
server: nginx
date: Wed, 09 Nov 2022 03:09:19 GMT
last-modified: Wed, 10 Apr 2019 11:21:49 GMT
etag: "5cadd1cd-16a34"
expires: Fri, 09 Dec 2022 03:09:19 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: BDoQAyEQngfAtnMqKcSt46KB_m6lyq8gVTcD9o_fCCOfj3_pi8fUTw==
age: 257240
X-Firefox-Spdy: h2
account.booking.com/privacy-consents/implicit
204 No Content 0 B URL HTTP/2 account.booking.com/privacy-consents/implicit
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /privacy-consents/implicit HTTP/1.1
Host: account.booking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.booking.com/
Origin: https://www.booking.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 204 No Content
server: envoy
date: Sat, 12 Nov 2022 02:36:40 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.booking.com
access-control-max-age: 1728000
set-cookie: bkng_ap_sso_session=eyJib29raW5nX2dsb2JhbCI6eyJzZXNzaW9ucyI6W10sImRhdGFfc3ViamVjdF9pZCI6IjVhYzkzNmVhLWZhODUtNGUyOC05OTkwLTQ1ODA3MGE4ZDcxMSJ9fQ; domain=account.booking.com; path=/; expires=Thu, 11-Nov-2027 02:36:40 GMT; secure; HttpOnly
bkng_sso_session=e30; domain=.booking.com; path=/; expires=Thu, 11-Nov-2027 02:36:40 GMT; secure; HttpOnly
bkng_sso_ses=e30; domain=.booking.com; path=/; expires=Thu, 11-Nov-2027 02:36:40 GMT; secure; HttpOnly
content-security-policy: frame-ancestors https://*.booking.com 'self'; report-uri https://nellie.booking.com/csp-report-uri?type=block&tag=42&pid=ccbb125c557f03bf&e=UmFuZG9tSVYkc2RlIyh9YTVpYxb9mtJD3cReeqMXo_5qxpf4W7JwdaPywujlMqYClpEWWnp7GR_-kbA2HXm3PiRWopy3QrKMJMbZhg96Pj4F15TvX2AmS6O-MuirWpTEwlmk6X1A7Wh5yHkBYNrruMjANlsXuS0z;
content-security-policy-report-only: frame-src https://www.youtube.com/embed/Vv4w5SmRkss *.bstatic.com https://www.google.com bstatic.com www.booking.com secure.booking.com paymentcomponent.booking.com 'self'; default-src *.bstatic.com bstatic.com 'self'; img-src 'self' data: www.booking.com graph.facebook.com cdn.cookielaw.org account.booking.com *.bstatic.com bstatic.com *.static.booking.cn www.google-analytics.com www.google.com stats.g.doubleclick.net *.px-cloud.net *.perimeterx.net www.gstatic.com; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=41&pid=ccbb125c557f03bf&e=UmFuZG9tSVYkc2RlIyh9YTVpYxb9mtJD3cReeqMXo_5qxpf4W7JwdaPywujlMqYClpEWWnp7GR_-kbA2HXm3PiRWopy3QrKMJMbZhg96Pj4F15TvX2AmS6O-MuirWpTEwlmk6X1A7Wh5yHkBYNrruMjANlsXuS0z; style-src *.bstatic.com bstatic.com *.static.booking.cn 'self' 'unsafe-inline'; script-src saa.booking.com *.bstatic.com bstatic.com *.static.booking.cn www.google.com www.google-analytics.com cdn.cookielaw.org geolocation.onetrust.com 'self' 'nonce-JCzk5XNEQt1YlXT' 'report-sample'; connect-src saa.booking.com secure.booking.com reports.booking.com privacyportal-eu.onetrust.com geolocation.onetrust.com cdn.cookielaw.org www.google-analytics.com *.perimeterx.net *.pxchk.net *.px-cdn.net *.px-client.net *.px-cloud.net 'self' 'report-sample'; base-uri 'none'; object-src 'none';
strict-transport-security: max-age=17280000
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _-Y6JkCPtawMAqu7tKmcnRD0EPLguxmsDO9tdWHBC7l1zRCkFG4D5g==
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/city/square250/644297.webp?k=1ec66dc12696bc2551f325c7318ab5d1cfec23c955b375a30e5d466cf23f6d87&o=
200 OK 2.9 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/city/square250/644297.webp?k=1ec66dc12696bc2551f325c7318ab5d1cfec23c955b375a30e5d466cf23f6d87&o=
IP
File type PNG image data, 141 x 141, 8-bit/color RGBA, non-interlaced\012- data
Hash eeda6c96402e2a9ec176f43f0ac79e09
9cd713387ba5b2a468ffae40d40ae3718d2d1c49
08a917ae9e017c4b633b3d5920bb8e073968fa14b9bb7e78192fd2761465d0a4
GET /xdata/images/city/square250/644297.webp?k=1ec66dc12696bc2551f325c7318ab5d1cfec23c955b375a30e5d466cf23f6d87&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 14598
server: nginx
date: Sat, 05 Nov 2022 10:21:14 GMT
etag: "28e7cbdab023762d0508afad609ffdf9e02f943c"
expires: Mon, 05 Dec 2022 10:21:14 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nUcHWisNHifSU4LgfVFaXmevmub_fPKKiRFkQpnNR_5retM66bj_Ug==
age: 576925
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/js/raf_cft/b9e5b0bcf00cff69d910550bedf9b680172d2b89.js
200 OK 23 kB URL HTTP/2 t-cf.bstatic.com/static/js/raf_cft/b9e5b0bcf00cff69d910550bedf9b680172d2b89.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash ead21e8e25cddccffb616654c26bcba3
3ca1a0ee2e547d786fe5e028498924c6b9322e96
835db7febd1a0d3717e9da8f2f27268b543013ca6a2ecf887098dd2dcf96294e
GET /static/js/raf_cft/b9e5b0bcf00cff69d910550bedf9b680172d2b89.js HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Mon, 31 Oct 2022 05:31:55 GMT
last-modified: Fri, 16 Sep 2022 13:33:46 GMT
etag: W/"63247b3a-1db04"
expires: Wed, 30 Nov 2022 05:31:55 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: T6nCzj6F7GyYcROubrsFJKMjhF3vv_OTY9DuUspPLny0gPnrQxlhPg==
age: 1026284
X-Firefox-Spdy: h2
www.booking.com/c360/v1/track
200 OK 33 B URL HTTP/2 www.booking.com/c360/v1/track
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 2ef0949d72ccdcc083647d001c8ba940
ebe4e2284d3892b010623597d0945b6b5cd64448
fe1a912baa83e36855bb934de3f2cfdffe77b1224a552533a4a7f2e984a51e52
POST /c360/v1/track HTTP/1.1
Host: www.booking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.booking.com/index.html?aid=1858279
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Booking-Pageview-Id: 3ab6125bcc5b004e
X-Booking-AID: 1858279
X-Booking-Session-Id: c13b72d3a09ebb86fd5526aa1e12196b
X-Booking-SiteType-Id: 1
X-Partner-Channel-Id: 2
X-Booking-CSRF: 9j5vYwAAAAA=m8UlLbNQ4cZOwjEZZUFWn7sKedax-_hrdAnWmoeoTNlB-DiCWwil_isnm7ilWtFv4asLU6W_Lr2c1MaTqieALORUGnJ74Icd3NdhnD8zhY2izpLyo6xQS3qtfQPgRTzOsNdaNocSxT4-V8JzhFEe3G1GUC8cWqpxXrGBEfSzYBnPIh2tfrqzhCCOQQPzpp3VtGNzw3w_Labwatgf
X-Booking-Language-Code: en-us
X-Booking-Client-Info: dDfPWKHAdDECLSCNVAELXT
X-Booking-Info: 1588860,1607930,1611780,1615930,1615950,1616480,1617290,1618710,1624940,1625600,1625850,1625890,1626710,1628410,1629290,dDfPWKHAdDECLSCNVAELXT,1624940|2,1607930|1,1617290|1,1625850|4,1617290|3,1625890|2
X-Requested-With: XMLHttpRequest
Content-Length: 481
Origin: https://www.booking.com
Connection: keep-alive
Cookie: _pxhd=xh1yr5HRceK5PKtECt1YCt6twqiEBG41XKfOgqvRBhUkrN%252FW-K7Whv4mrYsQ3OHF24WQnBlKznzhaysPoXBVUw%253D%253D%253AmvQyZE%252FGD95MrWAqBWOEoe%252FZ%252Ftx4hNbALYLqkfhCgvga0C8DMmz7bqMvgXM8HflyGFfQ61erWaK5rQqAlgB5EiMPtdZ%252F0TAWETpTUYY9nVA%253D; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbbmD9q%2B5pe3XkbW%2BRPRPgGhjq4IEUF%2BdLQfxr8wiRISKQMUkKcm7QBS2LCADpKe3%2FZbzJ%2F%2F5wvPffhI8IRwLnvBLtvocBors%2Fj%2BAg8NYDCvuH6UGaSTf2zn0NaryeAHgVSagQI9YxT3R%2FXar%2BzUniwDcXHoI1dmha; cors_js=1; OptanonConsent=isGpcEnabled=0&datestamp=Sat+Nov+12+2022+02%3A36%3A39+GMT%2B0000+(Coordinated+Universal+Time)&version=6.22.0&isIABGlobal=false&hosts=&consentId=770490f1-f1f7-4cbb-87fc-212d45fed12b&interactionCount=0&landingPath=https%3A%2F%2Fwww.booking.com%2Findex.html%3Faid%3D1858279&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
content-length: 33
server: nginx
date: Sat, 12 Nov 2022 02:36:40 GMT
vary: User-Agent, Accept-Encoding
content-encoding: br
access-control-allow-credentials: true
access-control-allow-origin: https://www.booking.com
set-cookie: bkng_frontend_sese_exp=1; domain=.booking.com; path=/; expires=Mon, 12-Dec-2022 02:36:40 GMT; secure; HttpOnly
bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbnmKTRaewPBvsRiRlztSCxluX%2BqzeKQ%2BDnKa3H4vJlQ4036DtYIKSNjJbUyrTMw0jijkTokMUMH8vin6FPfj5rVzFlyEha%2FDxxA%2Bs2yNjiFBbnilBJrDQmkMtO9Im6KmjmbQxak3S8u44OZrLLTTzfDHyU9Oiu4SrcMXP93YVbVI%3D; domain=.booking.com; path=/; expires=Thu, 11-Nov-2027 02:36:40 GMT; Secure; HTTPOnly; SameSite=None
strict-transport-security: max-age=604800
x-content-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: m1Dx9M9NsdSip8xryxesCbm1SI2TMww4E3lxIBh6CecyaN1_9fXKPg==
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/js/searchresults_cft/51d017a7aa2ba0f5d0d4be476264214fb7d84bb2.js
200 OK 45 kB URL HTTP/2 t-cf.bstatic.com/static/js/searchresults_cft/51d017a7aa2ba0f5d0d4be476264214fb7d84bb2.js
IP
File type Unicode text, UTF-8 text, with very long lines (65532), with no line terminators
Hash d8d56a71a00eb9463bc4a12703cf4c34
318a0e21b1173ff79aea135fb940d071a47c24bb
d2552e6e7b5fdb20d339cb9897df2a1eb5c0384bdff72dea997d27fd60efc4ba
GET /static/js/searchresults_cft/51d017a7aa2ba0f5d0d4be476264214fb7d84bb2.js HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 09 Nov 2022 07:15:05 GMT
last-modified: Tue, 08 Nov 2022 01:50:11 GMT
etag: W/"6369b5d3-31478"
expires: Fri, 09 Dec 2022 07:15:05 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RAcoM3uRvbbItAC7gkoUYYRkzzLNSeVXy4lKQR1blxWgDi_1QtQ-5g==
age: 242495
X-Firefox-Spdy: h2
www.booking.com/c360/v1/track
200 OK 33 B URL HTTP/2 www.booking.com/c360/v1/track
IP
File type JSON data\012- , ASCII text, with no line terminators
Hash 42fcc80d879dd35c0bbdd04c1414890b
f1dbf58d1b458f9c50995bb8d84da4a67f2d437b
fb87565b58755d257fcf9af5b4b25e0dcfc682adb630dd2a32bbf56b91d2c325
POST /c360/v1/track HTTP/1.1
Host: www.booking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.booking.com/index.html?aid=1858279
Content-Type: application/json
X-Booking-Platform: undefined
X-Booking-SiteType-Id: undefined
X-Booking-Pageview-Id: 3ab6125bcc5b004e
X-Booking-Session-Id: undefined
X-Booking-ET-Seed: undefined
X-Booking-AID: 1858279
X-Booking-Label: undefined
X-Booking-CSRF: undefined
X-Booking-Language-Code: en-us
Origin: https://www.booking.com
Content-Length: 539
Connection: keep-alive
Cookie: _pxhd=xh1yr5HRceK5PKtECt1YCt6twqiEBG41XKfOgqvRBhUkrN%252FW-K7Whv4mrYsQ3OHF24WQnBlKznzhaysPoXBVUw%253D%253D%253AmvQyZE%252FGD95MrWAqBWOEoe%252FZ%252Ftx4hNbALYLqkfhCgvga0C8DMmz7bqMvgXM8HflyGFfQ61erWaK5rQqAlgB5EiMPtdZ%252F0TAWETpTUYY9nVA%253D; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbnmKTRaewPBvsRiRlztSCxluX%2BqzeKQ%2BDnKa3H4vJlQ4036DtYIKSNjJbUyrTMw0jijkTokMUMH8vin6FPfj5rVzFlyEha%2FDxxA%2Bs2yNjiFBbnilBJrDQmkMtO9Im6KmjmbQxak3S8u44OZrLLTTzfDHyU9Oiu4SrcMXP93YVbVI%3D; cors_js=1; OptanonConsent=isGpcEnabled=0&datestamp=Sat+Nov+12+2022+02%3A36%3A39+GMT%2B0000+(Coordinated+Universal+Time)&version=6.22.0&isIABGlobal=false&hosts=&consentId=770490f1-f1f7-4cbb-87fc-212d45fed12b&interactionCount=0&landingPath=https%3A%2F%2Fwww.booking.com%2Findex.html%3Faid%3D1858279&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0&implicitConsentCountry=GDPR&implicitConsentDate=1668220600076; bkng_frontend_sese_exp=1; bkng_sso_ses=e30; bkng_sso_session=e30
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
content-length: 33
server: nginx
date: Sat, 12 Nov 2022 02:36:40 GMT
vary: User-Agent, Accept-Encoding
content-encoding: br
access-control-allow-credentials: true
access-control-allow-origin: https://www.booking.com
set-cookie: bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbca8KLfxLPeckejG9pDgUMfs9kCt44rwmXDld4OECJHX%2FkeTQg3wsp5HjbSR39LlaDivH8rfoMxd3%2FixC3hLfLIyTd0MFxGM7kUg%2Buzc5BYtNRvPb0E2uIyglueGL8LiiVGNurbqgCb3lMuiHJf%2FRMe0KZ1SV4oNiPJfTt5tnwKs%3D; domain=.booking.com; path=/; expires=Thu, 11-Nov-2027 02:36:40 GMT; Secure; HTTPOnly; SameSite=None
strict-transport-security: max-age=604800
x-content-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2uPg4TsoYJuSgvldU1kGcVXQ4UTcjvzxsnYgA9xyvwtAn0pu65rGdw==
X-Firefox-Spdy: h2
account.booking.com/privacy-consents/implicit
200 OK 53 kB URL HTTP/2 account.booking.com/privacy-consents/implicit
IP
Hash 03dda0a06da5e2f31430d715a3d230e0
2cd47d7c1dbef3b64f40c7e6e4078471154660b2
49656998edfa28578a6214450428a62f6e365a118bc62aac5f081a354ac049d9
POST /privacy-consents/implicit HTTP/1.1
Host: account.booking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.booking.com/
Content-type: application/json;charset=UTF-8
Content-Length: 36
Origin: https://www.booking.com
Connection: keep-alive
Cookie: _pxhd=xh1yr5HRceK5PKtECt1YCt6twqiEBG41XKfOgqvRBhUkrN%252FW-K7Whv4mrYsQ3OHF24WQnBlKznzhaysPoXBVUw%253D%253D%253AmvQyZE%252FGD95MrWAqBWOEoe%252FZ%252Ftx4hNbALYLqkfhCgvga0C8DMmz7bqMvgXM8HflyGFfQ61erWaK5rQqAlgB5EiMPtdZ%252F0TAWETpTUYY9nVA%253D; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbbmD9q%2B5pe3XkbW%2BRPRPgGhjq4IEUF%2BdLQfxr8wiRISKQMUkKcm7QBS2LCADpKe3%2FZbzJ%2F%2F5wvPffhI8IRwLnvBLtvocBors%2Fj%2BAg8NYDCvuH6UGaSTf2zn0NaryeAHgVSagQI9YxT3R%2FXar%2BzUniwDcXHoI1dmha; cors_js=1
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
server: envoy
date: Sat, 12 Nov 2022 02:36:40 GMT
vary: Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: POST
access-control-allow-origin: https://www.booking.com
access-control-max-age: 1728000
set-cookie: bkng_ap_sso_session=eyJib29raW5nX2dsb2JhbCI6eyJkYXRhX3N1YmplY3RfaWQiOiI5NjM0N2E3Ni04NWNjLTQ5MjUtYTNlOS1lNzk0YWZkNzdkODciLCJzZXNzaW9ucyI6W119fQ; domain=account.booking.com; path=/; expires=Thu, 11-Nov-2027 02:36:40 GMT; secure; HttpOnly
bkng_sso_ses=e30; domain=.booking.com; path=/; expires=Thu, 11-Nov-2027 02:36:40 GMT; secure; HttpOnly
bkng_sso_session=e30; domain=.booking.com; path=/; expires=Thu, 11-Nov-2027 02:36:40 GMT; secure; HttpOnly
content-security-policy: frame-ancestors https://*.booking.com 'self'; report-uri https://nellie.booking.com/csp-report-uri?type=block&tag=42&pid=3174125cd45f001e&e=UmFuZG9tSVYkc2RlIyh9YTVpYxb9mtJD3cReeqMXo_5qxpf4W7JwdaPywujlMqYClpEWWnp7GR_-kbA2HXm3PvFWRdnUFAhBYMXFCJXDh48JHUCCGzkjlgOcpV9tqBK3ePrdFGmO2rNfHJ4SwSSWT5Wytr6yIhN1;
content-security-policy-report-only: frame-src https://www.youtube.com/embed/Vv4w5SmRkss *.bstatic.com https://www.google.com bstatic.com www.booking.com secure.booking.com paymentcomponent.booking.com 'self'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=41&pid=3174125cd45f001e&e=UmFuZG9tSVYkc2RlIyh9YTVpYxb9mtJD3cReeqMXo_5qxpf4W7JwdaPywujlMqYClpEWWnp7GR_-kbA2HXm3PvFWRdnUFAhBYMXFCJXDh48JHUCCGzkjlgOcpV9tqBK3ePrdFGmO2rNfHJ4SwSSWT5Wytr6yIhN1; base-uri 'none'; script-src saa.booking.com *.bstatic.com bstatic.com *.static.booking.cn www.google.com www.google-analytics.com cdn.cookielaw.org geolocation.onetrust.com 'self' 'nonce-50AlSBXWP2smYTm' 'report-sample'; default-src *.bstatic.com bstatic.com 'self'; object-src 'none'; connect-src saa.booking.com secure.booking.com reports.booking.com privacyportal-eu.onetrust.com geolocation.onetrust.com cdn.cookielaw.org www.google-analytics.com *.perimeterx.net *.pxchk.net *.px-cdn.net *.px-client.net *.px-cloud.net 'self' 'report-sample'; img-src 'self' data: www.booking.com graph.facebook.com cdn.cookielaw.org account.booking.com *.bstatic.com bstatic.com *.static.booking.cn www.google-analytics.com www.google.com stats.g.doubleclick.net *.px-cloud.net *.perimeterx.net www.gstatic.com; style-src *.bstatic.com bstatic.com *.static.booking.cn 'self' 'unsafe-inline';
strict-transport-security: max-age=17280000
content-encoding: gzip
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: R7-MyfYqeBwWgQPlCbTYtHyTXOqXkM0OpcmvCcAV-uXsbVn73OTakg==
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/js/genius_vip_cft/f980dbafa6b20d980f25ca835a161e7cece00d9d.js
200 OK 1.2 kB URL HTTP/2 t-cf.bstatic.com/static/js/genius_vip_cft/f980dbafa6b20d980f25ca835a161e7cece00d9d.js
IP
File type ASCII text, with very long lines (3122), with no line terminators
Hash 75f1a4adf8473d9c2c5b5dbcc81f8cf6
d47950ae7a4424a6b4327dd5aebc44d6ad639849
f846990d59d719c6c4782cedcbdefce079c94183a6ed9629b346e3908f63f4fa
GET /static/js/genius_vip_cft/f980dbafa6b20d980f25ca835a161e7cece00d9d.js HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 02 Nov 2022 01:21:07 GMT
last-modified: Thu, 30 Jun 2022 08:09:45 GMT
etag: W/"62bd5a49-c32"
expires: Fri, 02 Dec 2022 01:21:07 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DCOvnbz4_GbG3jDbt14fneNB_IM9F12YJP20mOSpcvxIHPsMBRVWFg==
age: 868532
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/js/atlas_cft/1b5b49e97e7d6831a6fe773f862040b5bd071364.js
200 OK 32 kB URL HTTP/2 t-cf.bstatic.com/static/js/atlas_cft/1b5b49e97e7d6831a6fe773f862040b5bd071364.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 90900e8cf039575cf80d466182696430
6d6f628c6d113fd6ea23b416d374beaf6b627954
baa33e9ef4e4a5c5bab6cb6e0ea406cd9c47fa65787c1f103f9b6c13e25bd09a
GET /static/js/atlas_cft/1b5b49e97e7d6831a6fe773f862040b5bd071364.js HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 09 Nov 2022 03:04:26 GMT
last-modified: Fri, 21 Oct 2022 03:09:15 GMT
etag: W/"63520d5b-1d198"
expires: Fri, 09 Dec 2022 03:04:26 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PvCKpjG97FZDWw1VskAzA_x9UclGmgbhnSqMiOWlhfjod913xO06qg==
age: 257534
X-Firefox-Spdy: h2
t-cf.bstatic.com/psb/capla/static/js/513.99d1d169.chunk.js
200 OK 15 kB URL HTTP/2 t-cf.bstatic.com/psb/capla/static/js/513.99d1d169.chunk.js
IP
File type ASCII text, with very long lines (6595)
Hash a98dcf52fd307346a3f8c02432f4d599
68c33af2c0c0c432ce91385ea3178fb32d01394c
b442cb4ecfa455a9532639643827a97607bb349e2cf619a20d3b8b7bfb766589
GET /psb/capla/static/js/513.99d1d169.chunk.js HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 09 Nov 2022 03:01:55 GMT
etag: W/"3205e99e80b7b4a53407bf1ade0cdb67"
x-amz-meta-x-deployment-hash: foo
x-amz-server-side-encryption: AES256
last-modified: Fri, 28 Oct 2022 10:24:26 GMT
x-amz-expiration: expiry-date="Sat, 25 Feb 2023 10:24:26 GMT", rule-id=""
expires: Fri, 09 Dec 2022 03:01:55 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PoCT0pg8zUf07_Z9UpCjSoUR-TW_SbEHG4cdhOf3r1b_XR_r7romwQ==
age: 257684
X-Firefox-Spdy: h2
q-xx.bstatic.com/xdata/images/hotel/300x240/100235855.jpeg?k=5b6e6cff16cfd290e953768d63ee15f633b56348238a705c45759aa3a81ba82b&o=
200 OK 15 kB URL HTTP/2 q-xx.bstatic.com/xdata/images/hotel/300x240/100235855.jpeg?k=5b6e6cff16cfd290e953768d63ee15f633b56348238a705c45759aa3a81ba82b&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash d7f7b2f37d55a0948fe4d3b371f78f41
3cf5a1f3b666afbd4e8f3ea39e9de2b9f628f72c
8d70465609b50fe82003fee4bad7def0ca7b231f3d8e5878471aa88cff9bcd9e
GET /xdata/images/hotel/300x240/100235855.jpeg?k=5b6e6cff16cfd290e953768d63ee15f633b56348238a705c45759aa3a81ba82b&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 15106
server: nginx
date: Wed, 19 Oct 2022 04:49:14 GMT
etag: "c57746d8d277c6888de45ce3f5daf075dca7c177"
expires: Fri, 18 Nov 2022 04:49:14 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: t032f5g8ompSan7_rTu-ACZwxsEXsa45vLjgHzIj4qMeP7a4JCOMZQ==
age: 2065646
X-Firefox-Spdy: h2
q-xx.bstatic.com/xdata/images/hotel/300x240/52979454.jpeg?k=6ac6d0afd28e4ce00a8f817cc3045039e064469a3f9a88059706c0b45adf2e7d&o=
200 OK 11 kB URL HTTP/2 q-xx.bstatic.com/xdata/images/hotel/300x240/52979454.jpeg?k=6ac6d0afd28e4ce00a8f817cc3045039e064469a3f9a88059706c0b45adf2e7d&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash a278b4f84e27ae6e53694c50c6c0db6e
8289a6f74256ebe6ead5ed14c58d6704ec72a7ef
57c23f20cba27810aa9c20deabd2edc8dac96cee6d1ca27f1c659610becee55d
GET /xdata/images/hotel/300x240/52979454.jpeg?k=6ac6d0afd28e4ce00a8f817cc3045039e064469a3f9a88059706c0b45adf2e7d&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 11252
server: nginx
date: Tue, 08 Nov 2022 02:11:11 GMT
etag: "ebaf01b04df2f1b59752439fd8257f86a379334a"
expires: Thu, 08 Dec 2022 02:11:11 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3uxOKYrtmlRw7xf1-XGPOzHV387NXmpJ-CqgQQ9FI30iwn03fpmREQ==
age: 347129
X-Firefox-Spdy: h2
www.booking.com/js_tracking?ref_action=index&ver=2&stype=1&lang=en-us&pid=3ab6125bcc5b004e&ete=&etg=&etcg=cCHObVXAZQBJbKYbeQMIaSdFaLbFJdDBKFRURURHe|1&ets=cCHObTRVEFDEXNBBTZBYSGSYO|5,BHDTJdReQLOLOLOVZMYCVCMILRVVPKLZZOJNET|1,cCHObdRdJJXCcaWQOcNNOaUALOLOLMO|1,dLYdCeYBFVedKNKNKPMPSXPUEKdDXFZMIbdYeNYT|1,cCHObMKdFEVRVVPKLZZVCMISLUDZSedLOLOLMO|1,cCHObMKdFEVRVVPKLZZVCMISLUDZSedLOLOLMO|2&etgwv=
200 OK 35 B URL HTTP/2 www.booking.com/js_tracking?ref_action=index&ver=2&stype=1&lang=en-us&pid=3ab6125bcc5b004e&ete=&etg=&etcg=cCHObVXAZQBJbKYbeQMIaSdFaLbFJdDBKFRURURHe|1&ets=cCHObTRVEFDEXNBBTZBYSGSYO|5,BHDTJdReQLOLOLOVZMYCVCMILRVVPKLZZOJNET|1,cCHObdRdJJXCcaWQOcNNOaUALOLOLMO|1,dLYdCeYBFVedKNKNKPMPSXPUEKdDXFZMIbdYeNYT|1,cCHObMKdFEVRVVPKLZZVCMISLUDZSedLOLOLMO|1,cCHObMKdFEVRVVPKLZZVCMISLUDZSedLOLOLMO|2&etgwv=
IP
Hash 79a611524d7c43a354c589264cc2376e
2e25649d9a8a208302be0502b47a0e44b07bc7c1
c7a9af81f3467d3c95760df18d0853bda8c191f612fb2e8b2b5c4ed941fbaf1a
GET /js_tracking?ref_action=index&ver=2&stype=1&lang=en-us&pid=3ab6125bcc5b004e&ete=&etg=&etcg=cCHObVXAZQBJbKYbeQMIaSdFaLbFJdDBKFRURURHe|1&ets=cCHObTRVEFDEXNBBTZBYSGSYO|5,BHDTJdReQLOLOLOVZMYCVCMILRVVPKLZZOJNET|1,cCHObdRdJJXCcaWQOcNNOaUALOLOLMO|1,dLYdCeYBFVedKNKNKPMPSXPUEKdDXFZMIbdYeNYT|1,cCHObMKdFEVRVVPKLZZVCMISLUDZSedLOLOLMO|1,cCHObMKdFEVRVVPKLZZVCMISLUDZSedLOLOLMO|2&etgwv= HTTP/1.1
Host: www.booking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.booking.com/index.html?aid=1858279
X-Booking-Info:
X-Booking-Client-Info:
X-Booking-Pageview-Id: 3ab6125bcc5b004e
X-Booking-SiteType-Id: 1
X-Booking-Language-Code: en-us
X-Booking-AID: 1858279
X-Booking-Session-Id: 722fd11b72c2548f39c09d1461e97774
X-Booking-ET-Serialized-State: EIXmg9Wr0zrdZlfPKdLh5oPNzoy2_rSIeeyrcM2zJJpZ8PTQ4N43v9OMm4PMwQUFd
Connection: keep-alive
Cookie: _pxhd=jB5zzXwJkfLvhUP3uICqqqg01gHF-cBhKd-Zy%2FkLsMtsxbVHFduo25iRlaZ1CfdiHFtGcP5yZ9ECqjF8kzb0Fw%3D%3D%3A7RHq1SD26XrCu7qluWDY0nstCuL6Xs4VOu6eb-QR3gbYTJhWUp9czPU2ZthfXUSRlMgq2%2FW7QoZ1MOVG5D6P39Hg5iwxlU5Ik5md8pqAuR0%3D; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLblgO%2Fz4BDP5sWXk9giGeUG2s2ygrp4XOJvcafcoh%2FC6HxACbYLaw1%2FQOjVb79dFklEhwpbRR3kStWlHRc08ztG3o1Y7QuS96PRBMNhfHKFcQF7FBkZyB%2FvkOQbsSOLHloitZcEzJSpFvQ0jUHPv%2FnZYw%2FLeMT%2FVTjprkuswB12JE%3D; cors_js=1; OptanonConsent=isGpcEnabled=0&datestamp=Sat+Nov+12+2022+02%3A36%3A39+GMT%2B0000+(Coordinated+Universal+Time)&version=6.22.0&isIABGlobal=false&hosts=&consentId=770490f1-f1f7-4cbb-87fc-212d45fed12b&interactionCount=0&landingPath=https%3A%2F%2Fwww.booking.com%2Findex.html%3Faid%3D1858279&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0&implicitConsentCountry=GDPR&implicitConsentDate=1668220600076; bkng_frontend_sese_exp=1; bkng_sso_ses=e30; bkng_sso_session=e30; BJS=-
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 35
server: nginx
date: Sat, 12 Nov 2022 02:36:40 GMT
vary: User-Agent, Accept-Encoding
content-encoding: br
strict-transport-security: max-age=604800
content-security-policy-report-only: report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=112&pid=9eaf125ce624001b&e=UmFuZG9tSVYkc2RlIyh9Yea92wm0yRUjnCBymoy8ejJon8sJOqZX1ngE2WBeQ-JXova5Gya7bYA; frame-ancestors 'none';
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kYoLEgs2ctL3b2EmKJpu2z8VcMDnnLFRjdmRex8zDb7y63xk5Tbj0Q==
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/js/sp-on-maps_cft/d30eef4dc5202875d4c3301b8a0e8ff09f9a0e28.js
200 OK 17 kB URL HTTP/2 t-cf.bstatic.com/static/js/sp-on-maps_cft/d30eef4dc5202875d4c3301b8a0e8ff09f9a0e28.js
IP
File type ASCII text, with very long lines (9646), with no line terminators
Hash 48f7610b2e25fe097bcc34ba186ffe3e
7905e4235048353ef2eeac0827607b18ee755a5b
7cb27ddce41a58bc2a85c0d68c78c2808397f7a1ce393ae5460f26b8fd983738
GET /static/js/sp-on-maps_cft/d30eef4dc5202875d4c3301b8a0e8ff09f9a0e28.js HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Sat, 29 Oct 2022 02:40:20 GMT
last-modified: Thu, 19 May 2022 11:44:13 GMT
etag: W/"62862d8d-25ae"
expires: Mon, 28 Nov 2022 02:40:20 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jxbHQ7e-Q22MZQfcdBP7mn8d_lFuGBWPUg8YU8LqzQiBizOJXjgRIw==
age: 1209379
X-Firefox-Spdy: h2
t-cf.bstatic.com/psb/capla/static/js/bui-react.19d94779.js
200 OK 213 kB URL HTTP/2 t-cf.bstatic.com/psb/capla/static/js/bui-react.19d94779.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Size 213 kB (212839 bytes)
Hash f49b5207c8507bd93fbaf59f8a8ab3d0
dd23c47f23e53b379a8ce1524f5df8df742847c1
e618fa5be35c78021ac28b2e2f9bfb6410a7867061b8443c2e8fc4753676f27f
GET /psb/capla/static/js/bui-react.19d94779.js HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 09 Nov 2022 10:05:14 GMT
etag: W/"9c41d668501902a7ca9cb245d261d53b"
x-amz-meta-x-deployment-hash: foo
x-amz-server-side-encryption: AES256
last-modified: Wed, 09 Nov 2022 09:49:47 GMT
x-amz-expiration: expiry-date="Thu, 09 Mar 2023 09:49:47 GMT", rule-id=""
expires: Fri, 09 Dec 2022 10:05:14 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: nWhXczbKwYgr-Pnp-E0go6ISOGQRo1_9-F0KQmCl14VpKd3v7P6L9g==
age: 232285
X-Firefox-Spdy: h2
q-xx.bstatic.com/xdata/images/xphoto/300x240/45450113.jpeg?k=76b3780a0e4aacb9d02ac3569b05b3c5e85e0fd875287e9ac334e3b569f320c7&o=
200 OK 11 kB URL HTTP/2 q-xx.bstatic.com/xdata/images/xphoto/300x240/45450113.jpeg?k=76b3780a0e4aacb9d02ac3569b05b3c5e85e0fd875287e9ac334e3b569f320c7&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash 36896ed28c3a04b337713e865e468131
b42b54b780ee6652ae6ba59bf57a1f7daaeb6458
6bf196e10de012119d344c3b9c9e1ca4637b5917264327dfb6704ecae22b059d
GET /xdata/images/xphoto/300x240/45450113.jpeg?k=76b3780a0e4aacb9d02ac3569b05b3c5e85e0fd875287e9ac334e3b569f320c7&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 11215
server: nginx
date: Fri, 28 Oct 2022 04:49:31 GMT
etag: "10db68b2c65c3db41479a99b873597344b7a497c"
expires: Sun, 27 Nov 2022 04:49:31 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: XDifEe3YifW0QOqgwVf2tGdycWQJUIps9-llwPneiIZrwbExgpTbew==
age: 1288029
X-Firefox-Spdy: h2
q-xx.bstatic.com/xdata/images/xphoto/300x240/45450073.jpeg?k=795a94c30433de1858ea52375e8190a962b302376be2e68aa08be345d936557d&o=
200 OK 11 kB URL HTTP/2 q-xx.bstatic.com/xdata/images/xphoto/300x240/45450073.jpeg?k=795a94c30433de1858ea52375e8190a962b302376be2e68aa08be345d936557d&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash 5567eb5c3d7f1f8d3c5fa7d43cb32b34
4caeab4dfa4cbdad3bdde14b1f659f8b0b06b46f
84331b7d14d04d74b8b85ef87221f322f8508e5e596b5c8bae2f8197f233aec2
GET /xdata/images/xphoto/300x240/45450073.jpeg?k=795a94c30433de1858ea52375e8190a962b302376be2e68aa08be345d936557d&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 10959
server: nginx
date: Sun, 30 Oct 2022 03:53:52 GMT
etag: "126fd077b5e50a4915447c1cfd532f813b3a3c2c"
expires: Tue, 29 Nov 2022 03:53:52 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: S6S7Zl9KsSS5N25IHaqVe4dn202Y166taXb4OKuumhNrJE85LIMWsw==
age: 1118568
X-Firefox-Spdy: h2
www.booking.com/index.html?aid=1858279
200 OK 13 kB URL HTTP/2 www.booking.com/index.html?aid=1858279
IP
Hash cb649ad60fe5750fbc23da44d35206b4
a9c188e226fdd77e73f3fa374b210bf1bb0dfe65
a6f122a9ceb30d1ebc827c40e4e7e40b710da41f9a7ee454d8504128e0ca7aa0
GET /index.html?aid=1858279 HTTP/1.1
Host: www.booking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://dipaka-ead.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
server: nginx
date: Sat, 12 Nov 2022 02:36:38 GMT
cache-control: private
vary: User-Agent, Accept-Encoding
content-encoding: br
link: <https://t-cf.bstatic.com/static/css/gprof_icons_cft.iq_ltr/4b538a7f9b7e4b4916c881259774821f33d5220a.css>; rel=preload; as=style, <https://t-cf.bstatic.com/static/css/incentives_cft.iq_ltr/70c3660043e199f2e3a2b9d17b15dc773dca7b8e.css>; rel=preload; as=style, <https://t-cf.bstatic.com/static/css/index_cft.iq_ltr/ef25fcb54cd6b780a46bcfe0263dfba2991aae8d.css>; rel=preload; as=style, <https://t-cf.bstatic.com/static/css/main_cft.iq_ltr/11af65abb6dba73480d32d183f9b6f6c0a9b9315.css>; rel=preload; as=style, <https://t-cf.bstatic.com/static/css/main_exps_cft.iq_ltr/7726bdb18e488663b338bf0e64385bc7f6fb825c.css>; rel=preload; as=style, <https://t-cf.bstatic.com/static/css/sp_loyalty_cft.iq_ltr/c7c6b342312a9d5364889a78d1971cf24c388e48.css>; rel=preload; as=style, <https://t-cf.bstatic.com/static/css/xp-index-sb_cft.iq_ltr/ede1612fb0e53edbbe47d72b47f704968515c9b7.css>; rel=preload; as=style
nel: {"report_to":"default","max_age":604800}
report-to: {"group":"default","endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":604800}
set-cookie: _pxhd=xh1yr5HRceK5PKtECt1YCt6twqiEBG41XKfOgqvRBhUkrN%252FW-K7Whv4mrYsQ3OHF24WQnBlKznzhaysPoXBVUw%253D%253D%253AmvQyZE%252FGD95MrWAqBWOEoe%252FZ%252Ftx4hNbALYLqkfhCgvga0C8DMmz7bqMvgXM8HflyGFfQ61erWaK5rQqAlgB5EiMPtdZ%252F0TAWETpTUYY9nVA%253D; domain=booking.com; path=/; expires=Sun, 12-Nov-2023 02:36:38 GMT
px_init=0; domain=booking.com; expires=Fri, 22-Nov-2075 05:13:16 GMT; SameSite=Strict; secure; HttpOnly
bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbbmD9q%2B5pe3XkbW%2BRPRPgGhjq4IEUF%2BdLQfxr8wiRISKQMUkKcm7QBS2LCADpKe3%2FZbzJ%2F%2F5wvPffhI8IRwLnvBLtvocBors%2Fj%2BAg8NYDCvuH6UGaSTf2zn0NaryeAHgVSagQI9YxT3R%2FXar%2BzUniwDcXHoI1dmha; domain=.booking.com; path=/; expires=Thu, 11-Nov-2027 02:36:38 GMT; Secure; HTTPOnly; SameSite=None
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: S0WBH0icO-wQir3o1390ffjmgYI3-8_4_RBRqT-n31z85nXVpGc9ZA==
X-Firefox-Spdy: h2
r-xx.bstatic.com/xdata/images/xphoto/300x240/57584488.jpeg?k=d8d4706fc72ee789d870eb6b05c0e546fd4ad85d72a3af3e30fb80ca72f0ba57&o=
200 OK 10 kB URL HTTP/2 r-xx.bstatic.com/xdata/images/xphoto/300x240/57584488.jpeg?k=d8d4706fc72ee789d870eb6b05c0e546fd4ad85d72a3af3e30fb80ca72f0ba57&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash 3516533c36779b327798248218da8b19
36c0739bb6e85bd406f7e3c853bcde872c3302e3
8aba7cf83e43468f409963df22b718744c34fc9aba143af86d4b73219b3f5910
GET /xdata/images/xphoto/300x240/57584488.jpeg?k=d8d4706fc72ee789d870eb6b05c0e546fd4ad85d72a3af3e30fb80ca72f0ba57&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 10231
server: nginx
date: Wed, 26 Oct 2022 01:05:13 GMT
etag: "1c427037cfdcce16734f8903a2148ae53b09999e"
expires: Fri, 25 Nov 2022 01:05:13 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: JtJWaaYDeNDwtbsTh4qrC2URdv1EOAtI9BDAmRFpSbkaJ5_03vWulQ==
age: 1474287
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/js/atlas_cst_cft/802b6c20031d4a46e097525d7eacc7a6538ac70c.js
200 OK 69 kB URL HTTP/2 t-cf.bstatic.com/static/js/atlas_cst_cft/802b6c20031d4a46e097525d7eacc7a6538ac70c.js
IP
File type ASCII text, with very long lines (65536), with no line terminators
Hash 573aec4fd6f12709a3df11f3f88d3ff1
f1dd8834b62c13da8c230978ab1e5bcbd8e95d62
9aa6d030a434e3693c7ef5c47dfc641f43d2cf8d3cdd82b74f4b1864e757d022
GET /static/js/atlas_cst_cft/802b6c20031d4a46e097525d7eacc7a6538ac70c.js HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 09 Nov 2022 07:15:05 GMT
last-modified: Tue, 08 Nov 2022 20:38:48 GMT
etag: W/"636abe58-8d0f8"
expires: Fri, 09 Dec 2022 07:15:05 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: AlWIfK0irCHFxmsHjTssR_-N65ADF8wjudMrE32wa8d6fsD1BrHQEQ==
age: 242495
X-Firefox-Spdy: h2
q-xx.bstatic.com/xdata/images/xphoto/300x240/45450103.jpeg?k=a1fa72362160b1df6e288050afa7ce1aade80871acd368ddd4a4ebf6ad87764e&o=
200 OK 21 kB URL HTTP/2 q-xx.bstatic.com/xdata/images/xphoto/300x240/45450103.jpeg?k=a1fa72362160b1df6e288050afa7ce1aade80871acd368ddd4a4ebf6ad87764e&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash 90383d39034028eafbd253eead13aecf
32035c5bcff0627f4901188d0e7b994aa46e64c8
150590b7a8af048e1a2696985211a78b0fa1800523f338e9fee9b5947cb0e5d7
GET /xdata/images/xphoto/300x240/45450103.jpeg?k=a1fa72362160b1df6e288050afa7ce1aade80871acd368ddd4a4ebf6ad87764e&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 20736
server: nginx
date: Fri, 21 Oct 2022 01:37:20 GMT
etag: "a8cc76f5492606a61516275b6265840d7a14bc27"
expires: Sun, 20 Nov 2022 01:37:20 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: R0lJTd9_SW6ZMfqgLwoOju18PUnVBBi9kXzKejVDBhfeE8VK3ED3Tg==
age: 1904361
X-Firefox-Spdy: h2
q-xx.bstatic.com/xdata/images/xphoto/300x240/45450080.jpeg?k=15d9709efa513f2b23b5fa8d5234d87bdee2bf97b3e7552244592da11413db9a&o=
200 OK 13 kB URL HTTP/2 q-xx.bstatic.com/xdata/images/xphoto/300x240/45450080.jpeg?k=15d9709efa513f2b23b5fa8d5234d87bdee2bf97b3e7552244592da11413db9a&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash 04e82ce3fa3ae9bd52cad3056a100c91
93693b20ed0103332bbb4e9f29852a5eaa187f1a
2e50a6fcd67533e10f476f84bbfafd558dd520f5b53ef1c2256e221bdaac9513
GET /xdata/images/xphoto/300x240/45450080.jpeg?k=15d9709efa513f2b23b5fa8d5234d87bdee2bf97b3e7552244592da11413db9a&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 12640
server: nginx
date: Sun, 23 Oct 2022 01:54:22 GMT
etag: "6afbcf7f23b7e8698a9fafdd230bf0ced085c3bb"
expires: Tue, 22 Nov 2022 01:54:22 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oispIYy0dROz8Tko4IeksK_M17LuR1VUmMaAitW3pwBvQbMUwudd7g==
age: 1730539
X-Firefox-Spdy: h2
r-xx.bstatic.com/xdata/images/xphoto/300x240/57584488.jpeg?k=d8d4706fc72ee789d870eb6b05c0e546fd4ad85d72a3af3e30fb80ca72f0ba57&o=
200 OK 10 kB URL HTTP/2 r-xx.bstatic.com/xdata/images/xphoto/300x240/57584488.jpeg?k=d8d4706fc72ee789d870eb6b05c0e546fd4ad85d72a3af3e30fb80ca72f0ba57&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash 3516533c36779b327798248218da8b19
36c0739bb6e85bd406f7e3c853bcde872c3302e3
8aba7cf83e43468f409963df22b718744c34fc9aba143af86d4b73219b3f5910
GET /xdata/images/xphoto/300x240/57584488.jpeg?k=d8d4706fc72ee789d870eb6b05c0e546fd4ad85d72a3af3e30fb80ca72f0ba57&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 10231
server: nginx
date: Wed, 26 Oct 2022 01:05:13 GMT
etag: "1c427037cfdcce16734f8903a2148ae53b09999e"
expires: Fri, 25 Nov 2022 01:05:13 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 0qwtPBl6DsCJJzuzNYMckrXsjK_IKhSCxRASzfbdLQ2cvloP4zHpiw==
age: 1474288
X-Firefox-Spdy: h2
q-xx.bstatic.com/xdata/images/xphoto/300x240/45450095.jpeg?k=cd5e46e632dab722d22217813485efde31fbe82f5f26a624166edccdbe8187bc&o=
200 OK 20 kB URL HTTP/2 q-xx.bstatic.com/xdata/images/xphoto/300x240/45450095.jpeg?k=cd5e46e632dab722d22217813485efde31fbe82f5f26a624166edccdbe8187bc&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash deb177f86bfc7083567ae12e1964f4ad
45c07c5d8cdec20431c81aee3aee189a4d87cd99
1f14eeb3c3ef9eeb1170e99a2fea2fbd034a83305f72be3fdfd7a7711f5fd4ee
GET /xdata/images/xphoto/300x240/45450095.jpeg?k=cd5e46e632dab722d22217813485efde31fbe82f5f26a624166edccdbe8187bc&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 20002
server: nginx
date: Wed, 26 Oct 2022 04:35:10 GMT
etag: "3b37dee95e4c922d0595fced952d47055cc7d91a"
expires: Fri, 25 Nov 2022 04:35:10 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: u0nQonrTeVq7mo5Q6BW1rty4VLJ6SWdnC2dg0wbewpS73Ul8GFvBSw==
age: 1461691
X-Firefox-Spdy: h2
r-xx.bstatic.com/xdata/images/xphoto/300x240/45450066.jpeg?k=4adfab312f5d26da9f81da48d8c95ca8f108215b2c84085590891a9e0e17b144&o=
200 OK 22 kB URL HTTP/2 r-xx.bstatic.com/xdata/images/xphoto/300x240/45450066.jpeg?k=4adfab312f5d26da9f81da48d8c95ca8f108215b2c84085590891a9e0e17b144&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash a610b882e99f89c94893c05f18687ec3
16e551d6c5ac3a8db914ec8f5fc15bbe9589a1c8
9814b3eb58d8fb061b8ebe7b1a76f31f1d08e556f1c4b3662e3a6752f121ca07
GET /xdata/images/xphoto/300x240/45450066.jpeg?k=4adfab312f5d26da9f81da48d8c95ca8f108215b2c84085590891a9e0e17b144&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 21509
server: nginx
date: Tue, 25 Oct 2022 01:28:11 GMT
etag: "9fe87b4a8f3c6bd673ce593556d7df36cfbd2a50"
expires: Thu, 24 Nov 2022 01:28:11 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 7m9DUvUUN9NyA6WQLE1mE1nGNh5b8IrCr4hMFYpnjs1SMjEfa4-Xnw==
age: 1559310
X-Firefox-Spdy: h2
q-xx.bstatic.com/xdata/images/xphoto/300x240/45450082.jpeg?k=beb101b827a729065964523184f4db6cac42900c2415d71d516999af40beb7aa&o=
200 OK 13 kB URL HTTP/2 q-xx.bstatic.com/xdata/images/xphoto/300x240/45450082.jpeg?k=beb101b827a729065964523184f4db6cac42900c2415d71d516999af40beb7aa&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash cb649ad60fe5750fbc23da44d35206b4
a9c188e226fdd77e73f3fa374b210bf1bb0dfe65
a6f122a9ceb30d1ebc827c40e4e7e40b710da41f9a7ee454d8504128e0ca7aa0
GET /xdata/images/xphoto/300x240/45450082.jpeg?k=beb101b827a729065964523184f4db6cac42900c2415d71d516999af40beb7aa&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 13058
server: nginx
date: Thu, 03 Nov 2022 00:53:00 GMT
etag: "b30a8b4e9a547c21f92a42d6c232362a7578e6e5"
expires: Sat, 03 Dec 2022 00:53:00 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: n0aKq6aLjvtloEvHAQSI9C886erj-60ETkkSJ38BrFZcrj5uudjrEg==
age: 783821
X-Firefox-Spdy: h2
r-xx.bstatic.com/xdata/images/xphoto/300x240/45450283.jpeg?k=44ef0e355cff36883935e4c99b5c01b035eabebad278d22363210b2fe40b2791&o=
200 OK 16 kB URL HTTP/2 r-xx.bstatic.com/xdata/images/xphoto/300x240/45450283.jpeg?k=44ef0e355cff36883935e4c99b5c01b035eabebad278d22363210b2fe40b2791&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash 6eb82e2bccd8b35e46f250238844ef3c
8f9cc26cce3b866559d1994c75147871b3d3bcea
0a96fd07340aee61dede1f72f25f593c9bed353963d8f289890b38fc2b827ba7
GET /xdata/images/xphoto/300x240/45450283.jpeg?k=44ef0e355cff36883935e4c99b5c01b035eabebad278d22363210b2fe40b2791&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 15976
server: nginx
date: Thu, 27 Oct 2022 08:44:00 GMT
etag: "b9e5194522818d8ae083a537bafc4100b2c592a1"
expires: Sat, 26 Nov 2022 08:44:00 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Q6KPZ27xz-quL2ysEAHwkLq7FJhswPrvzLZdp5vFQMXSwnGJkdgPAw==
age: 1360361
X-Firefox-Spdy: h2
q-xx.bstatic.com/xdata/images/xphoto/300x240/45450093.jpeg?k=aa5cc7703f3866af8ffd6de346c21161804a26c3d0a508d3999c11c337506ae1&o=
200 OK 13 kB URL HTTP/2 q-xx.bstatic.com/xdata/images/xphoto/300x240/45450093.jpeg?k=aa5cc7703f3866af8ffd6de346c21161804a26c3d0a508d3999c11c337506ae1&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash 34cd95647e7bfee64c4854f7146348b9
8017d1d7da4d9079bd0608f985a01630543c7d3a
7f72c1e1d27db3f66b0362c6b6066f384302247b1bc315af8054109102860740
GET /xdata/images/xphoto/300x240/45450093.jpeg?k=aa5cc7703f3866af8ffd6de346c21161804a26c3d0a508d3999c11c337506ae1&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 13027
server: nginx
date: Tue, 01 Nov 2022 02:51:32 GMT
etag: "406f0c3b30fffbbdeabca9631f0e99adc7571998"
expires: Thu, 01 Dec 2022 02:51:32 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yeoxFEqIuC8pqDOAza_8TtDWmfdrO0kyPelGXPon8GpYJxqtSd-5Gg==
age: 949509
X-Firefox-Spdy: h2
r-xx.bstatic.com/xdata/images/xphoto/300x240/45450075.jpeg?k=d23cf8443780ac09f46f59e40393d75dbe64b06029b4959c60b81b7fdefc9be0&o=
200 OK 12 kB URL HTTP/2 r-xx.bstatic.com/xdata/images/xphoto/300x240/45450075.jpeg?k=d23cf8443780ac09f46f59e40393d75dbe64b06029b4959c60b81b7fdefc9be0&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash f9b81d29754609253833fb749eb9c430
76bee0195580b7ed6fbbf132c14e4b04dd1828dc
f3ff755c327cbe08419dbc2fe6ef2452dba8c5e805e9bc1ac08dd55527360b4e
GET /xdata/images/xphoto/300x240/45450075.jpeg?k=d23cf8443780ac09f46f59e40393d75dbe64b06029b4959c60b81b7fdefc9be0&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 12281
server: nginx
date: Sat, 22 Oct 2022 02:06:20 GMT
etag: "b692280969cbf943e35c8cbf34ae2b566cfde2ae"
expires: Mon, 21 Nov 2022 02:06:20 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: p39823jA2QoUWYKCRFhFTobXFSHnpFnObMnusKPW51fKdLV_xlKIBA==
age: 1816221
X-Firefox-Spdy: h2
q-xx.bstatic.com/xdata/images/xphoto/300x240/45450279.jpeg?k=cb9ab85ffe439f3030e00281f2d52583a398bf076e54f00f746e1d1baf62bf6e&o=
200 OK 23 kB URL HTTP/2 q-xx.bstatic.com/xdata/images/xphoto/300x240/45450279.jpeg?k=cb9ab85ffe439f3030e00281f2d52583a398bf076e54f00f746e1d1baf62bf6e&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash d2777025d4a89299a415993ffee584ae
882aadd31ddf11f475cc870f291c0cb00909bb41
a358344c77aa72b8ed5c9aeb8989f3e5d01116badd07b0c8fa7a6a3d7b1afb2e
GET /xdata/images/xphoto/300x240/45450279.jpeg?k=cb9ab85ffe439f3030e00281f2d52583a398bf076e54f00f746e1d1baf62bf6e&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 22931
server: nginx
date: Sat, 22 Oct 2022 06:12:15 GMT
etag: "5bc5bf53764ac2562af74744fea578d1f2e5a805"
expires: Mon, 21 Nov 2022 06:12:15 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vl6OVsqyi4btirP8znVBBGGexuRAPLwitHLIc77sthZ6ri1MWqkpTw==
age: 1801466
X-Firefox-Spdy: h2
q-xx.bstatic.com/xdata/images/xphoto/300x240/45450056.jpeg?k=251e2507d43a24a4c58bb961b8d157147d56efbf91b49f9606bc768c58f581e4&o=
200 OK 16 kB URL HTTP/2 q-xx.bstatic.com/xdata/images/xphoto/300x240/45450056.jpeg?k=251e2507d43a24a4c58bb961b8d157147d56efbf91b49f9606bc768c58f581e4&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash 5ce55d22c4e06809b72801bf78198fb2
8cc49f26d00a1b2747ba599b06d67fd57d724047
3781416aa7ee06509ed5e7aa5143189ca6e1436f586194544fba3b8cfff6f27a
GET /xdata/images/xphoto/300x240/45450056.jpeg?k=251e2507d43a24a4c58bb961b8d157147d56efbf91b49f9606bc768c58f581e4&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 16003
server: nginx
date: Wed, 19 Oct 2022 04:54:34 GMT
etag: "5f50b3e58eb5954613b87ee105aaac2bd352d51c"
expires: Fri, 18 Nov 2022 04:54:34 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MFJ5wnoyTH6f43oFBikK1PEMStNDxJX6mTVPRnOHjr2kGYTU7wS79g==
age: 2065327
X-Firefox-Spdy: h2
r-xx.bstatic.com/xdata/images/xphoto/300x240/45450074.jpeg?k=7039b03a94f3b99262c4b3054b0edcbbb91e9dade85b6efc880d45288a06c126&o=
200 OK 20 kB URL HTTP/2 r-xx.bstatic.com/xdata/images/xphoto/300x240/45450074.jpeg?k=7039b03a94f3b99262c4b3054b0edcbbb91e9dade85b6efc880d45288a06c126&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash 2414c022c1585360984508f5c5de208b
7f2fe2e841f4929dcf52c93c7efbe6401ef9fd24
2309e00634f6000b455200aeaae2c868aef28a31a05571aeada61b9c78264135
GET /xdata/images/xphoto/300x240/45450074.jpeg?k=7039b03a94f3b99262c4b3054b0edcbbb91e9dade85b6efc880d45288a06c126&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 20152
server: nginx
date: Sun, 30 Oct 2022 06:35:00 GMT
etag: "bc3198d659049a91cd2588e6854b1235db983c97"
expires: Tue, 29 Nov 2022 06:35:00 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6urP32tYuRne82CkgQ80X_FB0GPe5K3ze1tzgKZVoZqP5saGhofXdA==
age: 1108901
X-Firefox-Spdy: h2
q-xx.bstatic.com/xdata/images/xphoto/300x240/45450064.jpeg?k=4d4ea22dc4828fd55a3889e90531c9841ddb2d9abf460c420cdd24f2a9b658d2&o=
200 OK 18 kB URL HTTP/2 q-xx.bstatic.com/xdata/images/xphoto/300x240/45450064.jpeg?k=4d4ea22dc4828fd55a3889e90531c9841ddb2d9abf460c420cdd24f2a9b658d2&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash 3d32707cb3ccfc843ca809ff0ff08c28
950e8aa81a2f546217a0ca433700c4df4550bbfd
10d7e42ad31f48815167a292170eaacedd4e7b0ae8546795a63975c2711ce024
GET /xdata/images/xphoto/300x240/45450064.jpeg?k=4d4ea22dc4828fd55a3889e90531c9841ddb2d9abf460c420cdd24f2a9b658d2&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 18103
server: nginx
date: Tue, 01 Nov 2022 03:28:40 GMT
etag: "3ef10431f3d0c89bf87236a7c8668552e8e5dcff"
expires: Thu, 01 Dec 2022 03:28:40 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: YjgVXcclL0UiNujUK2Ewh-2qhrHS5IstzNab7eVLVD65BaXZZtiu9g==
age: 947281
X-Firefox-Spdy: h2
r-xx.bstatic.com/xdata/images/xphoto/300x240/45450084.jpeg?k=f8c2954e867a1dd4b479909c49528531dcfb676d8fbc0d60f51d7b51bb32d1d9&o=
200 OK 12 kB URL HTTP/2 r-xx.bstatic.com/xdata/images/xphoto/300x240/45450084.jpeg?k=f8c2954e867a1dd4b479909c49528531dcfb676d8fbc0d60f51d7b51bb32d1d9&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash a36f4027287a0f6a3082dc0f55198730
046cdc6d82e7bd58bea3d7425a38d71bfb9c8914
93a0201d50a63130bc8b38fd47974805b864bf254427c8ea6e628b83f333f34b
GET /xdata/images/xphoto/300x240/45450084.jpeg?k=f8c2954e867a1dd4b479909c49528531dcfb676d8fbc0d60f51d7b51bb32d1d9&o= HTTP/1.1
Host: r-xx.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/jpeg
content-length: 12527
server: nginx
date: Thu, 20 Oct 2022 03:41:36 GMT
etag: "b5539c5ed8c359d5902f6b37fe163b3e20c96123"
expires: Sat, 19 Nov 2022 03:41:36 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Su5TsyYmzgmGhq93OLrNwyyUz2nZY2eKxxYWCSw5FgIym1FTBX6eGA==
age: 1983305
X-Firefox-Spdy: h2
q-xx.bstatic.com/xdata/images/xphoto/300x240/45450097.jpeg?k=eac0f917a53dc395bd379fef8c191e7d5e37012b68e60232e4f6bba2a2901b7a&o=
200 OK 15 kB URL HTTP/2 q-xx.bstatic.com/xdata/images/xphoto/300x240/45450097.jpeg?k=eac0f917a53dc395bd379fef8c191e7d5e37012b68e60232e4f6bba2a2901b7a&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash 13d1467c76d772dd6647f49fe4140d08
7ff7e63be06a3e98495eae5c0a1fb26482025d78
50fa8a1dfe8f3251194c1564def0dda195ce6fc96f05a63a83753b7b6bc9463d
GET /xdata/images/xphoto/300x240/45450097.jpeg?k=eac0f917a53dc395bd379fef8c191e7d5e37012b68e60232e4f6bba2a2901b7a&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 15440
server: nginx
date: Wed, 02 Nov 2022 00:51:23 GMT
etag: "fbe15c466339e3107a497c74a5c4eb8e01bb01fe"
expires: Fri, 02 Dec 2022 00:51:23 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: izi4FWaBaJVZlNKf1c7gHbklCsShXzcjZe8wDy8Y7S55hb20_2a_ug==
age: 870318
X-Firefox-Spdy: h2
q-xx.bstatic.com/xdata/images/xphoto/300x240/45450068.jpeg?k=41cc7c5449011323aaaaed4e845cb16200b5d540c77a50c1bea90399a1e92d70&o=
200 OK 20 kB URL HTTP/2 q-xx.bstatic.com/xdata/images/xphoto/300x240/45450068.jpeg?k=41cc7c5449011323aaaaed4e845cb16200b5d540c77a50c1bea90399a1e92d70&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash 41bf36733e71ce642c45069444cfcf64
c931c599e9519d6c110ceed2c92432b818780d07
5c330c4cabaf246ebde2e47b2153d3e070423478706634c810980d67173f503a
GET /xdata/images/xphoto/300x240/45450068.jpeg?k=41cc7c5449011323aaaaed4e845cb16200b5d540c77a50c1bea90399a1e92d70&o= HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 19539
server: nginx
date: Sun, 30 Oct 2022 21:27:44 GMT
etag: "295366f779b7f616fdaa29276db720185ace22d9"
expires: Tue, 29 Nov 2022 21:27:44 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 2d5cbe05385a7f3bbffc8a562b8711f6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 70zFZfv9RK_truAvLTdw17Lxh8sC_UtNPXuALgiqDz17S5RQoIWsrQ==
age: 1055337
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/js/calendar2_cft/06071dd1c4e89fbe99e5ad6e21584a6bf9585e84.js
200 OK 30 kB URL HTTP/2 t-cf.bstatic.com/static/js/calendar2_cft/06071dd1c4e89fbe99e5ad6e21584a6bf9585e84.js
IP
File type Unicode text, UTF-8 text, with very long lines (52155), with no line terminators
Hash 4059138996bfe0c9f84fac28c10776ca
f91c2cf0a2c16b37bd4de4fccea4833c76edca82
f57652f9e72f6e7339360dc0984fcfacb5c205cba175635a97252eb5172415a5
GET /static/js/calendar2_cft/06071dd1c4e89fbe99e5ad6e21584a6bf9585e84.js HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
X-Moz: prefetch
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Mon, 31 Oct 2022 04:02:43 GMT
last-modified: Tue, 12 Jan 2021 10:06:38 GMT
etag: W/"5ffd74ae-cbbc"
expires: Wed, 30 Nov 2022 04:02:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: iDCwO9lTdol8tPaUroWi4SgZoXw4wsReRRGC38AklG2PSklpvvLBsg==
age: 1031637
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/hotel/square600/154512398.webp?k=f34c90d1aae9ef4b8c0eea552e829f669eac79b844bd6e88ced019273f4d3c4b&o=&s=1
200 OK 72 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/hotel/square600/154512398.webp?k=f34c90d1aae9ef4b8c0eea552e829f669eac79b844bd6e88ced019273f4d3c4b&o=&s=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 8f65d9111ef2d4aa2b2cb67dc112b64c
0ac0d2a13010ff6a3f65812cd8949393eefaeef2
74b91ae62006cdad22d6e702c8f1f432c2144abd4909cbc997c23d9425b63104
GET /xdata/images/hotel/square600/154512398.webp?k=f34c90d1aae9ef4b8c0eea552e829f669eac79b844bd6e88ced019273f4d3c4b&o=&s=1 HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 71718
server: nginx
date: Wed, 09 Nov 2022 03:46:56 GMT
etag: "2d987a6f73f3d2ced0773fe99110897635e975d1"
expires: Fri, 09 Dec 2022 03:46:56 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: qI-H_Zfk9O3ar-IwfkJWLhOdKPXZNoWOWLk_CIqcLmUNHnkcbs67jg==
age: 254985
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/hotel/square600/90166571.webp?k=0b63f507a150b0e5f6e2173786be4374ee7deae468fc1a6443feef111cc01ef5&o=&s=1
200 OK 31 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/hotel/square600/90166571.webp?k=0b63f507a150b0e5f6e2173786be4374ee7deae468fc1a6443feef111cc01ef5&o=&s=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 144ea530c7ce441545e4faf8436567c5
adc26707883764b633c3c56b6fd94eadd1f02658
3b463c2a52c167a2ca60af3010e689f9edb48dcdfab7918a06b9ca83df7f4270
GET /xdata/images/hotel/square600/90166571.webp?k=0b63f507a150b0e5f6e2173786be4374ee7deae468fc1a6443feef111cc01ef5&o=&s=1 HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 30798
server: nginx
date: Mon, 07 Nov 2022 09:01:48 GMT
etag: "494d7241d5d000bee96a18c3fbafb509f867c944"
expires: Wed, 07 Dec 2022 09:01:48 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 99YN5y5C4V3O1mXst9nfPkxSWLbkGw5Oxxartb13dBLMeoUOMxGfaA==
age: 408893
X-Firefox-Spdy: h2
t-cf.bstatic.com/libs/perimeterx/px.v7.6.9.min.js
200 OK 117 kB URL HTTP/2 t-cf.bstatic.com/libs/perimeterx/px.v7.6.9.min.js
IP
File type ASCII text, with very long lines (65402)
Size 117 kB (117183 bytes)
Hash 76ce5835998725368e1401c408915804
daf5925fccad5b82e60d8f492dba127640397a2b
0ec2d5acc33b684d2223531b95fbf0ad394faa3f6b073e7b7568df0e22b65578
GET /libs/perimeterx/px.v7.6.9.min.js HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 02 Nov 2022 01:20:36 GMT
last-modified: Tue, 04 Oct 2022 23:02:37 GMT
etag: W/"633cbb8d-39901"
expires: Fri, 02 Dec 2022 01:20:36 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: o-v7eoFArErr3Dfjg_AE-uFK6clIYbhiqQN199j5Sf8arUXGq3GAjw==
age: 868565
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/hotel/square600/236840535.webp?k=ce3c9fd759ec1a8d942b39f8fa1b8f4f388918523b269b9dff75842fec735038&o=&s=1
200 OK 44 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/hotel/square600/236840535.webp?k=ce3c9fd759ec1a8d942b39f8fa1b8f4f388918523b269b9dff75842fec735038&o=&s=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1a4d2393c57cc8f4803d5142fbec0b15
bc63da22a153bbeb61fc53874e2c86fab68392ff
a4c1d356a4ef9d0eff6a71be2d6a8fd03300bf48087346743197f6a096f1628a
GET /xdata/images/hotel/square600/236840535.webp?k=ce3c9fd759ec1a8d942b39f8fa1b8f4f388918523b269b9dff75842fec735038&o=&s=1 HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 44364
server: nginx
date: Sat, 05 Nov 2022 06:43:06 GMT
etag: "8912b27b62c0dd4a66cf1833cbf600a7a5471cd1"
expires: Mon, 05 Dec 2022 06:43:06 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lA_4ZYxlWDR0-i3v1PEjvqWN29-tMgYEJGxSSrRWVtcixQoj88PZ0w==
age: 590015
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/hotel/square600/262247242.webp?k=ac5f696d6e7c82349e66d4e54d6a12bb0d89003eac8e7734489cc3e5d76944b8&o=&s=1
200 OK 128 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/hotel/square600/262247242.webp?k=ac5f696d6e7c82349e66d4e54d6a12bb0d89003eac8e7734489cc3e5d76944b8&o=&s=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 128 kB (128296 bytes)
Hash 72a0c3af78637f10b366a61bb49696bc
4dc6662ac320116b46d35edf4bd07870b6924df2
db14d14f8adfd6cb7b6636aef60e31df2bd660773b870ddbbf05c509720bfad1
GET /xdata/images/hotel/square600/262247242.webp?k=ac5f696d6e7c82349e66d4e54d6a12bb0d89003eac8e7734489cc3e5d76944b8&o=&s=1 HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 128296
server: nginx
date: Mon, 31 Oct 2022 11:21:53 GMT
etag: "0b81b7fc2385909348dbfdfc2f1dddcf4a14b6a8"
expires: Wed, 30 Nov 2022 11:21:53 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sg5NObaOPeCWAO-qrthx9K-4qtpqX9nzwOiLNqMrdbTxx_XwnCSiBg==
age: 1005288
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/hotel/square600/236840535.webp?k=ce3c9fd759ec1a8d942b39f8fa1b8f4f388918523b269b9dff75842fec735038&o=&s=1
200 OK 44 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/hotel/square600/236840535.webp?k=ce3c9fd759ec1a8d942b39f8fa1b8f4f388918523b269b9dff75842fec735038&o=&s=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1a4d2393c57cc8f4803d5142fbec0b15
bc63da22a153bbeb61fc53874e2c86fab68392ff
a4c1d356a4ef9d0eff6a71be2d6a8fd03300bf48087346743197f6a096f1628a
GET /xdata/images/hotel/square600/236840535.webp?k=ce3c9fd759ec1a8d942b39f8fa1b8f4f388918523b269b9dff75842fec735038&o=&s=1 HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 44364
server: nginx
date: Sat, 05 Nov 2022 06:43:06 GMT
etag: "8912b27b62c0dd4a66cf1833cbf600a7a5471cd1"
expires: Mon, 05 Dec 2022 06:43:06 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: addJAUBZx8CsGrmEyk1uHZ4KW_0umh7Vy0aJWONn2IFgKBb3czNcyA==
age: 590015
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/hotel/square600/262247242.webp?k=ac5f696d6e7c82349e66d4e54d6a12bb0d89003eac8e7734489cc3e5d76944b8&o=&s=1
200 OK 128 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/hotel/square600/262247242.webp?k=ac5f696d6e7c82349e66d4e54d6a12bb0d89003eac8e7734489cc3e5d76944b8&o=&s=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 128 kB (128296 bytes)
Hash 72a0c3af78637f10b366a61bb49696bc
4dc6662ac320116b46d35edf4bd07870b6924df2
db14d14f8adfd6cb7b6636aef60e31df2bd660773b870ddbbf05c509720bfad1
GET /xdata/images/hotel/square600/262247242.webp?k=ac5f696d6e7c82349e66d4e54d6a12bb0d89003eac8e7734489cc3e5d76944b8&o=&s=1 HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 128296
server: nginx
date: Mon, 31 Oct 2022 11:21:53 GMT
etag: "0b81b7fc2385909348dbfdfc2f1dddcf4a14b6a8"
expires: Wed, 30 Nov 2022 11:21:53 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: L76Tdv5FnU4E5Uh3O3P6eKXtjhXJVnZvRKzGPIwhdnNzUCN-Ae0I8Q==
age: 1005288
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/hotel/square600/109319008.webp?k=b8fc6fbc8d874cffedf49c0080f14933a20995b040dc02aeaee3afad1e79c670&o=&s=1
200 OK 72 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/hotel/square600/109319008.webp?k=b8fc6fbc8d874cffedf49c0080f14933a20995b040dc02aeaee3afad1e79c670&o=&s=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 4bc699d1bd67bda2dd2771f1160ebf07
5bd339ae7baa59fb6ea72d9b0adfc22859458596
deb835a811f25db8ab52d0a20100d29baf15fa5b2ec3f2b4f01210c56fb0163f
GET /xdata/images/hotel/square600/109319008.webp?k=b8fc6fbc8d874cffedf49c0080f14933a20995b040dc02aeaee3afad1e79c670&o=&s=1 HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 71756
server: nginx
date: Fri, 11 Nov 2022 11:33:06 GMT
etag: "2c7e00b39a6f43f55dc3ff980609243364d28d7d"
expires: Sun, 11 Dec 2022 11:33:06 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: U8U2uCeVI3zZOS2a1ZbNBCURh3j0l0Xf6hZlRjDOhSE1r4xEfV4nXQ==
age: 54215
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/hotel/square600/98662660.webp?k=6e981419e8af97778c5b13a8aca3c264a0be73e9ebfd565cb17c0e4134783564&o=&s=1
200 OK 40 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/hotel/square600/98662660.webp?k=6e981419e8af97778c5b13a8aca3c264a0be73e9ebfd565cb17c0e4134783564&o=&s=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ae5abd3325e28c423001f3f540d38b80
aa9535e550f5c89977b4f598eb656de20ec767cc
938a823e490adc84ef5d12c5b763baebb2e0ccc0592b3f0faa785a7e94e88055
GET /xdata/images/hotel/square600/98662660.webp?k=6e981419e8af97778c5b13a8aca3c264a0be73e9ebfd565cb17c0e4134783564&o=&s=1 HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 39584
server: nginx
date: Fri, 11 Nov 2022 12:46:53 GMT
etag: "274c99646aa38d1aa45453fc3e459bbdbc869535"
expires: Sun, 11 Dec 2022 12:46:53 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4sDxeCdDH1insAFpXSv71N3-63VGDmhzT8QIKfycqMLaV2KO5ugTFg==
age: 49788
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/hotel/square600/101174842.webp?k=515b19cd29852207a9e6add777068c1df7931a0dc58ddb80b36af9b605a3a00d&o=&s=1
200 OK 20 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/hotel/square600/101174842.webp?k=515b19cd29852207a9e6add777068c1df7931a0dc58ddb80b36af9b605a3a00d&o=&s=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash ce2edbb1483dd2f1a695bb9fe57f7574
5684d3255717041c66037bd6d76f2aa9761578b7
e5c6e93bfa6be2a02b28f5b1e3bd4ff78eaf4b7738710e73f91c3235db6b3c77
GET /xdata/images/hotel/square600/101174842.webp?k=515b19cd29852207a9e6add777068c1df7931a0dc58ddb80b36af9b605a3a00d&o=&s=1 HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 19804
server: nginx
date: Fri, 21 Oct 2022 08:32:19 GMT
etag: "df8eb7b84018273bdf57369fed9fbdd5d0817e9f"
expires: Sun, 20 Nov 2022 08:32:19 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: n4Odki3CEpK9BPa8sxq3f9BRRamkYa2JSd4-yq_AUwh1Zl_wRGRYNQ==
age: 1879462
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/hotel/square600/218529186.webp?k=669db47d57f15a20a66212f4d267ecde0a5866a896f3d2a3223441aef8b07f6c&o=&s=1
200 OK 68 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/hotel/square600/218529186.webp?k=669db47d57f15a20a66212f4d267ecde0a5866a896f3d2a3223441aef8b07f6c&o=&s=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 1ae4768126a76f4093bcf30833c7a4a0
3b35ab740b2f5860d1c6e0096446247d5b7c406d
9f222b46c7a092237c0e4bc1fe0c972365ba84e64463825f7b5fd31963e94c77
GET /xdata/images/hotel/square600/218529186.webp?k=669db47d57f15a20a66212f4d267ecde0a5866a896f3d2a3223441aef8b07f6c&o=&s=1 HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 68144
server: nginx
date: Wed, 09 Nov 2022 03:46:56 GMT
etag: "f57e5833bf678265caff3d3e5f26b1585d6ef589"
expires: Fri, 09 Dec 2022 03:46:56 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: _4RTVddynIgNQC5QOdKj7OeMAjqDGWwiP6s3vtsVeAVyjRiFmkMz8Q==
age: 254985
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/hotel/square600/286573218.webp?k=05df3eea56c59038cf7fa2ab228ec44c47c66ac49f708bc924c2b24738ea1e61&o=&s=1
200 OK 65 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/hotel/square600/286573218.webp?k=05df3eea56c59038cf7fa2ab228ec44c47c66ac49f708bc924c2b24738ea1e61&o=&s=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 651317e3637bdb07fead8acac91ff1df
677318c0d98efb6b0fed37c7f2594cedd7458f06
89f50060edeff15d0df29057194bcd3e035944bb5f8b14f64471174ff57a3389
GET /xdata/images/hotel/square600/286573218.webp?k=05df3eea56c59038cf7fa2ab228ec44c47c66ac49f708bc924c2b24738ea1e61&o=&s=1 HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 65350
server: nginx
date: Wed, 09 Nov 2022 03:46:56 GMT
etag: "912681737b92e993d6845b8f5976305a0e95c466"
expires: Fri, 09 Dec 2022 03:46:56 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KEb95F2wZUb8A1qeM0Plsb5u2G2bxe_2hYp-9Cy4qdW4L4pXwOohJw==
age: 254985
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/hotel/square600/106411975.webp?k=53597242e9727e6e44a618b8edbc222c39b6937ac1bbe76761e24a2d796aed62&o=&s=1
200 OK 47 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/hotel/square600/106411975.webp?k=53597242e9727e6e44a618b8edbc222c39b6937ac1bbe76761e24a2d796aed62&o=&s=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash 305465a9638c31999672f217d98701d6
ab6a936d965af5e3b623e803fc46b48dd45e8641
58e195cf5d834d26264ad4f6641d2f8e7ca2e761ec4b8331f5d63e359ef5bbfc
GET /xdata/images/hotel/square600/106411975.webp?k=53597242e9727e6e44a618b8edbc222c39b6937ac1bbe76761e24a2d796aed62&o=&s=1 HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 46882
server: nginx
date: Wed, 09 Nov 2022 03:46:56 GMT
etag: "9436fc6a0c4aad202f2a66c4bf70c9a1f0b12d2a"
expires: Fri, 09 Dec 2022 03:46:56 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 93ZqgMC2PviW6MyysiK1olms6lC_zgXYJ9if0gFqoKiNs_sMg27Y-Q==
age: 254985
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/hotel/square600/236967822.webp?k=1465d052cf64137e1976c658cf1d63c249e8409896cd8f58cc088effbe552af6&o=&s=1
200 OK 124 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/hotel/square600/236967822.webp?k=1465d052cf64137e1976c658cf1d63c249e8409896cd8f58cc088effbe552af6&o=&s=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size 124 kB (124272 bytes)
Hash 2867261384ef36b3257b72b797b26bb4
21e4abf06b714b14727e593d7e7cb543cbc1ff9d
ef3d8d9bbb1970944acaa14e0729f4001989221a35d0e91802534a3a8753268a
GET /xdata/images/hotel/square600/236967822.webp?k=1465d052cf64137e1976c658cf1d63c249e8409896cd8f58cc088effbe552af6&o=&s=1 HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 124272
server: nginx
date: Sun, 06 Nov 2022 06:27:42 GMT
etag: "2b0f279b347bc463d3538d552988773c85b83a49"
expires: Tue, 06 Dec 2022 06:27:42 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: TcTLP0-7wp6KFu1-vK33cJk7WuOz5s0kmcEEfv5h41vsPmT9N4DoZg==
age: 504538
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/hotel/square600/156985326.webp?k=26e1231c1a1e2dc7fe1dd0ad8ff94bdf807e0917f7a22cc1a15f71ad644743bb&o=&s=1
200 OK 93 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/hotel/square600/156985326.webp?k=26e1231c1a1e2dc7fe1dd0ad8ff94bdf807e0917f7a22cc1a15f71ad644743bb&o=&s=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash c61a50dfef740fa62682940dacaad92d
da520b09281a21446f71695fed7700c2d80200c1
8d94001a72b6689fbb4f0bd7e34118fc7557043833acdb730565f5f3f5f4b622
GET /xdata/images/hotel/square600/156985326.webp?k=26e1231c1a1e2dc7fe1dd0ad8ff94bdf807e0917f7a22cc1a15f71ad644743bb&o=&s=1 HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 92834
server: nginx
date: Wed, 09 Nov 2022 03:46:56 GMT
etag: "cf5d0bac177448c1a68bb9e0602d798a267f85ee"
expires: Fri, 09 Dec 2022 03:46:56 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ixRi6456X8pC6jUf5mCJ0bK2ecVtysaDDVjm80h_DmdozBDwYoxNkQ==
age: 254985
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/hotel/square600/279333721.webp?k=8b632db276149b1ce327e8bfea4ac83e15d7ffc4f2b343a30af4bdd49197813e&o=&s=1
200 OK 52 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/hotel/square600/279333721.webp?k=8b632db276149b1ce327e8bfea4ac83e15d7ffc4f2b343a30af4bdd49197813e&o=&s=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash d04eb453f0e7fbbbdbba2a1951a8f290
1a6eb24b80524789134492cff32767adf785b1e9
d05234f5c8999958b2953ba76dc2180eecb1643c24419c009acd808332ba05f9
GET /xdata/images/hotel/square600/279333721.webp?k=8b632db276149b1ce327e8bfea4ac83e15d7ffc4f2b343a30af4bdd49197813e&o=&s=1 HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 51934
server: nginx
date: Wed, 09 Nov 2022 03:46:56 GMT
etag: "c699ac1af5c01445b81e86ab1a7ad782a4437cd4"
expires: Fri, 09 Dec 2022 03:46:56 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aeJY4CdMvHfBtGWpj5P70WB2Vk4ddeWU7B1q9E7LqHOx0AR1XpECLg==
age: 254985
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/hotel/square600/294401155.webp?k=4c91bd821bcf8a21dfd3cd73dfc8043179b0b35412cd7ce30e14e45092db6be9&o=&s=1
200 OK 36 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/hotel/square600/294401155.webp?k=4c91bd821bcf8a21dfd3cd73dfc8043179b0b35412cd7ce30e14e45092db6be9&o=&s=1
IP
File type RIFF (little-endian) data, Web/P image, VP8 encoding, 600x600, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Hash bb64ec57700ec86c850ac9d4f0f5589e
8d02a485746db6f9ec0935b2daf5577491003614
94de30bdfb15c208a49b1320082c994dfdf6b622cead146dbbb7b050578b6509
GET /xdata/images/hotel/square600/294401155.webp?k=4c91bd821bcf8a21dfd3cd73dfc8043179b0b35412cd7ce30e14e45092db6be9&o=&s=1 HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/webp
content-length: 35794
server: nginx
date: Wed, 09 Nov 2022 03:46:56 GMT
etag: "57ea7ba96b52ae88fe058fc447dcb031498c0d00"
expires: Fri, 09 Dec 2022 03:46:56 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: U0gAKmOrDQnwwRfam_6Kcj7axijM2eE8YF1r6EaeryiFFXcgYmJxqA==
age: 254985
X-Firefox-Spdy: h2
www.booking.com/get_handpicked_bh_properties?aid=1858279
200 OK 1.1 kB URL HTTP/2 www.booking.com/get_handpicked_bh_properties?aid=1858279
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (4944), with no line terminators
Hash 719309bd813e5573756a03f54ca776d3
52fc76e860253d6a2dda0edcc06d2b149d8295c1
b4384414c4b873aa50097955aa8f8032d4d7e4347bc4484fff54732b9e69a402
POST /get_handpicked_bh_properties?aid=1858279 HTTP/1.1
Host: www.booking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.booking.com/index.html?aid=1858279
Content-Type: application/x-www-form-urlencoded; charset=UTF-8
X-Booking-Pageview-Id: 3ab6125bcc5b004e
X-Booking-AID: 1858279
X-Booking-Session-Id: c13b72d3a09ebb86fd5526aa1e12196b
X-Booking-SiteType-Id: 1
X-Partner-Channel-Id: 2
X-Booking-CSRF: 9j5vYwAAAAA=m8UlLbNQ4cZOwjEZZUFWn7sKedax-_hrdAnWmoeoTNlB-DiCWwil_isnm7ilWtFv4asLU6W_Lr2c1MaTqieALORUGnJ74Icd3NdhnD8zhY2izpLyo6xQS3qtfQPgRTzOsNdaNocSxT4-V8JzhFEe3G1GUC8cWqpxXrGBEfSzYBnPIh2tfrqzhCCOQQPzpp3VtGNzw3w_Labwatgf
X-Booking-Language-Code: en-us
X-Booking-Client-Info: dDfPWKHAdDECLSCNVAELXT,aaTBNZZJRLESPIDNJDPVBC|1,cCHObVZMYCAFFQZcNKNMC|1,cCHObVZMYCAFFQZcNKNMC|2,cCHObVZMYCAFFQZcNKNMC|4,cCHObVZMYCAFFQZcNKNMC|7
X-Booking-Info: 1588860,1607930,1611780,1615930,1615950,1616480,1617290,1618710,1624940,1625600,1625850,1625890,1626710,1628410,1629290,dDfPWKHAdDECLSCNVAELXT,1624940|2,1607930|1,1617290|1,1625850|4,1617290|3,1625890|2,aaTBNZZJRLESPIDNJDPVBC|1,cCHObTRVEFDEXNBBTZBYSGSYO|5,BHDTJdReQLOLOLOVZMYCVCMILRVVPKLZZOJNET|1,cCHObdRdJJXCcaWQOcNNOaUALOLOLMO|1,dLYdCeYBFVedKNKNKPMPSXPUEKdDXFZMIbdYeNYT|1,cCHObMKdFEVRVVPKLZZVCMISLUDZSedLOLOLMO|1,cCHObMKdFEVRVVPKLZZVCMISLUDZSedLOLOLMO|2,cCHObVZMYCAFFQZcNKNMC|1,cCHObVZMYCAFFQZcNKNMC|2,cCHObVZMYCAFFQZcNKNMC|4,cCHObVZMYCAFFQZcNKNMC|7
X-Requested-With: XMLHttpRequest
Content-Length: 43
Origin: https://www.booking.com
Connection: keep-alive
Cookie: _pxhd=jB5zzXwJkfLvhUP3uICqqqg01gHF-cBhKd-Zy%2FkLsMtsxbVHFduo25iRlaZ1CfdiHFtGcP5yZ9ECqjF8kzb0Fw%3D%3D%3A7RHq1SD26XrCu7qluWDY0nstCuL6Xs4VOu6eb-QR3gbYTJhWUp9czPU2ZthfXUSRlMgq2%2FW7QoZ1MOVG5D6P39Hg5iwxlU5Ik5md8pqAuR0%3D; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLblgO%2Fz4BDP5sWXk9giGeUG2s2ygrp4XOJvcafcoh%2FC6HxACbYLaw1%2FQOjVb79dFklEhwpbRR3kStWlHRc08ztG3o1Y7QuS96PRBMNhfHKFcQF7FBkZyB%2FvkOQbsSOLHloitZcEzJSpFvQ0jUHPv%2FnZYw%2FLeMT%2FVTjprkuswB12JE%3D; cors_js=1; OptanonConsent=isGpcEnabled=0&datestamp=Sat+Nov+12+2022+02%3A36%3A39+GMT%2B0000+(Coordinated+Universal+Time)&version=6.22.0&isIABGlobal=false&hosts=&consentId=770490f1-f1f7-4cbb-87fc-212d45fed12b&interactionCount=0&landingPath=https%3A%2F%2Fwww.booking.com%2Findex.html%3Faid%3D1858279&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0&implicitConsentCountry=GDPR&implicitConsentDate=1668220600076; bkng_frontend_sese_exp=1; bkng_sso_ses=e30; bkng_sso_session=e30; BJS=-
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
content-length: 1136
server: nginx
date: Sat, 12 Nov 2022 02:36:41 GMT
vary: User-Agent, Accept-Encoding
content-encoding: br
set-cookie: _pxhd=jB5zzXwJkfLvhUP3uICqqqg01gHF-cBhKd-Zy%2FkLsMtsxbVHFduo25iRlaZ1CfdiHFtGcP5yZ9ECqjF8kzb0Fw%3D%3D%3A7RHq1SD26XrCu7qluWDY0nstCuL6Xs4VOu6eb-QR3gbYTJhWUp9czPU2ZthfXUSRlMgq2%2FW7QoZ1MOVG5D6P39Hg5iwxlU5Ik5md8pqAuR0%3D; domain=booking.com; path=/; expires=Sun, 12-Nov-2023 02:36:40 GMT
bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbnmKTRaewPBue2TJWM3vyn3yPig8IGTHPMV1Qj5fwhfbixeB7%2BCAyFCvRUwM3HP6YX1lfWYWXOBeaTSIVagXsX49FqlklHzWJQ%2BlpGDVHLxB7FnVorEcPN0OVDLb7EoFns%2FJCoC2GYea6zGv6EbYDPc4DZ%2B67Ko0hMj9RCHp3IVI%3D; domain=.booking.com; path=/; expires=Thu, 11-Nov-2027 02:36:41 GMT; Secure; HTTPOnly; SameSite=None
strict-transport-security: max-age=604800
x-content-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: KcC4DJN-EfG5655dvLxSTouSmPzRLyD6bGB7ZFOZ2hn09C94qYBkMw==
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/hotel/max500/74529578.jpg?k=a7fcefd47d7271daf44f6ce78a215b9505f9f8e5cac3af093b78b9c489fd8461&o=
200 OK 19 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/hotel/max500/74529578.jpg?k=a7fcefd47d7271daf44f6ce78a215b9505f9f8e5cac3af093b78b9c489fd8461&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 500x333, components 3\012- data
Hash 307816f8b37660b5b600532f6f6be261
ff9fe8d81241c97e9d66c0e88bfe688341b4abb9
84b21ed19e0ea41863d9309c1fc5cea5e65d176759c293e1bbdf9487b1c567f5
GET /xdata/images/hotel/max500/74529578.jpg?k=a7fcefd47d7271daf44f6ce78a215b9505f9f8e5cac3af093b78b9c489fd8461&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 18956
server: nginx
date: Thu, 27 Oct 2022 11:27:51 GMT
etag: "b5551b8d3d87bb0875943756df18d78c79ae1a57"
expires: Sat, 26 Nov 2022 11:27:51 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oa6Dk9TInljjeWAjgBn0nuRML9I6OBztIsM1TGrKuSfv3MW6X-MkjQ==
age: 1350530
X-Firefox-Spdy: h2
www.booking.com/js_tracking?stype=1&aid=1858279&ver=2&ref_action=index&sid=c13b72d3a09ebb86fd5526aa1e12196b&lang=en-us&pid=3ab6125bcc5b004e&ete=&etg=&etcg=&ets=cCHObVZMYCAFFQZcNKNMC|1,cCHObVZMYCAFFQZcNKNMC|2,cCHObVZMYCAFFQZcNKNMC|4,cCHObVZMYCAFFQZcNKNMC|7,BHDTJdReQLOLOLOVZMYCVCMILRVVPKLZZOJNET|2,BHDTJdReQLOLOLOVZMYCVCMILRVVPKLZZOJNET|4,BHDTJdReQLOLOLOVZMYCVCMILRVVPKLZZOJNET|7,dLYdCeYBFVedKNKNKPMPSXPUEKdDXFZMIbdYeNYT|2,dLYdCeYBFVedKNKNKPMPSXPUEKdDXFZMIbdYeNYT|4,dLYdCeYBFVedKNKNKPMPSXPUEKdDXFZMIbdYeNYT|5,dLYdCeYBFVedKNKNKPMPSXPUEKdDXFZMIbdYeNYT|8,cCGaYSdMbYSfcdReLbFZVGAZbaTaTaET|1,cCGaYSdMbYSfcdReLbFZVGAZbaTaTaET|3,cCGaYSdMbYSfcdReLbFZVGAZbaTaTaET|6,cCGaYSdMbYSfcdReLbFZVGAZbaTaTaET|7,cCHObVXAZQBJbKYbeQMIaSdFaLbFJdDBKFRURURHe|1,cCHObVXAZQBJbKYbeQMIaSdFaLbFJdDBKFRURURHe|7,cCHObVXAZQBJbKYbeQMIaSdFaLbFJdDBKFRURURHe|8&etgwv=&m=UmFuZG9tSVYkc2RlIyh9YYlEt3vTPKUzgbNTkXLEhA37KzbsSpkol66Jpf_LHOz-G7lyGJmB_mytwZLPApOWblKrGJEQwB5s4Fm-CBG80_tOSLJXk5_7qT0SBGw899qmERgdp_5X1AvoUAESlC0M88Q3TTMQJOeddGXo8Mzr8jEWOEWP2TXkYiTxRl1dv_Di1CcUWgJSr_0smp22UIdCXPMdnHm8GRCbbiHtQ6bbi3bK1zZMSa40aU0B2azjTMENyCg08Hr_z566WNNAY6F-2_c4TKOH_hkyF8bR2qyMlBI7WzmFBqdwFG_LNFQ7f9uI3wuD1rGIcvmQ20FII8jP4p7ig1sxxWZ8
200 OK 38 kB URL HTTP/2 www.booking.com/js_tracking?stype=1&aid=1858279&ver=2&ref_action=index&sid=c13b72d3a09ebb86fd5526aa1e12196b&lang=en-us&pid=3ab6125bcc5b004e&ete=&etg=&etcg=&ets=cCHObVZMYCAFFQZcNKNMC|1,cCHObVZMYCAFFQZcNKNMC|2,cCHObVZMYCAFFQZcNKNMC|4,cCHObVZMYCAFFQZcNKNMC|7,BHDTJdReQLOLOLOVZMYCVCMILRVVPKLZZOJNET|2,BHDTJdReQLOLOLOVZMYCVCMILRVVPKLZZOJNET|4,BHDTJdReQLOLOLOVZMYCVCMILRVVPKLZZOJNET|7,dLYdCeYBFVedKNKNKPMPSXPUEKdDXFZMIbdYeNYT|2,dLYdCeYBFVedKNKNKPMPSXPUEKdDXFZMIbdYeNYT|4,dLYdCeYBFVedKNKNKPMPSXPUEKdDXFZMIbdYeNYT|5,dLYdCeYBFVedKNKNKPMPSXPUEKdDXFZMIbdYeNYT|8,cCGaYSdMbYSfcdReLbFZVGAZbaTaTaET|1,cCGaYSdMbYSfcdReLbFZVGAZbaTaTaET|3,cCGaYSdMbYSfcdReLbFZVGAZbaTaTaET|6,cCGaYSdMbYSfcdReLbFZVGAZbaTaTaET|7,cCHObVXAZQBJbKYbeQMIaSdFaLbFJdDBKFRURURHe|1,cCHObVXAZQBJbKYbeQMIaSdFaLbFJdDBKFRURURHe|7,cCHObVXAZQBJbKYbeQMIaSdFaLbFJdDBKFRURURHe|8&etgwv=&m=UmFuZG9tSVYkc2RlIyh9YYlEt3vTPKUzgbNTkXLEhA37KzbsSpkol66Jpf_LHOz-G7lyGJmB_mytwZLPApOWblKrGJEQwB5s4Fm-CBG80_tOSLJXk5_7qT0SBGw899qmERgdp_5X1AvoUAESlC0M88Q3TTMQJOeddGXo8Mzr8jEWOEWP2TXkYiTxRl1dv_Di1CcUWgJSr_0smp22UIdCXPMdnHm8GRCbbiHtQ6bbi3bK1zZMSa40aU0B2azjTMENyCg08Hr_z566WNNAY6F-2_c4TKOH_hkyF8bR2qyMlBI7WzmFBqdwFG_LNFQ7f9uI3wuD1rGIcvmQ20FII8jP4p7ig1sxxWZ8
IP
Hash 7a1d0775316660073ac6f787c069d08f
5656a8920be3246381612ee311d6a8d82c1144a9
df7e0480ff97f6b80390df3509db732fcb86eecd948506cabda47a61c0b96e2d
GET /js_tracking?stype=1&aid=1858279&ver=2&ref_action=index&sid=c13b72d3a09ebb86fd5526aa1e12196b&lang=en-us&pid=3ab6125bcc5b004e&ete=&etg=&etcg=&ets=cCHObVZMYCAFFQZcNKNMC|1,cCHObVZMYCAFFQZcNKNMC|2,cCHObVZMYCAFFQZcNKNMC|4,cCHObVZMYCAFFQZcNKNMC|7,BHDTJdReQLOLOLOVZMYCVCMILRVVPKLZZOJNET|2,BHDTJdReQLOLOLOVZMYCVCMILRVVPKLZZOJNET|4,BHDTJdReQLOLOLOVZMYCVCMILRVVPKLZZOJNET|7,dLYdCeYBFVedKNKNKPMPSXPUEKdDXFZMIbdYeNYT|2,dLYdCeYBFVedKNKNKPMPSXPUEKdDXFZMIbdYeNYT|4,dLYdCeYBFVedKNKNKPMPSXPUEKdDXFZMIbdYeNYT|5,dLYdCeYBFVedKNKNKPMPSXPUEKdDXFZMIbdYeNYT|8,cCGaYSdMbYSfcdReLbFZVGAZbaTaTaET|1,cCGaYSdMbYSfcdReLbFZVGAZbaTaTaET|3,cCGaYSdMbYSfcdReLbFZVGAZbaTaTaET|6,cCGaYSdMbYSfcdReLbFZVGAZbaTaTaET|7,cCHObVXAZQBJbKYbeQMIaSdFaLbFJdDBKFRURURHe|1,cCHObVXAZQBJbKYbeQMIaSdFaLbFJdDBKFRURURHe|7,cCHObVXAZQBJbKYbeQMIaSdFaLbFJdDBKFRURURHe|8&etgwv=&m=UmFuZG9tSVYkc2RlIyh9YYlEt3vTPKUzgbNTkXLEhA37KzbsSpkol66Jpf_LHOz-G7lyGJmB_mytwZLPApOWblKrGJEQwB5s4Fm-CBG80_tOSLJXk5_7qT0SBGw899qmERgdp_5X1AvoUAESlC0M88Q3TTMQJOeddGXo8Mzr8jEWOEWP2TXkYiTxRl1dv_Di1CcUWgJSr_0smp22UIdCXPMdnHm8GRCbbiHtQ6bbi3bK1zZMSa40aU0B2azjTMENyCg08Hr_z566WNNAY6F-2_c4TKOH_hkyF8bR2qyMlBI7WzmFBqdwFG_LNFQ7f9uI3wuD1rGIcvmQ20FII8jP4p7ig1sxxWZ8 HTTP/1.1
Host: www.booking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.booking.com/index.html?aid=1858279
X-Booking-AID: 1858279
X-Booking-CSRF: 9j5vYwAAAAA=m8UlLbNQ4cZOwjEZZUFWn7sKedax-_hrdAnWmoeoTNlB-DiCWwil_isnm7ilWtFv4asLU6W_Lr2c1MaTqieALORUGnJ74Icd3NdhnD8zhY2izpLyo6xQS3qtfQPgRTzOsNdaNocSxT4-V8JzhFEe3G1GUC8cWqpxXrGBEfSzYBnPIh2tfrqzhCCOQQPzpp3VtGNzw3w_Labwatgf
X-Booking-Info: 1588860,1607930,1611780,1615930,1615950,1616480,1617290,1618710,1624940,1625600,1625850,1625890,1626710,1628410,1629290,dDfPWKHAdDECLSCNVAELXT,1624940|2,1607930|1,1617290|1,1625850|4,1617290|3,1625890|2,aaTBNZZJRLESPIDNJDPVBC|1,cCHObTRVEFDEXNBBTZBYSGSYO|5,BHDTJdReQLOLOLOVZMYCVCMILRVVPKLZZOJNET|1,cCHObdRdJJXCcaWQOcNNOaUALOLOLMO|1,dLYdCeYBFVedKNKNKPMPSXPUEKdDXFZMIbdYeNYT|1,cCHObMKdFEVRVVPKLZZVCMISLUDZSedLOLOLMO|1,cCHObMKdFEVRVVPKLZZVCMISLUDZSedLOLOLMO|2,cCHObVZMYCAFFQZcNKNMC|1,cCHObVZMYCAFFQZcNKNMC|2,cCHObVZMYCAFFQZcNKNMC|4,cCHObVZMYCAFFQZcNKNMC|7,BHDTJdReQLOLOLOVZMYCVCMILRVVPKLZZOJNET|2,BHDTJdReQLOLOLOVZMYCVCMILRVVPKLZZOJNET|4,BHDTJdReQLOLOLOVZMYCVCMILRVVPKLZZOJNET|7,dLYdCeYBFVedKNKNKPMPSXPUEKdDXFZMIbdYeNYT|2,dLYdCeYBFVedKNKNKPMPSXPUEKdDXFZMIbdYeNYT|4,dLYdCeYBFVedKNKNKPMPSXPUEKdDXFZMIbdYeNYT|5,dLYdCeYBFVedKNKNKPMPSXPUEKdDXFZMIbdYeNYT|8,cCGaYSdMbYSfcdReLbFZVGAZbaTaTaET|1,cCGaYSdMbYSfcdReLbFZVGAZbaTaTaET|3,cCGaYSdMbYSfcdReLbFZVGAZbaTaTaET|6,cCGaYSdMbYSfcdReLbFZVGAZbaTaTaET|7,cCHObVXAZQBJbKYbeQMIaSdFaLbFJdDBKFRURURHe|1,cCHObVXAZQBJbKYbeQMIaSdFaLbFJdDBKFRURURHe|7,cCHObVXAZQBJbKYbeQMIaSdFaLbFJdDBKFRURURHe|8
X-Booking-Client-Info: dDfPWKHAdDECLSCNVAELXT,aaTBNZZJRLESPIDNJDPVBC|1,cCHObVZMYCAFFQZcNKNMC|1,cCHObVZMYCAFFQZcNKNMC|2,cCHObVZMYCAFFQZcNKNMC|4,cCHObVZMYCAFFQZcNKNMC|7,BHDTJdReQLOLOLOVZMYCVCMILRVVPKLZZOJNET|2,BHDTJdReQLOLOLOVZMYCVCMILRVVPKLZZOJNET|4,BHDTJdReQLOLOLOVZMYCVCMILRVVPKLZZOJNET|7,dLYdCeYBFVedKNKNKPMPSXPUEKdDXFZMIbdYeNYT|2,dLYdCeYBFVedKNKNKPMPSXPUEKdDXFZMIbdYeNYT|4,dLYdCeYBFVedKNKNKPMPSXPUEKdDXFZMIbdYeNYT|5,dLYdCeYBFVedKNKNKPMPSXPUEKdDXFZMIbdYeNYT|8,cCGaYSdMbYSfcdReLbFZVGAZbaTaTaET|1,cCGaYSdMbYSfcdReLbFZVGAZbaTaTaET|3,cCGaYSdMbYSfcdReLbFZVGAZbaTaTaET|6,cCGaYSdMbYSfcdReLbFZVGAZbaTaTaET|7,cCHObVXAZQBJbKYbeQMIaSdFaLbFJdDBKFRURURHe|1,cCHObVXAZQBJbKYbeQMIaSdFaLbFJdDBKFRURURHe|7,cCHObVXAZQBJbKYbeQMIaSdFaLbFJdDBKFRURURHe|8
X-Booking-Label:
X-Booking-Language-Code: en-us
X-Booking-Pageview-Id: 3ab6125bcc5b004e
X-Booking-Session-Id: c13b72d3a09ebb86fd5526aa1e12196b
X-Booking-SiteType-Id: 1
X-Partner-Channel-Id: 2
X-Requested-With: XMLHttpRequest
Connection: keep-alive
Cookie: _pxhd=tVRHTzhUB2HY5bPSAa36RDhf%2F1y%2FeFZNv9IfjuwXklMGwUPgDfFG3MJKDuBDkkfrEBJzb-QJDRmEB1pSZppPxg%3D%3D%3AhfJHf8-EW6XVDQsTmgT8avXW5esSYYI2qnK9Eu4FaI6i6O%2F2Ij3j80rbZcm85kYLQNikphkHA81GV3XSjT7xdB5gh43tIzKYhVa5yZYIb3k%3D; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbiKbS0JOgDBLW4HM2PCTQh835G1mJLpStw8EsTucm6FJ6zlEvILIEIICziBWnygUTU58hNhicPGlCs%2FV%2BzbFYpvm3YtEc6z8WISZK4o7Rr4jkDMZkR5ik0O98%2FN8gXwHDiAjD4zp4Sm7ZNKO%2FeFb8MsGpya5pWXZXLQ1JGHacAKk%3D; cors_js=1; OptanonConsent=isGpcEnabled=0&datestamp=Sat+Nov+12+2022+02%3A36%3A39+GMT%2B0000+(Coordinated+Universal+Time)&version=6.22.0&isIABGlobal=false&hosts=&consentId=770490f1-f1f7-4cbb-87fc-212d45fed12b&interactionCount=0&landingPath=https%3A%2F%2Fwww.booking.com%2Findex.html%3Faid%3D1858279&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0&implicitConsentCountry=GDPR&implicitConsentDate=1668220600076; bkng_frontend_sese_exp=1; bkng_sso_ses=e30; bkng_sso_session=e30; BJS=-
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: text/plain; charset=UTF-8
server: nginx
date: Sat, 12 Nov 2022 02:36:41 GMT
vary: Accept-Encoding, User-Agent
content-encoding: br
strict-transport-security: max-age=604800
content-security-policy-report-only: report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=112&pid=c0d1125ceec4008e&e=UmFuZG9tSVYkc2RlIyh9Yea92wm0yRUjnCBymoy8ejKLxnPiF8gEZYxM9KO-kOD33ajcYsigJY4; frame-ancestors 'none';
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 2nOu7KeJu_QtvV6Ik8gQw271toQ9M4Fjl9qNTv0bYV76x5ADMCQRig==
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/hotel/max500/45976851.jpg?k=7bd839dd07e1384ebfde004069e25090a4a901728e9bdc8e200f411ed243999d&o=
200 OK 26 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/hotel/max500/45976851.jpg?k=7bd839dd07e1384ebfde004069e25090a4a901728e9bdc8e200f411ed243999d&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 500x375, components 3\012- data
Hash a2d80f4132a45db3c5ce21d46cc19592
a41d76087225103f791f585b2a333514aa175ad5
663a527e3a9b699466e086849992d2c18583cfb9fb3063e1399cc97d3ba29e32
GET /xdata/images/hotel/max500/45976851.jpg?k=7bd839dd07e1384ebfde004069e25090a4a901728e9bdc8e200f411ed243999d&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 26169
server: nginx
date: Mon, 31 Oct 2022 09:30:40 GMT
etag: "5503a9dd45630cfb7b141e560f70e47b43a95b5c"
expires: Wed, 30 Nov 2022 09:30:40 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MApPjVLnXxwfsNNu8g5zZ6ECzCCejqYaTgffLd_hvTftJ3iBzLIUPA==
age: 1011961
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/hotel/max500/115324042.jpg?k=d5256e704ea0699668f17867af8bfa411767e8840b34e764f08a2bef3f63b431&o=
200 OK 21 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/hotel/max500/115324042.jpg?k=d5256e704ea0699668f17867af8bfa411767e8840b34e764f08a2bef3f63b431&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 500x333, components 3\012- data
Hash a7926c8d4a8fda7e7ca0a422aa9cd605
86d533ee8bb74bce0b4db94271add967dc9b86fc
c8f4ea3c2e2404dc810ea2815b32501bdf0a90daf64e867a71480efee0dffc8d
GET /xdata/images/hotel/max500/115324042.jpg?k=d5256e704ea0699668f17867af8bfa411767e8840b34e764f08a2bef3f63b431&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 21236
server: nginx
date: Mon, 31 Oct 2022 08:20:27 GMT
etag: "23e3218e190332de3d928324381c5e088e508f28"
expires: Wed, 30 Nov 2022 08:20:27 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZIIReTGCe9QuHgLg3c2q1lqhrmHoU5fpxFD3fUsJd2hP-yq0yt_8Cg==
age: 1016174
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/hotel/max500/113789224.jpg?k=77566e9cd514fd9a14867e97d1c997f07cbed65a0c494b361b0a2175246b5b54&o=
200 OK 21 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/hotel/max500/113789224.jpg?k=77566e9cd514fd9a14867e97d1c997f07cbed65a0c494b361b0a2175246b5b54&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 500x334, components 3\012- data
Hash d67a49fec7bff13b72c63401eae0fc08
d68f349c62c782412e70ba42a20027753f85c78a
f3d4a18edde37ab0927c6f977b89fa2bd587c0e98fad4feeb85a119b28ea75bd
GET /xdata/images/hotel/max500/113789224.jpg?k=77566e9cd514fd9a14867e97d1c997f07cbed65a0c494b361b0a2175246b5b54&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 20702
server: nginx
date: Sat, 29 Oct 2022 07:28:06 GMT
etag: "fcecd6b9971b77f06148d837424a9a1aeaeb1397"
expires: Mon, 28 Nov 2022 07:28:06 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uoKqVM6J-GdLNdUM_lDjsOMIYX9sQV1QtselNVq7LC7zu8wukyErgg==
age: 1192115
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/img/join/bh_carousel_more_background/5132764897ca62019efeefc5ad9c296227434ba9.jpg
200 OK 47 kB URL HTTP/2 t-cf.bstatic.com/static/img/join/bh_carousel_more_background/5132764897ca62019efeefc5ad9c296227434ba9.jpg
IP
File type JPEG image data, JFIF standard 1.01, resolution (DPI), density 72x72, segment length 16, baseline, precision 8, 353x433, components 3\012- data
Hash 3471913b5eaf34016f7f8fd2b795353a
830765f7fccc5bc5a6e6ac6d57648c1f48e86c72
22d1b410f2a9e346185c14dbd28e358bab1edc3d1929751534c39b93010ee131
GET /static/img/join/bh_carousel_more_background/5132764897ca62019efeefc5ad9c296227434ba9.jpg HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://t-cf.bstatic.com/static/css/index_cft.iq_ltr/ef25fcb54cd6b780a46bcfe0263dfba2991aae8d.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 47062
server: nginx
date: Mon, 07 Nov 2022 13:02:21 GMT
last-modified: Mon, 08 Jul 2019 08:01:33 GMT
etag: "5d22f85d-b7d6"
expires: Wed, 07 Dec 2022 13:02:21 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: HPWpuI9Quv4mvxm-Dvbj1pmiJsv3wSR46rNgovv7YkK5ubvPpJyJKw==
age: 394460
X-Firefox-Spdy: h2
www.booking.com/dml/graphql?aid=1858279&lang=en-us
200 OK 3.6 kB URL HTTP/2 www.booking.com/dml/graphql?aid=1858279&lang=en-us
IP
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (14858), with no line terminators
Hash 3b2426daafc38a5bac5587c4a963fc0f
b185059d5cbd4b10aa006915b8523fd0fc91a411
3dfaf256a84ad0299a02c1e836b5a31743ec591935669a6665e9f5c717789a91
POST /dml/graphql?aid=1858279&lang=en-us HTTP/1.1
Host: www.booking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.booking.com/index.html?aid=1858279
content-type: application/json
x-booking-context-action-name: index
x-booking-context-aid: 1858279
x-booking-pageview-id: 3ab6125bcc5b004e
x-booking-site-type-id: 1
x-booking-topic: capla_browser_b-index-lp-web-mfe
Origin: https://www.booking.com
Content-Length: 550
Connection: keep-alive
Cookie: _pxhd=xh1yr5HRceK5PKtECt1YCt6twqiEBG41XKfOgqvRBhUkrN%252FW-K7Whv4mrYsQ3OHF24WQnBlKznzhaysPoXBVUw%253D%253D%253AmvQyZE%252FGD95MrWAqBWOEoe%252FZ%252Ftx4hNbALYLqkfhCgvga0C8DMmz7bqMvgXM8HflyGFfQ61erWaK5rQqAlgB5EiMPtdZ%252F0TAWETpTUYY9nVA%253D; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbnmKTRaewPBvsRiRlztSCxluX%2BqzeKQ%2BDnKa3H4vJlQ4036DtYIKSNjJbUyrTMw0jijkTokMUMH8vin6FPfj5rVzFlyEha%2FDxxA%2Bs2yNjiFBbnilBJrDQmkMtO9Im6KmjmbQxak3S8u44OZrLLTTzfDHyU9Oiu4SrcMXP93YVbVI%3D; cors_js=1; OptanonConsent=isGpcEnabled=0&datestamp=Sat+Nov+12+2022+02%3A36%3A39+GMT%2B0000+(Coordinated+Universal+Time)&version=6.22.0&isIABGlobal=false&hosts=&consentId=770490f1-f1f7-4cbb-87fc-212d45fed12b&interactionCount=0&landingPath=https%3A%2F%2Fwww.booking.com%2Findex.html%3Faid%3D1858279&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0&implicitConsentCountry=GDPR&implicitConsentDate=1668220600076; bkng_frontend_sese_exp=1; bkng_sso_ses=e30; bkng_sso_session=e30
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: application/json; charset=UTF-8
content-length: 3647
server: nginx
date: Sat, 12 Nov 2022 02:36:41 GMT
vary: User-Agent, Accept-Encoding
content-encoding: br
set-cookie: _pxhd=ggcYW8yieZeAzicZ1MXegSL0MWli4iYmthp62WZ3qenKSVvTj%2FY12bhkUI-OwNDuqPCNl5ZB7ZkMKAN8y9UMiQ%3D%3D%3AAmoqoE0wxQW68KOHBcXf0AhIZ51dFjJJ4MWwxGYyPv6bdDfKNt3D0xhsPSy%2Fm0LwOANYqsUhhQQk7uO9prBkIZq7yfx-34W0muhkRr9duIo%3D; domain=booking.com; path=/; expires=Sun, 12-Nov-2023 02:36:40 GMT
bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbwcLxQQ4VaCqdEIohO8MXyyMMWm8TjG1ES%2F8BvvvS2Elo1XhL%2B35LU%2Fo5r4H9DShIfMKKqtT4LTX2xO13Hgt7Rnhu3%2FUROEXnT%2BO1EGtKufUycYySttYd%2FVw1BPVIF%2F2rMyDJr%2FGQiJhPXFr3pTW0xEaIUq11zuryCDV9WYbndg8%3D; domain=.booking.com; path=/; expires=Thu, 11-Nov-2027 02:36:41 GMT; Secure; HTTPOnly; SameSite=None
strict-transport-security: max-age=604800
x-content-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: oCnKMHzTq55-jAQfSFy_HMQTWzWxvtxdbuGZ5_IXju9EgFgbnBFSXA==
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/xphoto/300x240/140040861.jpg?k=b3923be5ee58ae482fc655dacb085266ad442072fb5e267b4c425a591d4bd28b&o=
200 OK 21 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/xphoto/300x240/140040861.jpg?k=b3923be5ee58ae482fc655dacb085266ad442072fb5e267b4c425a591d4bd28b&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash d39ccfe2bd19314bee77123a52e0aefd
01f8cede86ab8add86197ed6f8a7e22c24412618
3f1572d10d71118c50b1f2478edf42b5bd0b2a5fb02c5f476cef309d1eb16523
GET /xdata/images/xphoto/300x240/140040861.jpg?k=b3923be5ee58ae482fc655dacb085266ad442072fb5e267b4c425a591d4bd28b&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 21427
server: nginx
date: Sat, 05 Nov 2022 16:44:02 GMT
etag: "0861b85e0261cb5e1c2e0bdf141668a47daa60f9"
expires: Mon, 05 Dec 2022 16:44:02 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: d5MmUX4QjQ4wEvqQE2_hN5NBDhtOWebtH-dmK7Bt2-KLEsnXsqmKvQ==
age: 553959
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/xphoto/300x240/140040786.jpg?k=7af39f6b3d8c0b3e171d876343c3c26e5cc26a877ed41976a716da57c4dc3ef1&o=
200 OK 7.8 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/xphoto/300x240/140040786.jpg?k=7af39f6b3d8c0b3e171d876343c3c26e5cc26a877ed41976a716da57c4dc3ef1&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash c598c4dcb3727ca8f99b993060427919
b3640d1c65c21563744a2ac2d55fbe10058c3079
2066310b6a21919e4d7facfff9d2896e7c8630e504942e26f6d63db076cfe9df
GET /xdata/images/xphoto/300x240/140040786.jpg?k=7af39f6b3d8c0b3e171d876343c3c26e5cc26a877ed41976a716da57c4dc3ef1&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 7820
server: nginx
date: Mon, 07 Nov 2022 09:49:27 GMT
etag: "71040648a9130afeac322ed0eb93482f70ad73be"
expires: Wed, 07 Dec 2022 09:49:27 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: d8VIhpZVd7sJ3_qYU4qiaIAlZkwIdBJXs0gcABcPxJx15nIt3FieDg==
age: 406034
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/xphoto/300x240/140040692.jpg?k=525a82bc4ff232862f0214df25e19b94535b792955e8f10b3ce2bd151aac0af0&o=
200 OK 12 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/xphoto/300x240/140040692.jpg?k=525a82bc4ff232862f0214df25e19b94535b792955e8f10b3ce2bd151aac0af0&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash ffed4c1c9d2ee092ed991df22804e4b9
6a714c2ef5a865bf30de8a7c1d297d9e57534eca
d0f2672a80a9a2a11387d6ef3910d5c75747463b877e45971ec7426629734718
GET /xdata/images/xphoto/300x240/140040692.jpg?k=525a82bc4ff232862f0214df25e19b94535b792955e8f10b3ce2bd151aac0af0&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 11983
server: nginx
date: Mon, 07 Nov 2022 09:49:27 GMT
etag: "7cc79ebe7e7add834a0cf5703a3caf2fd3f80e71"
expires: Wed, 07 Dec 2022 09:49:27 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: sa1RB1PduETKvHKp9Spqg9bjl0wnIYj6aCnulSUusS0Y8OhgDTi6QA==
age: 406034
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/xphoto/300x240/140050621.jpg?k=f744dfb0b4f12cd94190d738a75eb6a0d5d58e5a971496bb789391c05a60bdba&o=
200 OK 17 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/xphoto/300x240/140050621.jpg?k=f744dfb0b4f12cd94190d738a75eb6a0d5d58e5a971496bb789391c05a60bdba&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash 0f61c800a3d9b0841e0c0760099b6bd8
e27b3b3eb5fbe350822cfa78f207c0608c47eecb
340612fdff510f6a24f8bb4e624959f6dad356aead3d5f2abcc2ccbe230d0d25
GET /xdata/images/xphoto/300x240/140050621.jpg?k=f744dfb0b4f12cd94190d738a75eb6a0d5d58e5a971496bb789391c05a60bdba&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 17441
server: nginx
date: Thu, 27 Oct 2022 11:34:03 GMT
etag: "3815cd0b39506f6db332e337e75f5276f7d5eac9"
expires: Sat, 26 Nov 2022 11:34:03 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Vl_d9MfKt1SRzK0m5xXauaf25BNTCd1sMPYaiQhIMuu_dyFWVulVdg==
age: 1350158
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/css/fonticons_clean/base64/woff/5d61b8a7156073e5e3e9741f65dda44ae3eef7d2.css
200 OK 117 kB URL HTTP/2 t-cf.bstatic.com/static/css/fonticons_clean/base64/woff/5d61b8a7156073e5e3e9741f65dda44ae3eef7d2.css
IP
File type ASCII text, with very long lines (65487)
Size 117 kB (117386 bytes)
Hash 244c0419f857218ead4f0e0152bb6ed7
ac99ddec9626bdf6614d272d7df7f3d9a6276ce4
222ccf972a7ebd6947bd23143bb59750c494a83c4e38105a82966e28c52c1656
GET /static/css/fonticons_clean/base64/woff/5d61b8a7156073e5e3e9741f65dda44ae3eef7d2.css HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
server: nginx
date: Wed, 09 Nov 2022 03:09:22 GMT
last-modified: Wed, 10 Apr 2019 11:21:48 GMT
etag: W/"5cadd1cc-375af"
expires: Fri, 09 Dec 2022 03:09:22 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: baRNDg2Ns4kOLDcGGb0CmPqprnzJvj2ebcwVeGsi0jwtAcdw1a03eA==
age: 257239
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/xphoto/300x240/140040762.jpg?k=7a9446b459690b60fba2d74ecd856b1c34b896ba3f9e231eff82abbfc8956b15&o=
200 OK 17 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/xphoto/300x240/140040762.jpg?k=7a9446b459690b60fba2d74ecd856b1c34b896ba3f9e231eff82abbfc8956b15&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash 65e38b40c58827e57fd0cff25009e4ba
8460e679a4da3541a3e7a17aecde2238da826c1d
df53b855667fd3c922bc4c5a960890b5497a7f890c9fb216adaa94fbaf40ac0c
GET /xdata/images/xphoto/300x240/140040762.jpg?k=7a9446b459690b60fba2d74ecd856b1c34b896ba3f9e231eff82abbfc8956b15&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 16779
server: nginx
date: Mon, 07 Nov 2022 09:49:27 GMT
etag: "668d6c19ada6498f74eb3ec3f5def9250b5bdec4"
expires: Wed, 07 Dec 2022 09:49:27 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: SuqCVfFnu2iHBFclhvt3chF-l_HBNpPrhJ-FPzIzaXhzJebgmOOaWA==
age: 406034
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/xphoto/300x240/140040491.jpg?k=ad6e6050b93fe65224a29659793533d6562b424ee35882cb392c115d58ea1354&o=
200 OK 7.0 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/xphoto/300x240/140040491.jpg?k=ad6e6050b93fe65224a29659793533d6562b424ee35882cb392c115d58ea1354&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash da527d4ac8f4cb107e6a40c480d70d14
97fc6a9c91bb910fcf92b0e5dc4ec079385a0cc9
d4a7526e92a83ee550c888d6a3677b3c694393b979b442cd4c1f4a9d4def9759
GET /xdata/images/xphoto/300x240/140040491.jpg?k=ad6e6050b93fe65224a29659793533d6562b424ee35882cb392c115d58ea1354&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 6982
server: nginx
date: Fri, 04 Nov 2022 08:16:59 GMT
etag: "2708836cf21d5ff67f89d3dbf8afc25d6bd9e52f"
expires: Sun, 04 Dec 2022 08:16:59 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8_1Nhz9XNmc07qRdvMnh1pIlSU2ZGPdbtGAzs00V6YVI2F1EDqv-4Q==
age: 670782
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/xphoto/300x240/140040870.jpg?k=b3e16242c2f01e3493f03bf8b863b6561f8c52b43fa48569d7446d94874bd080&o=
200 OK 12 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/xphoto/300x240/140040870.jpg?k=b3e16242c2f01e3493f03bf8b863b6561f8c52b43fa48569d7446d94874bd080&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash 53edea1fadbd43623cbaf3da9da24419
a034eab2a360a9b2a94b4bbb2ec999bd27524f17
a9593ed4bdec054997e16c6ede0ceb76dc652041fe6378f8320c571ac460c96b
GET /xdata/images/xphoto/300x240/140040870.jpg?k=b3e16242c2f01e3493f03bf8b863b6561f8c52b43fa48569d7446d94874bd080&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 11607
server: nginx
date: Fri, 04 Nov 2022 08:16:59 GMT
etag: "20bbb4622e80c04815ac4e337be3fd7bc4471af7"
expires: Sun, 04 Dec 2022 08:16:59 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EPwBWP2_B7XL2qD7dZKx1ON45szGtzhYeKY6LnB-O0PZJte54XyPpQ==
age: 670782
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/xphoto/300x240/140040599.jpg?k=574957ec36a2177a4b46f64993121848e62e61ced3932d1fdb6504f95652b439&o=
200 OK 13 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/xphoto/300x240/140040599.jpg?k=574957ec36a2177a4b46f64993121848e62e61ced3932d1fdb6504f95652b439&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash d3809e03fb1ae8fcef94ef19dca6228d
b97f714288003f6b3834ea9bc2a961ced5b89606
a000cfd08bff2b7ba4397d160bc02de6d5283e18bb06c8b3b018f41460108000
GET /xdata/images/xphoto/300x240/140040599.jpg?k=574957ec36a2177a4b46f64993121848e62e61ced3932d1fdb6504f95652b439&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 12804
server: nginx
date: Wed, 02 Nov 2022 09:25:43 GMT
etag: "a7551d9d784f968d65b16dec2178149bf076d971"
expires: Fri, 02 Dec 2022 09:25:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: V-cslCh3zDmTjTZyjWItBU4S3UGS39BYAVQWnRQ9fHHrXptHG4wk_Q==
age: 839458
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/xphoto/300x240/140050289.jpg?k=38a9f0bcadf1da09016399bec85f5d5b1ec53a8c24ae929da523e09c47db429b&o=
200 OK 18 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/xphoto/300x240/140050289.jpg?k=38a9f0bcadf1da09016399bec85f5d5b1ec53a8c24ae929da523e09c47db429b&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash c11c7f9c8c482a844fa9f35a23ef554c
e4d700adcb02b63e9c6111dd857512eee1cbefe2
99aae4a81e7e564eecc8b4ed4db1d692542e37ee7b486bca7eef047ca0849056
GET /xdata/images/xphoto/300x240/140050289.jpg?k=38a9f0bcadf1da09016399bec85f5d5b1ec53a8c24ae929da523e09c47db429b&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 17735
server: nginx
date: Fri, 04 Nov 2022 08:16:59 GMT
etag: "0d6f84029fc3613b262daacbd07fa6d1756db89b"
expires: Sun, 04 Dec 2022 08:16:59 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6dvDA0Fj4kkRYfqo4f_ySTtihuNo1doZq0rDZ2BYDnInTy-6Ywatdg==
age: 670782
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/xphoto/300x240/140040807.jpg?k=9cab54a3a43d3b941837c79958b284376005784e9ded8dadcbb83e39e25fcb9e&o=
200 OK 17 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/xphoto/300x240/140040807.jpg?k=9cab54a3a43d3b941837c79958b284376005784e9ded8dadcbb83e39e25fcb9e&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash 6b69600400c2e34e52ac22b8280a471e
04b0fa66f7203b41bc5bcb9773afdb035cf68793
1e1547673775158c1b697974f7161f71b87530d3f1e565f18bd975579e67ef57
GET /xdata/images/xphoto/300x240/140040807.jpg?k=9cab54a3a43d3b941837c79958b284376005784e9ded8dadcbb83e39e25fcb9e&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 17072
server: nginx
date: Sun, 06 Nov 2022 07:18:43 GMT
etag: "c74e0121df7dc17e3eab620cc39b0d12f200a119"
expires: Tue, 06 Dec 2022 07:18:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: fO1SwdbHEJ1uxv1T2G0S-mlhb2XqCbw9KrcK68G3knxyj9xoDHAlfg==
age: 501478
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/xphoto/300x240/140040549.jpg?k=47295571a3c7ad6e86a62047a4aceb3c8c0a19f5b4b86d6eafab42d61abad33e&o=
200 OK 14 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/xphoto/300x240/140040549.jpg?k=47295571a3c7ad6e86a62047a4aceb3c8c0a19f5b4b86d6eafab42d61abad33e&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash f53be5a5dc8a5e0852c37ecef3f57e80
95e46d745e83d3e5767d50c82ddda8b871239225
4f4fd90acbda0f964439cf256b5ad16a879a517226656911b91ed51f96e38171
GET /xdata/images/xphoto/300x240/140040549.jpg?k=47295571a3c7ad6e86a62047a4aceb3c8c0a19f5b4b86d6eafab42d61abad33e&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 13659
server: nginx
date: Wed, 09 Nov 2022 12:03:44 GMT
etag: "b16685775d88da04a38237a9ea6f9e60300fbf94"
expires: Fri, 09 Dec 2022 12:03:44 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: mf900-TrOwf7KuQVP40WLU6jiqGJfVTY6eF5CYlYMWqBhsT14L0OVA==
age: 225177
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/xphoto/300x240/140040444.jpg?k=78183a30bc77a7f4eb2550c457f0645c654b2c70f80b40258ffa926712392726&o=
200 OK 18 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/xphoto/300x240/140040444.jpg?k=78183a30bc77a7f4eb2550c457f0645c654b2c70f80b40258ffa926712392726&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash 6f57315028bfce58a9111a97386b32f8
f865cb601c242c7945fceb5cdbd39af8e22ee68d
b51cb67e6a957bf93a45b47510f5b355d3779812dc4d46a3f2653baa3bbd8396
GET /xdata/images/xphoto/300x240/140040444.jpg?k=78183a30bc77a7f4eb2550c457f0645c654b2c70f80b40258ffa926712392726&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 18535
server: nginx
date: Wed, 02 Nov 2022 09:25:43 GMT
etag: "5e630f2dabbbc5a7eec44c93fd410cf06bddcee3"
expires: Fri, 02 Dec 2022 09:25:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LmhkIeWWsPmMDllchgwSH2pZZxa0oZ5nJNeX9m6Upy4MVn_BAXCxuQ==
age: 839458
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/xphoto/300x240/140052116.jpg?k=e94346578a825ccf04f419c702577198d3d6c797aec34b2b0f58678af9e90dd0&o=
200 OK 12 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/xphoto/300x240/140052116.jpg?k=e94346578a825ccf04f419c702577198d3d6c797aec34b2b0f58678af9e90dd0&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash 4dde8ac450ded1d8d519f89b54df536e
c0a91335d7ae7b2193a125f7dd713a3fa10a3c03
7f9e23934ff3e05b17c81977e3429b17908bf98f5b7fa350ba102a33565fe523
GET /xdata/images/xphoto/300x240/140052116.jpg?k=e94346578a825ccf04f419c702577198d3d6c797aec34b2b0f58678af9e90dd0&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 11892
server: nginx
date: Sun, 06 Nov 2022 10:58:53 GMT
etag: "d8c934d0b608d77f79fbf66ae3ac29b5decc1ac7"
expires: Tue, 06 Dec 2022 10:58:53 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: O2boTpaxHubeCAJG3-RfFc3jzy4WibIkDMKbxB3Cp6uAaL72f8HnXQ==
age: 488268
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/xphoto/300x240/140040635.jpg?k=329ec95c88a102f72b8bbb381ce82f86f29a3fc4f4652b0c2ec768aee8f5ae4c&o=
200 OK 11 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/xphoto/300x240/140040635.jpg?k=329ec95c88a102f72b8bbb381ce82f86f29a3fc4f4652b0c2ec768aee8f5ae4c&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash 803716a18dfcbff4ec89fc3c654cb930
a67609f33b295ca8cd8c1c886b50f272d98628cc
c497e60866f9e42e0307d57527ac5220da67166f21a77c45cd6f99f8c3fdef50
GET /xdata/images/xphoto/300x240/140040635.jpg?k=329ec95c88a102f72b8bbb381ce82f86f29a3fc4f4652b0c2ec768aee8f5ae4c&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 10747
server: nginx
date: Sun, 06 Nov 2022 10:58:53 GMT
etag: "27e21d82a2425ac6f7c50ee80b783c81d10ba66a"
expires: Tue, 06 Dec 2022 10:58:53 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Ai9kzZgeN6WgYWLHbMDMuB6z5VuK9fvH_Sune8_Vf4JsdyqrUz2pUw==
age: 488268
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash b7fe8a86a3d347bdeb6506296aad0f30
a9faa8a20ce10b3cbda82b26ebe41758add11af3
24552bf05f4f7f732144aa9285c9e72d51b4cf354d3c7b8b84906370abd8699c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 02:36:41 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 10 Nov 2022 17:38:15 GMT
Expires: Thu, 17 Nov 2022 17:38:14 GMT
Etag: "a9faa8a20ce10b3cbda82b26ebe41758add11af3"
Cache-Control: max-age=485492,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb5
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 768be1a62f46b512-OSL
t-cf.bstatic.com/xdata/images/xphoto/300x240/140050289.jpg?k=38a9f0bcadf1da09016399bec85f5d5b1ec53a8c24ae929da523e09c47db429b&o=
200 OK 18 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/xphoto/300x240/140050289.jpg?k=38a9f0bcadf1da09016399bec85f5d5b1ec53a8c24ae929da523e09c47db429b&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash c11c7f9c8c482a844fa9f35a23ef554c
e4d700adcb02b63e9c6111dd857512eee1cbefe2
99aae4a81e7e564eecc8b4ed4db1d692542e37ee7b486bca7eef047ca0849056
GET /xdata/images/xphoto/300x240/140050289.jpg?k=38a9f0bcadf1da09016399bec85f5d5b1ec53a8c24ae929da523e09c47db429b&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 17735
server: nginx
date: Fri, 04 Nov 2022 08:16:59 GMT
etag: "0d6f84029fc3613b262daacbd07fa6d1756db89b"
expires: Sun, 04 Dec 2022 08:16:59 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1qpY5_49z4-CoJFF6Sl-fFK6ScCkMjuadjdVypNrxpbY9VAQ48pw5A==
age: 670782
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/xphoto/300x240/140040807.jpg?k=9cab54a3a43d3b941837c79958b284376005784e9ded8dadcbb83e39e25fcb9e&o=
200 OK 17 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/xphoto/300x240/140040807.jpg?k=9cab54a3a43d3b941837c79958b284376005784e9ded8dadcbb83e39e25fcb9e&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash 6b69600400c2e34e52ac22b8280a471e
04b0fa66f7203b41bc5bcb9773afdb035cf68793
1e1547673775158c1b697974f7161f71b87530d3f1e565f18bd975579e67ef57
GET /xdata/images/xphoto/300x240/140040807.jpg?k=9cab54a3a43d3b941837c79958b284376005784e9ded8dadcbb83e39e25fcb9e&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 17072
server: nginx
date: Sun, 06 Nov 2022 07:18:43 GMT
etag: "c74e0121df7dc17e3eab620cc39b0d12f200a119"
expires: Tue, 06 Dec 2022 07:18:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: E08HB3rSR5uw4kijLgNSJoTqVdTUEqRqJWJc2GPxvedz0vUov4gb2Q==
age: 501478
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/xphoto/300x240/140040549.jpg?k=47295571a3c7ad6e86a62047a4aceb3c8c0a19f5b4b86d6eafab42d61abad33e&o=
200 OK 14 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/xphoto/300x240/140040549.jpg?k=47295571a3c7ad6e86a62047a4aceb3c8c0a19f5b4b86d6eafab42d61abad33e&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash f53be5a5dc8a5e0852c37ecef3f57e80
95e46d745e83d3e5767d50c82ddda8b871239225
4f4fd90acbda0f964439cf256b5ad16a879a517226656911b91ed51f96e38171
GET /xdata/images/xphoto/300x240/140040549.jpg?k=47295571a3c7ad6e86a62047a4aceb3c8c0a19f5b4b86d6eafab42d61abad33e&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 13659
server: nginx
date: Wed, 09 Nov 2022 12:03:44 GMT
etag: "b16685775d88da04a38237a9ea6f9e60300fbf94"
expires: Fri, 09 Dec 2022 12:03:44 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: hAOEsHOezR6V2_Hs9FVRF21WDVwyYn27YGsb80C2a6rO4ZFYDdBnfg==
age: 225177
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/xphoto/300x240/140040444.jpg?k=78183a30bc77a7f4eb2550c457f0645c654b2c70f80b40258ffa926712392726&o=
200 OK 18 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/xphoto/300x240/140040444.jpg?k=78183a30bc77a7f4eb2550c457f0645c654b2c70f80b40258ffa926712392726&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash 6f57315028bfce58a9111a97386b32f8
f865cb601c242c7945fceb5cdbd39af8e22ee68d
b51cb67e6a957bf93a45b47510f5b355d3779812dc4d46a3f2653baa3bbd8396
GET /xdata/images/xphoto/300x240/140040444.jpg?k=78183a30bc77a7f4eb2550c457f0645c654b2c70f80b40258ffa926712392726&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 18535
server: nginx
date: Wed, 02 Nov 2022 09:25:43 GMT
etag: "5e630f2dabbbc5a7eec44c93fd410cf06bddcee3"
expires: Fri, 02 Dec 2022 09:25:43 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Z7Vu5Hykq5ea4IJ-L6pD-JmjRN7bWKe-I41FDe13iuin2DgVJrs8jA==
age: 839458
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/xphoto/300x240/140052116.jpg?k=e94346578a825ccf04f419c702577198d3d6c797aec34b2b0f58678af9e90dd0&o=
200 OK 12 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/xphoto/300x240/140052116.jpg?k=e94346578a825ccf04f419c702577198d3d6c797aec34b2b0f58678af9e90dd0&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash 4dde8ac450ded1d8d519f89b54df536e
c0a91335d7ae7b2193a125f7dd713a3fa10a3c03
7f9e23934ff3e05b17c81977e3429b17908bf98f5b7fa350ba102a33565fe523
GET /xdata/images/xphoto/300x240/140052116.jpg?k=e94346578a825ccf04f419c702577198d3d6c797aec34b2b0f58678af9e90dd0&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 11892
server: nginx
date: Sun, 06 Nov 2022 10:58:53 GMT
etag: "d8c934d0b608d77f79fbf66ae3ac29b5decc1ac7"
expires: Tue, 06 Dec 2022 10:58:53 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UPaYhIvrKfaOdsqPAXbNRMBFsHFP3UYH9OhHapHl78j20JoX99zlIg==
age: 488268
X-Firefox-Spdy: h2
t-cf.bstatic.com/xdata/images/xphoto/300x240/140040635.jpg?k=329ec95c88a102f72b8bbb381ce82f86f29a3fc4f4652b0c2ec768aee8f5ae4c&o=
200 OK 11 kB URL HTTP/2 t-cf.bstatic.com/xdata/images/xphoto/300x240/140040635.jpg?k=329ec95c88a102f72b8bbb381ce82f86f29a3fc4f4652b0c2ec768aee8f5ae4c&o=
IP
File type JPEG image data, JFIF standard 1.02, aspect ratio, density 1x1, segment length 16, baseline, precision 8, 300x240, components 3\012- data
Hash 803716a18dfcbff4ec89fc3c654cb930
a67609f33b295ca8cd8c1c886b50f272d98628cc
c497e60866f9e42e0307d57527ac5220da67166f21a77c45cd6f99f8c3fdef50
GET /xdata/images/xphoto/300x240/140040635.jpg?k=329ec95c88a102f72b8bbb381ce82f86f29a3fc4f4652b0c2ec768aee8f5ae4c&o= HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: image/jpeg
content-length: 10747
server: nginx
date: Sun, 06 Nov 2022 10:58:53 GMT
etag: "27e21d82a2425ac6f7c50ee80b783c81d10ba66a"
expires: Tue, 06 Dec 2022 10:58:53 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
x-xss-protection: 1; mode=block
timing-allow-origin: *
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: W_OjiKkEN2RP1cafgnTcMQRUrdGLDrlSKzxgmuHm0gzeDjWha5IJJw==
age: 488268
X-Firefox-Spdy: h2
collector-pxikkul2rm.px-cloud.net/api/v2/collector
200 OK 925 B URL HTTP/2 collector-pxikkul2rm.px-cloud.net/api/v2/collector
IP
File type JSON data\012- , ASCII text, with very long lines (924)
Hash 35a026757fe0898f7a377c13f149b3f3
f60dc08297aaaad1237d93a9d9b9efdc23c2d0c2
88f1f7e59b0568b6713740f21ffdf5b8b560726668b255781328b12eb13a14fb
POST /api/v2/collector HTTP/1.1
Host: collector-pxikkul2rm.px-cloud.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 729
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:36:41 GMT
content-type: application/json; charset=utf-8
content-length: 925
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.booking.com
timing-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
www.booking.com/js_tracking?ref_action=index&ver=2&stype=1&lang=en-us&pid=3ab6125bcc5b004e&ete=&etg=&etcg=&ets=&etgwv=js_wcu_trip_type_based_destination_number_of_types|4
200 OK 35 B URL HTTP/2 www.booking.com/js_tracking?ref_action=index&ver=2&stype=1&lang=en-us&pid=3ab6125bcc5b004e&ete=&etg=&etcg=&ets=&etgwv=js_wcu_trip_type_based_destination_number_of_types|4
IP
Hash 79a611524d7c43a354c589264cc2376e
2e25649d9a8a208302be0502b47a0e44b07bc7c1
c7a9af81f3467d3c95760df18d0853bda8c191f612fb2e8b2b5c4ed941fbaf1a
GET /js_tracking?ref_action=index&ver=2&stype=1&lang=en-us&pid=3ab6125bcc5b004e&ete=&etg=&etcg=&ets=&etgwv=js_wcu_trip_type_based_destination_number_of_types|4 HTTP/1.1
Host: www.booking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.booking.com/index.html?aid=1858279
X-Booking-Info:
X-Booking-Client-Info:
X-Booking-Pageview-Id: 3ab6125bcc5b004e
X-Booking-SiteType-Id: 1
X-Booking-Language-Code: en-us
X-Booking-AID: 1858279
X-Booking-Session-Id: 722fd11b72c2548f39c09d1461e97774
X-Booking-ET-Serialized-State: EIXmg9Wr0zrdZlfPKdLh5oPNzoy2_rSIeeyrcM2zJJpZ8PTQ4N43v9OMm4PMwQUFd
Connection: keep-alive
Cookie: _pxhd=ggcYW8yieZeAzicZ1MXegSL0MWli4iYmthp62WZ3qenKSVvTj%2FY12bhkUI-OwNDuqPCNl5ZB7ZkMKAN8y9UMiQ%3D%3D%3AAmoqoE0wxQW68KOHBcXf0AhIZ51dFjJJ4MWwxGYyPv6bdDfKNt3D0xhsPSy%2Fm0LwOANYqsUhhQQk7uO9prBkIZq7yfx-34W0muhkRr9duIo%3D; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbwcLxQQ4VaCqdEIohO8MXyyMMWm8TjG1ES%2F8BvvvS2Elo1XhL%2B35LU%2Fo5r4H9DShIfMKKqtT4LTX2xO13Hgt7Rnhu3%2FUROEXnT%2BO1EGtKufUycYySttYd%2FVw1BPVIF%2F2rMyDJr%2FGQiJhPXFr3pTW0xEaIUq11zuryCDV9WYbndg8%3D; cors_js=1; OptanonConsent=isGpcEnabled=0&datestamp=Sat+Nov+12+2022+02%3A36%3A39+GMT%2B0000+(Coordinated+Universal+Time)&version=6.22.0&isIABGlobal=false&hosts=&consentId=770490f1-f1f7-4cbb-87fc-212d45fed12b&interactionCount=0&landingPath=https%3A%2F%2Fwww.booking.com%2Findex.html%3Faid%3D1858279&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0&implicitConsentCountry=GDPR&implicitConsentDate=1668220600076; bkng_frontend_sese_exp=1; bkng_sso_ses=e30; bkng_sso_session=e30; BJS=-
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
content-type: image/gif
content-length: 35
server: nginx
date: Sat, 12 Nov 2022 02:36:41 GMT
vary: User-Agent, Accept-Encoding
content-encoding: br
strict-transport-security: max-age=604800
content-security-policy-report-only: frame-ancestors 'none'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=112&pid=6d94125c469a00a5&e=UmFuZG9tSVYkc2RlIyh9Yea92wm0yRUjnCBymoy8ejLRrKkxNCoTopYV3OM_FcsbAUIpd9p_Hu4;
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gHGbL9HxfxfXp2YoyzzqAS7MXpj_D4LzxfCijxwRLwFtIzbYv0pk9w==
X-Firefox-Spdy: h2
ocsp.sectigo.com/
200 OK 472 B IP
Hash b7fe8a86a3d347bdeb6506296aad0f30
a9faa8a20ce10b3cbda82b26ebe41758add11af3
24552bf05f4f7f732144aa9285c9e72d51b4cf354d3c7b8b84906370abd8699c
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 12 Nov 2022 02:36:41 GMT
Content-Type: application/ocsp-response
Content-Length: 472
Connection: keep-alive
Last-Modified: Thu, 10 Nov 2022 17:38:15 GMT
Expires: Thu, 17 Nov 2022 17:38:14 GMT
Etag: "a9faa8a20ce10b3cbda82b26ebe41758add11af3"
Cache-Control: max-age=485492,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 768be1a81844b512-OSL
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 43e77312eb1fe87b78c7335565ad91e0
121493fd255c444f54ab21ef95d70a6b071eed11
a3ea328acdc6b1af8e29b8bf2dc16ae587bd7323d930d3c52efd665e510a108b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:36:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 471 B IP
Hash 05bb9af901ca5b651e88fcbe236711f5
18412da7fc2d868fc74bc3e7c44b4add4bbbdef9
9b87e90e4f5356da47fd562f7d06c8fbdef90d011e8c20e5687afbeaf6e7d29b
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:36:41 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 50b7ad7d0cb47a73140b0c340b5b72b4
5b7fd8d7d4a5fb963c33d52675ef3be152f4e7e3
494e1c3410c113871960bd9b35b3d89c0d404ecb836c03669a8522d159391cd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:36:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
t-cf.bstatic.com/psb/capla/static/js/client.2f9415b1.js
200 OK 5.9 kB URL HTTP/2 t-cf.bstatic.com/psb/capla/static/js/client.2f9415b1.js
IP
File type ASCII text, with very long lines (31250)
Hash de265e63fb2cc374eaaf8784eea9d6a1
64837526cdcaf6e718a62a78d43d577afdf14da5
8b2f87dad8456d1cbb5fc86f8be073d64b16e8dd1d4c179af53617deefe68c1d
GET /psb/capla/static/js/client.2f9415b1.js HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Fri, 11 Nov 2022 16:40:24 GMT
etag: W/"fe47680b95f5d43d5ab3c4fbcaf67865"
x-amz-meta-x-deployment-hash: foo
x-amz-server-side-encryption: AES256
last-modified: Fri, 11 Nov 2022 16:31:53 GMT
x-amz-expiration: expiry-date="Sat, 11 Mar 2023 16:31:53 GMT", rule-id=""
expires: Sun, 11 Dec 2022 16:40:24 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: CoMoW2tfwv4I3cQGt4YcoWYQIE02TCkCBX2SRii22VTOBA373CHBYg==
age: 35775
X-Firefox-Spdy: h2
accounts.google.com/gsi/client
200 OK 106 kB URL HTTP/2 accounts.google.com/gsi/client
IP
File type ASCII text, with very long lines (1027)
Size 106 kB (105982 bytes)
Hash 988d857c8c6a778bdabaac8f5953e59f
39638913aae356056fa02debd99c43a3f60c517b
bf93f0e1125af074f95d4be8bcd7884bd4f5015a5578f0dad97f1fb75c4148a8
GET /gsi/client HTTP/1.1
Host: accounts.google.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
expires: Sat, 12 Nov 2022 02:36:41 GMT
date: Sat, 12 Nov 2022 02:36:41 GMT
cache-control: private, max-age=1800
report-to: {"group":"coop_dd7de8473bddc59c6b748810a67a39b1","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/dd7de8473bddc59c6b748810a67a39b1"}]}
content-security-policy: script-src 'nonce-BFaXg4c6wcKmSh74qFDoIw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http, require-trusted-types-for 'script';report-uri https://csp.withgoogle.com/csp/identity-sign-in-google-http
cross-origin-opener-policy-report-only: same-origin; report-to="coop_dd7de8473bddc59c6b748810a67a39b1"
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owps.ttf
200 OK 27 kB URL HTTP/2 fonts.gstatic.com/s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owps.ttf
IP
File type TrueType Font data, 17 tables, 1st "GDEF", 7 names, Microsoft, language 0x409, Copyright 2015 Google LLC. All Rights Reserved.Google SansRegularGoogle;GoogleSans-RegularGoogle\012- data
Hash 097c4b560f821fb05c628abb70fab199
4650bf1244b6cba45b222aa269c96ad8ea95ab42
a9bd7cfb72481bd844fa2e3cd4019c8b2ab2a232b50cabe62f8d9483e284f672
GET /s/googlesans/v14/4UaGrENHsxJlGDuGo1OIlL3Owps.ttf HTTP/1.1
Host: fonts.gstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://accounts.google.com
Connection: keep-alive
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 27191
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 12 Nov 2022 00:34:03 GMT
expires: Sun, 12 Nov 2023 00:34:03 GMT
cache-control: public, max-age=31536000
age: 7359
last-modified: Mon, 22 Apr 2019 23:42:54 GMT
content-type: font/ttf
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2
ocsp.pki.goog/gts1c3
200 OK 472 B IP
Hash 50b7ad7d0cb47a73140b0c340b5b72b4
5b7fd8d7d4a5fb963c33d52675ef3be152f4e7e3
494e1c3410c113871960bd9b35b3d89c0d404ecb836c03669a8522d159391cd9
POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:36:42 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN
ocsp.digicert.com/
200 OK 314 B IP
Hash 5f9c75ddb2d519fd4660d3c60b74479a
685a76ffe5fd9ee2490866bb29c9049964968a2a
ddd345229f6d5320b325ad9b6072b2940e7ba3e27c2e7b169a8ed13ac04e46aa
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 304
Cache-Control: max-age=115912
Content-Type: application/ocsp-response
Date: Sat, 12 Nov 2022 02:36:42 GMT
Etag: "636e2752-13a"
Expires: Sun, 13 Nov 2022 10:48:34 GMT
Last-Modified: Fri, 11 Nov 2022 10:43:30 GMT
Server: ECS (ska/F704)
X-Cache: HIT
Content-Length: 314
collector-pxikkul2rm.px-cloud.net/api/v2/collector
200 OK 573 B URL HTTP/2 collector-pxikkul2rm.px-cloud.net/api/v2/collector
IP
File type JSON data\012- , ASCII text, with very long lines (572)
Hash 68f0e23aa4e788748668b65f52e3e560
d8eb6b4b9e7909a7332638bd51d2d29c2381f960
b6366b0b5c7e2727460a792325b810ac29b6b86543a0f973d6c7d6e307849b1e
POST /api/v2/collector HTTP/1.1
Host: collector-pxikkul2rm.px-cloud.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/x-www-form-urlencoded
Content-Length: 4408
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
date: Sat, 12 Nov 2022 02:36:41 GMT
content-type: application/json; charset=utf-8
content-length: 573
access-control-allow-credentials: true
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-origin: https://www.booking.com
timing-allow-origin: *
via: 1.1 google
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
X-Firefox-Spdy: h2
secure.booking.com/login.html?lang=en-us&state=UqwCJ-Mv_A4YwSpg3-kGaAPnFl4mhzuiU2zSoxSQzMLasxqekHAv0qPs40fCazpuqsHBH5GpKxdaUw_CxeNeLM88RpZM5orYj8sd8pfBT7q5SfjVxsCSvrPOy6BgHWoLFhGP7a2g_xHMjxhuKhHPl2G8MMjBmVglaBHtJsAHF6zDctetKuutuYuNZv_fUaKlFQSllB3WbdpUC-ThDRBEB0a0nZys9O7g8Kje54gNaGYPns-5m25Qq8CPFF64ra5nE3cnnc0fVq7i6TxQTpNAFzDEYEFc1gXVHw3_oqKplpw39PDB0m3DcSbBp3viYB8iSmj6jLge-mZpfFC4mEfeOKUZGkY6bsmIwg7nhdadqcOWI26YuDSX81tV1GtqVBttQDFZBdATQfDX_xjScXc4&aid=304142&op=oauth_return&code=EHSAkqh49zV0nAoSwCRxH9GAbU9YCrC0Ketp1HJtvDuHMBJrO0BEOANa7FmpzNaS9saCpN1BSaVwOBOuMz0CR8zxm3AYRbSQBdLccsBEPHcjpJxc3NnGSekAqX4uvbhYjwvWy4DBNZ6FqM2zWMqjSNRZdIEbH2GZlqRG
302 Found 61 kB URL HTTP/1.1 secure.booking.com/login.html?lang=en-us&state=UqwCJ-Mv_A4YwSpg3-kGaAPnFl4mhzuiU2zSoxSQzMLasxqekHAv0qPs40fCazpuqsHBH5GpKxdaUw_CxeNeLM88RpZM5orYj8sd8pfBT7q5SfjVxsCSvrPOy6BgHWoLFhGP7a2g_xHMjxhuKhHPl2G8MMjBmVglaBHtJsAHF6zDctetKuutuYuNZv_fUaKlFQSllB3WbdpUC-ThDRBEB0a0nZys9O7g8Kje54gNaGYPns-5m25Qq8CPFF64ra5nE3cnnc0fVq7i6TxQTpNAFzDEYEFc1gXVHw3_oqKplpw39PDB0m3DcSbBp3viYB8iSmj6jLge-mZpfFC4mEfeOKUZGkY6bsmIwg7nhdadqcOWI26YuDSX81tV1GtqVBttQDFZBdATQfDX_xjScXc4&aid=304142&op=oauth_return&code=EHSAkqh49zV0nAoSwCRxH9GAbU9YCrC0Ketp1HJtvDuHMBJrO0BEOANa7FmpzNaS9saCpN1BSaVwOBOuMz0CR8zxm3AYRbSQBdLccsBEPHcjpJxc3NnGSekAqX4uvbhYjwvWy4DBNZ6FqM2zWMqjSNRZdIEbH2GZlqRG
IP
File type gzip compressed data, max compression\012- data
Hash a256d787372ac724aee94864027c90a5
f15770bdaf0747ed4def6f267bd69c31fd59ba94
8916e976640a2daf0f1cdcfb5dfcc530fbba38c8f5112061bc13298ea6cb944e
GET /login.html?lang=en-us&state=UqwCJ-Mv_A4YwSpg3-kGaAPnFl4mhzuiU2zSoxSQzMLasxqekHAv0qPs40fCazpuqsHBH5GpKxdaUw_CxeNeLM88RpZM5orYj8sd8pfBT7q5SfjVxsCSvrPOy6BgHWoLFhGP7a2g_xHMjxhuKhHPl2G8MMjBmVglaBHtJsAHF6zDctetKuutuYuNZv_fUaKlFQSllB3WbdpUC-ThDRBEB0a0nZys9O7g8Kje54gNaGYPns-5m25Qq8CPFF64ra5nE3cnnc0fVq7i6TxQTpNAFzDEYEFc1gXVHw3_oqKplpw39PDB0m3DcSbBp3viYB8iSmj6jLge-mZpfFC4mEfeOKUZGkY6bsmIwg7nhdadqcOWI26YuDSX81tV1GtqVBttQDFZBdATQfDX_xjScXc4&aid=304142&op=oauth_return&code=EHSAkqh49zV0nAoSwCRxH9GAbU9YCrC0Ketp1HJtvDuHMBJrO0BEOANa7FmpzNaS9saCpN1BSaVwOBOuMz0CR8zxm3AYRbSQBdLccsBEPHcjpJxc3NnGSekAqX4uvbhYjwvWy4DBNZ6FqM2zWMqjSNRZdIEbH2GZlqRG HTTP/1.1
Host: secure.booking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.booking.com/
Connection: keep-alive
Cookie: _pxhd=ggcYW8yieZeAzicZ1MXegSL0MWli4iYmthp62WZ3qenKSVvTj%2FY12bhkUI-OwNDuqPCNl5ZB7ZkMKAN8y9UMiQ%3D%3D%3AAmoqoE0wxQW68KOHBcXf0AhIZ51dFjJJ4MWwxGYyPv6bdDfKNt3D0xhsPSy%2Fm0LwOANYqsUhhQQk7uO9prBkIZq7yfx-34W0muhkRr9duIo%3D; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbwcLxQQ4VaCqdEIohO8MXyyMMWm8TjG1ES%2F8BvvvS2Elo1XhL%2B35LU%2Fo5r4H9DShIfMKKqtT4LTX2xO13Hgt7Rnhu3%2FUROEXnT%2BO1EGtKufUycYySttYd%2FVw1BPVIF%2F2rMyDJr%2FGQiJhPXFr3pTW0xEaIUq11zuryCDV9WYbndg8%3D; cors_js=1; bkng_frontend_sese_exp=1; bkng_sso_ses=eyJib29raW5nX2dsb2JhbCI6W3siaCI6InRYemtlOW5jNmN5M3dQMDZ5NkY4TVY1WWN5OGUzTEFEa0srcjEydCtBSFUiLCJhIjoxfV19; bkng_sso_session=e30; BJS=-; _px3=de91cf97fcaf8cb2c82360702a30ae5148de2da6af89f8e7163f31921b0c9d91:dgTltUlYJU2K1+xHbI4Cai/RFTk5BvjB5QCE8MuJRYK4r2dvtbpDcFxt0EM+E80DUJ7dRCjNzQIJdIvjXYOwiQ==:1000:/7fjULyuq5fiEvM2wqqkEDyDUgsTKnsuDMGv7j6XHAZF8VwdApG7gGGoeglnE3CiLSkyHQO5zpXQkJyE/scId2veccg82v0FdC+x/j+MgWCiNr1ZcUYile60wAwFtF+Uw8nqVFCjjJNTL6ueh8W5XAM+Sso5vykgZmMNoOhvFgHoY1bMGOOAENsVtdTq7N+fB2Eyc6rRAx2aGbqE4shVSw==; pxcts=d71f7946-6232-11ed-af1e-584f4b464a78; _pxvid=d6a76257-6232-11ed-9382-6e7174776d77; _pxde=23671f81ea771acbe3e50a8287753b1ddbf7f8c21fac1e6603d45cd58701db34:eyJ0aW1lc3RhbXAiOjE2NjgyMjA2MDE1NjQsImZfa2IiOjAsImlwY19pZCI6W119
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
HTTP/1.1 302 Found
server: nginx
date: Sat, 12 Nov 2022 02:36:42 GMT
transfer-encoding: chunked
cache-control: no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0
location: https://www.booking.com/general.en-us.html?aid=1858279&iframe=1&sid=c13b72d3a09ebb86fd5526aa1e12196b&tmpl=profile%2Flogin_callback_anon_session
nel: {"report_to":"default","max_age":604800}
report-to: {"group":"default","max_age":604800,"endpoints":[{"url":"https://nellie.booking.com/report"}]}
set-cookie: bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLblgO%2Fz4BDP5sWXk9giGeUG2s2ygrp4XOJA%2BKZKMRwkpSFoLeV%2F3%2FTWAnADh%2B%2FG0Lbnyi8INws%2FIQKNZvSNb6QJRH8eq6uBFSfLzPRrNZryxhJklqJm26oaGhlvE67BOvMuBZPOEn2kPxtR%2BtiwG33V6YdG6BETSz2BWKJryXwlhc%3D; domain=.booking.com; path=/; expires=Thu, 11-Nov-2027 02:36:42 GMT; Secure; HTTPOnly; SameSite=None
strict-transport-security: max-age=17280000
x-content-type-options: nosniff
x-recruiting: Like HTTP headers? Come write ours: https://careers.booking.com
x-xss-protection: 1; mode=block
www.booking.com/general.en-us.html?aid=1858279&iframe=1&sid=c13b72d3a09ebb86fd5526aa1e12196b&tmpl=profile%2Flogin_callback_anon_session
200 OK 205 B URL HTTP/2 www.booking.com/general.en-us.html?aid=1858279&iframe=1&sid=c13b72d3a09ebb86fd5526aa1e12196b&tmpl=profile%2Flogin_callback_anon_session
IP
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 8723392285e63b605b271e9e5007fa50
bec582643ca85641c8d396c2a05123df382c13e3
91a20d3ad12ef016b2004c154c8b063910a85230492950e9b0e09eea0bfff923
GET /general.en-us.html?aid=1858279&iframe=1&sid=c13b72d3a09ebb86fd5526aa1e12196b&tmpl=profile%2Flogin_callback_anon_session HTTP/1.1
Host: www.booking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.booking.com/
Connection: keep-alive
Cookie: _pxhd=ggcYW8yieZeAzicZ1MXegSL0MWli4iYmthp62WZ3qenKSVvTj%2FY12bhkUI-OwNDuqPCNl5ZB7ZkMKAN8y9UMiQ%3D%3D%3AAmoqoE0wxQW68KOHBcXf0AhIZ51dFjJJ4MWwxGYyPv6bdDfKNt3D0xhsPSy%2Fm0LwOANYqsUhhQQk7uO9prBkIZq7yfx-34W0muhkRr9duIo%3D; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLblgO%2Fz4BDP5sWXk9giGeUG2s2ygrp4XOJA%2BKZKMRwkpSFoLeV%2F3%2FTWAnADh%2B%2FG0Lbnyi8INws%2FIQKNZvSNb6QJRH8eq6uBFSfLzPRrNZryxhJklqJm26oaGhlvE67BOvMuBZPOEn2kPxtR%2BtiwG33V6YdG6BETSz2BWKJryXwlhc%3D; cors_js=1; OptanonConsent=isGpcEnabled=0&datestamp=Sat+Nov+12+2022+02%3A36%3A39+GMT%2B0000+(Coordinated+Universal+Time)&version=6.22.0&isIABGlobal=false&hosts=&consentId=770490f1-f1f7-4cbb-87fc-212d45fed12b&interactionCount=0&landingPath=https%3A%2F%2Fwww.booking.com%2Findex.html%3Faid%3D1858279&groups=C0001%3A1%2CC0002%3A0%2CC0004%3A0&implicitConsentCountry=GDPR&implicitConsentDate=1668220600076; bkng_frontend_sese_exp=1; bkng_sso_ses=eyJib29raW5nX2dsb2JhbCI6W3siaCI6InRYemtlOW5jNmN5M3dQMDZ5NkY4TVY1WWN5OGUzTEFEa0srcjEydCtBSFUiLCJhIjoxfV19; bkng_sso_session=e30; BJS=-; _px3=a8163af2f75b046b3b90df4912d01ac8740c9ce715a230278cad1f9e2efff79e:yC9iumrbaw0gZgRrSZJDJvsV01w8bKabqS/WRFrom2TUaQ+zWptTe4j00kA9i87tLaUbFqtAGi1HZV53UNaGew==:1000:dnX97qCS1hiE7kFicIyqvjKgWkE3blg0uzA0disakq8RKQVGyQr6yPTxNAB6/03x7hqaYD0InH8U3zjJ+/chAk3Jw9/EVXXMe1a7+OwJPHfhNHI7rky20pcRcxbpBCJPgK0CZDqIGlplY6iOq8ww9iOD16WuDUugntWqxfT4hKeB3/krb8jtqK31ApF4YjsGQ8Z+ekhTnTtpqJEFn+2UNQ==; pxcts=d71f7946-6232-11ed-af1e-584f4b464a78; _pxvid=d6a76257-6232-11ed-9382-6e7174776d77; _pxff_ddtc=1; _pxde=30b481923327e596abee465bd903d3f1d6c0618bb92999cdbe4841c9014b3888:eyJ0aW1lc3RhbXAiOjE2NjgyMjA2MDIzNTEsImZfa2IiOjAsImlwY19pZCI6W119; lastSeen=1668220601568
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
content-type: text/html; charset=UTF-8
content-length: 205
server: nginx
date: Sat, 12 Nov 2022 02:36:42 GMT
cache-control: private
vary: User-Agent, Accept-Encoding
content-encoding: br
nel: {"max_age":604800,"report_to":"default"}
report-to: {"group":"default","endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":604800}
set-cookie: px_init=0; domain=booking.com; expires=Fri, 22-Nov-2075 05:13:24 GMT; SameSite=Strict; secure; HttpOnly
bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbbmD9q%2B5pe3Wzs28Akeo8P1t0Kb4yh8k7EFcegS59AA88OEuVVv%2BLKLhsj%2BRkvBLRZr7LgVMN8jLeqv9pEne4Tr9YPWYoyn690vQA5lOrGKAOOrCgwpjXh67VWdrfzRhGDGF%2F4CR7R5zMyt%2BIma%2FXLPtxHlrCS0zcffCeOYyhaU4%3D; domain=.booking.com; path=/; expires=Thu, 11-Nov-2027 02:36:42 GMT; Secure; HTTPOnly; SameSite=None
strict-transport-security: max-age=604800
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -K-4EgE9-qugk--G1_2nbOn5WrAm14Wz4-nL5hB8pEEsy4QRU09kew==
X-Firefox-Spdy: h2
account.booking.com/collector/anon_session_init
204 No Content 0 B URL HTTP/2 account.booking.com/collector/anon_session_init
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /collector/anon_session_init HTTP/1.1
Host: account.booking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.booking.com/
Origin: https://www.booking.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
server: envoy
date: Sat, 12 Nov 2022 02:36:42 GMT
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.booking.com
access-control-max-age: 1728000
set-cookie: bkng_sso_ses=e30; domain=.booking.com; path=/; expires=Thu, 11-Nov-2027 02:36:42 GMT; secure; HttpOnly
bkng_ap_sso_session=eyJib29raW5nX2dsb2JhbCI6eyJkYXRhX3N1YmplY3RfaWQiOiJhMmMwMGQyNy1kNDBmLTRiZjYtYmE4My1iZThmYzIxMTM0NzAiLCJzZXNzaW9ucyI6W119fQ; domain=account.booking.com; path=/; expires=Thu, 11-Nov-2027 02:36:42 GMT; secure; HttpOnly
bkng_sso_session=e30; domain=.booking.com; path=/; expires=Thu, 11-Nov-2027 02:36:42 GMT; secure; HttpOnly
content-security-policy: frame-ancestors https://*.booking.com 'self'; report-uri https://nellie.booking.com/csp-report-uri?type=block&tag=42&pid=30ec125d970502d9&e=UmFuZG9tSVYkc2RlIyh9YTVpYxb9mtJD3cReeqMXo_5qxpf4W7JwdfdvBlyk9NlKcLEfSqFdAHuJUmoS1jnI5l8Ckpav_Buh2I8NJLAkmT_v2XtH3z--EgVIurJw_ypTo9WJ1AoS7XfgM3be6B1TTRw5fpYmU1CS;
content-security-policy-report-only: default-src *.bstatic.com bstatic.com 'self'; style-src *.bstatic.com bstatic.com *.static.booking.cn 'self' 'unsafe-inline'; base-uri 'none'; img-src 'self' data: www.booking.com graph.facebook.com cdn.cookielaw.org account.booking.com *.bstatic.com bstatic.com *.static.booking.cn www.google-analytics.com www.google.com stats.g.doubleclick.net *.px-cloud.net *.perimeterx.net www.gstatic.com; frame-src https://www.youtube.com/embed/Vv4w5SmRkss *.bstatic.com https://www.google.com bstatic.com www.booking.com secure.booking.com paymentcomponent.booking.com 'self'; object-src 'none'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=41&pid=30ec125d970502d9&e=UmFuZG9tSVYkc2RlIyh9YTVpYxb9mtJD3cReeqMXo_5qxpf4W7JwdfdvBlyk9NlKcLEfSqFdAHuJUmoS1jnI5l8Ckpav_Buh2I8NJLAkmT_v2XtH3z--EgVIurJw_ypTo9WJ1AoS7XfgM3be6B1TTRw5fpYmU1CS; connect-src saa.booking.com secure.booking.com reports.booking.com privacyportal-eu.onetrust.com geolocation.onetrust.com cdn.cookielaw.org www.google-analytics.com *.perimeterx.net *.pxchk.net *.px-cdn.net *.px-client.net *.px-cloud.net 'self' 'report-sample'; script-src saa.booking.com *.bstatic.com bstatic.com *.static.booking.cn www.google.com www.google-analytics.com cdn.cookielaw.org geolocation.onetrust.com 'self' 'nonce-SWSYIN9LZq8co2n' 'report-sample';
strict-transport-security: max-age=17280000
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 fc5e625db631bc657fc73f189d53fa14.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 4Q2b2d5Gp9SY5rsNJcvRc3OS_-wKoRBdQLt2W6RzCthspJgBs5-V6w==
X-Firefox-Spdy: h2
account.booking.com/collector/anon_session_init
204 No Content 0 B URL HTTP/2 account.booking.com/collector/anon_session_init
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /collector/anon_session_init HTTP/1.1
Host: account.booking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.booking.com/
Content-Type: application/json
Content-Length: 144
Origin: https://www.booking.com
Connection: keep-alive
Cookie: _pxhd=ggcYW8yieZeAzicZ1MXegSL0MWli4iYmthp62WZ3qenKSVvTj%2FY12bhkUI-OwNDuqPCNl5ZB7ZkMKAN8y9UMiQ%3D%3D%3AAmoqoE0wxQW68KOHBcXf0AhIZ51dFjJJ4MWwxGYyPv6bdDfKNt3D0xhsPSy%2Fm0LwOANYqsUhhQQk7uO9prBkIZq7yfx-34W0muhkRr9duIo%3D; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbbmD9q%2B5pe3Wzs28Akeo8P1t0Kb4yh8k7EFcegS59AA88OEuVVv%2BLKLhsj%2BRkvBLRZr7LgVMN8jLeqv9pEne4Tr9YPWYoyn690vQA5lOrGKAOOrCgwpjXh67VWdrfzRhGDGF%2F4CR7R5zMyt%2BIma%2FXLPtxHlrCS0zcffCeOYyhaU4%3D; cors_js=1; bkng_frontend_sese_exp=1; bkng_ap_sso_session=eyJib29raW5nX2dsb2JhbCI6eyJkYXRhX3N1YmplY3RfaWQiOiI5NjM0N2E3Ni04NWNjLTQ5MjUtYTNlOS1lNzk0YWZkNzdkODciLCJzZXNzaW9ucyI6W3sicmVmcmVzaF90b2tlbiI6IkNBRVNkMUoxVDdnVEY1OHZyNkV6bXgzNmVrd3lTVTQ1SzlZOVc3UG9kN3djWGNNUTV4LTMzeWd6a1N0TWU2MHR1VzBORUxscGw5OWlWVGhGcXZKNmxtSjVoR0FvLUtqa3VNemJ3QWM5NWJycDc1eFFUMGJhY1o3VXZMZzh4SGpZUG5DR3BRMVNjZXdoTUtKWDl0OVV1bzBYZzAyQlNld0ZVeHhGIiwic2Vzc2lvbl9yZWZlcmVuY2UiOiJhYmE1M2MzYy03YTM5LTRlNzItODcwNC1hNTA1MTkxZWNmOWQifV19fQ; bkng_sso_ses=eyJib29raW5nX2dsb2JhbCI6W3siaCI6InRYemtlOW5jNmN5M3dQMDZ5NkY4TVY1WWN5OGUzTEFEa0srcjEydCtBSFUiLCJhIjoxfV19; bkng_sso_session=e30; BJS=-; _px3=a8163af2f75b046b3b90df4912d01ac8740c9ce715a230278cad1f9e2efff79e:yC9iumrbaw0gZgRrSZJDJvsV01w8bKabqS/WRFrom2TUaQ+zWptTe4j00kA9i87tLaUbFqtAGi1HZV53UNaGew==:1000:dnX97qCS1hiE7kFicIyqvjKgWkE3blg0uzA0disakq8RKQVGyQr6yPTxNAB6/03x7hqaYD0InH8U3zjJ+/chAk3Jw9/EVXXMe1a7+OwJPHfhNHI7rky20pcRcxbpBCJPgK0CZDqIGlplY6iOq8ww9iOD16WuDUugntWqxfT4hKeB3/krb8jtqK31ApF4YjsGQ8Z+ekhTnTtpqJEFn+2UNQ==; pxcts=d71f7946-6232-11ed-af1e-584f4b464a78; _pxvid=d6a76257-6232-11ed-9382-6e7174776d77; _pxde=30b481923327e596abee465bd903d3f1d6c0618bb92999cdbe4841c9014b3888:eyJ0aW1lc3RhbXAiOjE2NjgyMjA2MDIzNTEsImZfa2IiOjAsImlwY19pZCI6W119; lastSeen=1668220601568
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 204 No Content
server: envoy
date: Sat, 12 Nov 2022 02:36:42 GMT
access-control-allow-credentials: true
access-control-allow-headers: DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
access-control-allow-methods: POST
access-control-allow-origin: https://www.booking.com
access-control-max-age: 1728000
set-cookie: bkng_ap_sso_session=eyJib29raW5nX2dsb2JhbCI6eyJzZXNzaW9ucyI6W3sicmVmcmVzaF90b2tlbiI6IkNBRVNkMUoxVDdnVEY1OHZyNkV6bXgzNmVrd3lTVTQ1SzlZOVc3UG9kN3djWGNNUTV4LTMzeWd6a1N0TWU2MHR1VzBORUxscGw5OWlWVGhGcXZKNmxtSjVoR0FvLUtqa3VNemJ3QWM5NWJycDc1eFFUMGJhY1o3VXZMZzh4SGpZUG5DR3BRMVNjZXdoTUtKWDl0OVV1bzBYZzAyQlNld0ZVeHhGIiwic2Vzc2lvbl9yZWZlcmVuY2UiOiJhYmE1M2MzYy03YTM5LTRlNzItODcwNC1hNTA1MTkxZWNmOWQifV0sImRhdGFfc3ViamVjdF9pZCI6Ijk2MzQ3YTc2LTg1Y2MtNDkyNS1hM2U5LWU3OTRhZmQ3N2Q4NyJ9fQ; domain=account.booking.com; path=/; expires=Thu, 11-Nov-2027 02:36:42 GMT; secure; HttpOnly
bkng_sso_session=e30; domain=.booking.com; path=/; expires=Thu, 11-Nov-2027 02:36:42 GMT; secure; HttpOnly
bkng_sso_ses=eyJib29raW5nX2dsb2JhbCI6W3siYSI6MSwiaCI6InRYemtlOW5jNmN5M3dQMDZ5NkY4TVY1WWN5OGUzTEFEa0srcjEydCtBSFUifV19; domain=.booking.com; path=/; expires=Thu, 11-Nov-2027 02:36:42 GMT; secure; HttpOnly
content-security-policy: report-uri https://nellie.booking.com/csp-report-uri?type=block&tag=42&pid=fb83125d7ca902a8&e=UmFuZG9tSVYkc2RlIyh9YTVpYxb9mtJD3cReeqMXo_5qxpf4W7JwdfdvBlyk9NlKcLEfSqFdAHv1CmYlbsbmyirNXm6MJ_S6d1wWGe6fE6L4Udx8pl8sAr_vROH4HznuR0VjB31dVe3kOAe8q-aq5g; frame-ancestors https://*.booking.com 'self';
content-security-policy-report-only: connect-src saa.booking.com secure.booking.com reports.booking.com privacyportal-eu.onetrust.com geolocation.onetrust.com cdn.cookielaw.org www.google-analytics.com *.perimeterx.net *.pxchk.net *.px-cdn.net *.px-client.net *.px-cloud.net 'self' 'report-sample'; style-src *.bstatic.com bstatic.com *.static.booking.cn 'self' 'unsafe-inline'; object-src 'none'; script-src saa.booking.com *.bstatic.com bstatic.com *.static.booking.cn www.google.com www.google-analytics.com cdn.cookielaw.org geolocation.onetrust.com 'self' 'nonce-l2w7CuNhpjkF5WQ' 'report-sample'; base-uri 'none'; img-src 'self' data: www.booking.com graph.facebook.com cdn.cookielaw.org account.booking.com *.bstatic.com bstatic.com *.static.booking.cn www.google-analytics.com www.google.com stats.g.doubleclick.net *.px-cloud.net *.perimeterx.net www.gstatic.com; frame-src https://www.youtube.com/embed/Vv4w5SmRkss *.bstatic.com https://www.google.com bstatic.com www.booking.com secure.booking.com paymentcomponent.booking.com 'self'; default-src *.bstatic.com bstatic.com 'self'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=41&pid=fb83125d7ca902a8&e=UmFuZG9tSVYkc2RlIyh9YTVpYxb9mtJD3cReeqMXo_5qxpf4W7JwdfdvBlyk9NlKcLEfSqFdAHv1CmYlbsbmyirNXm6MJ_S6d1wWGe6fE6L4Udx8pl8sAr_vROH4HznuR0VjB31dVe3kOAe8q-aq5g;
strict-transport-security: max-age=17280000
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: r2k11FtavzBDZBQ2Xb5FgMdCzi4ErLiTYRijaxJfWvlQdkaE1ob2bQ==
X-Firefox-Spdy: h2
t-cf.bstatic.com/psb/capla/static/js/534.3a9f7ba2.chunk.js
200 OK 16 kB URL HTTP/2 t-cf.bstatic.com/psb/capla/static/js/534.3a9f7ba2.chunk.js
IP
File type ASCII text, with very long lines (55658)
Hash 35ce912db94c155f9c76bfdc50fb4e7b
273db8bd8a2b37c87b100115c95eccd2ef939576
9499a5b49af88351e74b6e8bad95dea4837e806a363415112a790780c8959b30
GET /psb/capla/static/js/534.3a9f7ba2.chunk.js HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Thu, 10 Nov 2022 18:06:27 GMT
etag: W/"528bc4179be6029faa98f789b43c59d7"
x-amz-meta-x-deployment-hash: foo
x-amz-server-side-encryption: AES256
last-modified: Thu, 10 Nov 2022 17:35:56 GMT
x-amz-expiration: expiry-date="Fri, 10 Mar 2023 17:35:56 GMT", rule-id=""
expires: Sat, 10 Dec 2022 18:06:27 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kxXwVc4zhwb-oNLmC7_6qZUiL-NB0BZgJRpnnDtAORtlOZmU_T6XeQ==
age: 117012
X-Firefox-Spdy: h2
privacyportal-eu.onetrust.com/request/v1/consentreceipts
201 Created 0 B URL HTTP/2 privacyportal-eu.onetrust.com/request/v1/consentreceipts
IP
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /request/v1/consentreceipts HTTP/1.1
Host: privacyportal-eu.onetrust.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 7838
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 201 Created
date: Sat, 12 Nov 2022 02:36:44 GMT
content-length: 0
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: *
cf-cache-status: DYNAMIC
strict-transport-security: max-age=31536000; includeSubDomains; preload
server: cloudflare
cf-ray: 768be1b84d8db50f-OSL
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/js/error_catcher_bec_cft/282f83b6049fe9bacd964cb6ea8a6d5447528b14.js
200 OK 0 B URL HTTP/2 t-cf.bstatic.com/static/js/error_catcher_bec_cft/282f83b6049fe9bacd964cb6ea8a6d5447528b14.js
IP
GET /static/js/error_catcher_bec_cft/282f83b6049fe9bacd964cb6ea8a6d5447528b14.js HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Sat, 05 Nov 2022 09:05:40 GMT
last-modified: Mon, 06 Sep 2021 09:43:20 GMT
etag: W/"6135e2b8-178d"
expires: Mon, 05 Dec 2022 09:05:40 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xxh95fDsVFgowsH3QUzSWHWJ2xgGCELe4GbFaDwTSYPgNrQLGWkZ7A==
age: 581458
X-Firefox-Spdy: h2
t-cf.bstatic.com/psb/capla/static/js/797.80fa9db8.chunk.js
200 OK 0 B URL HTTP/2 t-cf.bstatic.com/psb/capla/static/js/797.80fa9db8.chunk.js
IP
GET /psb/capla/static/js/797.80fa9db8.chunk.js HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Thu, 10 Nov 2022 18:06:27 GMT
etag: W/"677c11db007201e27a5aa3ad30c284d1"
x-amz-meta-x-deployment-hash: foo
x-amz-server-side-encryption: AES256
last-modified: Thu, 10 Nov 2022 17:35:56 GMT
x-amz-expiration: expiry-date="Fri, 10 Mar 2023 17:35:56 GMT", rule-id=""
expires: Sat, 10 Dec 2022 18:06:27 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wkQad6rcOjKyRCclRrtHRUf0K56w_TMsyJVvd4QeX6SntCP4xEsNiA==
age: 117012
X-Firefox-Spdy: h2
account.booking.com/oauth2/authorize/v2?client_id=vO1Kblk7xX9tUn2cpZLS&redirect_uri=https%3A%2F%2Fsecure.booking.com%2Flogin.html%3Fop%3Doauth_return&response_type=anon_session&prompt=none&iframe=1&dt=1668220601334&state=UqwCJ-Mv_A4YwSpg3-kGaAPnFl4mhzuiU2zSoxSQzMLasxqekHAv0qPs40fCazpuqsHBH5GpKxdaUw_CxeNeLM88RpZM5orYj8sd8pfBT7q5SfjVxsCSvrPOy6BgHWoLFhGP7a2g_xHMjxhuKhHPl2G8MMjBmVglaBHtJsAHF6zDctetKuutuYuNZv_fUaKlFQSllB3WbdpUC-ThDRBEB0a0nZys9O7g8Kje54gNaGYPns-5m25Qq8CPFF64ra5nE3cnnc0fVq7i6TxQTpNAFzDEYEFc1gXVHw3_oqKplpw39PDB0m3DcSbBp3viYB8iSmj6jLge-mZpfFC4mEfeOKUZGkY6bsmIwg7nhdadqcOWI26YuDSX81tV1GtqVBttQDFZBdATQfDX_xjScXc4&bkng_referrer=https%3A%2F%2Fwww.booking.com%2Findex.html&bkng_action=index
302 Found 0 B URL HTTP/2 account.booking.com/oauth2/authorize/v2?client_id=vO1Kblk7xX9tUn2cpZLS&redirect_uri=https%3A%2F%2Fsecure.booking.com%2Flogin.html%3Fop%3Doauth_return&response_type=anon_session&prompt=none&iframe=1&dt=1668220601334&state=UqwCJ-Mv_A4YwSpg3-kGaAPnFl4mhzuiU2zSoxSQzMLasxqekHAv0qPs40fCazpuqsHBH5GpKxdaUw_CxeNeLM88RpZM5orYj8sd8pfBT7q5SfjVxsCSvrPOy6BgHWoLFhGP7a2g_xHMjxhuKhHPl2G8MMjBmVglaBHtJsAHF6zDctetKuutuYuNZv_fUaKlFQSllB3WbdpUC-ThDRBEB0a0nZys9O7g8Kje54gNaGYPns-5m25Qq8CPFF64ra5nE3cnnc0fVq7i6TxQTpNAFzDEYEFc1gXVHw3_oqKplpw39PDB0m3DcSbBp3viYB8iSmj6jLge-mZpfFC4mEfeOKUZGkY6bsmIwg7nhdadqcOWI26YuDSX81tV1GtqVBttQDFZBdATQfDX_xjScXc4&bkng_referrer=https%3A%2F%2Fwww.booking.com%2Findex.html&bkng_action=index
IP
GET /oauth2/authorize/v2?client_id=vO1Kblk7xX9tUn2cpZLS&redirect_uri=https%3A%2F%2Fsecure.booking.com%2Flogin.html%3Fop%3Doauth_return&response_type=anon_session&prompt=none&iframe=1&dt=1668220601334&state=UqwCJ-Mv_A4YwSpg3-kGaAPnFl4mhzuiU2zSoxSQzMLasxqekHAv0qPs40fCazpuqsHBH5GpKxdaUw_CxeNeLM88RpZM5orYj8sd8pfBT7q5SfjVxsCSvrPOy6BgHWoLFhGP7a2g_xHMjxhuKhHPl2G8MMjBmVglaBHtJsAHF6zDctetKuutuYuNZv_fUaKlFQSllB3WbdpUC-ThDRBEB0a0nZys9O7g8Kje54gNaGYPns-5m25Qq8CPFF64ra5nE3cnnc0fVq7i6TxQTpNAFzDEYEFc1gXVHw3_oqKplpw39PDB0m3DcSbBp3viYB8iSmj6jLge-mZpfFC4mEfeOKUZGkY6bsmIwg7nhdadqcOWI26YuDSX81tV1GtqVBttQDFZBdATQfDX_xjScXc4&bkng_referrer=https%3A%2F%2Fwww.booking.com%2Findex.html&bkng_action=index HTTP/1.1
Host: account.booking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.booking.com/
Connection: keep-alive
Cookie: _pxhd=ggcYW8yieZeAzicZ1MXegSL0MWli4iYmthp62WZ3qenKSVvTj%2FY12bhkUI-OwNDuqPCNl5ZB7ZkMKAN8y9UMiQ%3D%3D%3AAmoqoE0wxQW68KOHBcXf0AhIZ51dFjJJ4MWwxGYyPv6bdDfKNt3D0xhsPSy%2Fm0LwOANYqsUhhQQk7uO9prBkIZq7yfx-34W0muhkRr9duIo%3D; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbwcLxQQ4VaCqdEIohO8MXyyMMWm8TjG1ES%2F8BvvvS2Elo1XhL%2B35LU%2Fo5r4H9DShIfMKKqtT4LTX2xO13Hgt7Rnhu3%2FUROEXnT%2BO1EGtKufUycYySttYd%2FVw1BPVIF%2F2rMyDJr%2FGQiJhPXFr3pTW0xEaIUq11zuryCDV9WYbndg8%3D; cors_js=1; bkng_frontend_sese_exp=1; bkng_ap_sso_session=eyJib29raW5nX2dsb2JhbCI6eyJkYXRhX3N1YmplY3RfaWQiOiI5NjM0N2E3Ni04NWNjLTQ5MjUtYTNlOS1lNzk0YWZkNzdkODciLCJzZXNzaW9ucyI6W119fQ; bkng_sso_ses=e30; bkng_sso_session=e30; BJS=-; _px3=de91cf97fcaf8cb2c82360702a30ae5148de2da6af89f8e7163f31921b0c9d91:dgTltUlYJU2K1+xHbI4Cai/RFTk5BvjB5QCE8MuJRYK4r2dvtbpDcFxt0EM+E80DUJ7dRCjNzQIJdIvjXYOwiQ==:1000:/7fjULyuq5fiEvM2wqqkEDyDUgsTKnsuDMGv7j6XHAZF8VwdApG7gGGoeglnE3CiLSkyHQO5zpXQkJyE/scId2veccg82v0FdC+x/j+MgWCiNr1ZcUYile60wAwFtF+Uw8nqVFCjjJNTL6ueh8W5XAM+Sso5vykgZmMNoOhvFgHoY1bMGOOAENsVtdTq7N+fB2Eyc6rRAx2aGbqE4shVSw==; pxcts=d71f7946-6232-11ed-af1e-584f4b464a78; _pxvid=d6a76257-6232-11ed-9382-6e7174776d77; _pxde=23671f81ea771acbe3e50a8287753b1ddbf7f8c21fac1e6603d45cd58701db34:eyJ0aW1lc3RhbXAiOjE2NjgyMjA2MDE1NjQsImZfa2IiOjAsImlwY19pZCI6W119
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 302 Found
location: https://secure.booking.com/login.html?lang=en-us&state=UqwCJ-Mv_A4YwSpg3-kGaAPnFl4mhzuiU2zSoxSQzMLasxqekHAv0qPs40fCazpuqsHBH5GpKxdaUw_CxeNeLM88RpZM5orYj8sd8pfBT7q5SfjVxsCSvrPOy6BgHWoLFhGP7a2g_xHMjxhuKhHPl2G8MMjBmVglaBHtJsAHF6zDctetKuutuYuNZv_fUaKlFQSllB3WbdpUC-ThDRBEB0a0nZys9O7g8Kje54gNaGYPns-5m25Qq8CPFF64ra5nE3cnnc0fVq7i6TxQTpNAFzDEYEFc1gXVHw3_oqKplpw39PDB0m3DcSbBp3viYB8iSmj6jLge-mZpfFC4mEfeOKUZGkY6bsmIwg7nhdadqcOWI26YuDSX81tV1GtqVBttQDFZBdATQfDX_xjScXc4&aid=304142&op=oauth_return&code=EHSAkqh49zV0nAoSwCRxH9GAbU9YCrC0Ketp1HJtvDuHMBJrO0BEOANa7FmpzNaS9saCpN1BSaVwOBOuMz0CR8zxm3AYRbSQBdLccsBEPHcjpJxc3NnGSekAqX4uvbhYjwvWy4DBNZ6FqM2zWMqjSNRZdIEbH2GZlqRG
server: envoy
date: Sat, 12 Nov 2022 02:36:41 GMT
set-cookie: bkng_sso_session=e30; domain=.booking.com; path=/; expires=Thu, 11-Nov-2027 02:36:41 GMT; secure; HttpOnly
bkng_ap_sso_session=eyJib29raW5nX2dsb2JhbCI6eyJkYXRhX3N1YmplY3RfaWQiOiI5NjM0N2E3Ni04NWNjLTQ5MjUtYTNlOS1lNzk0YWZkNzdkODciLCJzZXNzaW9ucyI6W3sicmVmcmVzaF90b2tlbiI6IkNBRVNkMUoxVDdnVEY1OHZyNkV6bXgzNmVrd3lTVTQ1SzlZOVc3UG9kN3djWGNNUTV4LTMzeWd6a1N0TWU2MHR1VzBORUxscGw5OWlWVGhGcXZKNmxtSjVoR0FvLUtqa3VNemJ3QWM5NWJycDc1eFFUMGJhY1o3VXZMZzh4SGpZUG5DR3BRMVNjZXdoTUtKWDl0OVV1bzBYZzAyQlNld0ZVeHhGIiwic2Vzc2lvbl9yZWZlcmVuY2UiOiJhYmE1M2MzYy03YTM5LTRlNzItODcwNC1hNTA1MTkxZWNmOWQifV19fQ; domain=account.booking.com; path=/; expires=Thu, 11-Nov-2027 02:36:41 GMT; secure; HttpOnly
bkng_sso_ses=eyJib29raW5nX2dsb2JhbCI6W3siaCI6InRYemtlOW5jNmN5M3dQMDZ5NkY4TVY1WWN5OGUzTEFEa0srcjEydCtBSFUiLCJhIjoxfV19; domain=.booking.com; path=/; expires=Thu, 11-Nov-2027 02:36:41 GMT; secure; HttpOnly
bkng_expired_hint=; domain=.booking.com; path=/; expires=Fri, 11-Nov-2022 02:36:41 GMT; secure; HttpOnly
content-security-policy: report-uri https://nellie.booking.com/csp-report-uri?type=block&tag=42&pid=e259125c088703b7&e=UmFuZG9tSVYkc2RlIyh9YTVpYxb9mtJD3cReeqMXo_5qxpf4W7JwdVGoUAc7XLxp8Xc7XQuWfM7nSTkT3Y1TELxA3w-qXihaSBP_o-RCyiBNhPkI-YW4ZAW5J-lSviaNJdH5LvW_jKRLqzFblx6xeQ; frame-ancestors https://*.booking.com 'self';
content-security-policy-report-only: default-src *.bstatic.com bstatic.com 'self'; connect-src saa.booking.com secure.booking.com reports.booking.com privacyportal-eu.onetrust.com geolocation.onetrust.com cdn.cookielaw.org www.google-analytics.com *.perimeterx.net *.pxchk.net *.px-cdn.net *.px-client.net *.px-cloud.net 'self' 'report-sample'; report-uri https://nellie.booking.com/csp-report-uri?type=report&tag=41&pid=e259125c088703b7&e=UmFuZG9tSVYkc2RlIyh9YTVpYxb9mtJD3cReeqMXo_5qxpf4W7JwdVGoUAc7XLxp8Xc7XQuWfM7nSTkT3Y1TELxA3w-qXihaSBP_o-RCyiBNhPkI-YW4ZAW5J-lSviaNJdH5LvW_jKRLqzFblx6xeQ; img-src 'self' data: www.booking.com graph.facebook.com cdn.cookielaw.org account.booking.com *.bstatic.com bstatic.com *.static.booking.cn www.google-analytics.com www.google.com stats.g.doubleclick.net *.px-cloud.net *.perimeterx.net www.gstatic.com; frame-src https://www.youtube.com/embed/Vv4w5SmRkss *.bstatic.com https://www.google.com bstatic.com www.booking.com secure.booking.com paymentcomponent.booking.com 'self'; style-src *.bstatic.com bstatic.com *.static.booking.cn 'self' 'unsafe-inline'; base-uri 'none'; object-src 'none'; script-src saa.booking.com *.bstatic.com bstatic.com *.static.booking.cn www.google.com www.google-analytics.com cdn.cookielaw.org geolocation.onetrust.com 'self' 'nonce-7m8mfj97rsTxMZS' 'report-sample';
strict-transport-security: max-age=17280000
x-xss-protection: 1; mode=block
x-cache: Miss from cloudfront
via: 1.1 ee04daa979e7a02cc5ca472521bc18a6.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: MZZplRBru7Cp8chGKjDW83qvT5ikQbN0k6LGbUBrN7TGeTvagfeaUw==
X-Firefox-Spdy: h2
q-xx.bstatic.com/psb/capla/static/media/long_stays_banner_wide.a1b12d47.png
200 OK 0 B URL HTTP/2 q-xx.bstatic.com/psb/capla/static/media/long_stays_banner_wide.a1b12d47.png
IP
GET /psb/capla/static/media/long_stays_banner_wide.a1b12d47.png HTTP/1.1
Host: q-xx.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: image/png
content-length: 201837
server: nginx
x-amz-meta-x-deployment-hash: foo
x-amz-server-side-encryption: AES256
last-modified: Thu, 01 Sep 2022 10:17:17 GMT
x-amz-expiration: expiry-date="Fri, 30 Dec 2022 10:17:17 GMT", rule-id=""
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
accept-ranges: bytes
x-xss-protection: 1; mode=block
timing-allow-origin: *
date: Wed, 19 Oct 2022 04:03:45 GMT
expires: Fri, 18 Nov 2022 04:03:45 GMT
cache-control: max-age=2592000
etag: "ce01c4a417bad6742d871c580e0d7ba8"
x-cache: Hit from cloudfront
via: 1.1 a2c3c8b833b34851dca4f7753ecaae58.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 1Rb08mB7Vz6rrrkOH-6ilDHndZ6jwocDJiEw2bAPEFyZwEVfWWu5gw==
age: 2068375
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/js/main_cft/decb9b5b74d05f222d51270eb2158174d31f0ebd.js
200 OK 0 B URL HTTP/2 t-cf.bstatic.com/static/js/main_cft/decb9b5b74d05f222d51270eb2158174d31f0ebd.js
IP
GET /static/js/main_cft/decb9b5b74d05f222d51270eb2158174d31f0ebd.js HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Tue, 08 Nov 2022 02:46:30 GMT
last-modified: Tue, 08 Nov 2022 01:50:12 GMT
etag: W/"6369b5d4-867d2"
expires: Thu, 08 Dec 2022 02:46:30 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: aRG5f8UGQfiwf46ENCtsKqeA2_10YdpwElchARqlie2rvq0Yzi26Xg==
age: 345008
X-Firefox-Spdy: h2
t-cf.bstatic.com/psb/capla/static/js/970.fa50ebe5.chunk.js
200 OK 0 B URL HTTP/2 t-cf.bstatic.com/psb/capla/static/js/970.fa50ebe5.chunk.js
IP
GET /psb/capla/static/js/970.fa50ebe5.chunk.js HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Fri, 11 Nov 2022 15:00:44 GMT
etag: W/"b59e4124a6acaee5d5240989410a8e02"
x-amz-meta-x-deployment-hash: foo
x-amz-server-side-encryption: AES256
last-modified: Fri, 11 Nov 2022 14:52:29 GMT
x-amz-expiration: expiry-date="Sat, 11 Mar 2023 14:52:29 GMT", rule-id=""
expires: Sun, 11 Dec 2022 15:00:44 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: q9WdfPODdent0HXmUbqsDCfgGrKzTcXNenknlgEyzrFjAT2TXMNv_w==
age: 41755
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/js/lazy_load_images_cft/77204d4da4aa41b08b1a4062c8e66e4629550994.js
200 OK 0 B URL HTTP/2 t-cf.bstatic.com/static/js/lazy_load_images_cft/77204d4da4aa41b08b1a4062c8e66e4629550994.js
IP
GET /static/js/lazy_load_images_cft/77204d4da4aa41b08b1a4062c8e66e4629550994.js HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Mon, 31 Oct 2022 03:55:11 GMT
last-modified: Tue, 04 Feb 2020 10:19:57 GMT
etag: W/"5e39454d-15f3"
expires: Wed, 30 Nov 2022 03:55:11 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Bky8fJ4DwQOb180qciX-0OF1SMTuHoAGEnzlErzBlTTKa5nD3mB1Tw==
age: 1032087
X-Firefox-Spdy: h2
t-cf.bstatic.com/psb/capla/static/js/579.86f19463.chunk.js
200 OK 0 B URL HTTP/2 t-cf.bstatic.com/psb/capla/static/js/579.86f19463.chunk.js
IP
GET /psb/capla/static/js/579.86f19463.chunk.js HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Fri, 11 Nov 2022 09:19:38 GMT
etag: W/"e8b53666139d14864fc6bc7689018bb2"
x-amz-meta-x-deployment-hash: foo
x-amz-server-side-encryption: AES256
last-modified: Fri, 11 Nov 2022 09:08:48 GMT
x-amz-expiration: expiry-date="Sat, 11 Mar 2023 09:08:48 GMT", rule-id=""
expires: Sun, 11 Dec 2022 09:19:38 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: az2KFihbnYUq8XEeXMIv72RyE36Qgwgl567RmIlTiXPTsVipF4xEsg==
age: 62221
X-Firefox-Spdy: h2
t-cf.bstatic.com/psb/capla/static/js/541.b0e5917e.chunk.js
200 OK 0 B URL HTTP/2 t-cf.bstatic.com/psb/capla/static/js/541.b0e5917e.chunk.js
IP
GET /psb/capla/static/js/541.b0e5917e.chunk.js HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Thu, 10 Nov 2022 12:28:16 GMT
etag: W/"05565209c3c3ac973ffab352a5ea9ba5"
x-amz-meta-x-deployment-hash: foo
x-amz-server-side-encryption: AES256
last-modified: Thu, 10 Nov 2022 12:18:12 GMT
x-amz-expiration: expiry-date="Fri, 10 Mar 2023 12:18:12 GMT", rule-id=""
expires: Sat, 10 Dec 2022 12:28:16 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: jQ-UJT4s9DTREzCN8PdeCikN7Q5ciIJKY7ZbfKJfmaJqindtX4N3aw==
age: 137303
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/js/core-deps-inlinedet_cft/6da0bf621035bb8a2f9c756d6a89dda03b2f7864.js
200 OK 0 B URL HTTP/2 t-cf.bstatic.com/static/js/core-deps-inlinedet_cft/6da0bf621035bb8a2f9c756d6a89dda03b2f7864.js
IP
GET /static/js/core-deps-inlinedet_cft/6da0bf621035bb8a2f9c756d6a89dda03b2f7864.js HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 02 Nov 2022 00:21:29 GMT
last-modified: Wed, 22 Jun 2022 10:40:45 GMT
etag: W/"62b2f1ad-949e"
expires: Fri, 02 Dec 2022 00:21:29 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kNENChHd13BRI2tOhsgw5q183J2mj6ZbhzTsj9qr-U7vyzfNFvJSXQ==
age: 872109
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/js/landingpage_cft/2719e1df520a7a6f82ec34abe3b9a7334e794617.js
200 OK 0 B URL HTTP/2 t-cf.bstatic.com/static/js/landingpage_cft/2719e1df520a7a6f82ec34abe3b9a7334e794617.js
IP
GET /static/js/landingpage_cft/2719e1df520a7a6f82ec34abe3b9a7334e794617.js HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Sun, 30 Oct 2022 01:11:54 GMT
last-modified: Thu, 20 Oct 2022 10:56:20 GMT
etag: W/"63512954-67fdd"
expires: Tue, 29 Nov 2022 01:11:54 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: URfitHbpNHr4bkLghXDm6EWLe6nyPsUSgkTDy3ZziIevzWnCWMvGGA==
age: 1128284
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/js/index_cft/3a457228e0612d8435ff26b2b4829c9cebff79c7.js
200 OK 0 B URL HTTP/2 t-cf.bstatic.com/static/js/index_cft/3a457228e0612d8435ff26b2b4829c9cebff79c7.js
IP
GET /static/js/index_cft/3a457228e0612d8435ff26b2b4829c9cebff79c7.js HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Fri, 11 Nov 2022 10:13:42 GMT
last-modified: Fri, 11 Nov 2022 10:09:49 GMT
etag: W/"636e1f6d-12570"
expires: Sun, 11 Dec 2022 10:13:42 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: GZNe2ekJnvF3M1249Ubs3bPa2XrPYvByY65WM485soBD8QfnsGp4Vg==
age: 58975
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/js/async_index_postcards_c360_cft/2f24f2e1b80d43ef2ebc74a5f9807e5a9aff16e6.js
200 OK 0 B URL HTTP/2 t-cf.bstatic.com/static/js/async_index_postcards_c360_cft/2f24f2e1b80d43ef2ebc74a5f9807e5a9aff16e6.js
IP
GET /static/js/async_index_postcards_c360_cft/2f24f2e1b80d43ef2ebc74a5f9807e5a9aff16e6.js HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 09 Nov 2022 03:02:07 GMT
last-modified: Fri, 28 Jan 2022 04:32:54 GMT
etag: W/"61f371f6-71f"
expires: Fri, 09 Dec 2022 03:02:07 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 60929bddfcfe8b3a510a9502ad6d8742.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 6kFVS0605uQXFTO6njtII24YDP7DG8Pirs_7M42LLASg0oLwh64I8A==
age: 257673
X-Firefox-Spdy: h2
t-cf.bstatic.com/psb/capla/static/js/vendors.91737ccd.js
200 OK 0 B URL HTTP/2 t-cf.bstatic.com/psb/capla/static/js/vendors.91737ccd.js
IP
GET /psb/capla/static/js/vendors.91737ccd.js HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Fri, 11 Nov 2022 16:40:24 GMT
etag: W/"431a89818cc2dbab11cc3f91afd23c82"
x-amz-meta-x-deployment-hash: foo
x-amz-server-side-encryption: AES256
last-modified: Fri, 11 Nov 2022 16:31:53 GMT
x-amz-expiration: expiry-date="Sat, 11 Mar 2023 16:31:53 GMT", rule-id=""
expires: Sun, 11 Dec 2022 16:40:24 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DQUs9mVM2N1YraNx7ZdrhuaqZ4omuP9vR8LzKaz94ZLyHyIvzpI7oQ==
age: 35775
X-Firefox-Spdy: h2
t-cf.bstatic.com/psb/capla/static/js/778.49b6015c.chunk.js
200 OK 0 B URL HTTP/2 t-cf.bstatic.com/psb/capla/static/js/778.49b6015c.chunk.js
IP
GET /psb/capla/static/js/778.49b6015c.chunk.js HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Fri, 11 Nov 2022 14:01:38 GMT
etag: W/"4f9ffa6075dc6914e8d99203e90887ee"
x-amz-meta-x-deployment-hash: foo
x-amz-server-side-encryption: AES256
last-modified: Fri, 11 Nov 2022 10:52:13 GMT
x-amz-expiration: expiry-date="Sat, 11 Mar 2023 10:52:13 GMT", rule-id=""
expires: Sun, 11 Dec 2022 14:01:38 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: -lTsqZhNLw2OgUEUydZZGRARypIdjsVVP6lWiCXOBU4PULaFQXwn1A==
age: 45301
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/js/searchbox_cft/b03edc7f5622a70c16c96a5925b0acc1ccd2c548.js
200 OK 0 B URL HTTP/2 t-cf.bstatic.com/static/js/searchbox_cft/b03edc7f5622a70c16c96a5925b0acc1ccd2c548.js
IP
GET /static/js/searchbox_cft/b03edc7f5622a70c16c96a5925b0acc1ccd2c548.js HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Thu, 10 Nov 2022 10:56:48 GMT
last-modified: Thu, 10 Nov 2022 10:49:39 GMT
etag: W/"636cd743-39865"
expires: Sat, 10 Dec 2022 10:56:48 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: rOCiirXK5MqlLyENomsK9fmh6nkaqNc2BU1c_uX-78wn6fcYb9ebGg==
age: 142790
X-Firefox-Spdy: h2
t-cf.bstatic.com/static/js/jquery_cft/e1e8c0e862309cb4caf3c0d5fbea48bfb8eaad42.js
200 OK 0 B URL HTTP/2 t-cf.bstatic.com/static/js/jquery_cft/e1e8c0e862309cb4caf3c0d5fbea48bfb8eaad42.js
IP
GET /static/js/jquery_cft/e1e8c0e862309cb4caf3c0d5fbea48bfb8eaad42.js HTTP/1.1
Host: t-cf.bstatic.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.booking.com
Connection: keep-alive
Referer: https://www.booking.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/javascript
server: nginx
date: Wed, 26 Oct 2022 05:00:50 GMT
last-modified: Tue, 28 Jun 2022 13:43:41 GMT
etag: W/"62bb058d-19a42"
expires: Fri, 25 Nov 2022 05:00:50 GMT
cache-control: max-age=2592000
access-control-allow-origin: *
nel: {"report_to":"default","max_age":600}
report-to: {"endpoints":[{"url":"https://nellie.booking.com/report"}],"max_age":600,"group":"default","failure_fraction":0.05}
content-encoding: br
x-xss-protection: 1; mode=block
timing-allow-origin: *
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 15d199af49035dc206cb81292fd87de2.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Fqleen3lkiL58LRCjGT9dJOpCj5BzM2QwmU9a9mUWqKgg3I28eoeYQ==
age: 1460148
X-Firefox-Spdy: h2
45.33.30.197
104.16.149.64
23.36.77.32
93.184.220.29
5.57.19.231