hjrlxnb.wy5532.com/
185.107.56.198200 OK 479 B IP 185.107.56.198:0
ASN #43350 NForce Entertainment B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (479), with no line terminators
Hash 4ceec733275f6451f2fb13ce001b8395
1f6475cf434a80e82979f6ede84da5e089742133
d85c7c548e9b195da7de6a646ca6c742e3e4b9e842e2658f87742f3d497510a8
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: hjrlxnb.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 479
content-type: text/html; charset=utf-8
date: Tue, 21 Mar 2023 19:29:52 GMT
server: nginx
set-cookie: sid=c0e5c95a-c81e-11ed-bb1c-71b9f68173fb; path=/; domain=.wy5532.com; expires=Sun, 08 Apr 2091 22:43:59 GMT; max-age=2147483647; HttpOnly
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 28774b36cf8bb6b054329393a33f6239
728313ddff6d5ceb6db3eb8445f039779616a140
08378fe6a897ab5a9c8d3bc2748c9670659d0d0d164317fdfac88d23fee78fa0
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "08378FE6A897AB5A9C8D3BC2748C9670659D0D0D164317FDFAC88D23FEE78FA0"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13587
Expires: Tue, 21 Mar 2023 23:16:20 GMT
Date: Tue, 21 Mar 2023 19:29:53 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash ec332b81a27117ce9c16b67a5a8e4fac
b6d2afa2c859d000ad830d3d8d73f57bac6ffce2
1dc32c78e4e850303813338fd4e9616a41c8c05d1063748a1e76a92c397a5e8f
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1DC32C78E4E850303813338FD4E9616A41C8C05D1063748A1E76A92C397A5E8F"
Last-Modified: Mon, 20 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3452
Expires: Tue, 21 Mar 2023 20:27:25 GMT
Date: Tue, 21 Mar 2023 19:29:53 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 4e6141892ec4705c6a0134f3157b969d
4169fdea42b0fa9cb565e14b8e8fdb293575c78e
905537ef3e3a4a9030391b44bd6ac6bb5d7c9ec752b1821d683dfbf483096163
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "905537EF3E3A4A9030391B44BD6AC6BB5D7C9EC752B1821D683DFBF483096163"
Last-Modified: Sun, 19 Mar 2023 17:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=8151
Expires: Tue, 21 Mar 2023 21:45:44 GMT
Date: Tue, 21 Mar 2023 19:29:53 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash bc86ef2a0cee04915bc360f5821adc8f
3658f9028cce204d38f7f48fcfaa2a8e4f54383a
aeecd718d03811322457de4f20828bdba86b277e7e0e328cae9c0a8075638454
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Content-Length, Backoff, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Tue, 21 Mar 2023 19:27:26 GMT
content-type: application/json
age: 147
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: AUS8nYaRXUwoYCzsPCogXnWZ8qQg++L65dxd9ParwtSvxELHAoek9iPoUI8oLodbgUbzLYupCQFN7rMRXCqT1g==
x-amz-request-id: TGXGK2W7QQQ9QF4X
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Tue, 21 Mar 2023 18:53:18 GMT
age: 2195
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Tue, 21 Mar 2023 19:29:53 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
hjrlxnb.wy5532.com/favicon.ico
185.107.56.198404 Not Found 9 B URL HTTP/1.1 hjrlxnb.wy5532.com/favicon.ico
IP 185.107.56.198:0
ASN #43350 NForce Entertainment B.V.
File type ASCII text, with no line terminators
Hash d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /favicon.ico HTTP/1.1
Host: hjrlxnb.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hjrlxnb.wy5532.com/
Cookie: sid=c0e5c95a-c81e-11ed-bb1c-71b9f68173fb
HTTP/1.1 404 Not Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Tue, 21 Mar 2023 19:29:52 GMT
server: nginx
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, ETag, Content-Type, Cache-Control, Pragma, Alert, Last-Modified, Retry-After, Backoff, Expires
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Tue, 21 Mar 2023 19:14:33 GMT
age: 920
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
hjrlxnb.wy5532.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3OTQzNDE5MiwiaWF0IjoxNjc5NDI2OTkyLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDc4YnN0cm0zcm9iaG8zamMxNXB1Z2EiLCJuYmYiOjE2Nzk0MjY5OTIsInRzIjoxNjc5NDI2OTkyOTI4MjAyfQ.L_snU-BcfflwKh1GMtKoDjWKDdnXGWQNMx_nC808iog&sid=c0e5c95a-c81e-11ed-bb1c-71b9f68173fb
185.107.56.198302 Found 11 B URL HTTP/1.1 hjrlxnb.wy5532.com/?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3OTQzNDE5MiwiaWF0IjoxNjc5NDI2OTkyLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDc4YnN0cm0zcm9iaG8zamMxNXB1Z2EiLCJuYmYiOjE2Nzk0MjY5OTIsInRzIjoxNjc5NDI2OTkyOTI4MjAyfQ.L_snU-BcfflwKh1GMtKoDjWKDdnXGWQNMx_nC808iog&sid=c0e5c95a-c81e-11ed-bb1c-71b9f68173fb
IP 185.107.56.198:0
ASN #43350 NForce Entertainment B.V.
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3OTQzNDE5MiwiaWF0IjoxNjc5NDI2OTkyLCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDc4YnN0cm0zcm9iaG8zamMxNXB1Z2EiLCJuYmYiOjE2Nzk0MjY5OTIsInRzIjoxNjc5NDI2OTkyOTI4MjAyfQ.L_snU-BcfflwKh1GMtKoDjWKDdnXGWQNMx_nC808iog&sid=c0e5c95a-c81e-11ed-bb1c-71b9f68173fb HTTP/1.1
Host: hjrlxnb.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://hjrlxnb.wy5532.com/
Cookie: sid=c0e5c95a-c81e-11ed-bb1c-71b9f68173fb
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Tue, 21 Mar 2023 19:29:53 GMT
location: http://cynes-gwf.com/zcvisitor/c127d2a5-c81e-11ed-a4de-12e8df3a0c37/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=cdf02870-e7c3-11ec-be3c-128084d1ce51
server: nginx
set-cookie: sid=c0e5c95a-c81e-11ed-bb1c-71b9f68173fb; path=/; domain=.wy5532.com; expires=Sun, 08 Apr 2091 22:44:00 GMT; max-age=2147483647; HttpOnly
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 3462d41d9283fedf24f278089d5d1570
b8bcea77656f775cdc34620322cc616216ed2b95
55e47b413ba648a98eb6e92ab73aee602912cd13e7da23ef3cea1490c1b9de50
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "55E47B413BA648A98EB6E92AB73AEE602912CD13E7DA23EF3CEA1490C1B9DE50"
Last-Modified: Sun, 19 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10950
Expires: Tue, 21 Mar 2023 22:32:23 GMT
Date: Tue, 21 Mar 2023 19:29:53 GMT
Connection: keep-alive
cynes-gwf.com/zcvisitor/c127d2a5-c81e-11ed-a4de-12e8df3a0c37/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=cdf02870-e7c3-11ec-be3c-128084d1ce51
54.237.193.255200 1.1 kB URL HTTP/1.1 cynes-gwf.com/zcvisitor/c127d2a5-c81e-11ed-a4de-12e8df3a0c37/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=cdf02870-e7c3-11ec-be3c-128084d1ce51
IP 54.237.193.255:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 626571bf6d03ced26286d93af2c9d04e
b634512b7df670aafa417ad447bf603a98ef3c79
beea42847abe66d7de66eae12c84c36a48ce9dfa1c81292b3016285d20af613e
GET /zcvisitor/c127d2a5-c81e-11ed-a4de-12e8df3a0c37/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=cdf02870-e7c3-11ec-be3c-128084d1ce51 HTTP/1.1
Host: cynes-gwf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://hjrlxnb.wy5532.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Tue, 21 Mar 2023 19:29:53 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: byzGlTCN
push.services.mozilla.com/
52.43.88.238101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.88.238:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: qgk9RI3wDIF++pAIxG/Mzg==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: WXLfpt3ai8V1zek2RBeFZrDUrp4=
cynes-gwf.com/zcredirect?visitid=c127d2a5-c81e-11ed-a4de-12e8df3a0c37&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
54.237.193.255200 856 B URL HTTP/1.1 cynes-gwf.com/zcredirect?visitid=c127d2a5-c81e-11ed-a4de-12e8df3a0c37&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP 54.237.193.255:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (385)
Hash 82a5e84a9b8d81ebbb6d8c91838f9550
62d2cf9365871a59ee2aa392dc8e428e985b724f
940697f0f0f1c8e392197461c6fe2d6647226489db7973dc47ec0f84554f2286
GET /zcredirect?visitid=c127d2a5-c81e-11ed-a4de-12e8df3a0c37&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: cynes-gwf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cynes-gwf.com/zcvisitor/c127d2a5-c81e-11ed-a4de-12e8df3a0c37/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=cdf02870-e7c3-11ec-be3c-128084d1ce51
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Tue, 21 Mar 2023 19:29:54 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: iViAjXJu
cynes-gwf.com/favicon.ico
54.237.193.255404 653 B URL HTTP/1.1 cynes-gwf.com/favicon.ico
IP 54.237.193.255:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: cynes-gwf.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cynes-gwf.com/zcredirect?visitid=c127d2a5-c81e-11ed-a4de-12e8df3a0c37&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
HTTP/1.1 404
Date: Tue, 21 Mar 2023 19:29:54 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: XUzmnNPp
ocsp.digicert.com/
192.229.221.95200 OK 727 B IP 192.229.221.95:0
Hash d8d8d3e58c357a2e65f9e21bd8411aa8
f96c3a96834fa43b2b9de1016c09e80e03a92279
cc497e26d1b21e961d83a42f373ec4eb863684c4ef7ccbabb29262183dbbe5e0
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 1672
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Tue, 21 Mar 2023 19:29:54 GMT
Etag: "64198061-2d7"
Last-Modified: Tue, 21 Mar 2023 19:02:02 GMT
Server: ECAcc (amb/6AC3)
X-Cache: HIT
Content-Length: 727
www.ukhotelbooking.com/UcYQ/?s2=jlKWePOus1EJWoz0cxE9Dxc6MY0TidO%2BPngyYCV%2B0WPvBrEHDsr4pdki5hGYOdRLqMD9HvjgfJIdhrecyLDs3o2JWmxDnbrh1ArVWDXzkJ7YIW9HQq%2Burlb3uKJHMeZKFjfKTHkfMck4ypFXDHARu%2Fjm1%2FXne%2BmQ%2BuYFIOglecIgRzB%2FISWIo1zpDRN%2BZh1MngdNrO6vgwtZ7dMgqT%2FaTDT6K%2FEqYnUF5iag8uPKQ6i1Ag%3D%3D&v=4592317761.48f33782.2b14041b
23.20.162.77302 Found 0 B URL HTTP/2 www.ukhotelbooking.com/UcYQ/?s2=jlKWePOus1EJWoz0cxE9Dxc6MY0TidO%2BPngyYCV%2B0WPvBrEHDsr4pdki5hGYOdRLqMD9HvjgfJIdhrecyLDs3o2JWmxDnbrh1ArVWDXzkJ7YIW9HQq%2Burlb3uKJHMeZKFjfKTHkfMck4ypFXDHARu%2Fjm1%2FXne%2BmQ%2BuYFIOglecIgRzB%2FISWIo1zpDRN%2BZh1MngdNrO6vgwtZ7dMgqT%2FaTDT6K%2FEqYnUF5iag8uPKQ6i1Ag%3D%3D&v=4592317761.48f33782.2b14041b
IP 23.20.162.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /UcYQ/?s2=jlKWePOus1EJWoz0cxE9Dxc6MY0TidO%2BPngyYCV%2B0WPvBrEHDsr4pdki5hGYOdRLqMD9HvjgfJIdhrecyLDs3o2JWmxDnbrh1ArVWDXzkJ7YIW9HQq%2Burlb3uKJHMeZKFjfKTHkfMck4ypFXDHARu%2Fjm1%2FXne%2BmQ%2BuYFIOglecIgRzB%2FISWIo1zpDRN%2BZh1MngdNrO6vgwtZ7dMgqT%2FaTDT6K%2FEqYnUF5iag8uPKQ6i1Ag%3D%3D&v=4592317761.48f33782.2b14041b HTTP/1.1
Host: www.ukhotelbooking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://cynes-gwf.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.22.0
date: Tue, 21 Mar 2023 19:29:55 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: http://www.ukhotelbooking.com/UcYQ/9V6JDHW_Qq?i7c=fS8pi5Td7pcagF1uelHtFfwP4wwLO5z8UfAaFZ6sQz8wPWl0zd370qbS9snjVzlI25p2%2BPHyB82uhPZQtklD4TwdUYLtPSVw0BDyfdIg9Agkl6abbhKp6GzrGHTKGGSvLQB1mfE%2FSqv%2BGSB9DSghWZH19Mb%2FV9hCm%2Bv4mtjmEYgkk2jKGQaCR0%2Bd1LmryN8EUg8f%2B3%2BQbMFcSuB16OcYAJnXSSxgHg%3D%3D&ps=b4cc6deda29c0b64b689383a897931b7
access-control-allow-origin: *
referrer-policy: no-referrer
via: 1.1 google
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3059
Expires: Tue, 21 Mar 2023 20:20:54 GMT
Date: Tue, 21 Mar 2023 19:29:55 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3059
Expires: Tue, 21 Mar 2023 20:20:54 GMT
Date: Tue, 21 Mar 2023 19:29:55 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3059
Expires: Tue, 21 Mar 2023 20:20:54 GMT
Date: Tue, 21 Mar 2023 19:29:55 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash de95776582936b8e129e876cf6d80fa8
0233251e1cf0123f1260d980d7c8ef92718723f9
49c07da2ab4ebd66bd166bf0e20dd084b38973cd40c79f85eb283d15a1ccac36
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "49C07DA2AB4EBD66BD166BF0E20DD084B38973CD40C79F85EB283D15A1CCAC36"
Last-Modified: Sun, 19 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3059
Expires: Tue, 21 Mar 2023 20:20:54 GMT
Date: Tue, 21 Mar 2023 19:29:55 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1f3dbde-5603-4fc9-9c5b-c8735230fcb3.jpeg
34.120.237.76200 OK 5.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1f3dbde-5603-4fc9-9c5b-c8735230fcb3.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 59a97c7842690d7acd0ff07d949b1ef3
8719d7d6866855fdfba87e06128fb1969d857732
203b0e030b9bf84a8a2731c1b46d57e60ee50a53cc925845e7b20cbd60362136
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb1f3dbde-5603-4fc9-9c5b-c8735230fcb3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5456
x-amzn-requestid: 545d20a4-ed22-4be4-98aa-23383209dae2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDDUKFC9IAMF4pw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64177f4d-3e927ea45de99d4b286fcfc8;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:31:57 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: qXn3EwgagFD2MH4PzDYxxVd1eXOQQxHDkNdxXGxwuS-tmPNxWXYukA==
via: 1.1 010c0731b9775a983eceaec0f5fa6a2e.cloudfront.net (CloudFront), 1.1 5c7981a979abd51ba7e5ca7d464fd048.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:51:25 GMT
age: 77910
etag: "8719d7d6866855fdfba87e06128fb1969d857732"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg
34.120.237.76200 OK 8.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 2a940b362660fdee25faaa51e08c439b
85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c
18b99e3e890fdc959421c895ce343b8b3ed88819c83fa0009823e8ded23458f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3db1704b-1ecd-4198-a98e-0353d4671a5c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8195
x-amzn-requestid: c6844a50-a6b2-4ef4-ad28-f1a0fbcec14f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDFESEDGoAMFQ8A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6417821b-22fa560d4b7811c233fe07fa;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:43:55 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: WZ5MqPZ-MEjDt3N53EIx1XrerDmUkyvK-5FUXAmI29GXlGe6AaPqEg==
via: 1.1 01c28b52813cd0e82f810c492808b142.cloudfront.net (CloudFront), 1.1 219e8f088c8c2a564bdacafe44be620a.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:23:21 GMT
age: 75994
etag: "85fa91b5c4e6ddc1f3cf45eb6a4a3facfc6ad68c"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e6173b5-998a-4997-816d-b57ba0bc3829.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e6173b5-998a-4997-816d-b57ba0bc3829.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aef5e670f176a12585ea06a11ff3aa68
86831c3690d45996079c0cd02280d63e7fe0dc84
1898e033c5e706ca54471b36db485b09eef7548b2db49ef45392b22932e4733b
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6e6173b5-998a-4997-816d-b57ba0bc3829.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8515
x-amzn-requestid: abe490b3-8839-44ed-8541-a3ca5cdf9343
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CAiRmE2uIAMFhNw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-64167da3-3d42a6f84aa11cb1023b24b5;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 03:12:35 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: kvUQAkABP4KnXuUoYIrmeZez0IV1hgceDsqbJu7v_T1Y7mi8nWG_zA==
via: 1.1 00f0a41f749793b9dd653153037c957e.cloudfront.net (CloudFront), 1.1 1d0860167e2100a6d1cd9c0213c2b8e8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 23:01:29 GMT
age: 73706
etag: "86831c3690d45996079c0cd02280d63e7fe0dc84"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg
34.120.237.76200 OK 7.7 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 302595cc68fe8cf12121d0f652b3194d
e5532a3fed552246e8a63ea2ba75e174273a7b9f
6ca3599a9af06f51d4dc205d4ebd8f7f8b38c54864b6b478eac8c0d1adbc97c6
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7963a1ee-914e-454a-a5e7-9466ab707e33.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7695
x-amzn-requestid: 1009077b-14aa-42e5-86f1-de94b8b2aba0
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CDETIHf8oAMFxEA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641780e0-07bbb0376f1c1941731e00ba;Sampled=0
x-amzn-remapped-date: Sun, 19 Mar 2023 21:38:40 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Hit from cloudfront
x-amz-cf-id: 02HknfEEVW-DU3f3sOQgfs_eL48pvEgV4ft__uRLXOFlDO5qX5tDsQ==
via: 1.1 a20e81b65d2465c729ce2f6bfe539dd0.cloudfront.net (CloudFront), 1.1 a06140ffee86972bad90c57fc682df36.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 21:55:31 GMT
age: 77664
etag: "e5532a3fed552246e8a63ea2ba75e174273a7b9f"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg
34.120.237.76200 OK 6.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 4e5f234aedfabd736b50fef3017380f9
71672a6c3523d9999522e005091863d07ea0e94a
3314df7a93e317d509aeffc1cde69ec450ddad116a27dc197db1abce966da344
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fb2ad5022-7f23-468e-8e1f-6388d8cc9db8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6511
x-amzn-requestid: 82d12180-bdcb-4ce0-8588-4239ee27f236
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CGWI_E_eoAMF3sA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418d09f-2f5df7cd5f6cee4762703d29;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 21:31:11 GMT
x-amz-cf-pop: SEA19-C1, SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: yQgmYjA3RIk8IVzzOoHdYl60H1BO_IeCF_7d7AmTqjuIOxQIS2dyDw==
via: 1.1 0a2ce08fa1ec3c33302a7547d3305978.cloudfront.net (CloudFront), 1.1 1d0860167e2100a6d1cd9c0213c2b8e8.cloudfront.net (CloudFront), 1.1 google
date: Mon, 20 Mar 2023 22:08:29 GMT
etag: "71672a6c3523d9999522e005091863d07ea0e94a"
content-type: image/jpeg
age: 76886
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6943b819-ab3e-4698-a81d-266be026b4b8.jpeg
34.120.237.76200 OK 11 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6943b819-ab3e-4698-a81d-266be026b4b8.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash f73dbc0fc3d196647ddc1e30450989d4
75d0a1414a5d350ba426dc37333a6ea131f66753
2a6954b3ccf01567c0c0c2911dd8b02c1cd264fc78178cef2eef6a6796c16c3f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6943b819-ab3e-4698-a81d-266be026b4b8.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 10855
x-amzn-requestid: bb845712-834d-49b1-97f0-f3750f132741
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CEZD0GCHIAMFq6A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-6418087e-4361bbd40ec5f0d10dabdf85;Sampled=0
x-amzn-remapped-date: Mon, 20 Mar 2023 07:17:18 GMT
x-amz-cf-pop: SEA19-C3
x-cache: Miss from cloudfront
x-amz-cf-id: gnFLBOJmRcgsHzy_KXjzE6LwwN4CSqz99pIhYMBx8xrHa8UO6O0kJA==
via: 1.1 446313511980eb02f28ff5a9a4147c0a.cloudfront.net (CloudFront), 1.1 0906d4887f6625f4a4467d8d4fd268d2.cloudfront.net (CloudFront), 1.1 google
date: Tue, 21 Mar 2023 07:30:21 GMT
age: 43174
etag: "75d0a1414a5d350ba426dc37333a6ea131f66753"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.ukhotelbooking.com/UcYQ/9V6JDHW_Qq?i7c=fS8pi5Td7pcagF1uelHtFfwP4wwLO5z8UfAaFZ6sQz8wPWl0zd370qbS9snjVzlI25p2%2BPHyB82uhPZQtklD4TwdUYLtPSVw0BDyfdIg9Agkl6abbhKp6GzrGHTKGGSvLQB1mfE%2FSqv%2BGSB9DSghWZH19Mb%2FV9hCm%2Bv4mtjmEYgkk2jKGQaCR0%2Bd1LmryN8EUg8f%2B3%2BQbMFcSuB16OcYAJnXSSxgHg%3D%3D&ps=b4cc6deda29c0b64b689383a897931b7
23.20.162.77200 OK 644 B URL HTTP/1.1 www.ukhotelbooking.com/UcYQ/9V6JDHW_Qq?i7c=fS8pi5Td7pcagF1uelHtFfwP4wwLO5z8UfAaFZ6sQz8wPWl0zd370qbS9snjVzlI25p2%2BPHyB82uhPZQtklD4TwdUYLtPSVw0BDyfdIg9Agkl6abbhKp6GzrGHTKGGSvLQB1mfE%2FSqv%2BGSB9DSghWZH19Mb%2FV9hCm%2Bv4mtjmEYgkk2jKGQaCR0%2Bd1LmryN8EUg8f%2B3%2BQbMFcSuB16OcYAJnXSSxgHg%3D%3D&ps=b4cc6deda29c0b64b689383a897931b7
IP 23.20.162.77:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 57cadc68e88b851ec5764cea6937c0e4
d913c83262e88950b4d06974c4f9b3783a1e65dc
ef682340c212ebb6fcdb0e0a91b2acf7b94d0b71ff5c5e07a871711ec6ee69b6
GET /UcYQ/9V6JDHW_Qq?i7c=fS8pi5Td7pcagF1uelHtFfwP4wwLO5z8UfAaFZ6sQz8wPWl0zd370qbS9snjVzlI25p2%2BPHyB82uhPZQtklD4TwdUYLtPSVw0BDyfdIg9Agkl6abbhKp6GzrGHTKGGSvLQB1mfE%2FSqv%2BGSB9DSghWZH19Mb%2FV9hCm%2Bv4mtjmEYgkk2jKGQaCR0%2Bd1LmryN8EUg8f%2B3%2BQbMFcSuB16OcYAJnXSSxgHg%3D%3D&ps=b4cc6deda29c0b64b689383a897931b7 HTTP/1.1
Host: www.ukhotelbooking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Tue, 21 Mar 2023 19:29:55 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 644
Connection: keep-alive
access-control-allow-origin: *
access-control-expose-headers: X-BurstFire-ReqID, X-BurstFire-ClientID, X-BurstFire-Version, Server
x-burstfire-reqid: 6841aeb7-9529-41d0-b22c-f1f3f6229fcb
x-burstfire-clientid: 836bf02e-8f2c-6465-41c2-5ccbed751294
x-burstfire-version: Generic
via: 1.1 google
www.ukhotelbooking.com/UcYQ/2z_8bkw2Zh
23.20.162.77302 Found 0 B URL HTTP/1.1 www.ukhotelbooking.com/UcYQ/2z_8bkw2Zh
IP 23.20.162.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /UcYQ/2z_8bkw2Zh HTTP/1.1
Host: www.ukhotelbooking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 156
Origin: http://www.ukhotelbooking.com
Connection: keep-alive
Referer: http://www.ukhotelbooking.com/UcYQ/9V6JDHW_Qq?i7c=fS8pi5Td7pcagF1uelHtFfwP4wwLO5z8UfAaFZ6sQz8wPWl0zd370qbS9snjVzlI25p2%2BPHyB82uhPZQtklD4TwdUYLtPSVw0BDyfdIg9Agkl6abbhKp6GzrGHTKGGSvLQB1mfE%2FSqv%2BGSB9DSghWZH19Mb%2FV9hCm%2Bv4mtjmEYgkk2jKGQaCR0%2Bd1LmryN8EUg8f%2B3%2BQbMFcSuB16OcYAJnXSSxgHg%3D%3D&ps=b4cc6deda29c0b64b689383a897931b7
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Tue, 21 Mar 2023 19:29:55 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Connection: keep-alive
access-control-allow-origin: *
access-control-expose-headers: X-BurstFire-ReqID, X-BurstFire-ClientID, X-BurstFire-Version, Server
x-burstfire-reqid: a55abf6f-dc5f-4569-ab62-e2c824b4bc1a
x-burstfire-clientid: 836bf02e-8f2c-6465-41c2-5ccbed751294
x-burstfire-version: Generic
location: https://www.agoda.com/partners/partnersearch.aspx?pcs=1&cid=1912728
via: 1.1 google
www.ukhotelbooking.com/favicon.ico
23.20.162.77404 Not Found 0 B URL HTTP/1.1 www.ukhotelbooking.com/favicon.ico
IP 23.20.162.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.ukhotelbooking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ukhotelbooking.com/UcYQ/9V6JDHW_Qq?i7c=fS8pi5Td7pcagF1uelHtFfwP4wwLO5z8UfAaFZ6sQz8wPWl0zd370qbS9snjVzlI25p2%2BPHyB82uhPZQtklD4TwdUYLtPSVw0BDyfdIg9Agkl6abbhKp6GzrGHTKGGSvLQB1mfE%2FSqv%2BGSB9DSghWZH19Mb%2FV9hCm%2Bv4mtjmEYgkk2jKGQaCR0%2Bd1LmryN8EUg8f%2B3%2BQbMFcSuB16OcYAJnXSSxgHg%3D%3D&ps=b4cc6deda29c0b64b689383a897931b7
HTTP/1.1 404 Not Found
Server: nginx/1.22.0
Date: Tue, 21 Mar 2023 19:29:55 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Location: https://www.ukhotelbooking.com/favicon.ico
www.agoda.com/partners/partnersearch.aspx?pcs=1&cid=1912728
104.110.12.18302 Found 166 B URL HTTP/2 www.agoda.com/partners/partnersearch.aspx?pcs=1&cid=1912728
IP 104.110.12.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 75176d66939940b8862704176cc4d412
0046609723b0d96f321f39d0e111ddedbb577c24
54361c1f7d22736f515c97f983c0031394c00f4c08166d91a78ae09f9d7ecea6
GET /partners/partnersearch.aspx?pcs=1&cid=1912728 HTTP/1.1
Host: www.agoda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ukhotelbooking.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
content-type: text/html; charset=utf-8
content-length: 166
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST
access-control-expose-headers: ag-correlation-id
cache-control: private
location: https://www.agoda.com/deals?pcs=1&cid=1912728
request-context: appId=
ag-correlation-id: 42ee848a-ef4f-4cd9-b3f8-de222619f15c
x-recruiting: Like HTTP headers? Come write ours: https://careersatagoda.com/job/3931446-senior-software-engineer-full-stack-bangkok-based-relocation-provided/?gh_src=b096bae01us
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
ag-dc: am
ag_server_time: 29
ag_execution_time: 30.312
ag_send_time: 0
x-ua-compatible: IE=edge
vary: User-Agent, Accept-Encoding
date: Tue, 21 Mar 2023 19:29:55 GMT
set-cookie: agoda.analytics=Id=3570967770377756784&Signature=1173737124330683137&Expiry=1679430595943; domain=.agoda.com; expires=Tue, 21-Mar-2023 20:29:55 GMT; path=/; secure
agoda.vuser=UserId=a419d6b2-c6c2-49c9-8aa2-58a274c1c436; domain=.agoda.com; expires=Wed, 20-Mar-2024 19:29:55 GMT; path=/; secure
agoda.user.03=UserId=7516ef33-fd58-4d41-a18e-05270e162998; domain=.agoda.com; expires=Wed, 20-Mar-2024 19:29:55 GMT; path=/; secure
UserSession=7516ef33-fd58-4d41-a18e-05270e162998; domain=.agoda.com; path=/; secure
agoda.version.03=CookieId=a40b0b92-c1e0-4dba-93db-007a53f44bbd&AllocId=20f54151e41f78400cf35e16d8f3f39909543cf8da879f1cf68d4126a0f36dd32638de1d393627f149aec9781dd004de1cebcadf543888387470398ddb4d184f5c90be4915eff533fed755511330c028f237d3dcc7a40b0b92c1e0dba3db007a53f44bbd&DLang=en-us&CurLabel=NOK&DPN=1&Alloc=&FEBuildVersion=&TItems=2$1912728$03-22-2023 02:29$03-23-2023 02:29$; domain=agoda.com; expires=Thu, 21-Mar-2024 19:29:55 GMT; path=/; secure
ASP.NET_SessionId=rddk2wcjb5zv0ww1bmt2u54n; path=/; secure; HttpOnly; SameSite=Lax
agoda.attr.03=CookieId=f8de2844-9748-4331-949e-ba9d97448d28&ATItems=1912728$03-22-2023 02:29$; domain=agoda.com; expires=Thu, 21-Mar-2024 19:29:55 GMT; path=/; secure
agoda.firstclicks=1912728||||2023-03-22T02:29:55||rddk2wcjb5zv0ww1bmt2u54n||{"IsPaid":true,"gclid":"","Type":""}; domain=.agoda.com; expires=Thu, 21-Mar-2024 19:29:55 GMT; path=/; secure; HttpOnly
agoda.lastclicks=1912728||||2023-03-22T02:29:55||rddk2wcjb5zv0ww1bmt2u54n||{"IsPaid":true,"gclid":"","Type":""}; domain=.agoda.com; expires=Thu, 21-Mar-2024 19:29:55 GMT; path=/; secure; HttpOnly
agoda.landings=1912728|||rddk2wcjb5zv0ww1bmt2u54n|2023-03-22T02:29:55|True|19----1912728|||rddk2wcjb5zv0ww1bmt2u54n|2023-03-22T02:29:55|True|20----1912728|||rddk2wcjb5zv0ww1bmt2u54n|2023-03-22T02:29:55|True|99; domain=.agoda.com; expires=Thu, 21-Mar-2024 19:29:55 GMT; path=/; secure; HttpOnly
session_cache={"Cache":"amdata1","Time":"638150237959710257","SessionID":"rddk2wcjb5zv0ww1bmt2u54n","CheckID":"04301f1015f491f033b85e4ec123e922170c659f","CType":"N"}; domain=.agoda.com; path=/; secure
agoda.prius=PriusID=0&PointsMaxTraffic=Agoda; domain=.agoda.com; path=/; expires=Thu, 21-Mar-2024 19:29:55 GMT
X-Firefox-Spdy: h2
www.agoda.com/deals?pcs=1&cid=1912728
104.110.12.18200 OK 27 kB URL HTTP/2 www.agoda.com/deals?pcs=1&cid=1912728
IP 104.110.12.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (30838), with CRLF, LF line terminators
Hash b1e26c17c228f310819a13b669eca762
abb14a74859795fd14059237bd2f47159a9fd846
e1a3abe1ccc64beacd3b0d1daf57efbab23a6d4e4e1241a02875f439c239327f
GET /deals?pcs=1&cid=1912728 HTTP/1.1
Host: www.agoda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ukhotelbooking.com/
Connection: keep-alive
Cookie: agoda.analytics=Id=3570967770377756784&Signature=1173737124330683137&Expiry=1679430595943; agoda.vuser=UserId=a419d6b2-c6c2-49c9-8aa2-58a274c1c436; agoda.user.03=UserId=7516ef33-fd58-4d41-a18e-05270e162998; UserSession=7516ef33-fd58-4d41-a18e-05270e162998; agoda.version.03=CookieId=a40b0b92-c1e0-4dba-93db-007a53f44bbd&AllocId=20f54151e41f78400cf35e16d8f3f39909543cf8da879f1cf68d4126a0f36dd32638de1d393627f149aec9781dd004de1cebcadf543888387470398ddb4d184f5c90be4915eff533fed755511330c028f237d3dcc7a40b0b92c1e0dba3db007a53f44bbd&DLang=en-us&CurLabel=NOK&DPN=1&Alloc=&FEBuildVersion=&TItems=2$1912728$03-22-2023 02:29$03-23-2023 02:29$; ASP.NET_SessionId=rddk2wcjb5zv0ww1bmt2u54n; agoda.attr.03=CookieId=f8de2844-9748-4331-949e-ba9d97448d28&ATItems=1912728$03-22-2023 02:29$; agoda.firstclicks=1912728||||2023-03-22T02:29:55||rddk2wcjb5zv0ww1bmt2u54n||{"IsPaid":true,"gclid":"","Type":""}; agoda.lastclicks=1912728||||2023-03-22T02:29:55||rddk2wcjb5zv0ww1bmt2u54n||{"IsPaid":true,"gclid":"","Type":""}; agoda.landings=1912728|||rddk2wcjb5zv0ww1bmt2u54n|2023-03-22T02:29:55|True|19----1912728|||rddk2wcjb5zv0ww1bmt2u54n|2023-03-22T02:29:55|True|20----1912728|||rddk2wcjb5zv0ww1bmt2u54n|2023-03-22T02:29:55|True|99; session_cache={"Cache":"amdata1","Time":"638150237959710257","SessionID":"rddk2wcjb5zv0ww1bmt2u54n","CheckID":"04301f1015f491f033b85e4ec123e922170c659f","CType":"N"}; agoda.prius=PriusID=0&PointsMaxTraffic=Agoda
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html; charset=utf-8
vary: User-Agent, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST
access-control-expose-headers: ag-correlation-id
cache-control: no-store, no-cache
pragma: no-cache
request-context: appId=
ag-correlation-id: 01d09db3-f244-4d7c-9b06-9ccd631f356d
x-recruiting: Like HTTP headers? Come write ours: https://careersatagoda.com/job/3931446-senior-software-engineer-full-stack-bangkok-based-relocation-provided/?gh_src=b096bae01us
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
ag-dc: am
x-ua-compatible: IE=edge
x-frame-options: SAMEORIGIN
content-encoding: gzip
date: Tue, 21 Mar 2023 19:29:56 GMT
content-length: 26721
set-cookie: agoda.attr.03=; path=/; expires=Mon, 20-Mar-2023 19:29:56 GMT; secure; HttpOnly
agoda.firstclicks=; path=/; expires=Mon, 20-Mar-2023 19:29:56 GMT; secure; HttpOnly
agoda.lastclicks=; path=/; expires=Mon, 20-Mar-2023 19:29:56 GMT; secure; HttpOnly
agoda.landings=; path=/; expires=Mon, 20-Mar-2023 19:29:56 GMT; secure; HttpOnly
agoda.version.03=; path=/; expires=Mon, 20-Mar-2023 19:29:56 GMT; secure
agoda.user.03=; path=/; expires=Mon, 20-Mar-2023 19:29:56 GMT; secure
agoda.l2=; domain=www.agoda.com; path=/; expires=Mon, 20-Mar-2023 19:29:56 GMT; secure; HttpOnly
agoda.user.03=UserId=7516ef33-fd58-4d41-a18e-05270e162998; domain=.agoda.com; path=/; expires=Fri, 22-Mar-2024 00:00:00 GMT; secure
agoda.version.03=CookieId=a40b0b92-c1e0-4dba-93db-007a53f44bbd&AllocId=20f54151e41f78400cf35e16d8f3f39909543cf8da879f1cf68d4126a0f36dd32638de1d393627f149aec9781dd004de1cebcadf543888387470398ddb4d184f5c90be4915eff533fed755511330c028f237d3dcc7a40b0b92c1e0dba3db007a53f44bbd&DLang=en-us&CurLabel=NOK&DPN=1&Alloc=&FEBuildVersion=&TItems=2$1912728$03-22-2023 02:29$03-23-2023 02:29$; domain=.agoda.com; path=/; expires=Fri, 22-Mar-2024 00:00:00 GMT; secure
agoda.attr.03=ATItems=1912728$03-22-2023 02:29$; domain=.agoda.com; path=/; expires=Fri, 22-Mar-2024 00:00:00 GMT; secure; HttpOnly
agoda.firstclicks=1912728||||2023-03-22T02:29:55||rddk2wcjb5zv0ww1bmt2u54n||{"IsPaid":true,"gclid":"","Type":""}; domain=.agoda.com; path=/; expires=Fri, 22-Mar-2024 00:00:00 GMT; secure; HttpOnly
agoda.lastclicks=1912728||||2023-03-22T02:29:56||rddk2wcjb5zv0ww1bmt2u54n||{"IsPaid":true,"gclid":"","Type":""}; domain=.agoda.com; path=/; expires=Fri, 22-Mar-2024 00:00:00 GMT; secure; HttpOnly
agoda.landings=1912728|||rddk2wcjb5zv0ww1bmt2u54n|2023-03-22T02:29:55|True|19----1912728|||rddk2wcjb5zv0ww1bmt2u54n|2023-03-22T02:29:56|True|20----1912728|||rddk2wcjb5zv0ww1bmt2u54n|2023-03-22T02:29:56|True|99; domain=.agoda.com; path=/; expires=Fri, 22-Mar-2024 00:00:00 GMT; secure; HttpOnly
xsrf_token=CfDJ8Dkuqwv-0VhLoFfD8dw7lYzEDEyNJZJY77GB09daO65PRp-KeKtVEDiNkaEeO7XQaj3Us6a_JXykiMyyP4SQmCqdUuZLifdwPFk3ebmFxRQixESZ_zt9Oi131XJ-GJo4_RLdJneFE86srGx4c0RcSsQ; path=/; samesite=strict; httponly
agoda.analytics=Id=3570967770377756784&Signature=1173737124330683137&Expiry=1679430595943; domain=.agoda.com; path=/; expires=Tue, 21-Mar-2023 20:29:55 GMT; secure
X-Firefox-Spdy: h2
cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/deals-a5ad5f5049cb.css
23.38.200.240200 OK 75 kB URL HTTP/2 cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/deals-a5ad5f5049cb.css
IP 23.38.200.240:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 34061ec3c52a08d14dce65ecac470e00
68a30dd92034bd88cef1c5ac14d57e0a62d00611
0227d53b25a9e7edca8a06b55304d12537c7b817f8841b6474926a1d38ebeb92
GET /cdn-marketing_cronos/js/assets/cronos/deals-a5ad5f5049cb.css HTTP/1.1
Host: cdn6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
access-control-allow-origin: *
content-encoding: br
etag: W/"8a8bf1219c2fd645409bae7e959151e8"
last-modified: Mon, 13 Mar 2023 03:56:15 GMT
server: Akamai Resource Optimizer
timing-allow-origin: *
x-cache-status: MISS
x-dc: ASH
x-amz-request-id: tx000000000000001022c8d-00640e9ecb-77998219-ash
x-rgw-object-type: Normal
content-length: 75235
cache-control: max-age=1844614
expires: Wed, 12 Apr 2023 03:53:30 GMT
date: Tue, 21 Mar 2023 19:29:56 GMT
X-Firefox-Spdy: h2
cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/deals-86262d598829.js
23.38.200.240200 OK 534 kB URL HTTP/2 cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/deals-86262d598829.js
IP 23.38.200.240:0
File type ASCII text, with very long lines (49166)
Size 534 kB (534257 bytes)
Hash b2f989d2f754b7af0d82058de33c8288
928999e0d2dca086d21fcd13ff446f96c64b87aa
1206bedcf0dbe0326a6b2949a32a8aac42542028ce6059d8efbeb066435d4753
GET /cdn-marketing_cronos/js/assets/cronos/deals-86262d598829.js HTTP/1.1
Host: cdn6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
access-control-allow-origin: *
content-encoding: br
etag: W/"8174e95f3076639e138a2f5acbb91f8b"
last-modified: Mon, 13 Mar 2023 03:59:08 GMT
server: Akamai Resource Optimizer
timing-allow-origin: *
x-cache-status: MISS
x-dc: ASH
x-amz-request-id: tx000000000000000f9db1c-00640e9ecb-77e4b785-ash
x-rgw-object-type: Normal
content-length: 534257
cache-control: max-age=1844797
expires: Wed, 12 Apr 2023 03:56:33 GMT
date: Tue, 21 Mar 2023 19:29:56 GMT
X-Firefox-Spdy: h2
www.agoda.com/favicon.ico
104.110.12.18200 OK 1.3 kB URL HTTP/2 www.agoda.com/favicon.ico
IP 104.110.12.18:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 776045c4a2721ec29ca46fd7d0676a6d
7477b5ec15a977de49e202812f045ac766dabfaf
135252b70c166cfa35ac7fbb0d7352093d1d4dc4252ae61dad2b2db659acf860
GET /favicon.ico HTTP/1.1
Host: www.agoda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.agoda.com/deals?pcs=1&cid=1912728
Connection: keep-alive
Cookie: agoda.analytics=Id=3570967770377756784&Signature=1173737124330683137&Expiry=1679430595943; agoda.vuser=UserId=a419d6b2-c6c2-49c9-8aa2-58a274c1c436; agoda.user.03=UserId=7516ef33-fd58-4d41-a18e-05270e162998; UserSession=7516ef33-fd58-4d41-a18e-05270e162998; agoda.version.03=CookieId=a40b0b92-c1e0-4dba-93db-007a53f44bbd&AllocId=20f54151e41f78400cf35e16d8f3f39909543cf8da879f1cf68d4126a0f36dd32638de1d393627f149aec9781dd004de1cebcadf543888387470398ddb4d184f5c90be4915eff533fed755511330c028f237d3dcc7a40b0b92c1e0dba3db007a53f44bbd&DLang=en-us&CurLabel=NOK&DPN=1&Alloc=&FEBuildVersion=&TItems=2$1912728$03-22-2023 02:29$03-23-2023 02:29$; ASP.NET_SessionId=rddk2wcjb5zv0ww1bmt2u54n; agoda.attr.03=ATItems=1912728$03-22-2023 02:29$; agoda.firstclicks=1912728||||2023-03-22T02:29:55||rddk2wcjb5zv0ww1bmt2u54n||{"IsPaid":true,"gclid":"","Type":""}; agoda.lastclicks=1912728||||2023-03-22T02:29:56||rddk2wcjb5zv0ww1bmt2u54n||{"IsPaid":true,"gclid":"","Type":""}; agoda.landings=1912728|||rddk2wcjb5zv0ww1bmt2u54n|2023-03-22T02:29:55|True|19----1912728|||rddk2wcjb5zv0ww1bmt2u54n|2023-03-22T02:29:56|True|20----1912728|||rddk2wcjb5zv0ww1bmt2u54n|2023-03-22T02:29:56|True|99; session_cache={"Cache":"amdata1","Time":"638150237959710257","SessionID":"rddk2wcjb5zv0ww1bmt2u54n","CheckID":"04301f1015f491f033b85e4ec123e922170c659f","CType":"N"}; agoda.prius=PriusID=0&PointsMaxTraffic=Agoda; xsrf_token=CfDJ8Dkuqwv-0VhLoFfD8dw7lYzEDEyNJZJY77GB09daO65PRp-KeKtVEDiNkaEeO7XQaj3Us6a_JXykiMyyP4SQmCqdUuZLifdwPFk3ebmFxRQixESZ_zt9Oi131XJ-GJo4_RLdJneFE86srGx4c0RcSsQ; tealiumEnable=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/x-icon
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST
access-control-expose-headers: ag-correlation-id
content-encoding: gzip
vary: User-Agent, Accept-Encoding
request-context: appId=
ag-correlation-id: e9c1d6bb-6a2c-4802-9fe1-f0ee62c84ce7
x-recruiting: Like HTTP headers? Come write ours: https://careersatagoda.com/job/3931446-senior-software-engineer-full-stack-bangkok-based-relocation-provided/?gh_src=b096bae01us
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
ag-dc: am
x-ua-compatible: IE=edge
date: Tue, 21 Mar 2023 19:29:57 GMT
content-length: 1304
set-cookie: agoda.analytics=Id=3570967770377756784&Signature=1173737124330683137&Expiry=1679430595943; domain=.agoda.com; path=/; expires=Tue, 21-Mar-2023 20:29:55 GMT; secure
X-Firefox-Spdy: h2
cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/theme-agoda-76e64d672275.css
23.38.200.240200 OK 27 kB URL HTTP/2 cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/theme-agoda-76e64d672275.css
IP 23.38.200.240:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9687195ebbafd7f2757d156ed375b50c
3d2c38c678ea201b7e94eac646eccc5ba403f30c
0cb124eb7d56ac81c167c42be489c987fe4b01be271c8b4e091ac43909fa6a2f
GET /cdn-marketing_cronos/js/assets/cronos/theme-agoda-76e64d672275.css HTTP/1.1
Host: cdn6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
access-control-allow-origin: *
content-encoding: br
etag: W/"e276380e5f8d729037aaef57db64c05d"
last-modified: Tue, 07 Mar 2023 03:13:06 GMT
server: Akamai Resource Optimizer
timing-allow-origin: *
x-cache-status: MISS
x-dc: SIN
x-amz-request-id: tx0000000000000036cf6c1-006406aba9-71acec83-sin
x-rgw-object-type: Normal
content-length: 27116
cache-control: max-age=1323911
expires: Thu, 06 Apr 2023 03:15:08 GMT
date: Tue, 21 Mar 2023 19:29:57 GMT
X-Firefox-Spdy: h2
cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/theme-agoda-07979c4a8e8c.js
23.38.200.240200 OK 83 B URL HTTP/2 cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/theme-agoda-07979c4a8e8c.js
IP 23.38.200.240:0
File type ASCII text, with no line terminators
Hash 502d2f0c1db61f5abe3ec806a4fb227c
f8d6b61c385c4e64aa78a6d201fe6129c1434667
3fc4fc791795eed8a9a78f42febaef2357a93d3c11006368a56b8bc80d7f48cc
GET /cdn-marketing_cronos/js/assets/cronos/theme-agoda-07979c4a8e8c.js HTTP/1.1
Host: cdn6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
access-control-allow-origin: *
content-encoding: br
etag: W/"fd9c21484dc52432f5369de10103ca99"
last-modified: Thu, 09 Mar 2023 18:01:10 GMT
server: Akamai Resource Optimizer
timing-allow-origin: *
x-cache-status: HIT
x-dc: ASH
x-amz-request-id: tx00000000000000266ee1a-00640795cb-75ec5964-ash
x-rgw-object-type: Normal
content-length: 83
cache-control: max-age=1400795
expires: Fri, 07 Apr 2023 00:36:32 GMT
date: Tue, 21 Mar 2023 19:29:57 GMT
X-Firefox-Spdy: h2
cdn6.agoda.net/images/kite-js/logo/agoda/color-default.svg
23.38.200.240200 OK 1.8 kB URL HTTP/2 cdn6.agoda.net/images/kite-js/logo/agoda/color-default.svg
IP 23.38.200.240:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3926)
Hash b9f679811668abc98dba107e4db54deb
23dfd4e5dbcfa48c724a24af653e77246b442a83
e1b65808ea99d303fd2f77e91deb3287b1bca87a74a3f41a6e9aa59eecf8c9fe
GET /images/kite-js/logo/agoda/color-default.svg HTTP/1.1
Host: cdn6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Fri, 03 Apr 2020 06:25:43 GMT
etag: "297bfbb3809d61:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
content-encoding: gzip
content-length: 1770
cache-control: max-age=1766734
expires: Tue, 11 Apr 2023 06:15:31 GMT
date: Tue, 21 Mar 2023 19:29:57 GMT
vary: Accept-Encoding
X-Firefox-Spdy: h2
www.agoda.com/js/assets/cronos/Assets/mcjs-worker.js
104.110.12.18200 OK 22 kB URL HTTP/2 www.agoda.com/js/assets/cronos/Assets/mcjs-worker.js
IP 104.110.12.18:0
File type ASCII text, with very long lines (63261)
Hash 6a4c3e7eedd162891ebd93ca2060ef12
e451cec2e9c6a37885e33e53dd5dc362acc79bee
6ff0148890af802e88d2a59b4abe48c2fc1e96e7b2d05508911756617334cbf2
GET /js/assets/cronos/Assets/mcjs-worker.js HTTP/1.1
Host: www.agoda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: agoda.analytics=Id=3570967770377756784&Signature=1173737124330683137&Expiry=1679430595943; agoda.vuser=UserId=a419d6b2-c6c2-49c9-8aa2-58a274c1c436; agoda.user.03=UserId=7516ef33-fd58-4d41-a18e-05270e162998; UserSession=7516ef33-fd58-4d41-a18e-05270e162998; agoda.version.03=CookieId=a40b0b92-c1e0-4dba-93db-007a53f44bbd&AllocId=20f54151e41f78400cf35e16d8f3f39909543cf8da879f1cf68d4126a0f36dd32638de1d393627f149aec9781dd004de1cebcadf543888387470398ddb4d184f5c90be4915eff533fed755511330c028f237d3dcc7a40b0b92c1e0dba3db007a53f44bbd&DLang=en-us&CurLabel=NOK&DPN=1&Alloc=&FEBuildVersion=&TItems=2$1912728$03-22-2023 02:29$03-23-2023 02:29$; ASP.NET_SessionId=rddk2wcjb5zv0ww1bmt2u54n; agoda.attr.03=ATItems=1912728$03-22-2023 02:29$; agoda.firstclicks=1912728||||2023-03-22T02:29:55||rddk2wcjb5zv0ww1bmt2u54n||{"IsPaid":true,"gclid":"","Type":""}; agoda.lastclicks=1912728||||2023-03-22T02:29:56||rddk2wcjb5zv0ww1bmt2u54n||{"IsPaid":true,"gclid":"","Type":""}; agoda.landings=1912728|||rddk2wcjb5zv0ww1bmt2u54n|2023-03-22T02:29:55|True|19----1912728|||rddk2wcjb5zv0ww1bmt2u54n|2023-03-22T02:29:56|True|20----1912728|||rddk2wcjb5zv0ww1bmt2u54n|2023-03-22T02:29:56|True|99; session_cache={"Cache":"amdata1","Time":"638150237959710257","SessionID":"rddk2wcjb5zv0ww1bmt2u54n","CheckID":"04301f1015f491f033b85e4ec123e922170c659f","CType":"N"}; agoda.prius=PriusID=0&PointsMaxTraffic=Agoda; xsrf_token=CfDJ8Dkuqwv-0VhLoFfD8dw7lYzEDEyNJZJY77GB09daO65PRp-KeKtVEDiNkaEeO7XQaj3Us6a_JXykiMyyP4SQmCqdUuZLifdwPFk3ebmFxRQixESZ_zt9Oi131XJ-GJo4_RLdJneFE86srGx4c0RcSsQ; tealiumEnable=false
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST
content-encoding: gzip
etag: "1d9581c5b66c95d"
last-modified: Thu, 16 Mar 2023 15:31:20 GMT
vary: User-Agent, Accept-Encoding
request-context: appId=
ag-correlation-id: 4fbe5bea-0ef1-41ba-882e-f43177a30078
x-ua-compatible: IE=edge
ag-downstream-handler: none.none
content-length: 22351
date: Tue, 21 Mar 2023 19:29:57 GMT
X-Firefox-Spdy: h2
www.agoda.com/api/cronos/layout/login/params
104.110.12.18200 OK 3.4 kB URL HTTP/2 www.agoda.com/api/cronos/layout/login/params
IP 104.110.12.18:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (8017), with no line terminators
Hash 8859537f1065e65ce500446c37cd78fd
9e1443ac43db2a7858f725033cfc3237a253ca29
41b111b77f2659d7cb7e5a423e954425850b45b5040a4e4b65bdb9ab284a78c9
GET /api/cronos/layout/login/params HTTP/1.1
Host: www.agoda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.agoda.com/deals?pcs=1&cid=1912728
X-Requested-With: XMLHttpRequest
Content-type: application/json; charset=utf-8
AG-Language-Locale: en-us, en-us
AG-Language-Id: 1
CR-Currency-Id: 31
CR-Currency-Code: NOK
Connection: keep-alive
Cookie: agoda.analytics=Id=3570967770377756784&Signature=1173737124330683137&Expiry=1679430595943; agoda.vuser=UserId=a419d6b2-c6c2-49c9-8aa2-58a274c1c436; agoda.user.03=UserId=7516ef33-fd58-4d41-a18e-05270e162998; UserSession=7516ef33-fd58-4d41-a18e-05270e162998; agoda.version.03=CookieId=a40b0b92-c1e0-4dba-93db-007a53f44bbd&AllocId=20f54151e41f78400cf35e16d8f3f39909543cf8da879f1cf68d4126a0f36dd32638de1d393627f149aec9781dd004de1cebcadf543888387470398ddb4d184f5c90be4915eff533fed755511330c028f237d3dcc7a40b0b92c1e0dba3db007a53f44bbd&DLang=en-us&CurLabel=NOK&DPN=1&Alloc=&FEBuildVersion=&TItems=2$1912728$03-22-2023 02:29$03-23-2023 02:29$; ASP.NET_SessionId=rddk2wcjb5zv0ww1bmt2u54n; agoda.attr.03=ATItems=1912728$03-22-2023 02:29$; agoda.firstclicks=1912728||||2023-03-22T02:29:55||rddk2wcjb5zv0ww1bmt2u54n||{"IsPaid":true,"gclid":"","Type":""}; agoda.lastclicks=1912728||||2023-03-22T02:29:56||rddk2wcjb5zv0ww1bmt2u54n||{"IsPaid":true,"gclid":"","Type":""}; agoda.landings=1912728|||rddk2wcjb5zv0ww1bmt2u54n|2023-03-22T02:29:55|True|19----1912728|||rddk2wcjb5zv0ww1bmt2u54n|2023-03-22T02:29:56|True|20----1912728|||rddk2wcjb5zv0ww1bmt2u54n|2023-03-22T02:29:56|True|99; session_cache={"Cache":"amdata1","Time":"638150237959710257","SessionID":"rddk2wcjb5zv0ww1bmt2u54n","CheckID":"04301f1015f491f033b85e4ec123e922170c659f","CType":"N"}; agoda.prius=PriusID=0&PointsMaxTraffic=Agoda; xsrf_token=CfDJ8Dkuqwv-0VhLoFfD8dw7lYzEDEyNJZJY77GB09daO65PRp-KeKtVEDiNkaEeO7XQaj3Us6a_JXykiMyyP4SQmCqdUuZLifdwPFk3ebmFxRQixESZ_zt9Oi131XJ-GJo4_RLdJneFE86srGx4c0RcSsQ; tealiumEnable=false
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json; charset=utf-8
vary: User-Agent, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST
access-control-expose-headers: ag-correlation-id
request-context: appId=
ag-correlation-id: edf80303-a7f0-4315-9d53-1d9bb3d38877
x-recruiting: Like HTTP headers? Come write ours: https://careersatagoda.com/job/3931446-senior-software-engineer-full-stack-bangkok-based-relocation-provided/?gh_src=b096bae01us
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
ag-dc: am
x-ua-compatible: IE=edge
content-encoding: gzip
content-length: 3412
date: Tue, 21 Mar 2023 19:29:57 GMT
set-cookie: agoda.l2=; domain=www.agoda.com; path=/; expires=Mon, 20-Mar-2023 19:29:57 GMT; secure; HttpOnly
agoda.analytics=Id=3570967770377756784&Signature=1173737124330683137&Expiry=1679430595943; domain=.agoda.com; path=/; expires=Tue, 21-Mar-2023 20:29:55 GMT; secure
X-Firefox-Spdy: h2
www.agoda.com/api/cronos/mkt/GetConsentBanner
104.110.12.18200 OK 395 B URL HTTP/2 www.agoda.com/api/cronos/mkt/GetConsentBanner
IP 104.110.12.18:0
File type JSON data\012- , ASCII text, with very long lines (679), with no line terminators
Hash 760cc319c1d0912e4b22a555ed78d9c5
1aca4a9a304acfd215778206506ff5924114de9e
d21dae3cb3b293d854e10570d88e9acc32fdf601229887a8a008cf052782eee9
GET /api/cronos/mkt/GetConsentBanner HTTP/1.1
Host: www.agoda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.agoda.com/deals?pcs=1&cid=1912728
request-id: |547141a9a0794c7f981f712f971d2b11.6f090cf5c4314d20
traceparent: 00-547141a9a0794c7f981f712f971d2b11-6f090cf5c4314d20-01
Connection: keep-alive
Cookie: agoda.analytics=Id=3570967770377756784&Signature=1173737124330683137&Expiry=1679430595943; agoda.vuser=UserId=a419d6b2-c6c2-49c9-8aa2-58a274c1c436; agoda.user.03=UserId=7516ef33-fd58-4d41-a18e-05270e162998; UserSession=7516ef33-fd58-4d41-a18e-05270e162998; agoda.version.03=CookieId=a40b0b92-c1e0-4dba-93db-007a53f44bbd&AllocId=20f54151e41f78400cf35e16d8f3f39909543cf8da879f1cf68d4126a0f36dd32638de1d393627f149aec9781dd004de1cebcadf543888387470398ddb4d184f5c90be4915eff533fed755511330c028f237d3dcc7a40b0b92c1e0dba3db007a53f44bbd&DLang=en-us&CurLabel=NOK&DPN=1&Alloc=&FEBuildVersion=&TItems=2$1912728$03-22-2023 02:29$03-23-2023 02:29$; ASP.NET_SessionId=rddk2wcjb5zv0ww1bmt2u54n; agoda.attr.03=ATItems=1912728$03-22-2023 02:29$; agoda.firstclicks=1912728||||2023-03-22T02:29:55||rddk2wcjb5zv0ww1bmt2u54n||{"IsPaid":true,"gclid":"","Type":""}; agoda.lastclicks=1912728||||2023-03-22T02:29:56||rddk2wcjb5zv0ww1bmt2u54n||{"IsPaid":true,"gclid":"","Type":""}; agoda.landings=1912728|||rddk2wcjb5zv0ww1bmt2u54n|2023-03-22T02:29:55|True|19----1912728|||rddk2wcjb5zv0ww1bmt2u54n|2023-03-22T02:29:56|True|20----1912728|||rddk2wcjb5zv0ww1bmt2u54n|2023-03-22T02:29:56|True|99; session_cache={"Cache":"amdata1","Time":"638150237959710257","SessionID":"rddk2wcjb5zv0ww1bmt2u54n","CheckID":"04301f1015f491f033b85e4ec123e922170c659f","CType":"N"}; agoda.prius=PriusID=0&PointsMaxTraffic=Agoda; xsrf_token=CfDJ8Dkuqwv-0VhLoFfD8dw7lYzEDEyNJZJY77GB09daO65PRp-KeKtVEDiNkaEeO7XQaj3Us6a_JXykiMyyP4SQmCqdUuZLifdwPFk3ebmFxRQixESZ_zt9Oi131XJ-GJo4_RLdJneFE86srGx4c0RcSsQ; tealiumEnable=false; ai_user=eHbZEBj9Bx/n94d0dJjDai|2023-03-21T19:30:00.890Z
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json; charset=utf-8
vary: User-Agent, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST
access-control-expose-headers: ag-correlation-id
request-context: appId=
ag-correlation-id: 8b4d5d35-c086-40f8-ad1e-1564320f9293
x-recruiting: Like HTTP headers? Come write ours: https://careersatagoda.com/job/3931446-senior-software-engineer-full-stack-bangkok-based-relocation-provided/?gh_src=b096bae01us
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
ag-dc: am
x-ua-compatible: IE=edge
content-encoding: gzip
content-length: 395
date: Tue, 21 Mar 2023 19:29:57 GMT
set-cookie: agoda.l2=; domain=www.agoda.com; path=/; expires=Mon, 20-Mar-2023 19:29:57 GMT; secure; HttpOnly
agoda.analytics=Id=3570967770377756784&Signature=1173737124330683137&Expiry=1679430595943; domain=.agoda.com; path=/; expires=Tue, 21-Mar-2023 20:29:55 GMT; secure
X-Firefox-Spdy: h2
www.agoda.com/api/cronos/layout/notification/get
104.110.12.18200 OK 118 B URL HTTP/2 www.agoda.com/api/cronos/layout/notification/get
IP 104.110.12.18:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ea1d95187eded101385bd336bed2cf02
eaa25394d05c9f6e73420e8b4a55c0daaf780c82
919fedc2e6cb190220d3d462bbeadbac7bae8876850086a891b0e7d0e81ce658
POST /api/cronos/layout/notification/get HTTP/1.1
Host: www.agoda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.agoda.com/deals?pcs=1&cid=1912728
X-Requested-With: XMLHttpRequest
Content-type: application/json; charset=utf-8
AG-Language-Locale: en-us
AG-Language-Id: 1
CR-Currency-Id: 31
CR-Currency-Code: NOK
Request-Id: |547141a9a0794c7f981f712f971d2b11.37cc13875c2249bb
traceparent: 00-547141a9a0794c7f981f712f971d2b11-37cc13875c2249bb-01
Content-Length: 167
Origin: https://www.agoda.com
Connection: keep-alive
Cookie: agoda.analytics=Id=3570967770377756784&Signature=1173737124330683137&Expiry=1679430595943; agoda.vuser=UserId=a419d6b2-c6c2-49c9-8aa2-58a274c1c436; agoda.user.03=UserId=7516ef33-fd58-4d41-a18e-05270e162998; UserSession=7516ef33-fd58-4d41-a18e-05270e162998; agoda.version.03=CookieId=a40b0b92-c1e0-4dba-93db-007a53f44bbd&AllocId=20f54151e41f78400cf35e16d8f3f39909543cf8da879f1cf68d4126a0f36dd32638de1d393627f149aec9781dd004de1cebcadf543888387470398ddb4d184f5c90be4915eff533fed755511330c028f237d3dcc7a40b0b92c1e0dba3db007a53f44bbd&DLang=en-us&CurLabel=NOK&DPN=1&Alloc=&FEBuildVersion=&TItems=2$1912728$03-22-2023 02:29$03-23-2023 02:29$; ASP.NET_SessionId=rddk2wcjb5zv0ww1bmt2u54n; agoda.attr.03=ATItems=1912728$03-22-2023 02:29$; agoda.firstclicks=1912728||||2023-03-22T02:29:55||rddk2wcjb5zv0ww1bmt2u54n||{"IsPaid":true,"gclid":"","Type":""}; agoda.lastclicks=1912728||||2023-03-22T02:29:56||rddk2wcjb5zv0ww1bmt2u54n||{"IsPaid":true,"gclid":"","Type":""}; agoda.landings=1912728|||rddk2wcjb5zv0ww1bmt2u54n|2023-03-22T02:29:55|True|19----1912728|||rddk2wcjb5zv0ww1bmt2u54n|2023-03-22T02:29:56|True|20----1912728|||rddk2wcjb5zv0ww1bmt2u54n|2023-03-22T02:29:56|True|99; session_cache={"Cache":"amdata1","Time":"638150237959710257","SessionID":"rddk2wcjb5zv0ww1bmt2u54n","CheckID":"04301f1015f491f033b85e4ec123e922170c659f","CType":"N"}; agoda.prius=PriusID=0&PointsMaxTraffic=Agoda; xsrf_token=CfDJ8Dkuqwv-0VhLoFfD8dw7lYzEDEyNJZJY77GB09daO65PRp-KeKtVEDiNkaEeO7XQaj3Us6a_JXykiMyyP4SQmCqdUuZLifdwPFk3ebmFxRQixESZ_zt9Oi131XJ-GJo4_RLdJneFE86srGx4c0RcSsQ; tealiumEnable=false; ai_user=eHbZEBj9Bx/n94d0dJjDai|2023-03-21T19:30:00.890Z
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.agoda.com
access-control-expose-headers: ag-correlation-id
vary: Accept-Encoding, User-Agent, Accept-Encoding
request-context: appId=
ag-correlation-id: bd98867c-f3fa-4f88-8fb8-509eacf5492e
x-recruiting: Like HTTP headers? Come write ours: https://careersatagoda.com/job/3931446-senior-software-engineer-full-stack-bangkok-based-relocation-provided/?gh_src=b096bae01us
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
ag-dc: am
x-ua-compatible: IE=edge
content-encoding: gzip
date: Tue, 21 Mar 2023 19:29:57 GMT
content-length: 118
set-cookie: agoda.l2=; domain=www.agoda.com; path=/; expires=Mon, 20-Mar-2023 19:29:57 GMT; secure; HttpOnly
agoda.analytics=Id=3570967770377756784&Signature=1173737124330683137&Expiry=1679430595943; domain=.agoda.com; path=/; expires=Tue, 21-Mar-2023 20:29:55 GMT; secure
X-Firefox-Spdy: h2
cdn6.agoda.net/images/sprite/bg-sprite-partner_v3.png
23.38.200.240200 OK 8.6 kB URL HTTP/2 cdn6.agoda.net/images/sprite/bg-sprite-partner_v3.png
IP 23.38.200.240:0
File type PNG image data, 480 x 198, 8-bit colormap, non-interlaced\012- data
Hash 3c8c245b2fcd4c6ada5c1b65e1aea8f8
4cfdbdcaab5e75c442bd0143711d85f05cc1a4b6
fc4f4bf7b045610a6cafe2c690d3c3d3655475c4af4adaa4287a9c72cf153619
GET /images/sprite/bg-sprite-partner_v3.png HTTP/1.1
Host: cdn6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 8605
last-modified: Mon, 22 Jul 2019 03:27:59 GMT
etag: "cf152763d40d51:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=650630
expires: Wed, 29 Mar 2023 08:13:47 GMT
date: Tue, 21 Mar 2023 19:29:57 GMT
X-Firefox-Spdy: h2
cdn6.agoda.net/images/fonts/global-refresh/icons-89a6761cd841725e350b9c0a886b1fb8.woff
23.38.200.240200 OK 240 kB URL HTTP/2 cdn6.agoda.net/images/fonts/global-refresh/icons-89a6761cd841725e350b9c0a886b1fb8.woff
IP 23.38.200.240:0
File type Web Open Font Format, TrueType, length 240036, version 1.0\012- data
Size 240 kB (240036 bytes)
Hash a0e54b533a77430aa1c348d922ba87b4
498aec94ad5c1ca93d5f324e794423165be72134
135054a864e36dd5eedd2bb43dd4add245224b1f5dfb66776de5a02b8840c886
GET /images/fonts/global-refresh/icons-89a6761cd841725e350b9c0a886b1fb8.woff HTTP/1.1
Host: cdn6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.agoda.com
Connection: keep-alive
Referer: https://cdn6.agoda.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: font/x-woff
content-length: 240036
last-modified: Thu, 21 Jan 2021 16:52:55 GMT
etag: "808d31dd15f0d61:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=1773299
expires: Tue, 11 Apr 2023 08:04:56 GMT
date: Tue, 21 Mar 2023 19:29:57 GMT
X-Firefox-Spdy: h2
cdn6.agoda.net/images/mvc/flags/bg-sprite-flags.png
23.38.200.240200 OK 38 kB URL HTTP/2 cdn6.agoda.net/images/mvc/flags/bg-sprite-flags.png
IP 23.38.200.240:0
File type PNG image data, 480 x 504, 8-bit colormap, non-interlaced\012- data
Hash dc18177716fd53fa6b434fa9f0fa209d
88cad39c99d72a11950932aa0fb3ad3b426a356e
c35f5b6b805f12f7e9f7f58a9ae0a89fa5e55b8c5f2746c65df4105effa9aa9e
GET /images/mvc/flags/bg-sprite-flags.png HTTP/1.1
Host: cdn6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/deals-a5ad5f5049cb.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 38332
last-modified: Wed, 21 Feb 2018 04:26:08 GMT
etag: "1dcf3918ccaad31:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=2322455
expires: Mon, 17 Apr 2023 16:37:32 GMT
date: Tue, 21 Mar 2023 19:29:57 GMT
X-Firefox-Spdy: h2
cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/vendors-braze_v2-e6d102d75866.js
23.38.200.240200 OK 41 kB URL HTTP/2 cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/vendors-braze_v2-e6d102d75866.js
IP 23.38.200.240:0
File type Unicode text, UTF-8 text, with very long lines (65131)
Hash 2fcdb70a0fed687b36430d19e52a52b3
7a9b3e2973fca0f140e681d095853128529aef76
3b22d5acf98c8fa941d41634533e378fa5a2eab289906e985bd46166272962be
GET /cdn-marketing_cronos/js/assets/cronos/vendors-braze_v2-e6d102d75866.js HTTP/1.1
Host: cdn6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
access-control-allow-origin: *
content-encoding: br
etag: W/"a6f69afadb3d2e8f9940263fd4de1eed"
last-modified: Tue, 07 Mar 2023 03:09:31 GMT
server: Akamai Resource Optimizer
timing-allow-origin: *
x-cache-status: MISS
x-dc: SIN
x-amz-request-id: tx00000000000000374b2d7-006406aacd-71ac8b06-sin
x-rgw-object-type: Normal
content-length: 41119
cache-control: max-age=1323497
expires: Thu, 06 Apr 2023 03:08:14 GMT
date: Tue, 21 Mar 2023 19:29:57 GMT
X-Firefox-Spdy: h2
www.agoda.com/api/cronos/layout/culture/getlanguages
104.110.12.18200 OK 1.7 kB URL HTTP/2 www.agoda.com/api/cronos/layout/culture/getlanguages
IP 104.110.12.18:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (8504), with no line terminators
Hash a53f0538589911590cdc5021bdf2c0b0
6277677bd8d03e17cff4c2ae26fa286db39fde80
9a64b7ea82350a7cebb1bd0a6dca0825140bbb9bea0566981497d8d51867fc48
GET /api/cronos/layout/culture/getlanguages HTTP/1.1
Host: www.agoda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.agoda.com/deals?pcs=1&cid=1912728
X-Requested-With: XMLHttpRequest
Content-type: application/json; charset=utf-8
AG-Language-Locale: en-us
AG-Language-Id: 1
CR-Currency-Id: 31
CR-Currency-Code: NOK
Request-Id: |547141a9a0794c7f981f712f971d2b11.35365a128ced4c17
traceparent: 00-547141a9a0794c7f981f712f971d2b11-35365a128ced4c17-01
Connection: keep-alive
Cookie: agoda.analytics=Id=3570967770377756784&Signature=1173737124330683137&Expiry=1679430595943; agoda.vuser=UserId=a419d6b2-c6c2-49c9-8aa2-58a274c1c436; agoda.user.03=UserId=7516ef33-fd58-4d41-a18e-05270e162998; UserSession=7516ef33-fd58-4d41-a18e-05270e162998; agoda.version.03=CookieId=a40b0b92-c1e0-4dba-93db-007a53f44bbd&AllocId=20f54151e41f78400cf35e16d8f3f39909543cf8da879f1cf68d4126a0f36dd32638de1d393627f149aec9781dd004de1cebcadf543888387470398ddb4d184f5c90be4915eff533fed755511330c028f237d3dcc7a40b0b92c1e0dba3db007a53f44bbd&DLang=en-us&CurLabel=NOK&DPN=1&Alloc=&FEBuildVersion=&TItems=2$1912728$03-22-2023 02:29$03-23-2023 02:29$; ASP.NET_SessionId=rddk2wcjb5zv0ww1bmt2u54n; agoda.attr.03=ATItems=1912728$03-22-2023 02:29$; agoda.firstclicks=1912728||||2023-03-22T02:29:55||rddk2wcjb5zv0ww1bmt2u54n||{"IsPaid":true,"gclid":"","Type":""}; agoda.lastclicks=1912728||||2023-03-22T02:29:56||rddk2wcjb5zv0ww1bmt2u54n||{"IsPaid":true,"gclid":"","Type":""}; agoda.landings=1912728|||rddk2wcjb5zv0ww1bmt2u54n|2023-03-22T02:29:55|True|19----1912728|||rddk2wcjb5zv0ww1bmt2u54n|2023-03-22T02:29:56|True|20----1912728|||rddk2wcjb5zv0ww1bmt2u54n|2023-03-22T02:29:56|True|99; session_cache={"Cache":"amdata1","Time":"638150237959710257","SessionID":"rddk2wcjb5zv0ww1bmt2u54n","CheckID":"04301f1015f491f033b85e4ec123e922170c659f","CType":"N"}; agoda.prius=PriusID=0&PointsMaxTraffic=Agoda; xsrf_token=CfDJ8Dkuqwv-0VhLoFfD8dw7lYzEDEyNJZJY77GB09daO65PRp-KeKtVEDiNkaEeO7XQaj3Us6a_JXykiMyyP4SQmCqdUuZLifdwPFk3ebmFxRQixESZ_zt9Oi131XJ-GJo4_RLdJneFE86srGx4c0RcSsQ; tealiumEnable=false; ai_user=eHbZEBj9Bx/n94d0dJjDai|2023-03-21T19:30:00.890Z
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json; charset=utf-8
vary: User-Agent, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST
access-control-expose-headers: ag-correlation-id
request-context: appId=
ag-correlation-id: d3f21099-ee49-49fb-b23a-550441415a6c
x-recruiting: Like HTTP headers? Come write ours: https://careersatagoda.com/job/3931446-senior-software-engineer-full-stack-bangkok-based-relocation-provided/?gh_src=b096bae01us
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
ag-dc: am
x-ua-compatible: IE=edge
content-encoding: gzip
date: Tue, 21 Mar 2023 19:29:57 GMT
content-length: 1659
set-cookie: agoda.l2=; domain=www.agoda.com; path=/; expires=Mon, 20-Mar-2023 19:29:57 GMT; secure; HttpOnly
agoda.analytics=Id=3570967770377756784&Signature=1173737124330683137&Expiry=1679430595943; domain=.agoda.com; path=/; expires=Tue, 21-Mar-2023 20:29:55 GMT; secure
X-Firefox-Spdy: h2
pix6.agoda.net/images/MVC/default/logo-en.svg
23.38.200.240200 OK 42 B URL HTTP/2 pix6.agoda.net/images/MVC/default/logo-en.svg
IP 23.38.200.240:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash accba0b69f352b4c9440f05891b015c5
9d01cc5dc8e042c0d4ad6cfb8b3ac38e84a5ef9f
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
GET /images/MVC/default/logo-en.svg HTTP/1.1
Host: pix6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/gif
content-length: 42
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH, ASH
cache-control: max-age=23
expires: Tue, 21 Mar 2023 19:30:20 GMT
date: Tue, 21 Mar 2023 19:29:57 GMT
X-Firefox-Spdy: h2
cdn6.agoda.net/images/desktop/bg-sprite-flags.png
23.38.200.240200 OK 66 kB URL HTTP/2 cdn6.agoda.net/images/desktop/bg-sprite-flags.png
IP 23.38.200.240:0
File type PNG image data, 480 x 1092, 8-bit colormap, non-interlaced\012- data
Hash a49b79bbde78f08f8d66c0eddaaff977
019167ed9ecee7bcd228fb4639e490a3746c7d1f
33e880aa212095a2f1be3428fc8d42848c1b028907cf7fe26882d732f938af0a
GET /images/desktop/bg-sprite-flags.png HTTP/1.1
Host: cdn6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/theme-agoda-76e64d672275.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 65795
last-modified: Mon, 17 Oct 2016 07:24:38 GMT
etag: "07f9f844728d21:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=1763007
expires: Tue, 11 Apr 2023 05:13:24 GMT
date: Tue, 21 Mar 2023 19:29:57 GMT
X-Firefox-Spdy: h2
cdn6.agoda.net/images/WebCampaign/NewWebDealsPage/Highlight_AgodaVIP_1.png
23.38.200.240200 OK 96 kB URL HTTP/2 cdn6.agoda.net/images/WebCampaign/NewWebDealsPage/Highlight_AgodaVIP_1.png
IP 23.38.200.240:0
File type PNG image data, 574 x 368, 8-bit/color RGBA, non-interlaced\012- data
Hash faecdcafb15b6845e9c2aeaa4450c029
3886dd1e7ac68528f336b385206f813c3f19cb05
a4dd96eb6a28cd3c7105c4145b45aa6bdcdf9ecd5eb3673e352b152a04630083
GET /images/WebCampaign/NewWebDealsPage/Highlight_AgodaVIP_1.png HTTP/1.1
Host: cdn6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 96058
last-modified: Tue, 14 Dec 2021 09:32:29 GMT
etag: "4a27be83cdf0d71:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
unused62: 8096267
cache-control: max-age=1794577
expires: Tue, 11 Apr 2023 13:59:34 GMT
date: Tue, 21 Mar 2023 19:29:57 GMT
X-Firefox-Spdy: h2
cdn0.agoda.net/images/blt2/dealshub/mainbanner.png
23.38.200.240200 OK 63 kB URL HTTP/2 cdn0.agoda.net/images/blt2/dealshub/mainbanner.png
IP 23.38.200.240:0
File type PNG image data, 2880 x 376, 8-bit colormap, non-interlaced\012- data
Hash c7061d6bc589e884a628e9fabe589963
d9969e17b73989ab37d0d19c0aa566c440869580
4180ea756142745b499f65fbfa22a3f51bd6b34d0368cee6fb30a335d61d790f
GET /images/blt2/dealshub/mainbanner.png HTTP/1.1
Host: cdn0.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn6.agoda.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 62800
last-modified: Fri, 17 Dec 2021 07:42:36 GMT
etag: "147011a919f3d71:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=1644751
expires: Sun, 09 Apr 2023 20:22:29 GMT
date: Tue, 21 Mar 2023 19:29:58 GMT
X-Firefox-Spdy: h2
cdn0.agoda.net/images/emailmarketing/deals_elements/Web_Deals_Page_More_Deals.png
23.38.200.240200 OK 79 kB URL HTTP/2 cdn0.agoda.net/images/emailmarketing/deals_elements/Web_Deals_Page_More_Deals.png
IP 23.38.200.240:0
File type PNG image data, 575 x 369, 8-bit/color RGBA, non-interlaced\012- data
Hash 881a204ca353e0aaf76328e581dca8ae
7b417f9bd3235900788bd35d9dbbd835e868c745
f4fbad6df1feec5bf091b7e07b2cc62a4a58d08e3cdf05390119778879082024
GET /images/emailmarketing/deals_elements/Web_Deals_Page_More_Deals.png HTTP/1.1
Host: cdn0.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 79241
last-modified: Tue, 04 Oct 2022 07:50:28 GMT
etag: "03a32f8c5d7d81:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=1886358
expires: Wed, 12 Apr 2023 15:29:16 GMT
date: Tue, 21 Mar 2023 19:29:58 GMT
X-Firefox-Spdy: h2
cdn0.agoda.net/images/emailmarketing/custmkt/deals_email_elements/internationalDeals.png
23.38.200.240200 OK 11 kB URL HTTP/2 cdn0.agoda.net/images/emailmarketing/custmkt/deals_email_elements/internationalDeals.png
IP 23.38.200.240:0
File type PNG image data, 288 x 184, 8-bit colormap, non-interlaced\012- data
Hash 8f3985fdfd8880ebd03a74356ac36630
a1853b223403ae9e44b0b21dbb28c5bebffb0e13
82ff3eae8f613d7d9611f9116193148550cd528aa80663d45028021d4561da85
GET /images/emailmarketing/custmkt/deals_email_elements/internationalDeals.png HTTP/1.1
Host: cdn0.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 10732
last-modified: Wed, 11 Jan 2023 04:47:32 GMT
etag: "c084e3d07725d91:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=1869671
expires: Wed, 12 Apr 2023 10:51:09 GMT
date: Tue, 21 Mar 2023 19:29:58 GMT
X-Firefox-Spdy: h2
cdn0.agoda.net/images/emailmarketing/HD-icon/agoji_vacation_loading.png
23.38.200.240200 OK 43 kB URL HTTP/2 cdn0.agoda.net/images/emailmarketing/HD-icon/agoji_vacation_loading.png
IP 23.38.200.240:0
File type PNG image data, 347 x 317, 8-bit/color RGBA, non-interlaced\012- data
Hash 41144488ba6170077c9a5f98596443b6
19f3fbefc69e29cedd4a5a418de89cb286b1abb8
63a202669655ccebcc99177684a9b861a48391ea4ef5b5602f6d026079553606
GET /images/emailmarketing/HD-icon/agoji_vacation_loading.png HTTP/1.1
Host: cdn0.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 43077
last-modified: Thu, 16 Dec 2021 07:49:25 GMT
etag: "561c767251f2d71:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=1885584
expires: Wed, 12 Apr 2023 15:16:22 GMT
date: Tue, 21 Mar 2023 19:29:58 GMT
X-Firefox-Spdy: h2
cdn0.agoda.net/images/emailmarketing/js_elements/full-img-2x.png
23.38.200.240200 OK 186 kB URL HTTP/2 cdn0.agoda.net/images/emailmarketing/js_elements/full-img-2x.png
IP 23.38.200.240:0
File type PNG image data, 2104 x 602, 8-bit/color RGBA, non-interlaced\012- data
Size 186 kB (185758 bytes)
Hash 3d83516b86d47b9ecd7874ea720b5789
a1c40174fcd5c89b218a6d679886786a58c4e7eb
c0668f12486a9dc5532ea771a6576ec63849d5bf98cbc2e0c459649217c69d5c
GET /images/emailmarketing/js_elements/full-img-2x.png HTTP/1.1
Host: cdn0.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 185758
last-modified: Wed, 05 Jan 2022 08:04:08 GMT
etag: "f82f21d1a2d81:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=1885113
expires: Wed, 12 Apr 2023 15:08:31 GMT
date: Tue, 21 Mar 2023 19:29:58 GMT
X-Firefox-Spdy: h2
cdn0.agoda.net/images/consentbanner/cookie.png
23.38.200.240200 OK 938 B URL HTTP/2 cdn0.agoda.net/images/consentbanner/cookie.png
IP 23.38.200.240:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef95ac3b6488dd54e1262c043a39c008
46b6ef5b828e240925afb6a04ef8923041fed392
db113ee98dd4e8a8474e5a86ea18813bbcbad7ee139e55467df84760c4771b30
GET /images/consentbanner/cookie.png HTTP/1.1
Host: cdn0.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 938
last-modified: Tue, 09 Aug 2022 11:25:03 GMT
etag: "284b70abe2abd81:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=2483519
expires: Wed, 19 Apr 2023 13:21:57 GMT
date: Tue, 21 Mar 2023 19:29:58 GMT
X-Firefox-Spdy: h2
cdn0.agoda.net/images/fonts/mallory-medium.woff2
23.38.200.240200 OK 54 kB URL HTTP/2 cdn0.agoda.net/images/fonts/mallory-medium.woff2
IP 23.38.200.240:0
File type Web Open Font Format (Version 2), TrueType, length 53637, version 1.0\012- data
Hash 3211aebce77f169fe755c52a0955c9f6
4140b90790d1a49f8637ae641e55a6c870c8631e
de630979937e5b5b6ed1f6b237383779bd2c23f5b4104e132f6d048f9f1ffe92
GET /images/fonts/mallory-medium.woff2 HTTP/1.1
Host: cdn0.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.agoda.com
Connection: keep-alive
Referer: https://cdn6.agoda.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: font/x-woff2
content-length: 53637
last-modified: Wed, 10 Aug 2016 06:51:53 GMT
etag: "42d4e1add3f2d11:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=1189640
expires: Tue, 04 Apr 2023 13:57:18 GMT
date: Tue, 21 Mar 2023 19:29:58 GMT
X-Firefox-Spdy: h2
cdn0.agoda.net/images/fonts/Mallory-Book.woff2
23.38.200.240200 OK 52 kB URL HTTP/2 cdn0.agoda.net/images/fonts/Mallory-Book.woff2
IP 23.38.200.240:0
File type Web Open Font Format (Version 2), TrueType, length 52237, version 1.0\012- data
Hash 9da57a7cb768ee379fddf2c4185d5603
10461b27648f83f961e583119cfaec22f0f57a00
3455511856790dabab542f954b002cc62a0a75f096b58aeb4ffd52a06eb9883e
GET /images/fonts/Mallory-Book.woff2 HTTP/1.1
Host: cdn0.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.agoda.com
Connection: keep-alive
Referer: https://cdn6.agoda.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: font/x-woff2
content-length: 52237
last-modified: Wed, 31 Aug 2016 08:13:19 GMT
etag: "429bd6885f3d21:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=1780738
expires: Tue, 11 Apr 2023 10:08:56 GMT
date: Tue, 21 Mar 2023 19:29:58 GMT
X-Firefox-Spdy: h2
cdn0.agoda.net/images/fonts/mallory-light-webfont-v01.woff2
23.38.200.240200 OK 52 kB URL HTTP/2 cdn0.agoda.net/images/fonts/mallory-light-webfont-v01.woff2
IP 23.38.200.240:0
File type Web Open Font Format (Version 2), TrueType, length 52321, version 1.0\012- data
Hash 93f441bab86ee3e21d43e0dc3b3bbad2
95558f8ed5b02877438f97ccc9d26a13069c38bf
fb023437a64f3743a90c382f70c6726e3e3862ba00ffaf6e7e0bc3a65a33f0c8
GET /images/fonts/mallory-light-webfont-v01.woff2 HTTP/1.1
Host: cdn0.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.agoda.com
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: font/x-woff2
content-length: 52321
last-modified: Fri, 07 May 2021 10:15:20 GMT
etag: "8e35bce22943d71:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=1690905
expires: Mon, 10 Apr 2023 09:11:43 GMT
date: Tue, 21 Mar 2023 19:29:58 GMT
X-Firefox-Spdy: h2
aai.agoda.net/v2/track
23.38.200.240204 No Content 0 B IP 23.38.200.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v2/track HTTP/1.1
Host: aai.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.agoda.com/
Origin: https://www.agoda.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.agoda.com
access-control-max-age: 1200
vary: Origin
request-context: appId=
date: Tue, 21 Mar 2023 19:29:58 GMT
X-Firefox-Spdy: h2
aai.agoda.net/v2/track
23.38.200.240200 OK 0 B IP 23.38.200.240:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v2/track HTTP/1.1
Host: aai.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 6739
Origin: https://www.agoda.com
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.agoda.com
access-control-expose-headers: ag-correlation-id
vary: Origin
request-context: appId=
ag-correlation-id: fff7a0ff-6591-46d1-a132-05bd907bb897
x-recruiting: Like HTTP headers? Come write ours: https://careersatagoda.com/job/3931446-senior-software-engineer-full-stack-bangkok-based-relocation-provided/?gh_src=b096bae01us
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
ag-dc: am
date: Tue, 21 Mar 2023 19:29:58 GMT
set-cookie: agoda.analytics=Id=6365124758686537744&Signature=-3423804833641282591&Expiry=1679430598914; domain=agoda.net; path=/; expires=Tue, 21-Mar-2023 20:29:58 GMT; secure
agoda.user.03=UserId=2d0fa3bf-fbb3-4906-9f7f-9c5717fbe84e; domain=agoda.net; path=/; expires=Thu, 21-Mar-2024 19:29:58 GMT; secure
agoda.prius=PriusID=0&PointsMaxTraffic=Agoda; domain=agoda.net; path=/; expires=Thu, 21-Mar-2024 19:29:58 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash cbbaada8dea912362da1752106eebd52
9912b49e07f8d15d13f7a1be68d65679e84d275d
4b88e0a624b169b96b60859042d393cb27daa56e6ee9091f6ead2869e257e3f4
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Tue, 21 Mar 2023 19:29:59 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Mon, 20 Mar 2023 05:17:43 GMT
Expires: Mon, 27 Mar 2023 05:17:42 GMT
Etag: "9912b49e07f8d15d13f7a1be68d65679e84d275d"
Cache-Control: max-age=466662,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb1
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ab89b57a9a9fac0-OSL
sdk.iad-01.braze.com/api/v3/content_cards/sync
151.101.65.208201 Created 96 B URL HTTP/2 sdk.iad-01.braze.com/api/v3/content_cards/sync
IP 151.101.65.208:0
Hash 5d33c51afd9bb125137f823a5acb1ad8
eed90abc0b97aa4862650402cedaebe9f2cafa9d
7f4c007ca4bee3e91fd45edbc29baaefb431eb617c2048e1d161eb1d7b6c60e9
POST /api/v3/content_cards/sync HTTP/1.1
Host: sdk.iad-01.braze.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
X-Requested-With: XMLHttpRequest
X-Braze-Api-Key: d999de98-30bc-4346-8124-a15900a101ae
X-Braze-DataRequest: true
X-Braze-ContentCardsRequest: true
Content-Length: 475
Origin: https://www.agoda.com
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 201 Created
content-type: application/json
server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers:
access-control-max-age: 7200
etag: W/"47af87d10e4504b69904cb513868bf3e"
cache-control: max-age=0, private, must-revalidate
x-request-id: 6a695687-bf2e-4bc0-8e05-7bb5840ca3d7
x-runtime: 0.035776
content-encoding: gzip
accept-ranges: bytes
date: Tue, 21 Mar 2023 19:29:58 GMT
via: 1.1 varnish
x-served-by: cache-bma1681-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679426999.643420,VS0,VE129
vary: Origin,Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
sdk.iad-01.braze.com/api/v3/content_cards/sync
151.101.65.208201 Created 94 B URL HTTP/2 sdk.iad-01.braze.com/api/v3/content_cards/sync
IP 151.101.65.208:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 8be2cb2823330994ccc3015de286e1c9
a482c2a71b0117d38a60bb1abc8512381647294b
31b145356acccbfedf68f8fc108bda6c73adb595fa34533e5376f32f58fe4e05
POST /api/v3/content_cards/sync HTTP/1.1
Host: sdk.iad-01.braze.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
X-Requested-With: XMLHttpRequest
X-Braze-Api-Key: d999de98-30bc-4346-8124-a15900a101ae
X-Braze-DataRequest: true
X-Braze-ContentCardsRequest: true
Content-Length: 475
Origin: https://www.agoda.com
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 201 Created
content-type: application/json
server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers:
access-control-max-age: 7200
etag: W/"9ef9b65bb3d07ab14f21ccffcb45ccb5"
cache-control: max-age=0, private, must-revalidate
x-request-id: 7d18a724-9650-4619-8878-827de9b8a010
x-runtime: 0.026253
content-encoding: gzip
accept-ranges: bytes
date: Tue, 21 Mar 2023 19:30:01 GMT
via: 1.1 varnish
x-served-by: cache-bma1681-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679427002.641584,VS0,VE119
vary: Origin,Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
sdk.iad-01.braze.com/api/v3/data/
151.101.65.208200 OK 0 B URL HTTP/2 sdk.iad-01.braze.com/api/v3/data/
IP 151.101.65.208:0
OPTIONS /api/v3/data/ HTTP/1.1
Host: sdk.iad-01.braze.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Referer: https://www.agoda.com/
Origin: https://www.agoda.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers:
access-control-max-age: 7200
access-control-allow-headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
content-encoding: gzip
accept-ranges: bytes
date: Tue, 21 Mar 2023 19:29:57 GMT
via: 1.1 varnish
x-served-by: cache-bma1681-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679426998.661973,VS0,VE273
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
sdk.iad-01.braze.com/api/v3/data/
151.101.65.208200 OK 0 B URL HTTP/2 sdk.iad-01.braze.com/api/v3/data/
IP 151.101.65.208:0
OPTIONS /api/v3/data/ HTTP/1.1
Host: sdk.iad-01.braze.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-braze-api-key,x-requested-with
Referer: https://www.agoda.com/
Origin: https://www.agoda.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers:
access-control-max-age: 7200
access-control-allow-headers: content-type,x-braze-api-key,x-requested-with
content-encoding: gzip
accept-ranges: bytes
date: Tue, 21 Mar 2023 19:29:58 GMT
via: 1.1 varnish
x-served-by: cache-bma1681-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679426998.643473,VS0,VE366
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
sdk.iad-01.braze.com/api/v3/content_cards/sync
151.101.65.208200 OK 0 B URL HTTP/2 sdk.iad-01.braze.com/api/v3/content_cards/sync
IP 151.101.65.208:0
OPTIONS /api/v3/content_cards/sync HTTP/1.1
Host: sdk.iad-01.braze.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
Referer: https://www.agoda.com/
Origin: https://www.agoda.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers:
access-control-max-age: 7200
access-control-allow-headers: content-type,x-braze-api-key,x-braze-contentcardsrequest,x-braze-datarequest,x-requested-with
content-encoding: gzip
accept-ranges: bytes
date: Tue, 21 Mar 2023 19:29:58 GMT
via: 1.1 varnish
x-served-by: cache-bma1681-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679426998.954968,VS0,VE92
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
sdk.iad-01.braze.com/api/v3/content_cards/sync
151.101.65.208201 Created 0 B URL HTTP/2 sdk.iad-01.braze.com/api/v3/content_cards/sync
IP 151.101.65.208:0
POST /api/v3/content_cards/sync HTTP/1.1
Host: sdk.iad-01.braze.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
X-Requested-With: XMLHttpRequest
X-Braze-Api-Key: d999de98-30bc-4346-8124-a15900a101ae
X-Braze-DataRequest: true
X-Braze-ContentCardsRequest: true
Content-Length: 475
Origin: https://www.agoda.com
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 201 Created
content-type: application/json
server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers:
access-control-max-age: 7200
etag: W/"0eb782825c68cbd4d5e55ffea2b927f8"
cache-control: max-age=0, private, must-revalidate
x-request-id: fdcfd69f-a10c-4f01-a1d8-939fe1293ef7
x-runtime: 0.021822
content-encoding: gzip
accept-ranges: bytes
date: Tue, 21 Mar 2023 19:29:59 GMT
via: 1.1 varnish
x-served-by: cache-bma1681-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679427000.638821,VS0,VE116
vary: Origin,Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
sdk.iad-01.braze.com/api/v3/content_cards/sync
151.101.65.208201 Created 0 B URL HTTP/2 sdk.iad-01.braze.com/api/v3/content_cards/sync
IP 151.101.65.208:0
POST /api/v3/content_cards/sync HTTP/1.1
Host: sdk.iad-01.braze.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
X-Requested-With: XMLHttpRequest
X-Braze-Api-Key: d999de98-30bc-4346-8124-a15900a101ae
X-Braze-DataRequest: true
X-Braze-ContentCardsRequest: true
Content-Length: 475
Origin: https://www.agoda.com
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 201 Created
content-type: application/json
server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers:
access-control-max-age: 7200
etag: W/"57ff42d9263a9d8bd81b05edf264cfc4"
cache-control: max-age=0, private, must-revalidate
x-request-id: 6f75aa89-7f06-4d37-97ed-2468d082de3e
x-runtime: 0.035392
content-encoding: gzip
accept-ranges: bytes
date: Tue, 21 Mar 2023 19:30:00 GMT
via: 1.1 varnish
x-served-by: cache-bma1681-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679427001.639793,VS0,VE128
vary: Origin,Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
sdk.iad-01.braze.com/api/v3/data/
151.101.65.208200 OK 0 B URL HTTP/2 sdk.iad-01.braze.com/api/v3/data/
IP 151.101.65.208:0
OPTIONS /api/v3/data/ HTTP/1.1
Host: sdk.iad-01.braze.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-braze-api-key,x-requested-with
Referer: https://www.agoda.com/
Origin: https://www.agoda.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers:
access-control-max-age: 7200
access-control-allow-headers: content-type,x-braze-api-key,x-requested-with
content-encoding: gzip
accept-ranges: bytes
date: Tue, 21 Mar 2023 19:29:57 GMT
via: 1.1 varnish
x-served-by: cache-bma1681-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679426998.643444,VS0,VE92
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
sdk.iad-01.braze.com/api/v3/data/
151.101.65.208201 Created 0 B URL HTTP/2 sdk.iad-01.braze.com/api/v3/data/
IP 151.101.65.208:0
POST /api/v3/data/ HTTP/1.1
Host: sdk.iad-01.braze.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
X-Requested-With: XMLHttpRequest
X-Braze-Api-Key: d999de98-30bc-4346-8124-a15900a101ae
Content-Length: 654
Origin: https://www.agoda.com
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 201 Created
content-type: application/json
server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers:
access-control-max-age: 7200
etag: W/"620acd62bbca252a8375fb9b0d2f7ea6"
cache-control: max-age=0, private, must-revalidate
x-request-id: 3e8e58cc-10ab-4b12-a0ee-35275d8e4a6a
x-runtime: 0.011652
content-encoding: gzip
accept-ranges: bytes
date: Tue, 21 Mar 2023 19:29:57 GMT
via: 1.1 varnish
x-served-by: cache-bma1681-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1679426998.762188,VS0,VE104
vary: Origin,Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2