r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1cdc095521e9ee2606059be447d1fdd5
02b5d0a5b5823e2338daf7e144700babe2a213af
8bda3aabcf331c2bfcc4c7023cd797c760fd301dc353641bb95048e072f66c66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "8BDA3AABCF331C2BFCC4C7023CD797C760FD301DC353641BB95048E072F66C66"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11220
Expires: Mon, 06 Feb 2023 00:43:35 GMT
Date: Sun, 05 Feb 2023 21:36:35 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash c21ba65e44ac95470c314e068e49a9eb
17a13b13738993d889d4afa3d848dc63bf6eba64
9bd0795b30e84ce63b6e2a365ca91bbffc395dd955e112152066c31e63a4ab66
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "9BD0795B30E84CE63B6E2A365CA91BBFFC395DD955E112152066C31E63A4AB66"
Last-Modified: Sat, 04 Feb 2023 11:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2290
Expires: Sun, 05 Feb 2023 22:14:45 GMT
Date: Sun, 05 Feb 2023 21:36:35 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Alert, Retry-After, Content-Length, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 05 Feb 2023 21:36:23 GMT
content-type: application/json
age: 12
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash fb7b6b46e708ad73eaaa3c21e74569ae
950663c025acad81556af5aa3022ecc9d55097fe
763f58b9fb838378c92033b59907b036f4c33081f5103d9bcc2ca2a8de500d64
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "763F58B9FB838378C92033B59907B036F4C33081F5103D9BCC2CA2A8DE500D64"
Last-Modified: Sat, 04 Feb 2023 08:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=3236
Expires: Sun, 05 Feb 2023 22:30:31 GMT
Date: Sun, 05 Feb 2023 21:36:35 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash 7b922915ebf1fa3639b333f994c74f24
144a3f80b98fd0652d4614f24cf6cbbee40f8938
adbb3e06df0e870f5c7a9cb81e8979d4e92735853d75c9b779c06470d4db5d9c
GET /chains/remote-settings.content-signature.mozilla.org-2023-02-28-18-04-20.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: uFNmAo6NYiRYX/EpTGYDyOkvYkBAkFY3VTIGQyGcUTcYV52XCfwa1gNy+dM8aPuSLkRF/UwtM6w=
x-amz-request-id: A3FY39GPNTSJGN2V
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 05 Feb 2023 20:53:26 GMT
age: 2589
last-modified: Mon, 09 Jan 2023 18:04:21 GMT
etag: "7b922915ebf1fa3639b333f994c74f24"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 21:36:35 GMT
content-type: application/json
content-length: 12
access-control-allow-credentials: true
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-expose-headers: content-type
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
lkljk.1be8d.gb.wy5532.com/
37.48.65.155302 Found 11 B URL HTTP/1.1 lkljk.1be8d.gb.wy5532.com/
IP 37.48.65.155:0
ASN #60781 LeaseWeb Netherlands B.V.
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
Analyzer Verdict Alert fortinet Malware
GET / HTTP/1.1
Host: lkljk.1be8d.gb.wy5532.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Sun, 05 Feb 2023 21:36:35 GMT
location: http://orest-vlv.com/zcvisitor/2a03e421-a59d-11ed-856d-1200e2463755/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=cdf02870-e7c3-11ec-be3c-128084d1ce51
server: nginx
set-cookie: sid=29f5c8a4-a59d-11ed-815c-a9f43181679d; path=/; domain=.wy5532.com; expires=Sat, 24 Feb 2091 00:50:42 GMT; max-age=2147483647; HttpOnly
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Expires, Content-Type, ETag, Last-Modified, Alert, Retry-After, Content-Length, Cache-Control, Pragma, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 05 Feb 2023 21:07:20 GMT
age: 1755
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
orest-vlv.com/zcvisitor/2a03e421-a59d-11ed-856d-1200e2463755/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=cdf02870-e7c3-11ec-be3c-128084d1ce51
52.7.54.238200 1.1 kB URL HTTP/1.1 orest-vlv.com/zcvisitor/2a03e421-a59d-11ed-856d-1200e2463755/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=cdf02870-e7c3-11ec-be3c-128084d1ce51
IP 52.7.54.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash e9852f7efc5a69cc19f4e3d1212bbd28
2965896870a3e7c370701dddf5c88d2b0aa750df
87555987ad031d859c780a2fe010dc071b4a18e54399d5e64c9badff14e53326
GET /zcvisitor/2a03e421-a59d-11ed-856d-1200e2463755/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=cdf02870-e7c3-11ec-be3c-128084d1ce51 HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Sun, 05 Feb 2023 21:36:35 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: NIfLaoPu
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash dedf9c519ac38c4bece9c5bc895787d7
4911175c3f8a435978c5301c33c7a99a5e00a1d5
bddd7e3a4939f863642a7c5348c1c8b9bc569b35c10a27f4cf5ec71f7e6b9698
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "BDDD7E3A4939F863642A7C5348C1C8B9BC569B35C10A27F4CF5EC71F7E6B9698"
Last-Modified: Fri, 03 Feb 2023 20:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5706
Expires: Sun, 05 Feb 2023 23:11:41 GMT
Date: Sun, 05 Feb 2023 21:36:35 GMT
Connection: keep-alive
orest-vlv.com/zcredirect?visitid=2a03e421-a59d-11ed-856d-1200e2463755&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
52.7.54.238200 812 B URL HTTP/1.1 orest-vlv.com/zcredirect?visitid=2a03e421-a59d-11ed-856d-1200e2463755&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP 52.7.54.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (363)
Hash b6f603a062aa06429c1fe9b4efbe5e08
8c319e80f1e15c879c5c6374a3e5d34a400c0cb4
439e5ccd69b27b1ce619eac0cf8be0b54ef7238e4abfac5d018f54c67e450070
GET /zcredirect?visitid=2a03e421-a59d-11ed-856d-1200e2463755&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/zcvisitor/2a03e421-a59d-11ed-856d-1200e2463755/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=cdf02870-e7c3-11ec-be3c-128084d1ce51
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Sun, 05 Feb 2023 21:36:35 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: wjnmzNbV
push.services.mozilla.com/
52.43.61.251101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.43.61.251:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: dshFuRgJrxQ9QIf7uezH9Q==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: DuatwipTRCaRTs6+c36g2gQaXgc=
orest-vlv.com/favicon.ico
52.7.54.238404 653 B URL HTTP/1.1 orest-vlv.com/favicon.ico
IP 52.7.54.238:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: orest-vlv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://orest-vlv.com/zcredirect?visitid=2a03e421-a59d-11ed-856d-1200e2463755&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
HTTP/1.1 404
Date: Sun, 05 Feb 2023 21:36:36 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: KWrYbzvS
ocsp.digicert.com/
93.184.220.29200 OK 727 B IP 93.184.220.29:0
Hash c5404a55b8dba827cd4bcd476d4242cb
d2be387e74b2e04d5d0f1adbd22f43a8338edb9e
0fee33cb5b8784bd4b22136efbc0e7bb49cd8fb03f5f94e5a6cc53f07d0e524e
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Cache-Control: 'max-age=158059'
Content-Type: application/ocsp-response
Date: Sun, 05 Feb 2023 21:36:36 GMT
Etag: "63de52ce-2d7"
Server: ECS (amb/6BA1)
Content-Length: 727
www.travelnags.com/6HgC/?s2=4n%2BQM%2F9ArPbJvgw6%2FODk8q3gM6RZEBtYy%2BnDMECRL7EgdjHnkN5zQ4ew3f%2F8fKzAWwNFLAAS131CBkoxu52vfWVQtxMVCjZ2UvJne0N22v8RGPu3Ojduo%2BQtprZu8jLXN4ncnlcFSLfuNG3WBSTYzr7J8lon2%2BTz%2B3RF2tQSVDGY3BAztuAsGJEhHuMEiJIMaHJQK4wqEA6kbvmuNJ5Nqi7Hx791DAcMJF1vhJ2D&v=9435302761.197434fb.2a8a0411
34.198.70.196302 Found 0 B URL HTTP/2 www.travelnags.com/6HgC/?s2=4n%2BQM%2F9ArPbJvgw6%2FODk8q3gM6RZEBtYy%2BnDMECRL7EgdjHnkN5zQ4ew3f%2F8fKzAWwNFLAAS131CBkoxu52vfWVQtxMVCjZ2UvJne0N22v8RGPu3Ojduo%2BQtprZu8jLXN4ncnlcFSLfuNG3WBSTYzr7J8lon2%2BTz%2B3RF2tQSVDGY3BAztuAsGJEhHuMEiJIMaHJQK4wqEA6kbvmuNJ5Nqi7Hx791DAcMJF1vhJ2D&v=9435302761.197434fb.2a8a0411
IP 34.198.70.196:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /6HgC/?s2=4n%2BQM%2F9ArPbJvgw6%2FODk8q3gM6RZEBtYy%2BnDMECRL7EgdjHnkN5zQ4ew3f%2F8fKzAWwNFLAAS131CBkoxu52vfWVQtxMVCjZ2UvJne0N22v8RGPu3Ojduo%2BQtprZu8jLXN4ncnlcFSLfuNG3WBSTYzr7J8lon2%2BTz%2B3RF2tQSVDGY3BAztuAsGJEhHuMEiJIMaHJQK4wqEA6kbvmuNJ5Nqi7Hx791DAcMJF1vhJ2D&v=9435302761.197434fb.2a8a0411 HTTP/1.1
Host: www.travelnags.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://orest-vlv.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.22.0
date: Sun, 05 Feb 2023 21:36:36 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: http://www.travelnags.com/6HgC/ODS2rhdudw?i7c=jIy63iXGNcpPrSHEtLSGCrkidAtt7EaxptxOx4umySs%2FJn4stN%2B5uJFqJaYYAqmOgcTsq3MMtMsfazCIx73Qf55IDo3sOB8OPaOhmEJ1jxScyTZ4rQiNRKbaJvp6yfrVq2eSNaiFc8ScpnDVwH2SxIdUKckwK3KyLUSjAxy9urvYfW7Z4Tivy%2F4mDrygp2AGbx%2BYSIiPB3a2T2x1rzVnmJaA&ps=5a9ae6a565d2bda5e9d6607da3f2bfed
access-control-allow-origin: *
referrer-policy: no-referrer
via: 1.1 google
X-Firefox-Spdy: h2
www.travelnags.com/6HgC/ODS2rhdudw?i7c=jIy63iXGNcpPrSHEtLSGCrkidAtt7EaxptxOx4umySs%2FJn4stN%2B5uJFqJaYYAqmOgcTsq3MMtMsfazCIx73Qf55IDo3sOB8OPaOhmEJ1jxScyTZ4rQiNRKbaJvp6yfrVq2eSNaiFc8ScpnDVwH2SxIdUKckwK3KyLUSjAxy9urvYfW7Z4Tivy%2F4mDrygp2AGbx%2BYSIiPB3a2T2x1rzVnmJaA&ps=5a9ae6a565d2bda5e9d6607da3f2bfed
34.198.70.196200 OK 640 B URL HTTP/1.1 www.travelnags.com/6HgC/ODS2rhdudw?i7c=jIy63iXGNcpPrSHEtLSGCrkidAtt7EaxptxOx4umySs%2FJn4stN%2B5uJFqJaYYAqmOgcTsq3MMtMsfazCIx73Qf55IDo3sOB8OPaOhmEJ1jxScyTZ4rQiNRKbaJvp6yfrVq2eSNaiFc8ScpnDVwH2SxIdUKckwK3KyLUSjAxy9urvYfW7Z4Tivy%2F4mDrygp2AGbx%2BYSIiPB3a2T2x1rzVnmJaA&ps=5a9ae6a565d2bda5e9d6607da3f2bfed
IP 34.198.70.196:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash 2d9e36f399186249beba1512cd5fb283
b5d7d75b956c1f706d7674971199b5315f81d84b
210995b622cc63f27ab06bbfca6d4466db3f44c2d857fba7573da09bf91c3172
GET /6HgC/ODS2rhdudw?i7c=jIy63iXGNcpPrSHEtLSGCrkidAtt7EaxptxOx4umySs%2FJn4stN%2B5uJFqJaYYAqmOgcTsq3MMtMsfazCIx73Qf55IDo3sOB8OPaOhmEJ1jxScyTZ4rQiNRKbaJvp6yfrVq2eSNaiFc8ScpnDVwH2SxIdUKckwK3KyLUSjAxy9urvYfW7Z4Tivy%2F4mDrygp2AGbx%2BYSIiPB3a2T2x1rzVnmJaA&ps=5a9ae6a565d2bda5e9d6607da3f2bfed HTTP/1.1
Host: www.travelnags.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 05 Feb 2023 21:36:37 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 640
Connection: keep-alive
access-control-allow-origin: *
access-control-expose-headers: X-BurstFire-ReqID, X-BurstFire-ClientID, X-BurstFire-Version, Server
x-burstfire-reqid: dab79d2e-816b-49eb-b03d-4cec61f184ec
x-burstfire-clientid: 1de446fb-6228-799e-cbfd-7b0e95a8fa45
x-burstfire-version: Generic
via: 1.1 google
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6426
Expires: Sun, 05 Feb 2023 23:23:43 GMT
Date: Sun, 05 Feb 2023 21:36:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6426
Expires: Sun, 05 Feb 2023 23:23:43 GMT
Date: Sun, 05 Feb 2023 21:36:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6426
Expires: Sun, 05 Feb 2023 23:23:43 GMT
Date: Sun, 05 Feb 2023 21:36:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6426
Expires: Sun, 05 Feb 2023 23:23:43 GMT
Date: Sun, 05 Feb 2023 21:36:37 GMT
Connection: keep-alive
r3.o.lencr.org/
23.36.77.32200 OK 503 B IP 23.36.77.32:0
ASN #20940 Akamai International B.V.
Hash 1b25bf82638deaab60981e1315ee0849
e3bd912fd1a890e64ee6746a78a674db7ff77039
a99b0dfa9ca7176b21cc2d65963a1b6eb6d534b3767d02ef06cc207a63331ebf
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A99B0DFA9CA7176B21CC2D65963A1B6EB6D534B3767D02EF06CC207A63331EBF"
Last-Modified: Sat, 04 Feb 2023 05:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6426
Expires: Sun, 05 Feb 2023 23:23:43 GMT
Date: Sun, 05 Feb 2023 21:36:37 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
34.120.237.76200 OK 13 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 8e0be7db14d930d6227443314bcd1747
4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d
baedfbdb08a67f9ff4c698f7e65b08d7e4c5078d0a4233e6bff529b44812735a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fc6718344-fcb4-4366-9239-8921034a7114.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12967
x-amzn-requestid: 013fa296-a431-410b-b3fb-7417b3e877eb
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fpIQAFCMIAMF0Sw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d9ed99-2e1daa8b75977de07c48b8fc;Sampled=0
x-amzn-remapped-date: Wed, 01 Feb 2023 04:42:01 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: UzQGDCYe_8AuYYLaLSAWzHQhwJMpzpXWbjE5AwukevW6G6SLDxDjmA==
via: 1.1 41e349e25dc4bc856d0e5d2c162428a0.cloudfront.net (CloudFront), 1.1 5565a51537c689d1d16f6b4d41f40082.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 03:42:59 GMT
age: 64418
etag: "4e42e2ad289dfe5bd9a55d34fd768f7532bdf71d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 062e186a259eda97173695240a492c63
9b476a4ec219667f560b88199a3a4e4b0a93b579
d18570d3c4ada689b5c2a99b0783ce41c629bd125e6683cf225e01b7032f14a4
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F9070541c-6707-464e-b141-b6c767d8a58a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12256
x-amzn-requestid: 1b959eb9-cf69-414c-b57b-4a63277d709c
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fvgx-EhgoAMF2wA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dc7b3f-2c58e8ac2aee8a8f409a93a0;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 03:10:55 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Mujn0m9G4SIcD-5qZiD5kaYHg8x3rDtx-jYus-hrWFx_UjWEMNM_Tw==
via: 1.1 d83ae0e1ba84e92e58bc1efc23a0c652.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 04:43:25 GMT
age: 60792
etag: "9b476a4ec219667f560b88199a3a4e4b0a93b579"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
34.120.237.76200 OK 5.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5b6c30ad03669b66bf2f63b3edd69882
e630bd132b52b965a5ade646ea8a165d1abf6d7b
f8233d879ec17fd91909655ff8881f2ebfad84272fde3ed5e5be37580378a989
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F37422a56-a7de-4ab8-ac8a-650de9dae97c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5014
x-amzn-requestid: a434aae4-fe4b-4fc7-9b7e-eeb552484e8a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fi3bIE0aoAMF6YQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63d76c47-5556d14757190c842bbc6b06;Sampled=0
x-amzn-remapped-date: Mon, 30 Jan 2023 07:05:43 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: k6YqagXr3Wr-u1uDKojEnIGW0CxU5yvWPtlzNpzoIvmg9F-rJb9uFQ==
via: 1.1 a4fe306096165bb1e86e69365dc8fac2.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sun, 05 Feb 2023 11:24:01 GMT
age: 36756
etag: "e630bd132b52b965a5ade646ea8a165d1abf6d7b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg
34.120.237.76200 OK 7.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash b1092c4dd4d9ca4d09462ae46e1dd7c1
17444ff60be1afbc40d3653fa936f9eaf9478068
ea8362c7249080b34288ee675f70333607fc3be37e716fdcf63e4901849def9f
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F030e2301-116b-4cdd-ae90-c5bbc86e9669.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7288
x-amzn-requestid: 1aa297f5-2f9a-45be-b823-1eb4d5887769
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WrwH-iIAMFyhQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded17e-2b630b4a302b8ae118883b71;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:43:26 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: z2oKgp1keqEkvN6jjsUepMbrxD4JCXKAOHrMNJHcuXN0CpulUh5GLA==
via: 1.1 28a7186077f9b5270d98dd053f31303e.cloudfront.net (CloudFront), 1.1 1a53057db389e96b4ef1bfbc925dde1c.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:43:26 GMT
etag: "17444ff60be1afbc40d3653fa936f9eaf9478068"
content-type: image/jpeg
age: 85991
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
34.120.237.76200 OK 8.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 6661b7263315f5eb3cd2465f671e1fcd
b7b5831c6b3ccc41d7a980b6088adc10ff8785f1
eb25507950d81db4b54a1af7fadaceee1bcff780eb28b6a04dbfb3886785f5b7
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3a6c7026-85a2-4419-bd6b-ba1bac463dda.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8527
x-amzn-requestid: 6a8c6487-6069-47d1-afa1-648626f85439
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: fyDqqGg5oAMFV-A=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63dd7fdd-0a772cde1e6fba6d7da97435;Sampled=0
x-amzn-remapped-date: Fri, 03 Feb 2023 21:42:53 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: CHWhIpyzhoPtMUplzh1430Q9FfCM1wkTc_hQsgQk6InM9tYBPGYnNg==
via: 1.1 e5af640ced3aa8764b82c4bc3f7af38e.cloudfront.net (CloudFront), 1.1 2bedbeaa49b4a77447d30097858cb81a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 22:05:45 GMT
age: 84652
etag: "b7b5831c6b3ccc41d7a980b6088adc10ff8785f1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
34.120.237.76200 OK 3.5 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash d7a466d89c75ff3459b7328591db52cf
c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb
e73243be3d01d12a224c4e9826c4f52610cf7722eee69f62755278d7550705f1
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe8a9d301-2b38-4046-91c2-941ed351597a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 3474
x-amzn-requestid: 5846c080-9f25-4590-863c-8af2126cdbe1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: f1WXEEbnoAMFRdg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-63ded0f9-1bd490125feadc14366e7ca0;Sampled=0
x-amzn-remapped-date: Sat, 04 Feb 2023 21:41:13 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: d8aQmkW-aqLFpb79RynlJG2vY1GTDbjLNY0Qukgg_WIjdI6cmbVKFw==
via: 1.1 5ab5dc09da67e3ea794ec8a82992cc88.cloudfront.net (CloudFront), 1.1 476c2ba6d9f6cd69dbcedbd65688cbc0.cloudfront.net (CloudFront), 1.1 google
date: Sat, 04 Feb 2023 21:51:26 GMT
age: 85511
etag: "c3f29f9c2fbdc1fa2aef7a9e79ca796b28394afb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.travelnags.com/6HgC/hUOypy_q3B
34.198.70.196302 Found 0 B URL HTTP/1.1 www.travelnags.com/6HgC/hUOypy_q3B
IP 34.198.70.196:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /6HgC/hUOypy_q3B HTTP/1.1
Host: www.travelnags.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 166
Origin: http://www.travelnags.com
Connection: keep-alive
Referer: http://www.travelnags.com/6HgC/ODS2rhdudw?i7c=jIy63iXGNcpPrSHEtLSGCrkidAtt7EaxptxOx4umySs%2FJn4stN%2B5uJFqJaYYAqmOgcTsq3MMtMsfazCIx73Qf55IDo3sOB8OPaOhmEJ1jxScyTZ4rQiNRKbaJvp6yfrVq2eSNaiFc8ScpnDVwH2SxIdUKckwK3KyLUSjAxy9urvYfW7Z4Tivy%2F4mDrygp2AGbx%2BYSIiPB3a2T2x1rzVnmJaA&ps=5a9ae6a565d2bda5e9d6607da3f2bfed
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Sun, 05 Feb 2023 21:36:37 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Connection: keep-alive
access-control-allow-origin: *
access-control-expose-headers: X-BurstFire-ReqID, X-BurstFire-ClientID, X-BurstFire-Version, Server
x-burstfire-reqid: ef33ce13-249a-4355-8d98-e5b7c42b9922
x-burstfire-clientid: 1de446fb-6228-799e-cbfd-7b0e95a8fa45
x-burstfire-version: Generic
location: https://www.agoda.com/partners/partnersearch.aspx?pcs=1&cid=1912728
via: 1.1 google
www.travelnags.com/favicon.ico
34.198.70.196200 OK 15 kB URL HTTP/1.1 www.travelnags.com/favicon.ico
IP 34.198.70.196:0
File type MS Windows icon resource - 3 icons, 16x16, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Hash b5067d86607b889da0332176893fa5d9
74d6a3cdcfa1aabe5a515595c74e5e5fc30eab20
448cafc996fc30c29704ef0c2aad8d695858b09b9bc7c8135c61eeb14076d2dd
GET /favicon.ico HTTP/1.1
Host: www.travelnags.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.travelnags.com/6HgC/ODS2rhdudw?i7c=jIy63iXGNcpPrSHEtLSGCrkidAtt7EaxptxOx4umySs%2FJn4stN%2B5uJFqJaYYAqmOgcTsq3MMtMsfazCIx73Qf55IDo3sOB8OPaOhmEJ1jxScyTZ4rQiNRKbaJvp6yfrVq2eSNaiFc8ScpnDVwH2SxIdUKckwK3KyLUSjAxy9urvYfW7Z4Tivy%2F4mDrygp2AGbx%2BYSIiPB3a2T2x1rzVnmJaA&ps=5a9ae6a565d2bda5e9d6607da3f2bfed
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sun, 05 Feb 2023 21:36:37 GMT
Content-Type: image/x-icon
Content-Length: 15406
Last-Modified: Thu, 08 Sep 2022 14:45:16 GMT
Connection: keep-alive
ETag: "6319fffc-3c2e"
Accept-Ranges: bytes
www.agoda.com/partners/partnersearch.aspx?pcs=1&cid=1912728
104.110.12.18302 Found 166 B URL HTTP/2 www.agoda.com/partners/partnersearch.aspx?pcs=1&cid=1912728
IP 104.110.12.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 75176d66939940b8862704176cc4d412
0046609723b0d96f321f39d0e111ddedbb577c24
54361c1f7d22736f515c97f983c0031394c00f4c08166d91a78ae09f9d7ecea6
GET /partners/partnersearch.aspx?pcs=1&cid=1912728 HTTP/1.1
Host: www.agoda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.travelnags.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
content-type: text/html; charset=utf-8
content-length: 166
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST
access-control-expose-headers: ag-correlation-id
cache-control: private
location: https://www.agoda.com/deals?pcs=1&cid=1912728
request-context: appId=
ag-correlation-id: dbefe756-c409-41ed-a2ef-fc8d3649a8c2
x-recruiting: Like HTTP headers? Come write ours: https://careersatagoda.com/job/3931446-senior-software-engineer-full-stack-bangkok-based-relocation-provided/?gh_src=b096bae01us
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
ag-dc: am
ag_server_time: 19
ag_execution_time: 20.5071
ag_send_time: 0
x-ua-compatible: IE=edge
vary: User-Agent, Accept-Encoding
date: Sun, 05 Feb 2023 21:36:37 GMT
set-cookie: agoda.analytics=Id=4790129188979313459&Signature=-4774124483181175899&Expiry=1675636597822; domain=.agoda.com; expires=Sun, 05-Feb-2023 22:36:37 GMT; path=/; secure
agoda.vuser=UserId=238be1a8-001d-4c1e-a982-dda6e57872d2; domain=.agoda.com; expires=Mon, 05-Feb-2024 21:36:37 GMT; path=/; secure
agoda.user.03=UserId=0117face-774a-4c8b-8599-ab35f8711f89; domain=.agoda.com; expires=Mon, 05-Feb-2024 21:36:37 GMT; path=/; secure
UserSession=0117face-774a-4c8b-8599-ab35f8711f89; domain=.agoda.com; path=/; secure
agoda.version.03=CookieId=979813be-be82-415e-a37e-5ff265377053&AllocId=96917d1b98865c1749467ff951f67702c24b1cb0484b5c6bd9c51b2fb4be894fbbfffd61c84368b8e2d17f39eb45364cb3bb7e9f6b73a76e3ebe6f44b19f9c1c1c0343592924cd2ef94a0b56ee32f058151a5db19a979813bebe8215e37e5ff265377053&DLang=en-us&CurLabel=NOK&DPN=1&Alloc=&FEBuildVersion=&TItems=2$1912728$02-06-2023 04:36$02-07-2023 04:36$; domain=agoda.com; expires=Mon, 05-Feb-2024 21:36:37 GMT; path=/; secure
ASP.NET_SessionId=qq1k422xdyxa5zotmtx404wh; path=/; secure; HttpOnly; SameSite=Lax
agoda.attr.03=CookieId=dbff39b8-48a4-4bcb-85f5-43961eb3a00e&ATItems=1912728$02-06-2023 04:36$; domain=agoda.com; expires=Mon, 05-Feb-2024 21:36:37 GMT; path=/; secure
agoda.firstclicks=1912728||||2023-02-06T04:36:37||qq1k422xdyxa5zotmtx404wh||{"IsPaid":true,"gclid":"","Type":""}; domain=.agoda.com; expires=Mon, 05-Feb-2024 21:36:37 GMT; path=/; secure; HttpOnly
agoda.lastclicks=1912728||||2023-02-06T04:36:37||qq1k422xdyxa5zotmtx404wh||{"IsPaid":true,"gclid":"","Type":""}; domain=.agoda.com; expires=Mon, 05-Feb-2024 21:36:37 GMT; path=/; secure; HttpOnly
agoda.landings=1912728|||qq1k422xdyxa5zotmtx404wh|2023-02-06T04:36:37|True|19----1912728|||qq1k422xdyxa5zotmtx404wh|2023-02-06T04:36:37|True|20----1912728|||qq1k422xdyxa5zotmtx404wh|2023-02-06T04:36:37|True|99; domain=.agoda.com; expires=Mon, 05-Feb-2024 21:36:37 GMT; path=/; secure; HttpOnly
session_cache={"Cache":"amdata1","Time":"638112297978395991","SessionID":"qq1k422xdyxa5zotmtx404wh","CheckID":"e7e9a423669f2198c2f930ff6b3f9c0419f1b7b7","CType":"N"}; domain=.agoda.com; path=/; secure
agoda.prius=PriusID=0&PointsMaxTraffic=Agoda; domain=.agoda.com; path=/; expires=Mon, 05-Feb-2024 21:36:37 GMT
X-Firefox-Spdy: h2
www.agoda.com/deals?pcs=1&cid=1912728
104.110.12.18200 OK 26 kB URL HTTP/2 www.agoda.com/deals?pcs=1&cid=1912728
IP 104.110.12.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (28837), with CRLF, LF line terminators
Hash 7dbd0d6a70c80f02c5459b3fa606e76c
9f2443375ec786f57bf135d19fd4b6821a9de320
7ef333464a26b93cabb07e26c32eea337aaf25e41ceae181e97379f30a1c6210
GET /deals?pcs=1&cid=1912728 HTTP/1.1
Host: www.agoda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.travelnags.com/
Connection: keep-alive
Cookie: agoda.analytics=Id=4790129188979313459&Signature=-4774124483181175899&Expiry=1675636597822; agoda.vuser=UserId=238be1a8-001d-4c1e-a982-dda6e57872d2; agoda.user.03=UserId=0117face-774a-4c8b-8599-ab35f8711f89; UserSession=0117face-774a-4c8b-8599-ab35f8711f89; agoda.version.03=CookieId=979813be-be82-415e-a37e-5ff265377053&AllocId=96917d1b98865c1749467ff951f67702c24b1cb0484b5c6bd9c51b2fb4be894fbbfffd61c84368b8e2d17f39eb45364cb3bb7e9f6b73a76e3ebe6f44b19f9c1c1c0343592924cd2ef94a0b56ee32f058151a5db19a979813bebe8215e37e5ff265377053&DLang=en-us&CurLabel=NOK&DPN=1&Alloc=&FEBuildVersion=&TItems=2$1912728$02-06-2023 04:36$02-07-2023 04:36$; ASP.NET_SessionId=qq1k422xdyxa5zotmtx404wh; agoda.attr.03=CookieId=dbff39b8-48a4-4bcb-85f5-43961eb3a00e&ATItems=1912728$02-06-2023 04:36$; agoda.firstclicks=1912728||||2023-02-06T04:36:37||qq1k422xdyxa5zotmtx404wh||{"IsPaid":true,"gclid":"","Type":""}; agoda.lastclicks=1912728||||2023-02-06T04:36:37||qq1k422xdyxa5zotmtx404wh||{"IsPaid":true,"gclid":"","Type":""}; agoda.landings=1912728|||qq1k422xdyxa5zotmtx404wh|2023-02-06T04:36:37|True|19----1912728|||qq1k422xdyxa5zotmtx404wh|2023-02-06T04:36:37|True|20----1912728|||qq1k422xdyxa5zotmtx404wh|2023-02-06T04:36:37|True|99; session_cache={"Cache":"amdata1","Time":"638112297978395991","SessionID":"qq1k422xdyxa5zotmtx404wh","CheckID":"e7e9a423669f2198c2f930ff6b3f9c0419f1b7b7","CType":"N"}; agoda.prius=PriusID=0&PointsMaxTraffic=Agoda
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html; charset=utf-8
vary: User-Agent, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST
access-control-expose-headers: ag-correlation-id
cache-control: no-store, no-cache
pragma: no-cache
request-context: appId=
ag-correlation-id: c99d6711-86b6-4265-86b8-d7f5bd7bb503
x-recruiting: Like HTTP headers? Come write ours: https://careersatagoda.com/job/3931446-senior-software-engineer-full-stack-bangkok-based-relocation-provided/?gh_src=b096bae01us
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
ag-dc: am
x-ua-compatible: IE=edge
x-frame-options: SAMEORIGIN
content-encoding: gzip
date: Sun, 05 Feb 2023 21:36:37 GMT
content-length: 26017
set-cookie: agoda.attr.03=; path=/; expires=Sat, 04-Feb-2023 21:36:37 GMT; secure; HttpOnly
agoda.firstclicks=; path=/; expires=Sat, 04-Feb-2023 21:36:37 GMT; secure; HttpOnly
agoda.lastclicks=; path=/; expires=Sat, 04-Feb-2023 21:36:37 GMT; secure; HttpOnly
agoda.landings=; path=/; expires=Sat, 04-Feb-2023 21:36:37 GMT; secure; HttpOnly
agoda.version.03=; path=/; expires=Sat, 04-Feb-2023 21:36:37 GMT; secure
agoda.user.03=; path=/; expires=Sat, 04-Feb-2023 21:36:37 GMT; secure
agoda.l2=; domain=www.agoda.com; path=/; expires=Sat, 04-Feb-2023 21:36:37 GMT; secure; HttpOnly
agoda.user.03=UserId=0117face-774a-4c8b-8599-ab35f8711f89; domain=.agoda.com; path=/; expires=Tue, 06-Feb-2024 00:00:00 GMT; secure
agoda.version.03=CookieId=979813be-be82-415e-a37e-5ff265377053&AllocId=96917d1b98865c1749467ff951f67702c24b1cb0484b5c6bd9c51b2fb4be894fbbfffd61c84368b8e2d17f39eb45364cb3bb7e9f6b73a76e3ebe6f44b19f9c1c1c0343592924cd2ef94a0b56ee32f058151a5db19a979813bebe8215e37e5ff265377053&DLang=en-us&CurLabel=NOK&DPN=1&Alloc=&FEBuildVersion=&TItems=2$1912728$02-06-2023 04:36$02-07-2023 04:36$; domain=.agoda.com; path=/; expires=Tue, 06-Feb-2024 00:00:00 GMT; secure
agoda.attr.03=ATItems=1912728$02-06-2023 04:36$; domain=.agoda.com; path=/; expires=Tue, 06-Feb-2024 00:00:00 GMT; secure; HttpOnly
agoda.firstclicks=1912728||||2023-02-06T04:36:37||qq1k422xdyxa5zotmtx404wh||{"IsPaid":true,"gclid":"","Type":""}; domain=.agoda.com; path=/; expires=Tue, 06-Feb-2024 00:00:00 GMT; secure; HttpOnly
agoda.lastclicks=1912728||||2023-02-06T04:36:37||qq1k422xdyxa5zotmtx404wh||{"IsPaid":true,"gclid":"","Type":""}; domain=.agoda.com; path=/; expires=Tue, 06-Feb-2024 00:00:00 GMT; secure; HttpOnly
agoda.landings=1912728|||qq1k422xdyxa5zotmtx404wh|2023-02-06T04:36:37|True|19----1912728|||qq1k422xdyxa5zotmtx404wh|2023-02-06T04:36:37|True|20----1912728|||qq1k422xdyxa5zotmtx404wh|2023-02-06T04:36:37|True|99; domain=.agoda.com; path=/; expires=Tue, 06-Feb-2024 00:00:00 GMT; secure; HttpOnly
xsrf_token=CfDJ8Dkuqwv-0VhLoFfD8dw7lYyBCUwiJHYH3XmF7Zz0d5rB5qnxOxTjMlDRyemQAG1ZSPbQYRQTCSYgMp9iLTITagrk7w22dQfl5zThEwrvppwZs5VnivtHKjad2mIaGCK6rGlKK0wW61jxI8tUJTNvozQ; path=/; samesite=strict; httponly
agoda.analytics=Id=4790129188979313459&Signature=-4774124483181175899&Expiry=1675636597822; domain=.agoda.com; path=/; expires=Sun, 05-Feb-2023 22:36:37 GMT; secure
X-Firefox-Spdy: h2
cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/deals-38b8cde21aab.js
184.24.44.239200 OK 534 kB URL HTTP/2 cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/deals-38b8cde21aab.js
IP 184.24.44.239:0
File type ASCII text, with very long lines (49166)
Size 534 kB (534503 bytes)
Hash ff9c822846a8396e752088f9a012626d
e21000f851981331f14d3ae3e3b729aa568cfdfd
19a201f7a3aa9fb7aba61bb72600992b78b0ddf4dcb8d0859713f32aae93c083
GET /cdn-marketing_cronos/js/assets/cronos/deals-38b8cde21aab.js HTTP/1.1
Host: cdn6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
access-control-allow-origin: *
content-encoding: br
etag: W/"8ec5267d01b1168038b0bc07909398d7"
last-modified: Fri, 27 Jan 2023 06:26:07 GMT
server: Akamai Resource Optimizer
timing-allow-origin: *
x-cache-status: MISS
x-dc: SIN
x-amz-request-id: tx000000000000001077c41-0063d36d52-69470f99-sin
x-rgw-object-type: Normal
content-length: 534503
cache-control: max-age=1759488
expires: Sun, 26 Feb 2023 06:21:26 GMT
date: Sun, 05 Feb 2023 21:36:38 GMT
X-Firefox-Spdy: h2
cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/deals-bbfe1bade9bb.css
184.24.44.239200 OK 75 kB URL HTTP/2 cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/deals-bbfe1bade9bb.css
IP 184.24.44.239:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 6b13dd2f37cdb244e71e64848825fae3
948e407c2efc0f8a45ddb3e127303c5cfc3fe91d
e826cd6a80d0782e570aedd1e895c70dd4fad1c29ed5f0ce9425cdcf01e8d4bc
GET /cdn-marketing_cronos/js/assets/cronos/deals-bbfe1bade9bb.css HTTP/1.1
Host: cdn6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
access-control-allow-origin: *
content-encoding: br
etag: W/"4100d6fb957339f73d261c2c02dfc4a1"
last-modified: Fri, 27 Jan 2023 06:32:09 GMT
server: Akamai Resource Optimizer
timing-allow-origin: *
x-cache-status: MISS
x-dc: HKG
x-amz-request-id: tx000000000000003483fc0-0063d36d59-5e652b28-hkg
x-rgw-object-type: Normal
content-length: 75249
cache-control: max-age=1759581
expires: Sun, 26 Feb 2023 06:22:59 GMT
date: Sun, 05 Feb 2023 21:36:38 GMT
X-Firefox-Spdy: h2
www.agoda.com/js/assets/cronos/Assets/mcjs-worker.js
104.110.12.18200 OK 22 kB URL HTTP/2 www.agoda.com/js/assets/cronos/Assets/mcjs-worker.js
IP 104.110.12.18:0
File type ASCII text, with very long lines (63261)
Hash 6a4c3e7eedd162891ebd93ca2060ef12
e451cec2e9c6a37885e33e53dd5dc362acc79bee
6ff0148890af802e88d2a59b4abe48c2fc1e96e7b2d05508911756617334cbf2
GET /js/assets/cronos/Assets/mcjs-worker.js HTTP/1.1
Host: www.agoda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: agoda.analytics=Id=4790129188979313459&Signature=-4774124483181175899&Expiry=1675636597822; agoda.vuser=UserId=238be1a8-001d-4c1e-a982-dda6e57872d2; agoda.user.03=UserId=0117face-774a-4c8b-8599-ab35f8711f89; UserSession=0117face-774a-4c8b-8599-ab35f8711f89; agoda.version.03=CookieId=979813be-be82-415e-a37e-5ff265377053&AllocId=96917d1b98865c1749467ff951f67702c24b1cb0484b5c6bd9c51b2fb4be894fbbfffd61c84368b8e2d17f39eb45364cb3bb7e9f6b73a76e3ebe6f44b19f9c1c1c0343592924cd2ef94a0b56ee32f058151a5db19a979813bebe8215e37e5ff265377053&DLang=en-us&CurLabel=NOK&DPN=1&Alloc=&FEBuildVersion=&TItems=2$1912728$02-06-2023 04:36$02-07-2023 04:36$; ASP.NET_SessionId=qq1k422xdyxa5zotmtx404wh; agoda.attr.03=ATItems=1912728$02-06-2023 04:36$; agoda.firstclicks=1912728||||2023-02-06T04:36:37||qq1k422xdyxa5zotmtx404wh||{"IsPaid":true,"gclid":"","Type":""}; agoda.lastclicks=1912728||||2023-02-06T04:36:37||qq1k422xdyxa5zotmtx404wh||{"IsPaid":true,"gclid":"","Type":""}; agoda.landings=1912728|||qq1k422xdyxa5zotmtx404wh|2023-02-06T04:36:37|True|19----1912728|||qq1k422xdyxa5zotmtx404wh|2023-02-06T04:36:37|True|20----1912728|||qq1k422xdyxa5zotmtx404wh|2023-02-06T04:36:37|True|99; session_cache={"Cache":"amdata1","Time":"638112297978395991","SessionID":"qq1k422xdyxa5zotmtx404wh","CheckID":"e7e9a423669f2198c2f930ff6b3f9c0419f1b7b7","CType":"N"}; agoda.prius=PriusID=0&PointsMaxTraffic=Agoda; xsrf_token=CfDJ8Dkuqwv-0VhLoFfD8dw7lYyBCUwiJHYH3XmF7Zz0d5rB5qnxOxTjMlDRyemQAG1ZSPbQYRQTCSYgMp9iLTITagrk7w22dQfl5zThEwrvppwZs5VnivtHKjad2mIaGCK6rGlKK0wW61jxI8tUJTNvozQ; tealiumEnable=false
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST
content-encoding: gzip
etag: "1d937a036eceb5d"
last-modified: Fri, 03 Feb 2023 07:22:04 GMT
vary: User-Agent, Accept-Encoding
request-context: appId=
ag-correlation-id: b4a88cbc-edf0-49a1-b7ba-f8ceb40b5ae2
x-ua-compatible: IE=edge
ag-downstream-handler: none.none
date: Sun, 05 Feb 2023 21:36:38 GMT
content-length: 22351
X-Firefox-Spdy: h2
cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/theme-agoda-08dfcba8fe04.js
184.24.44.239200 OK 87 B URL HTTP/2 cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/theme-agoda-08dfcba8fe04.js
IP 184.24.44.239:0
File type ASCII text, with no line terminators
Hash b7f1d46e751d524c3a957a9ad0a23da9
c3a77e543e69a541367eba457d2e21f010f92811
87b507ef8d58ca38903cec3db26e9e4c1b0b38feeff1cdf0e1f53109f023604e
GET /cdn-marketing_cronos/js/assets/cronos/theme-agoda-08dfcba8fe04.js HTTP/1.1
Host: cdn6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
access-control-allow-origin: *
content-encoding: br
etag: W/"25f38cbdcb60c38a5602a0b6918c4dd1"
last-modified: Sun, 15 Jan 2023 06:03:40 GMT
server: Akamai Resource Optimizer
timing-allow-origin: *
x-cache-status: HIT
x-dc: ASH
x-amz-request-id: tx0000000000000002b6c61-0063c35d5a-6ad8a4f2-ash
x-rgw-object-type: Normal
content-length: 87
cache-control: max-age=721581
expires: Tue, 14 Feb 2023 06:02:59 GMT
date: Sun, 05 Feb 2023 21:36:38 GMT
X-Firefox-Spdy: h2
cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/theme-agoda-88b2fd214ed0.css
184.24.44.239200 OK 27 kB URL HTTP/2 cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/theme-agoda-88b2fd214ed0.css
IP 184.24.44.239:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash d481865f65d4d12b9d98638f3d3d45a2
8edf6cb8c3d5036cad60758ff0c2a778cf3914ad
39ed6b150ee0b27158f4890b6a2f412d22466a6b40d2d721df857f71865727d9
GET /cdn-marketing_cronos/js/assets/cronos/theme-agoda-88b2fd214ed0.css HTTP/1.1
Host: cdn6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
access-control-allow-origin: *
content-encoding: br
etag: W/"07841191c8855c9ac36c2f7cfa43e0aa"
last-modified: Sun, 05 Feb 2023 03:36:53 GMT
server: Akamai Resource Optimizer
timing-allow-origin: *
x-cache-status: MISS
x-dc: HKG
x-amz-request-id: tx000000000000000613f8f-0063df2453-60bd5553-hkg
x-rgw-object-type: Normal
content-length: 27116
cache-control: max-age=2527035
expires: Tue, 07 Mar 2023 03:33:53 GMT
date: Sun, 05 Feb 2023 21:36:38 GMT
X-Firefox-Spdy: h2
cdn6.agoda.net/images/kite-js/logo/agoda/color-default.svg
184.24.44.239200 OK 1.8 kB URL HTTP/2 cdn6.agoda.net/images/kite-js/logo/agoda/color-default.svg
IP 184.24.44.239:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3926)
Hash b9f679811668abc98dba107e4db54deb
23dfd4e5dbcfa48c724a24af653e77246b442a83
e1b65808ea99d303fd2f77e91deb3287b1bca87a74a3f41a6e9aa59eecf8c9fe
GET /images/kite-js/logo/agoda/color-default.svg HTTP/1.1
Host: cdn6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Fri, 03 Apr 2020 06:25:43 GMT
etag: "297bfbb3809d61:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=895126
expires: Thu, 16 Feb 2023 06:15:24 GMT
date: Sun, 05 Feb 2023 21:36:38 GMT
content-length: 1770
X-Firefox-Spdy: h2
www.agoda.com/api/cronos/layout/login/params
104.110.12.18200 OK 3.4 kB URL HTTP/2 www.agoda.com/api/cronos/layout/login/params
IP 104.110.12.18:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (8017), with no line terminators
Hash fb5b35d4f253739595d33e5f1233872a
9e9a7ac915ac8776f07a59ba6751705c40fda5fa
245af7cc95ac18f52189235cbcc47a01901e15a5e066f27cf28244b022a01ef7
GET /api/cronos/layout/login/params HTTP/1.1
Host: www.agoda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.agoda.com/deals?pcs=1&cid=1912728
X-Requested-With: XMLHttpRequest
Content-type: application/json; charset=utf-8
AG-Language-Locale: en-us, en-us
AG-Language-Id: 1
CR-Currency-Id: 31
CR-Currency-Code: NOK
Connection: keep-alive
Cookie: agoda.analytics=Id=4790129188979313459&Signature=-4774124483181175899&Expiry=1675636597822; agoda.vuser=UserId=238be1a8-001d-4c1e-a982-dda6e57872d2; agoda.user.03=UserId=0117face-774a-4c8b-8599-ab35f8711f89; UserSession=0117face-774a-4c8b-8599-ab35f8711f89; agoda.version.03=CookieId=979813be-be82-415e-a37e-5ff265377053&AllocId=96917d1b98865c1749467ff951f67702c24b1cb0484b5c6bd9c51b2fb4be894fbbfffd61c84368b8e2d17f39eb45364cb3bb7e9f6b73a76e3ebe6f44b19f9c1c1c0343592924cd2ef94a0b56ee32f058151a5db19a979813bebe8215e37e5ff265377053&DLang=en-us&CurLabel=NOK&DPN=1&Alloc=&FEBuildVersion=&TItems=2$1912728$02-06-2023 04:36$02-07-2023 04:36$; ASP.NET_SessionId=qq1k422xdyxa5zotmtx404wh; agoda.attr.03=ATItems=1912728$02-06-2023 04:36$; agoda.firstclicks=1912728||||2023-02-06T04:36:37||qq1k422xdyxa5zotmtx404wh||{"IsPaid":true,"gclid":"","Type":""}; agoda.lastclicks=1912728||||2023-02-06T04:36:37||qq1k422xdyxa5zotmtx404wh||{"IsPaid":true,"gclid":"","Type":""}; agoda.landings=1912728|||qq1k422xdyxa5zotmtx404wh|2023-02-06T04:36:37|True|19----1912728|||qq1k422xdyxa5zotmtx404wh|2023-02-06T04:36:37|True|20----1912728|||qq1k422xdyxa5zotmtx404wh|2023-02-06T04:36:37|True|99; session_cache={"Cache":"amdata1","Time":"638112297978395991","SessionID":"qq1k422xdyxa5zotmtx404wh","CheckID":"e7e9a423669f2198c2f930ff6b3f9c0419f1b7b7","CType":"N"}; agoda.prius=PriusID=0&PointsMaxTraffic=Agoda; xsrf_token=CfDJ8Dkuqwv-0VhLoFfD8dw7lYyBCUwiJHYH3XmF7Zz0d5rB5qnxOxTjMlDRyemQAG1ZSPbQYRQTCSYgMp9iLTITagrk7w22dQfl5zThEwrvppwZs5VnivtHKjad2mIaGCK6rGlKK0wW61jxI8tUJTNvozQ; tealiumEnable=false
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json; charset=utf-8
vary: User-Agent, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST
access-control-expose-headers: ag-correlation-id
request-context: appId=
ag-correlation-id: 30f19bcf-2fd2-4d7f-b1af-3530f66868ed
x-recruiting: Like HTTP headers? Come write ours: https://careersatagoda.com/job/3931446-senior-software-engineer-full-stack-bangkok-based-relocation-provided/?gh_src=b096bae01us
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
ag-dc: am
x-ua-compatible: IE=edge
content-encoding: gzip
date: Sun, 05 Feb 2023 21:36:38 GMT
content-length: 3416
set-cookie: agoda.l2=; domain=www.agoda.com; path=/; expires=Sat, 04-Feb-2023 21:36:38 GMT; secure; HttpOnly
agoda.analytics=Id=4790129188979313459&Signature=-4774124483181175899&Expiry=1675636597822; domain=.agoda.com; path=/; expires=Sun, 05-Feb-2023 22:36:37 GMT; secure
X-Firefox-Spdy: h2
cdn6.agoda.net/images/sprite/bg-sprite-partner_v3.png
184.24.44.239200 OK 8.6 kB URL HTTP/2 cdn6.agoda.net/images/sprite/bg-sprite-partner_v3.png
IP 184.24.44.239:0
File type PNG image data, 480 x 198, 8-bit colormap, non-interlaced\012- data
Hash 3c8c245b2fcd4c6ada5c1b65e1aea8f8
4cfdbdcaab5e75c442bd0143711d85f05cc1a4b6
fc4f4bf7b045610a6cafe2c690d3c3d3655475c4af4adaa4287a9c72cf153619
GET /images/sprite/bg-sprite-partner_v3.png HTTP/1.1
Host: cdn6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 8605
last-modified: Mon, 22 Jul 2019 03:27:59 GMT
etag: "cf152763d40d51:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
unused62: 8096267
cache-control: max-age=2111872
expires: Thu, 02 Mar 2023 08:14:31 GMT
date: Sun, 05 Feb 2023 21:36:39 GMT
X-Firefox-Spdy: h2
cdn6.agoda.net/images/fonts/global-refresh/icons-89a6761cd841725e350b9c0a886b1fb8.woff
184.24.44.239200 OK 240 kB URL HTTP/2 cdn6.agoda.net/images/fonts/global-refresh/icons-89a6761cd841725e350b9c0a886b1fb8.woff
IP 184.24.44.239:0
File type Web Open Font Format, TrueType, length 240036, version 1.0\012- data
Size 240 kB (240036 bytes)
Hash a0e54b533a77430aa1c348d922ba87b4
498aec94ad5c1ca93d5f324e794423165be72134
135054a864e36dd5eedd2bb43dd4add245224b1f5dfb66776de5a02b8840c886
GET /images/fonts/global-refresh/icons-89a6761cd841725e350b9c0a886b1fb8.woff HTTP/1.1
Host: cdn6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.agoda.com
Connection: keep-alive
Referer: https://cdn6.agoda.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: font/x-woff
content-length: 240036
last-modified: Thu, 21 Jan 2021 16:52:55 GMT
etag: "808d31dd15f0d61:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
unused62: 8096267
cache-control: max-age=901703
expires: Thu, 16 Feb 2023 08:05:02 GMT
date: Sun, 05 Feb 2023 21:36:39 GMT
X-Firefox-Spdy: h2
www.agoda.com/api/cronos/mkt/GetConsentBanner
104.110.12.18200 OK 395 B URL HTTP/2 www.agoda.com/api/cronos/mkt/GetConsentBanner
IP 104.110.12.18:0
File type JSON data\012- , ASCII text, with very long lines (679), with no line terminators
Hash 760cc319c1d0912e4b22a555ed78d9c5
1aca4a9a304acfd215778206506ff5924114de9e
d21dae3cb3b293d854e10570d88e9acc32fdf601229887a8a008cf052782eee9
GET /api/cronos/mkt/GetConsentBanner HTTP/1.1
Host: www.agoda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.agoda.com/deals?pcs=1&cid=1912728
request-id: |33522dd5de5e48e283e8f13c0b5dc1f8.b6d7a43b509141ba
traceparent: 00-33522dd5de5e48e283e8f13c0b5dc1f8-b6d7a43b509141ba-01
Connection: keep-alive
Cookie: agoda.analytics=Id=4790129188979313459&Signature=-4774124483181175899&Expiry=1675636597822; agoda.vuser=UserId=238be1a8-001d-4c1e-a982-dda6e57872d2; agoda.user.03=UserId=0117face-774a-4c8b-8599-ab35f8711f89; UserSession=0117face-774a-4c8b-8599-ab35f8711f89; agoda.version.03=CookieId=979813be-be82-415e-a37e-5ff265377053&AllocId=96917d1b98865c1749467ff951f67702c24b1cb0484b5c6bd9c51b2fb4be894fbbfffd61c84368b8e2d17f39eb45364cb3bb7e9f6b73a76e3ebe6f44b19f9c1c1c0343592924cd2ef94a0b56ee32f058151a5db19a979813bebe8215e37e5ff265377053&DLang=en-us&CurLabel=NOK&DPN=1&Alloc=&FEBuildVersion=&TItems=2$1912728$02-06-2023 04:36$02-07-2023 04:36$; ASP.NET_SessionId=qq1k422xdyxa5zotmtx404wh; agoda.attr.03=ATItems=1912728$02-06-2023 04:36$; agoda.firstclicks=1912728||||2023-02-06T04:36:37||qq1k422xdyxa5zotmtx404wh||{"IsPaid":true,"gclid":"","Type":""}; agoda.lastclicks=1912728||||2023-02-06T04:36:37||qq1k422xdyxa5zotmtx404wh||{"IsPaid":true,"gclid":"","Type":""}; agoda.landings=1912728|||qq1k422xdyxa5zotmtx404wh|2023-02-06T04:36:37|True|19----1912728|||qq1k422xdyxa5zotmtx404wh|2023-02-06T04:36:37|True|20----1912728|||qq1k422xdyxa5zotmtx404wh|2023-02-06T04:36:37|True|99; session_cache={"Cache":"amdata1","Time":"638112297978395991","SessionID":"qq1k422xdyxa5zotmtx404wh","CheckID":"e7e9a423669f2198c2f930ff6b3f9c0419f1b7b7","CType":"N"}; agoda.prius=PriusID=0&PointsMaxTraffic=Agoda; xsrf_token=CfDJ8Dkuqwv-0VhLoFfD8dw7lYyBCUwiJHYH3XmF7Zz0d5rB5qnxOxTjMlDRyemQAG1ZSPbQYRQTCSYgMp9iLTITagrk7w22dQfl5zThEwrvppwZs5VnivtHKjad2mIaGCK6rGlKK0wW61jxI8tUJTNvozQ; tealiumEnable=false; ai_user=HWko6I1E9yNqFsfIklhmdd|2023-02-05T21:37:20.861Z
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json; charset=utf-8
vary: User-Agent, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST
access-control-expose-headers: ag-correlation-id
request-context: appId=
ag-correlation-id: bc12fade-f2cd-43f7-9d20-92bead192061
x-recruiting: Like HTTP headers? Come write ours: https://careersatagoda.com/job/3931446-senior-software-engineer-full-stack-bangkok-based-relocation-provided/?gh_src=b096bae01us
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
ag-dc: am
x-ua-compatible: IE=edge
content-encoding: gzip
date: Sun, 05 Feb 2023 21:36:39 GMT
content-length: 395
set-cookie: agoda.l2=; domain=www.agoda.com; path=/; expires=Sat, 04-Feb-2023 21:36:39 GMT; secure; HttpOnly
agoda.analytics=Id=4790129188979313459&Signature=-4774124483181175899&Expiry=1675636597822; domain=.agoda.com; path=/; expires=Sun, 05-Feb-2023 22:36:37 GMT; secure
X-Firefox-Spdy: h2
www.agoda.com/api/cronos/layout/notification/get
104.110.12.18200 OK 118 B URL HTTP/2 www.agoda.com/api/cronos/layout/notification/get
IP 104.110.12.18:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ea1d95187eded101385bd336bed2cf02
eaa25394d05c9f6e73420e8b4a55c0daaf780c82
919fedc2e6cb190220d3d462bbeadbac7bae8876850086a891b0e7d0e81ce658
POST /api/cronos/layout/notification/get HTTP/1.1
Host: www.agoda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.agoda.com/deals?pcs=1&cid=1912728
X-Requested-With: XMLHttpRequest
Content-type: application/json; charset=utf-8
AG-Language-Locale: en-us
AG-Language-Id: 1
CR-Currency-Id: 31
CR-Currency-Code: NOK
Request-Id: |33522dd5de5e48e283e8f13c0b5dc1f8.335ec7b7822a4bc7
traceparent: 00-33522dd5de5e48e283e8f13c0b5dc1f8-335ec7b7822a4bc7-01
Content-Length: 167
Origin: https://www.agoda.com
Connection: keep-alive
Cookie: agoda.analytics=Id=4790129188979313459&Signature=-4774124483181175899&Expiry=1675636597822; agoda.vuser=UserId=238be1a8-001d-4c1e-a982-dda6e57872d2; agoda.user.03=UserId=0117face-774a-4c8b-8599-ab35f8711f89; UserSession=0117face-774a-4c8b-8599-ab35f8711f89; agoda.version.03=CookieId=979813be-be82-415e-a37e-5ff265377053&AllocId=96917d1b98865c1749467ff951f67702c24b1cb0484b5c6bd9c51b2fb4be894fbbfffd61c84368b8e2d17f39eb45364cb3bb7e9f6b73a76e3ebe6f44b19f9c1c1c0343592924cd2ef94a0b56ee32f058151a5db19a979813bebe8215e37e5ff265377053&DLang=en-us&CurLabel=NOK&DPN=1&Alloc=&FEBuildVersion=&TItems=2$1912728$02-06-2023 04:36$02-07-2023 04:36$; ASP.NET_SessionId=qq1k422xdyxa5zotmtx404wh; agoda.attr.03=ATItems=1912728$02-06-2023 04:36$; agoda.firstclicks=1912728||||2023-02-06T04:36:37||qq1k422xdyxa5zotmtx404wh||{"IsPaid":true,"gclid":"","Type":""}; agoda.lastclicks=1912728||||2023-02-06T04:36:37||qq1k422xdyxa5zotmtx404wh||{"IsPaid":true,"gclid":"","Type":""}; agoda.landings=1912728|||qq1k422xdyxa5zotmtx404wh|2023-02-06T04:36:37|True|19----1912728|||qq1k422xdyxa5zotmtx404wh|2023-02-06T04:36:37|True|20----1912728|||qq1k422xdyxa5zotmtx404wh|2023-02-06T04:36:37|True|99; session_cache={"Cache":"amdata1","Time":"638112297978395991","SessionID":"qq1k422xdyxa5zotmtx404wh","CheckID":"e7e9a423669f2198c2f930ff6b3f9c0419f1b7b7","CType":"N"}; agoda.prius=PriusID=0&PointsMaxTraffic=Agoda; xsrf_token=CfDJ8Dkuqwv-0VhLoFfD8dw7lYyBCUwiJHYH3XmF7Zz0d5rB5qnxOxTjMlDRyemQAG1ZSPbQYRQTCSYgMp9iLTITagrk7w22dQfl5zThEwrvppwZs5VnivtHKjad2mIaGCK6rGlKK0wW61jxI8tUJTNvozQ; tealiumEnable=false; ai_user=HWko6I1E9yNqFsfIklhmdd|2023-02-05T21:37:20.861Z
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.agoda.com
access-control-expose-headers: ag-correlation-id
vary: Accept-Encoding, User-Agent, Accept-Encoding
request-context: appId=
ag-correlation-id: 8d194d21-fd0a-4eec-bcf5-c69719e21277
x-recruiting: Like HTTP headers? Come write ours: https://careersatagoda.com/job/3931446-senior-software-engineer-full-stack-bangkok-based-relocation-provided/?gh_src=b096bae01us
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
ag-dc: am
x-ua-compatible: IE=edge
content-encoding: gzip
date: Sun, 05 Feb 2023 21:36:39 GMT
content-length: 118
set-cookie: agoda.l2=; domain=www.agoda.com; path=/; expires=Sat, 04-Feb-2023 21:36:39 GMT; secure; HttpOnly
agoda.analytics=Id=4790129188979313459&Signature=-4774124483181175899&Expiry=1675636597822; domain=.agoda.com; path=/; expires=Sun, 05-Feb-2023 22:36:37 GMT; secure
X-Firefox-Spdy: h2
cdn0.agoda.net/images/blt2/dealshub/mainbanner.png
184.24.44.239200 OK 63 kB URL HTTP/2 cdn0.agoda.net/images/blt2/dealshub/mainbanner.png
IP 184.24.44.239:0
File type PNG image data, 2880 x 376, 8-bit colormap, non-interlaced\012- data
Hash c7061d6bc589e884a628e9fabe589963
d9969e17b73989ab37d0d19c0aa566c440869580
4180ea756142745b499f65fbfa22a3f51bd6b34d0368cee6fb30a335d61d790f
GET /images/blt2/dealshub/mainbanner.png HTTP/1.1
Host: cdn0.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn6.agoda.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 62800
last-modified: Fri, 17 Dec 2021 07:42:36 GMT
etag: "147011a919f3d71:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=922601
expires: Thu, 16 Feb 2023 13:53:20 GMT
date: Sun, 05 Feb 2023 21:36:39 GMT
X-Firefox-Spdy: h2
cdn0.agoda.net/images/emailmarketing/js_elements/full-img-2x.png
184.24.44.239200 OK 186 kB URL HTTP/2 cdn0.agoda.net/images/emailmarketing/js_elements/full-img-2x.png
IP 184.24.44.239:0
File type PNG image data, 2104 x 602, 8-bit/color RGBA, non-interlaced\012- data
Size 186 kB (185758 bytes)
Hash 3d83516b86d47b9ecd7874ea720b5789
a1c40174fcd5c89b218a6d679886786a58c4e7eb
c0668f12486a9dc5532ea771a6576ec63849d5bf98cbc2e0c459649217c69d5c
GET /images/emailmarketing/js_elements/full-img-2x.png HTTP/1.1
Host: cdn0.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 185758
last-modified: Wed, 05 Jan 2022 08:04:08 GMT
etag: "f82f21d1a2d81:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=1013339
expires: Fri, 17 Feb 2023 15:05:38 GMT
date: Sun, 05 Feb 2023 21:36:39 GMT
X-Firefox-Spdy: h2
cdn0.agoda.net/images/fonts/Mallory-Book.woff2
184.24.44.239200 OK 52 kB URL HTTP/2 cdn0.agoda.net/images/fonts/Mallory-Book.woff2
IP 184.24.44.239:0
File type Web Open Font Format (Version 2), TrueType, length 52237, version 1.0\012- data
Hash 9da57a7cb768ee379fddf2c4185d5603
10461b27648f83f961e583119cfaec22f0f57a00
3455511856790dabab542f954b002cc62a0a75f096b58aeb4ffd52a06eb9883e
GET /images/fonts/Mallory-Book.woff2 HTTP/1.1
Host: cdn0.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.agoda.com
Connection: keep-alive
Referer: https://cdn6.agoda.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: font/x-woff2
content-length: 52237
last-modified: Wed, 31 Aug 2016 08:13:19 GMT
etag: "429bd6885f3d21:0"
x-cache-status: EXPIRED
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
unused62: 8096267
cache-control: max-age=909208
expires: Thu, 16 Feb 2023 10:10:07 GMT
date: Sun, 05 Feb 2023 21:36:39 GMT
X-Firefox-Spdy: h2
cdn0.agoda.net/images/fonts/mallory-light-webfont-v01.woff2
184.24.44.239200 OK 52 kB URL HTTP/2 cdn0.agoda.net/images/fonts/mallory-light-webfont-v01.woff2
IP 184.24.44.239:0
File type Web Open Font Format (Version 2), TrueType, length 52321, version 1.0\012- data
Hash 93f441bab86ee3e21d43e0dc3b3bbad2
95558f8ed5b02877438f97ccc9d26a13069c38bf
fb023437a64f3743a90c382f70c6726e3e3862ba00ffaf6e7e0bc3a65a33f0c8
GET /images/fonts/mallory-light-webfont-v01.woff2 HTTP/1.1
Host: cdn0.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.agoda.com
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: font/x-woff2
content-length: 52321
last-modified: Fri, 07 May 2021 10:15:20 GMT
etag: "8e35bce22943d71:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=819356
expires: Wed, 15 Feb 2023 09:12:35 GMT
date: Sun, 05 Feb 2023 21:36:39 GMT
X-Firefox-Spdy: h2
cdn6.agoda.net/images/mvc/flags/bg-sprite-flags.png
184.24.44.239200 OK 38 kB URL HTTP/2 cdn6.agoda.net/images/mvc/flags/bg-sprite-flags.png
IP 184.24.44.239:0
File type PNG image data, 480 x 504, 8-bit colormap, non-interlaced\012- data
Hash dc18177716fd53fa6b434fa9f0fa209d
88cad39c99d72a11950932aa0fb3ad3b426a356e
c35f5b6b805f12f7e9f7f58a9ae0a89fa5e55b8c5f2746c65df4105effa9aa9e
GET /images/mvc/flags/bg-sprite-flags.png HTTP/1.1
Host: cdn6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/deals-bbfe1bade9bb.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 38332
last-modified: Wed, 21 Feb 2018 04:26:08 GMT
etag: "1dcf3918ccaad31:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=844009
expires: Wed, 15 Feb 2023 16:03:28 GMT
date: Sun, 05 Feb 2023 21:36:39 GMT
X-Firefox-Spdy: h2
cdn0.agoda.net/images/fonts/mallory-medium.woff2
184.24.44.239200 OK 54 kB URL HTTP/2 cdn0.agoda.net/images/fonts/mallory-medium.woff2
IP 184.24.44.239:0
File type Web Open Font Format (Version 2), TrueType, length 53637, version 1.0\012- data
Hash 3211aebce77f169fe755c52a0955c9f6
4140b90790d1a49f8637ae641e55a6c870c8631e
de630979937e5b5b6ed1f6b237383779bd2c23f5b4104e132f6d048f9f1ffe92
GET /images/fonts/mallory-medium.woff2 HTTP/1.1
Host: cdn0.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.agoda.com
Connection: keep-alive
Referer: https://cdn6.agoda.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: font/x-woff2
content-length: 53637
last-modified: Wed, 10 Aug 2016 06:51:53 GMT
etag: "42d4e1add3f2d11:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=909208
expires: Thu, 16 Feb 2023 10:10:07 GMT
date: Sun, 05 Feb 2023 21:36:39 GMT
X-Firefox-Spdy: h2
cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/vendors-braze_v2-47cb39ec3bb5.js
184.24.44.239200 OK 41 kB URL HTTP/2 cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/vendors-braze_v2-47cb39ec3bb5.js
IP 184.24.44.239:0
File type Unicode text, UTF-8 text, with very long lines (65131)
Hash 4799338f733479535acc6c5305328a2c
270eba617193b2e6d0a044547e0e1d995017a195
6d30646d8db040f5ff0aba0f1e96c909207d11b9c939a231b520bca9a010739b
GET /cdn-marketing_cronos/js/assets/cronos/vendors-braze_v2-47cb39ec3bb5.js HTTP/1.1
Host: cdn6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
access-control-allow-origin: *
content-encoding: br
etag: W/"d3dece2f9ec6c3ddcfec6405fd5937f7"
last-modified: Thu, 15 Dec 2022 14:34:11 GMT
server: Akamai Resource Optimizer
timing-allow-origin: *
x-cache-status: MISS
x-dc: SIN
x-amz-request-id: tx000000000000001c6db15-00639b3061-5f5b9984-sin
x-rgw-object-type: Normal
content-length: 41143
cache-control: max-age=406543
expires: Fri, 10 Feb 2023 14:32:22 GMT
date: Sun, 05 Feb 2023 21:36:39 GMT
X-Firefox-Spdy: h2
www.agoda.com/api/cronos/layout/culture/getlanguages
104.110.12.18200 OK 1.7 kB URL HTTP/2 www.agoda.com/api/cronos/layout/culture/getlanguages
IP 104.110.12.18:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (8504), with no line terminators
Hash c8268e0dac2d7acc58e0a489a8b26ac0
7eda1aa1c0abbb5479d9209a793df29e18d2e7fa
ec9c26b86f813247f68832d0582141b25fb7d8db099163d936c46053646fa42b
GET /api/cronos/layout/culture/getlanguages HTTP/1.1
Host: www.agoda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.agoda.com/deals?pcs=1&cid=1912728
X-Requested-With: XMLHttpRequest
Content-type: application/json; charset=utf-8
AG-Language-Locale: en-us
AG-Language-Id: 1
CR-Currency-Id: 31
CR-Currency-Code: NOK
Request-Id: |33522dd5de5e48e283e8f13c0b5dc1f8.17840b5f31d94147
traceparent: 00-33522dd5de5e48e283e8f13c0b5dc1f8-17840b5f31d94147-01
Connection: keep-alive
Cookie: agoda.analytics=Id=4790129188979313459&Signature=-4774124483181175899&Expiry=1675636597822; agoda.vuser=UserId=238be1a8-001d-4c1e-a982-dda6e57872d2; agoda.user.03=UserId=0117face-774a-4c8b-8599-ab35f8711f89; UserSession=0117face-774a-4c8b-8599-ab35f8711f89; agoda.version.03=CookieId=979813be-be82-415e-a37e-5ff265377053&AllocId=96917d1b98865c1749467ff951f67702c24b1cb0484b5c6bd9c51b2fb4be894fbbfffd61c84368b8e2d17f39eb45364cb3bb7e9f6b73a76e3ebe6f44b19f9c1c1c0343592924cd2ef94a0b56ee32f058151a5db19a979813bebe8215e37e5ff265377053&DLang=en-us&CurLabel=NOK&DPN=1&Alloc=&FEBuildVersion=&TItems=2$1912728$02-06-2023 04:36$02-07-2023 04:36$; ASP.NET_SessionId=qq1k422xdyxa5zotmtx404wh; agoda.attr.03=ATItems=1912728$02-06-2023 04:36$; agoda.firstclicks=1912728||||2023-02-06T04:36:37||qq1k422xdyxa5zotmtx404wh||{"IsPaid":true,"gclid":"","Type":""}; agoda.lastclicks=1912728||||2023-02-06T04:36:37||qq1k422xdyxa5zotmtx404wh||{"IsPaid":true,"gclid":"","Type":""}; agoda.landings=1912728|||qq1k422xdyxa5zotmtx404wh|2023-02-06T04:36:37|True|19----1912728|||qq1k422xdyxa5zotmtx404wh|2023-02-06T04:36:37|True|20----1912728|||qq1k422xdyxa5zotmtx404wh|2023-02-06T04:36:37|True|99; session_cache={"Cache":"amdata1","Time":"638112297978395991","SessionID":"qq1k422xdyxa5zotmtx404wh","CheckID":"e7e9a423669f2198c2f930ff6b3f9c0419f1b7b7","CType":"N"}; agoda.prius=PriusID=0&PointsMaxTraffic=Agoda; xsrf_token=CfDJ8Dkuqwv-0VhLoFfD8dw7lYyBCUwiJHYH3XmF7Zz0d5rB5qnxOxTjMlDRyemQAG1ZSPbQYRQTCSYgMp9iLTITagrk7w22dQfl5zThEwrvppwZs5VnivtHKjad2mIaGCK6rGlKK0wW61jxI8tUJTNvozQ; tealiumEnable=false; ai_user=HWko6I1E9yNqFsfIklhmdd|2023-02-05T21:37:20.861Z
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json; charset=utf-8
vary: User-Agent, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST
access-control-expose-headers: ag-correlation-id
request-context: appId=
ag-correlation-id: 948e1fd3-938f-4edb-9f91-a834bf0cba8d
x-recruiting: Like HTTP headers? Come write ours: https://careersatagoda.com/job/3931446-senior-software-engineer-full-stack-bangkok-based-relocation-provided/?gh_src=b096bae01us
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
ag-dc: am
x-ua-compatible: IE=edge
content-encoding: gzip
date: Sun, 05 Feb 2023 21:36:39 GMT
content-length: 1660
set-cookie: agoda.l2=; domain=www.agoda.com; path=/; expires=Sat, 04-Feb-2023 21:36:39 GMT; secure; HttpOnly
agoda.analytics=Id=4790129188979313459&Signature=-4774124483181175899&Expiry=1675636597822; domain=.agoda.com; path=/; expires=Sun, 05-Feb-2023 22:36:37 GMT; secure
X-Firefox-Spdy: h2
cdn6.agoda.net/images/desktop/bg-sprite-flags.png
184.24.44.239200 OK 66 kB URL HTTP/2 cdn6.agoda.net/images/desktop/bg-sprite-flags.png
IP 184.24.44.239:0
File type PNG image data, 480 x 1092, 8-bit colormap, non-interlaced\012- data
Hash a49b79bbde78f08f8d66c0eddaaff977
019167ed9ecee7bcd228fb4639e490a3746c7d1f
33e880aa212095a2f1be3428fc8d42848c1b028907cf7fe26882d732f938af0a
GET /images/desktop/bg-sprite-flags.png HTTP/1.1
Host: cdn6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/theme-agoda-88b2fd214ed0.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 65795
last-modified: Mon, 17 Oct 2016 07:24:38 GMT
etag: "07f9f844728d21:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
unused62: 8096267
cache-control: max-age=891365
expires: Thu, 16 Feb 2023 05:12:44 GMT
date: Sun, 05 Feb 2023 21:36:39 GMT
X-Firefox-Spdy: h2
pix6.agoda.net/images/MVC/default/logo-en.svg
184.24.44.239200 OK 42 B URL HTTP/2 pix6.agoda.net/images/MVC/default/logo-en.svg
IP 184.24.44.239:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash accba0b69f352b4c9440f05891b015c5
9d01cc5dc8e042c0d4ad6cfb8b3ac38e84a5ef9f
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
GET /images/MVC/default/logo-en.svg HTTP/1.1
Host: pix6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/gif
content-length: 42
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH, ASH
cache-control: max-age=81
expires: Sun, 05 Feb 2023 21:38:00 GMT
date: Sun, 05 Feb 2023 21:36:39 GMT
X-Firefox-Spdy: h2
cdn0.agoda.net/images/emailmarketing/HD-icon/agoji_vacation_loading.png
184.24.44.239200 OK 43 kB URL HTTP/2 cdn0.agoda.net/images/emailmarketing/HD-icon/agoji_vacation_loading.png
IP 184.24.44.239:0
File type PNG image data, 347 x 317, 8-bit/color RGBA, non-interlaced\012- data
Hash 41144488ba6170077c9a5f98596443b6
19f3fbefc69e29cedd4a5a418de89cb286b1abb8
63a202669655ccebcc99177684a9b861a48391ea4ef5b5602f6d026079553606
GET /images/emailmarketing/HD-icon/agoji_vacation_loading.png HTTP/1.1
Host: cdn0.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 43077
last-modified: Thu, 16 Dec 2021 07:49:25 GMT
etag: "561c767251f2d71:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=1013723
expires: Fri, 17 Feb 2023 15:12:02 GMT
date: Sun, 05 Feb 2023 21:36:39 GMT
X-Firefox-Spdy: h2
cdn0.agoda.net/images/emailmarketing/deals_elements/Web_Deals_Page_More_Deals.png
184.24.44.239200 OK 79 kB URL HTTP/2 cdn0.agoda.net/images/emailmarketing/deals_elements/Web_Deals_Page_More_Deals.png
IP 184.24.44.239:0
File type PNG image data, 575 x 369, 8-bit/color RGBA, non-interlaced\012- data
Hash 881a204ca353e0aaf76328e581dca8ae
7b417f9bd3235900788bd35d9dbbd835e868c745
f4fbad6df1feec5bf091b7e07b2cc62a4a58d08e3cdf05390119778879082024
GET /images/emailmarketing/deals_elements/Web_Deals_Page_More_Deals.png HTTP/1.1
Host: cdn0.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 79241
last-modified: Tue, 04 Oct 2022 07:50:28 GMT
etag: "03a32f8c5d7d81:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=1014776
expires: Fri, 17 Feb 2023 15:29:35 GMT
date: Sun, 05 Feb 2023 21:36:39 GMT
X-Firefox-Spdy: h2
cdn0.agoda.net/images/emailmarketing/custmkt/deals_email_elements/internationalDeals.png
184.24.44.239200 OK 11 kB URL HTTP/2 cdn0.agoda.net/images/emailmarketing/custmkt/deals_email_elements/internationalDeals.png
IP 184.24.44.239:0
File type PNG image data, 288 x 184, 8-bit colormap, non-interlaced\012- data
Hash 8f3985fdfd8880ebd03a74356ac36630
a1853b223403ae9e44b0b21dbb28c5bebffb0e13
82ff3eae8f613d7d9611f9116193148550cd528aa80663d45028021d4561da85
GET /images/emailmarketing/custmkt/deals_email_elements/internationalDeals.png HTTP/1.1
Host: cdn0.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 10732
last-modified: Wed, 11 Jan 2023 04:47:32 GMT
etag: "c084e3d07725d91:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=501952
expires: Sat, 11 Feb 2023 17:02:31 GMT
date: Sun, 05 Feb 2023 21:36:39 GMT
X-Firefox-Spdy: h2
cdn6.agoda.net/images/WebCampaign/NewWebDealsPage/Highlight_AgodaVIP_1.png
184.24.44.239200 OK 96 kB URL HTTP/2 cdn6.agoda.net/images/WebCampaign/NewWebDealsPage/Highlight_AgodaVIP_1.png
IP 184.24.44.239:0
File type PNG image data, 574 x 368, 8-bit/color RGBA, non-interlaced\012- data
Hash faecdcafb15b6845e9c2aeaa4450c029
3886dd1e7ac68528f336b385206f813c3f19cb05
a4dd96eb6a28cd3c7105c4145b45aa6bdcdf9ecd5eb3673e352b152a04630083
GET /images/WebCampaign/NewWebDealsPage/Highlight_AgodaVIP_1.png HTTP/1.1
Host: cdn6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 96058
last-modified: Tue, 14 Dec 2021 09:32:29 GMT
etag: "4a27be83cdf0d71:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=922514
expires: Thu, 16 Feb 2023 13:51:53 GMT
date: Sun, 05 Feb 2023 21:36:39 GMT
X-Firefox-Spdy: h2
www.agoda.com/favicon.ico
104.110.12.18200 OK 1.3 kB URL HTTP/2 www.agoda.com/favicon.ico
IP 104.110.12.18:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 776045c4a2721ec29ca46fd7d0676a6d
7477b5ec15a977de49e202812f045ac766dabfaf
135252b70c166cfa35ac7fbb0d7352093d1d4dc4252ae61dad2b2db659acf860
GET /favicon.ico HTTP/1.1
Host: www.agoda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.agoda.com/deals?pcs=1&cid=1912728
Connection: keep-alive
Cookie: agoda.analytics=Id=4790129188979313459&Signature=-4774124483181175899&Expiry=1675636597822; agoda.vuser=UserId=238be1a8-001d-4c1e-a982-dda6e57872d2; agoda.user.03=UserId=0117face-774a-4c8b-8599-ab35f8711f89; UserSession=0117face-774a-4c8b-8599-ab35f8711f89; agoda.version.03=CookieId=979813be-be82-415e-a37e-5ff265377053&AllocId=96917d1b98865c1749467ff951f67702c24b1cb0484b5c6bd9c51b2fb4be894fbbfffd61c84368b8e2d17f39eb45364cb3bb7e9f6b73a76e3ebe6f44b19f9c1c1c0343592924cd2ef94a0b56ee32f058151a5db19a979813bebe8215e37e5ff265377053&DLang=en-us&CurLabel=NOK&DPN=1&Alloc=&FEBuildVersion=&TItems=2$1912728$02-06-2023 04:36$02-07-2023 04:36$; ASP.NET_SessionId=qq1k422xdyxa5zotmtx404wh; agoda.attr.03=ATItems=1912728$02-06-2023 04:36$; agoda.firstclicks=1912728||||2023-02-06T04:36:37||qq1k422xdyxa5zotmtx404wh||{"IsPaid":true,"gclid":"","Type":""}; agoda.lastclicks=1912728||||2023-02-06T04:36:37||qq1k422xdyxa5zotmtx404wh||{"IsPaid":true,"gclid":"","Type":""}; agoda.landings=1912728|||qq1k422xdyxa5zotmtx404wh|2023-02-06T04:36:37|True|19----1912728|||qq1k422xdyxa5zotmtx404wh|2023-02-06T04:36:37|True|20----1912728|||qq1k422xdyxa5zotmtx404wh|2023-02-06T04:36:37|True|99; session_cache={"Cache":"amdata1","Time":"638112297978395991","SessionID":"qq1k422xdyxa5zotmtx404wh","CheckID":"e7e9a423669f2198c2f930ff6b3f9c0419f1b7b7","CType":"N"}; agoda.prius=PriusID=0&PointsMaxTraffic=Agoda; xsrf_token=CfDJ8Dkuqwv-0VhLoFfD8dw7lYyBCUwiJHYH3XmF7Zz0d5rB5qnxOxTjMlDRyemQAG1ZSPbQYRQTCSYgMp9iLTITagrk7w22dQfl5zThEwrvppwZs5VnivtHKjad2mIaGCK6rGlKK0wW61jxI8tUJTNvozQ; tealiumEnable=false; ai_user=HWko6I1E9yNqFsfIklhmdd|2023-02-05T21:37:20.861Z
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/x-icon
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST
access-control-expose-headers: ag-correlation-id
content-encoding: gzip
vary: User-Agent, Accept-Encoding
request-context: appId=
ag-correlation-id: 203b7b8b-c4d6-49d1-811b-002e0aa36c7d
x-recruiting: Like HTTP headers? Come write ours: https://careersatagoda.com/job/3931446-senior-software-engineer-full-stack-bangkok-based-relocation-provided/?gh_src=b096bae01us
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
ag-dc: am
x-ua-compatible: IE=edge
date: Sun, 05 Feb 2023 21:36:39 GMT
content-length: 1304
set-cookie: agoda.analytics=Id=4790129188979313459&Signature=-4774124483181175899&Expiry=1675636597822; domain=.agoda.com; path=/; expires=Sun, 05-Feb-2023 22:36:37 GMT; secure
X-Firefox-Spdy: h2
cdn0.agoda.net/images/consentbanner/cookie.png
184.24.44.239200 OK 938 B URL HTTP/2 cdn0.agoda.net/images/consentbanner/cookie.png
IP 184.24.44.239:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef95ac3b6488dd54e1262c043a39c008
46b6ef5b828e240925afb6a04ef8923041fed392
db113ee98dd4e8a8474e5a86ea18813bbcbad7ee139e55467df84760c4771b30
GET /images/consentbanner/cookie.png HTTP/1.1
Host: cdn0.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 938
last-modified: Tue, 09 Aug 2022 11:25:03 GMT
etag: "284b70abe2abd81:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=1611776
expires: Fri, 24 Feb 2023 13:19:35 GMT
date: Sun, 05 Feb 2023 21:36:39 GMT
X-Firefox-Spdy: h2
aai.agoda.net/v2/track
184.24.44.239204 No Content 0 B IP 184.24.44.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v2/track HTTP/1.1
Host: aai.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.agoda.com/
Origin: https://www.agoda.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.agoda.com
access-control-max-age: 1200
vary: Origin
request-context: appId=
date: Sun, 05 Feb 2023 21:36:39 GMT
X-Firefox-Spdy: h2
aai.agoda.net/v2/track
184.24.44.239200 OK 0 B IP 184.24.44.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v2/track HTTP/1.1
Host: aai.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 4801
Origin: https://www.agoda.com
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.agoda.com
access-control-expose-headers: ag-correlation-id
vary: Origin
request-context: appId=
ag-correlation-id: 5fad0449-75b5-4f7d-92e8-485c8f35863f
x-recruiting: Like HTTP headers? Come write ours: https://careersatagoda.com/job/3931446-senior-software-engineer-full-stack-bangkok-based-relocation-provided/?gh_src=b096bae01us
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
ag-dc: am
date: Sun, 05 Feb 2023 21:36:39 GMT
set-cookie: agoda.user.03=UserId=d20c2517-c1b1-4fe6-8126-aa501e38b8c5; domain=agoda.net; path=/; expires=Mon, 05-Feb-2024 21:36:39 GMT; secure
agoda.analytics=Id=1942606652041671773&Signature=-3043861845573930092&Expiry=1675636599937; domain=agoda.net; path=/; expires=Sun, 05-Feb-2023 22:36:39 GMT; secure
agoda.prius=PriusID=0&PointsMaxTraffic=Agoda; domain=agoda.net; path=/; expires=Mon, 05-Feb-2024 21:36:39 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
104.18.32.68200 OK 471 B IP 104.18.32.68:0
Hash 36c0da617312b60cba563cd11a7de6a7
9599a535b5ab16a5d92605a5ba5684f53cf5d6b2
ce701c57bb54f0f86b537a4fff9004e647db18382e48e3f6ba7358b3b8572d72
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sun, 05 Feb 2023 21:36:40 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 02 Feb 2023 17:17:41 GMT
Expires: Thu, 09 Feb 2023 17:17:40 GMT
Etag: "9599a535b5ab16a5d92605a5ba5684f53cf5d6b2"
Cache-Control: max-age=329459,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 794ec86e8b1a0b41-OSL
sdk.iad-01.braze.com/api/v3/content_cards/sync
151.101.65.208201 Created 95 B URL HTTP/2 sdk.iad-01.braze.com/api/v3/content_cards/sync
IP 151.101.65.208:0
Hash b0c2a28ad199951e670ec672308ed7b8
fdd7af4aada01a47a78b45dc36c85609bb6900b3
364ddae8fd21d8825c9050c5727c37d974a9ef83170868f4bbfc8d7a629dbdfb
POST /api/v3/content_cards/sync HTTP/1.1
Host: sdk.iad-01.braze.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
X-Requested-With: XMLHttpRequest
X-Braze-Api-Key: d999de98-30bc-4346-8124-a15900a101ae
X-Braze-DataRequest: true
X-Braze-ContentCardsRequest: true
Content-Length: 475
Origin: https://www.agoda.com
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 201 Created
content-type: application/json
server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers:
access-control-max-age: 7200
etag: W/"70f65da98488042e55a05b7236279355"
cache-control: max-age=0, private, must-revalidate
x-request-id: fd114c33-7834-45d9-bc05-9d38d938c3a5
x-runtime: 0.028212
content-encoding: gzip
accept-ranges: bytes
date: Sun, 05 Feb 2023 21:36:40 GMT
via: 1.1 varnish
x-served-by: cache-bma1634-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675633000.277938,VS0,VE126
vary: Origin,Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
bento.agoda.com/v2_1?p=js&v=1.3.73&t=1675633045073
103.200.108.57200 OK 2 B URL HTTP/2 bento.agoda.com/v2_1?p=js&v=1.3.73&t=1675633045073
IP 103.200.108.57:0
ASN #45530 The Offices at Central World, 27th floor
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /v2_1?p=js&v=1.3.73&t=1675633045073 HTTP/1.1
Host: bento.agoda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.agoda.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www.agoda.com
Content-Length: 18272
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sun, 05 Feb 2023 21:36:43 GMT
content-type: application/json
content-length: 2
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Encoding, Accept, Accept-Encoding, Accept-Language, Host, Referer, User-Agent
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.agoda.com
access-control-expose-headers: ag-correlation-id
set-cookie: agoda.analytics=Id=-3678794939570463622&Signature=-1502699639301227253&Expiry=1675636603102; domain=.agoda.com; path=/; expires=Sun, 05-Feb-2023 22:36:43 GMT; secure
agoda.user.03=UserId=d00af5b4-77d3-4b8c-82a0-bbb37c51d3de; domain=.agoda.com; path=/; expires=Mon, 05-Feb-2024 21:36:43 GMT; secure
agoda.prius=PriusID=0&PointsMaxTraffic=Agoda; domain=.agoda.com; path=/; expires=Mon, 05-Feb-2024 21:36:43 GMT
vary: Origin
request-context: appId=
ag-correlation-id: bb6b2500-a2d9-40df-8db6-98ce5a792705
x-recruiting: Like HTTP headers? Come write ours: https://careersatagoda.com/job/3931446-senior-software-engineer-full-stack-bangkok-based-relocation-provided/?gh_src=b096bae01us
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
ag-dc: am
X-Firefox-Spdy: h2
aai.agoda.net/v2/track
184.24.44.239415 Unsupported Media Type 0 B IP 184.24.44.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v2/track HTTP/1.1
Host: aai.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=utf-8
Content-Length: 7583
Origin: https://www.agoda.com
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 415 Unsupported Media Type
server: nginx
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.agoda.com
access-control-expose-headers: ag-correlation-id
vary: Origin
request-context: appId=
ag-correlation-id: f2c26ed8-5eec-45a0-a3e5-3b9430c09f13
x-recruiting: Like HTTP headers? Come write ours: https://careersatagoda.com/job/3931446-senior-software-engineer-full-stack-bangkok-based-relocation-provided/?gh_src=b096bae01us
strict-transport-security: max-age=2592000
ag-dc: am
date: Sun, 05 Feb 2023 21:36:44 GMT
set-cookie: agoda.user.03=UserId=22d389c7-4861-4408-b1dc-1067a00cb82c; domain=agoda.net; path=/; expires=Mon, 05-Feb-2024 21:36:44 GMT; secure
agoda.analytics=Id=-418049358474430058&Signature=-1823635791240048729&Expiry=1675636604207; domain=agoda.net; path=/; expires=Sun, 05-Feb-2023 22:36:44 GMT; secure
agoda.prius=PriusID=0&PointsMaxTraffic=Agoda; domain=agoda.net; path=/; expires=Mon, 05-Feb-2024 21:36:44 GMT
X-Firefox-Spdy: h2
sdk.iad-01.braze.com/api/v3/data/
151.101.65.208200 OK 0 B URL HTTP/2 sdk.iad-01.braze.com/api/v3/data/
IP 151.101.65.208:0
OPTIONS /api/v3/data/ HTTP/1.1
Host: sdk.iad-01.braze.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
Referer: https://www.agoda.com/
Origin: https://www.agoda.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers:
access-control-max-age: 7200
access-control-allow-headers: content-type,x-braze-api-key,x-braze-datarequest,x-braze-triggersrequest,x-requested-with
content-encoding: gzip
accept-ranges: bytes
date: Sun, 05 Feb 2023 21:36:39 GMT
via: 1.1 varnish
x-served-by: cache-bma1634-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675632999.319519,VS0,VE92
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
sdk.iad-01.braze.com/api/v3/data/
151.101.65.208200 OK 0 B URL HTTP/2 sdk.iad-01.braze.com/api/v3/data/
IP 151.101.65.208:0
OPTIONS /api/v3/data/ HTTP/1.1
Host: sdk.iad-01.braze.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-braze-api-key,x-requested-with
Referer: https://www.agoda.com/
Origin: https://www.agoda.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers:
access-control-max-age: 7200
access-control-allow-headers: content-type,x-braze-api-key,x-requested-with
content-encoding: gzip
accept-ranges: bytes
date: Sun, 05 Feb 2023 21:36:39 GMT
via: 1.1 varnish
x-served-by: cache-bma1634-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675632999.320669,VS0,VE92
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
sdk.iad-01.braze.com/api/v3/data/
151.101.65.208200 OK 0 B URL HTTP/2 sdk.iad-01.braze.com/api/v3/data/
IP 151.101.65.208:0
OPTIONS /api/v3/data/ HTTP/1.1
Host: sdk.iad-01.braze.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type,x-braze-api-key,x-requested-with
Referer: https://www.agoda.com/
Origin: https://www.agoda.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers:
access-control-max-age: 7200
access-control-allow-headers: content-type,x-braze-api-key,x-requested-with
content-encoding: gzip
accept-ranges: bytes
date: Sun, 05 Feb 2023 21:36:39 GMT
via: 1.1 varnish
x-served-by: cache-bma1634-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675632999.351064,VS0,VE92
vary: Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
sdk.iad-01.braze.com/api/v3/content_cards/sync
151.101.65.208201 Created 0 B URL HTTP/2 sdk.iad-01.braze.com/api/v3/content_cards/sync
IP 151.101.65.208:0
POST /api/v3/content_cards/sync HTTP/1.1
Host: sdk.iad-01.braze.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
X-Requested-With: XMLHttpRequest
X-Braze-Api-Key: d999de98-30bc-4346-8124-a15900a101ae
X-Braze-DataRequest: true
X-Braze-ContentCardsRequest: true
Content-Length: 475
Origin: https://www.agoda.com
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 201 Created
content-type: application/json
server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers:
access-control-max-age: 7200
etag: W/"e2ee5ae00132da02ff759f8fee3852bd"
cache-control: max-age=0, private, must-revalidate
x-request-id: 92f79760-30ab-46ad-b0d9-7c50fbd3fc85
x-runtime: 0.026810
content-encoding: gzip
accept-ranges: bytes
date: Sun, 05 Feb 2023 21:36:41 GMT
via: 1.1 varnish
x-served-by: cache-bma1634-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675633001.277943,VS0,VE119
vary: Origin,Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
sdk.iad-01.braze.com/api/v3/content_cards/sync
151.101.65.208201 Created 0 B URL HTTP/2 sdk.iad-01.braze.com/api/v3/content_cards/sync
IP 151.101.65.208:0
POST /api/v3/content_cards/sync HTTP/1.1
Host: sdk.iad-01.braze.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
X-Requested-With: XMLHttpRequest
X-Braze-Api-Key: d999de98-30bc-4346-8124-a15900a101ae
X-Braze-DataRequest: true
X-Braze-ContentCardsRequest: true
Content-Length: 475
Origin: https://www.agoda.com
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 201 Created
content-type: application/json
server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers:
access-control-max-age: 7200
etag: W/"743f287597c1e6a63fad595078cc3c2d"
cache-control: max-age=0, private, must-revalidate
x-request-id: ae81d5bb-9556-4845-a12f-620ccefcc2f2
x-runtime: 0.025656
content-encoding: gzip
accept-ranges: bytes
date: Sun, 05 Feb 2023 21:36:42 GMT
via: 1.1 varnish
x-served-by: cache-bma1634-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675633002.277916,VS0,VE119
vary: Origin,Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2
sdk.iad-01.braze.com/api/v3/content_cards/sync
151.101.65.208201 Created 0 B URL HTTP/2 sdk.iad-01.braze.com/api/v3/content_cards/sync
IP 151.101.65.208:0
POST /api/v3/content_cards/sync HTTP/1.1
Host: sdk.iad-01.braze.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
X-Requested-With: XMLHttpRequest
X-Braze-Api-Key: d999de98-30bc-4346-8124-a15900a101ae
X-Braze-DataRequest: true
X-Braze-ContentCardsRequest: true
Content-Length: 475
Origin: https://www.agoda.com
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 201 Created
content-type: application/json
server: nginx
access-control-allow-origin: *
access-control-allow-methods: POST, GET
access-control-expose-headers:
access-control-max-age: 7200
etag: W/"a7d8704ed0371eea7152c5e926c7031b"
cache-control: max-age=0, private, must-revalidate
x-request-id: c54d2ec6-f002-4f63-850a-2d6a2e27c7ca
x-runtime: 0.025978
content-encoding: gzip
accept-ranges: bytes
date: Sun, 05 Feb 2023 21:36:43 GMT
via: 1.1 varnish
x-served-by: cache-bma1634-BMA
x-cache: MISS
x-cache-hits: 0
x-timer: S1675633003.291408,VS0,VE118
vary: Origin,Accept-Encoding
strict-transport-security: max-age=31536000; includeSubDomains
X-Firefox-Spdy: h2