cdn3.partnerserving.com/toolbar/pub/43168/4003/download/HomeTab.exe
77.247.179.82200 OK 527 B URL HTTP/1.1 cdn3.partnerserving.com/toolbar/pub/43168/4003/download/HomeTab.exe
IP 77.247.179.82:0
ASN #43350 NForce Entertainment B.V.
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with very long lines (527), with no line terminators
Hash 5b7ce4a738c6a56f8a182897d0e6dd9d
e7e2e62659ebaa2dd86eafbd86f5bb0948d56475
c3043c5d244cab9f47980654495d5fceafe5d4fc7c11416bac6132e8ae6978b6
Analyzer Verdict Alert fortinet Malware
GET /toolbar/pub/43168/4003/download/HomeTab.exe HTTP/1.1
Host: cdn3.partnerserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
accept-ch: Sec-CH-UA, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Mobile
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 527
content-type: text/html; charset=utf-8
date: Sat, 25 Mar 2023 13:27:05 GMT
server: nginx
set-cookie: sid=bc919628-cb10-11ed-9b71-75a49cff7595; path=/; domain=.partnerserving.com; expires=Thu, 12 Apr 2091 16:41:13 GMT; max-age=2147483647; HttpOnly
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 13f90146df1d559743af6df15c29b77b
6dd24f60629c39f857e3c996084f4d515cf3f8d0
ea5975be17b9cd29c8770939eb5d63ce43c1c44ce9a3a4d04e1e79cd69b30d1c
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EA5975BE17B9CD29C8770939EB5D63CE43C1C44CE9A3A4D04E1E79CD69B30D1C"
Last-Modified: Fri, 24 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5736
Expires: Sat, 25 Mar 2023 15:02:42 GMT
Date: Sat, 25 Mar 2023 13:27:06 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 5d9435c884bf4a0777fdf4b57079ae09
7f04b9db47ffeec90ac6397416b7553e5336a550
fe77420ec3a11f547cf5172b68d30faa4fe0c13165ae305f0013b02914e61084
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "FE77420EC3A11F547CF5172B68D30FAA4FE0C13165AE305F0013B02914E61084"
Last-Modified: Sat, 25 Mar 2023 02:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=10350
Expires: Sat, 25 Mar 2023 16:19:36 GMT
Date: Sat, 25 Mar 2023 13:27:06 GMT
Connection: keep-alive
firefox.settings.services.mozilla.com/v1/
35.241.9.150200 OK 939 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Hash 84db75194692d4afe13196bda6f22da8
4c1f49bc973a4917f146d93c8d598344edc021f6
a3bec66f95b3bdf1d310c726e8ed05f7b06c1901c62381a94582d581844d2c23
GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Length, Content-Type, Alert, Retry-After, Backoff
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sat, 25 Mar 2023 12:27:44 GMT
content-type: application/json
age: 3562
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 9bb70197d53617b5e6889b890dd2ae26
f3e9b8a743de494529baf2d078a622539f965307
a094a13905b7f1cd89475f9c83f9245580d4c3c7228d51d5c16622aec3c6aa45
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "A094A13905B7F1CD89475F9C83F9245580D4C3C7228D51D5C16622AEC3C6AA45"
Last-Modified: Sat, 25 Mar 2023 07:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=2285
Expires: Sat, 25 Mar 2023 14:05:11 GMT
Date: Sat, 25 Mar 2023 13:27:06 GMT
Connection: keep-alive
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
34.160.144.191200 OK 5.3 kB URL HTTP/2 content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain
IP 34.160.144.191:0
File type PEM certificate\012- , ASCII text
Hash e7bace7c1e04d44012e37ddffe36e5d5
3ac8d7c0a9d3e3f0b28b2530c7b8d8407b4042c2
6b4f80f2e95b26f6122ea8dcd0ef8d762299be822c69e839fc37581ca2bcb5f2
GET /chains/remote-settings.content-signature.mozilla.org-2023-04-30-16-53-14.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
x-amz-id-2: AgMIxXbGKrgWvZtDiprBDSppyuJ3agb2vmUq3HiN48olGbcaKe+chk8yifeRos1oKeFYcTbvUYw=
x-amz-request-id: 6AEZ7CWGWB8R5QXB
x-amz-server-side-encryption: AES256
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sat, 25 Mar 2023 13:00:47 GMT
age: 1579
last-modified: Sat, 11 Mar 2023 16:53:15 GMT
etag: "e7bace7c1e04d44012e37ddffe36e5d5"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2
contile.services.mozilla.com/v1/tiles
34.117.237.239200 OK 12 B URL HTTP/2 contile.services.mozilla.com/v1/tiles
IP 34.117.237.239:0
File type JSON data\012- , ASCII text, with no line terminators
Hash 23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 13:27:06 GMT
content-type: application/json
content-length: 12
access-control-expose-headers: content-type
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-credentials: true
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2
cdn3.partnerserving.com/favicon.ico
77.247.179.82404 Not Found 9 B URL HTTP/1.1 cdn3.partnerserving.com/favicon.ico
IP 77.247.179.82:0
ASN #43350 NForce Entertainment B.V.
File type ASCII text, with no line terminators
Hash d8f4a1993546cc4b850cde3599e27aec
094b763b4cfcc0b05e5d040581cd513c3ca08067
907ba78b4545338d3539683e63ecb51cf51c10adc9dabd86e92bd52339f298b9
GET /favicon.ico HTTP/1.1
Host: cdn3.partnerserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn3.partnerserving.com/toolbar/pub/43168/4003/download/HomeTab.exe
Cookie: sid=bc919628-cb10-11ed-9b71-75a49cff7595
HTTP/1.1 404 Not Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 9
date: Sat, 25 Mar 2023 13:27:06 GMT
server: nginx
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
35.241.9.150200 OK 329 B URL HTTP/2 firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP 35.241.9.150:0
File type JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Hash 0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Content-Type, Retry-After, Last-Modified, Content-Length, Pragma, Expires, ETag, Backoff, Alert, Cache-Control
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sat, 25 Mar 2023 13:14:33 GMT
age: 753
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
cache-control: max-age=3600,public
alt-svc: clear
X-Firefox-Spdy: h2
cdn3.partnerserving.com/toolbar/pub/43168/4003/download/HomeTab.exe?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3OTc1ODAyNiwiaWF0IjoxNjc5NzUwODI2LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDdxb3VnYXV0dm0zNmo5NnMwMzFxazMiLCJuYmYiOjE2Nzk3NTA4MjYsInRzIjoxNjc5NzUwODI2MjAyNDEyfQ.IYObJrwY_9CnuNgVTOgwSH8n6jcIKj-G1zK9kb_N0-0&sid=bc919628-cb10-11ed-9b71-75a49cff7595
77.247.179.82302 Found 11 B URL HTTP/1.1 cdn3.partnerserving.com/toolbar/pub/43168/4003/download/HomeTab.exe?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3OTc1ODAyNiwiaWF0IjoxNjc5NzUwODI2LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDdxb3VnYXV0dm0zNmo5NnMwMzFxazMiLCJuYmYiOjE2Nzk3NTA4MjYsInRzIjoxNjc5NzUwODI2MjAyNDEyfQ.IYObJrwY_9CnuNgVTOgwSH8n6jcIKj-G1zK9kb_N0-0&sid=bc919628-cb10-11ed-9b71-75a49cff7595
IP 77.247.179.82:0
ASN #43350 NForce Entertainment B.V.
File type ASCII text, with no line terminators
Hash 32682312d17c7cbf18e73594f5570319
60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47
GET /toolbar/pub/43168/4003/download/HomeTab.exe?ch=1&js=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJhdWQiOiJKb2tlbiIsImV4cCI6MTY3OTc1ODAyNiwiaWF0IjoxNjc5NzUwODI2LCJpc3MiOiJKb2tlbiIsImpzIjoxLCJqdGkiOiIydDdxb3VnYXV0dm0zNmo5NnMwMzFxazMiLCJuYmYiOjE2Nzk3NTA4MjYsInRzIjoxNjc5NzUwODI2MjAyNDEyfQ.IYObJrwY_9CnuNgVTOgwSH8n6jcIKj-G1zK9kb_N0-0&sid=bc919628-cb10-11ed-9b71-75a49cff7595 HTTP/1.1
Host: cdn3.partnerserving.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://cdn3.partnerserving.com/toolbar/pub/43168/4003/download/HomeTab.exe
Cookie: sid=bc919628-cb10-11ed-9b71-75a49cff7595
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Sat, 25 Mar 2023 13:27:06 GMT
location: http://ishku-wbq.com/zcvisitor/bcda93f4-cb10-11ed-99e6-12ff6b8c65db/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=7bf4cc70-8597-11ed-984f-0a918cbcbb97
server: nginx
set-cookie: sid=bc919628-cb10-11ed-9b71-75a49cff7595; path=/; domain=.partnerserving.com; expires=Thu, 12 Apr 2091 16:41:14 GMT; max-age=2147483647; HttpOnly
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash 717ebcc65cb1390c2509851bac7b5878
1e04e3058329f3809bc01022d441172dcacc1aaa
3c8d41efe14dc75e001ce50aae65e133d90bcb2e2f86b2426cefe7abe4c7b588
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "3C8D41EFE14DC75E001CE50AAE65E133D90BCB2E2F86B2426CEFE7ABE4C7B588"
Last-Modified: Fri, 24 Mar 2023 18:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4461
Expires: Sat, 25 Mar 2023 14:41:28 GMT
Date: Sat, 25 Mar 2023 13:27:07 GMT
Connection: keep-alive
ishku-wbq.com/zcvisitor/bcda93f4-cb10-11ed-99e6-12ff6b8c65db/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=7bf4cc70-8597-11ed-984f-0a918cbcbb97
54.237.193.255200 1.1 kB URL HTTP/1.1 ishku-wbq.com/zcvisitor/bcda93f4-cb10-11ed-99e6-12ff6b8c65db/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=7bf4cc70-8597-11ed-984f-0a918cbcbb97
IP 54.237.193.255:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Hash 28db485e35dae69c3c5ed7cc59f4fcad
39940f96dc4bf16a6acbd2a6ec5e9eecadf10197
43d2b2b71a0c05b9ea9adba1d74a7aa5d2a53b6db56e4726f7de74fecd810874
GET /zcvisitor/bcda93f4-cb10-11ed-99e6-12ff6b8c65db/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=7bf4cc70-8597-11ed-984f-0a918cbcbb97 HTTP/1.1
Host: ishku-wbq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Referer: http://cdn3.partnerserving.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Sat, 25 Mar 2023 13:27:07 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: FOEiExiL
push.services.mozilla.com/
52.10.254.200101 Switching Protocols 0 B URL HTTP/1.1 push.services.mozilla.com/
IP 52.10.254.200:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: kA6+Z0q3a+//SMS30MD3aA==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket
HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: tRjiQIuccKZ7sJZvGu1rx9LtsH0=
ishku-wbq.com/zcredirect?visitid=bcda93f4-cb10-11ed-99e6-12ff6b8c65db&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
54.237.193.255200 856 B URL HTTP/1.1 ishku-wbq.com/zcredirect?visitid=bcda93f4-cb10-11ed-99e6-12ff6b8c65db&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
IP 54.237.193.255:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (385)
Hash 82a5e84a9b8d81ebbb6d8c91838f9550
62d2cf9365871a59ee2aa392dc8e428e985b724f
940697f0f0f1c8e392197461c6fe2d6647226489db7973dc47ec0f84554f2286
GET /zcredirect?visitid=bcda93f4-cb10-11ed-99e6-12ff6b8c65db&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1
Host: ishku-wbq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ishku-wbq.com/zcvisitor/bcda93f4-cb10-11ed-99e6-12ff6b8c65db/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=7bf4cc70-8597-11ed-984f-0a918cbcbb97
Upgrade-Insecure-Requests: 1
HTTP/1.1 200
Date: Sat, 25 Mar 2023 13:27:07 GMT
Content-Type: text/html;charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: cCKeCBFY
ishku-wbq.com/favicon.ico
54.237.193.255404 653 B URL HTTP/1.1 ishku-wbq.com/favicon.ico
IP 54.237.193.255:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Hash ba2732b1b2fa2626ffaa15f62f9e7d66
203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
GET /favicon.ico HTTP/1.1
Host: ishku-wbq.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://ishku-wbq.com/zcredirect?visitid=bcda93f4-cb10-11ed-99e6-12ff6b8c65db&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false
HTTP/1.1 404
Date: Sat, 25 Mar 2023 13:27:07 GMT
Content-Type: text/html;charset=utf-8
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: FOEiExiL
ocsp.digicert.com/
192.229.221.95200 OK 727 B IP 192.229.221.95:0
Hash e02e202813981935cb9f382f644bb70c
e7ac55f3c8230c72682d441126e267b9c3ed36de
2062bf3ac906efb0e8397bff054fd56d612cce1ca37bdaf2529242645474ee45
POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Accept-Ranges: bytes
Cache-Control: max-age=160423
Content-Type: application/ocsp-response
Date: Sat, 25 Mar 2023 13:27:08 GMT
Etag: "641ec653-2d7"
Expires: Mon, 27 Mar 2023 10:00:51 GMT
Last-Modified: Sat, 25 Mar 2023 10:00:51 GMT
Server: nginx
Content-Length: 727
www.ukhotelbooking.com/UcYQ/?s2=jlKWePOus1EJWoz0cxE9Dxc6MY0TidO%2BPngyYCV%2B0WPvBrEHDsr4pdki5hGYOdRLqMD9HvjgfJIdhrecyLDs3o2JWmxDnbrh1ArVWDXzkJ7YIW9HQq%2Burlb3uKJHMeZKFjfKTHkfMck4ypFXDHARu%2Fjm1%2FXne%2BmQ%2BuYFIOglecIgRzB%2FISWIo1zpDRN%2BZh1MngdNrO6vgwtZ7dMgqT%2FaTDT6K%2FEqYnUF5iag8uPKQ6i1Ag%3D%3D&v=4592317761.48f33782.2b14041b
23.20.162.77302 Found 0 B URL HTTP/2 www.ukhotelbooking.com/UcYQ/?s2=jlKWePOus1EJWoz0cxE9Dxc6MY0TidO%2BPngyYCV%2B0WPvBrEHDsr4pdki5hGYOdRLqMD9HvjgfJIdhrecyLDs3o2JWmxDnbrh1ArVWDXzkJ7YIW9HQq%2Burlb3uKJHMeZKFjfKTHkfMck4ypFXDHARu%2Fjm1%2FXne%2BmQ%2BuYFIOglecIgRzB%2FISWIo1zpDRN%2BZh1MngdNrO6vgwtZ7dMgqT%2FaTDT6K%2FEqYnUF5iag8uPKQ6i1Ag%3D%3D&v=4592317761.48f33782.2b14041b
IP 23.20.162.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /UcYQ/?s2=jlKWePOus1EJWoz0cxE9Dxc6MY0TidO%2BPngyYCV%2B0WPvBrEHDsr4pdki5hGYOdRLqMD9HvjgfJIdhrecyLDs3o2JWmxDnbrh1ArVWDXzkJ7YIW9HQq%2Burlb3uKJHMeZKFjfKTHkfMck4ypFXDHARu%2Fjm1%2FXne%2BmQ%2BuYFIOglecIgRzB%2FISWIo1zpDRN%2BZh1MngdNrO6vgwtZ7dMgqT%2FaTDT6K%2FEqYnUF5iag8uPKQ6i1Ag%3D%3D&v=4592317761.48f33782.2b14041b HTTP/1.1
Host: www.ukhotelbooking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: http://ishku-wbq.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx/1.22.0
date: Sat, 25 Mar 2023 13:27:08 GMT
content-type: text/html; charset=UTF-8
content-length: 0
location: http://www.ukhotelbooking.com/UcYQ/MkAuKIGD7r?i7c=gP85E3pttTi1pbSNBAjJXP0QLr0fHyf2k6A0jfUchVmWVLpUAvE08JP23SF%2F0ynh97kj9HGsBm10VBVqPyA7ktc8%2BxSINhYhzLFqFwnRPm54Nuo8CW3hQDEOiiqyToECH0pUR%2BIcbzsT%2Fmx9LmosTBK37MGYhgE%2Bae5UkTLzUV5y9UMbVSs5pfupVU5cCrCCMOhkT7xtRbbs4mNx%2FXcpQBtlgx7%2Bsg%3D%3D&ps=c57e18f43997b225ff64fbe0abbe9af9
access-control-allow-origin: *
referrer-policy: no-referrer
via: 1.1 google
X-Firefox-Spdy: h2
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13490
Expires: Sat, 25 Mar 2023 17:11:58 GMT
Date: Sat, 25 Mar 2023 13:27:08 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13490
Expires: Sat, 25 Mar 2023 17:11:58 GMT
Date: Sat, 25 Mar 2023 13:27:08 GMT
Connection: keep-alive
r3.o.lencr.org/
95.101.11.115200 OK 503 B IP 95.101.11.115:0
ASN #20940 Akamai International B.V.
Hash b62c9b9530dd66bb7f03ba2ce3d835da
bf8560766de78dd925e395f59610ab2f1335e565
62a45c1bedd4241448ab43b535518e423b0500901328b3a0b984d758c9b0540d
POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "62A45C1BEDD4241448AB43B535518E423B0500901328B3A0B984D758C9B0540D"
Last-Modified: Fri, 24 Mar 2023 03:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13490
Expires: Sat, 25 Mar 2023 17:11:58 GMT
Date: Sat, 25 Mar 2023 13:27:08 GMT
Connection: keep-alive
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg
34.120.237.76200 OK 5.3 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash aecd210f66f83c73c3450d047ae7448a
d68861e96e12e8a3f293dbae8b687f05b6e15afb
22b69c41c56e5538d91f824d5dc2e63ab5563f99ae8e429c9166f4b397cacd0e
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fca67e232-d39a-48ac-a0be-316741df0c53.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 5296
x-amzn-requestid: 11fdf0c8-244c-4cd5-bfa7-4c77d777174f
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTiuzEqkIAMFXOw=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e17f8-5c241d63598dbf595b54ead5;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:36:56 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: b1KWFmKdRQ4DU0v5JmC7AJatpv2B5FAHKVWL7pFiyh13fqYDA5qydA==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 deaaf0548506de20925615eb51a7ea7e.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:57:13 GMT
age: 55795
etag: "d68861e96e12e8a3f293dbae8b687f05b6e15afb"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07b6f4d1-af89-4aaf-acec-609bb76366de.jpeg
34.120.237.76200 OK 12 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07b6f4d1-af89-4aaf-acec-609bb76366de.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 70169fbc493bf12f91f072aa3a30ddde
4cd24b81bd6ade3ab5ff90fc88b0f7497e93391d
8b5fc3c8421d5696522231c3490a0853709897f5c9b645bd5e84398cf84089aa
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F07b6f4d1-af89-4aaf-acec-609bb76366de.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 12071
x-amzn-requestid: 02bb2a93-c0aa-4d43-aa99-759a0418bc20
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTigfGHYoAMF8BQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e179c-2258162e1901b5cd6e7144d3;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:24 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Miss from cloudfront
x-amz-cf-id: n7Xm67vDO9_X3Xoe2HXJs4Y9dLE6cZgx16lmW7c3KHv-sOg7rZo9wg==
via: 1.1 b5695e36d7fbc522ece27885d73757ae.cloudfront.net (CloudFront), 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:47:23 GMT
age: 56385
etag: "4cd24b81bd6ade3ab5ff90fc88b0f7497e93391d"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6f9abe8-74dc-41f6-984c-4a9e53a6198a.jpeg
34.120.237.76200 OK 6.2 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6f9abe8-74dc-41f6-984c-4a9e53a6198a.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash dd191e3a122d6e31f81e6e9d434c58d6
aec88022970c93289434f8097e4a663da33e5271
1f00c901ef479637ec703d7924526a970cb13dd2635b2bbb68b285df9d98e011
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe6f9abe8-74dc-41f6-984c-4a9e53a6198a.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 6185
x-amzn-requestid: 223de50b-9a7e-4ac7-9305-336658eec4ac
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTiwYHoLoAMFXtg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e1802-226bd8524ade75234053ff50;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:37:06 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: Ye0ADORg1hFVLxcNVj-qS60tlfguOEtyTx_XFU4ooJOcDHqNsqV3kw==
via: 1.1 3698a5f586d9ecca74d570e41f4c8516.cloudfront.net (CloudFront), 1.1 1ec2938341958d70d56193d709c89dee.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:57:14 GMT
age: 55794
etag: "aec88022970c93289434f8097e4a663da33e5271"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bda2583-e595-45ff-852f-d4b6bd713109.jpeg
34.120.237.76200 OK 8.6 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bda2583-e595-45ff-852f-d4b6bd713109.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 73f9697594d173d623b331b5c35eab8d
6323f751f6b7517f062a0442480f672086ea02a1
116cb71658b31e87f19c390b242c684f6505cc8edf90b7fc934ac726fc7ddd18
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7bda2583-e595-45ff-852f-d4b6bd713109.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 8635
x-amzn-requestid: fc715b03-f48f-4300-b752-ab157a684f08
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTihcETyIAMFhYQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e17a2-68f685ec0f50dae026ea3f64;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:30 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: i6dsVaC_gPijsRqh_EL5tZYZpjNEbQJvKIpPq501TIJZzcLUWeRz9w==
via: 1.1 ba490acb2ea716cd57876286ed686786.cloudfront.net (CloudFront), 1.1 34f8ef0e4c880df0650a814412a26ea6.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:45:56 GMT
age: 56472
etag: "6323f751f6b7517f062a0442480f672086ea02a1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af2ab94-b5c3-4517-b9d7-97ddb369f62d.jpeg
34.120.237.76200 OK 7.8 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af2ab94-b5c3-4517-b9d7-97ddb369f62d.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 5773974a7341690f006b052ad02c94db
1b11316c952e2195da1646dd94671669e7e3bc2b
a06b72138745500cacc919fea29536ebd4188a1c483f6123e3402458e299f16a
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4af2ab94-b5c3-4517-b9d7-97ddb369f62d.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 7800
x-amzn-requestid: bad99b1e-3923-4de9-8bea-4dd04e96f7cd
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CTigfFGcIAMFdBA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641e179c-0826b92d4c4af16553503600;Sampled=0
x-amzn-remapped-date: Fri, 24 Mar 2023 21:35:24 GMT
x-amz-cf-pop: HIO52-P1, SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: 9AGLmjvUSTKIsYIWECOR8QwdF4PP1tP1TweUm0VYvxQ0qskqj3YuLA==
via: 1.1 3698a5f586d9ecca74d570e41f4c8516.cloudfront.net (CloudFront), 1.1 995664ee945c06fc706b5cb8e0e650dc.cloudfront.net (CloudFront), 1.1 google
date: Fri, 24 Mar 2023 21:43:53 GMT
age: 56595
etag: "1b11316c952e2195da1646dd94671669e7e3bc2b"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
34.120.237.76200 OK 4.0 kB URL HTTP/2 img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg
IP 34.120.237.76:0
File type JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Hash 85351059b67b0a42eda7e69a31b3b4b4
b798268806dc2f79f033e5872676019faf0e0cc1
86e163b7159b197d6358ab01333ac6da221de0ebe1c5da8d5cef2977d38625fe
GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F255e6a5a-97bb-4a35-8a48-4d120747a63c.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-length: 4000
x-amzn-requestid: 68dc01d7-3eed-48f6-8532-8efaa96cc1ec
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: CJpraEqyoAMFgNQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-641a2315-3852cc8961365a560d1fa02f;Sampled=0
x-amzn-remapped-date: Tue, 21 Mar 2023 21:35:17 GMT
x-amz-cf-pop: SEA19-C1
x-cache: Hit from cloudfront
x-amz-cf-id: I3GuoZ4ZxAtz0sKe3wrW67aitLlCAbaZkiPw23fl0F3FoumJDEnXiQ==
via: 1.1 288c777a01e22425da9494dad7a69734.cloudfront.net (CloudFront), 1.1 d90109c5a0c30f43223e0db85921c5c2.cloudfront.net (CloudFront), 1.1 google
date: Sat, 25 Mar 2023 05:56:24 GMT
age: 27044
etag: "b798268806dc2f79f033e5872676019faf0e0cc1"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2
www.ukhotelbooking.com/UcYQ/MkAuKIGD7r?i7c=gP85E3pttTi1pbSNBAjJXP0QLr0fHyf2k6A0jfUchVmWVLpUAvE08JP23SF%2F0ynh97kj9HGsBm10VBVqPyA7ktc8%2BxSINhYhzLFqFwnRPm54Nuo8CW3hQDEOiiqyToECH0pUR%2BIcbzsT%2Fmx9LmosTBK37MGYhgE%2Bae5UkTLzUV5y9UMbVSs5pfupVU5cCrCCMOhkT7xtRbbs4mNx%2FXcpQBtlgx7%2Bsg%3D%3D&ps=c57e18f43997b225ff64fbe0abbe9af9
23.20.162.77200 OK 644 B URL HTTP/1.1 www.ukhotelbooking.com/UcYQ/MkAuKIGD7r?i7c=gP85E3pttTi1pbSNBAjJXP0QLr0fHyf2k6A0jfUchVmWVLpUAvE08JP23SF%2F0ynh97kj9HGsBm10VBVqPyA7ktc8%2BxSINhYhzLFqFwnRPm54Nuo8CW3hQDEOiiqyToECH0pUR%2BIcbzsT%2Fmx9LmosTBK37MGYhgE%2Bae5UkTLzUV5y9UMbVSs5pfupVU5cCrCCMOhkT7xtRbbs4mNx%2FXcpQBtlgx7%2Bsg%3D%3D&ps=c57e18f43997b225ff64fbe0abbe9af9
IP 23.20.162.77:0
File type HTML document text\012- HTML document text\012- HTML document, ASCII text
Hash ed92ff781362cf4a37fb51b3bdb2e2c9
20ddefbd5ed8071381fdf40f8dda6d6a3f39cec4
1d6801486ee67a917f72c5cb8cd5ef4d0973988235c90ff7af5a7c6792e1bc98
GET /UcYQ/MkAuKIGD7r?i7c=gP85E3pttTi1pbSNBAjJXP0QLr0fHyf2k6A0jfUchVmWVLpUAvE08JP23SF%2F0ynh97kj9HGsBm10VBVqPyA7ktc8%2BxSINhYhzLFqFwnRPm54Nuo8CW3hQDEOiiqyToECH0pUR%2BIcbzsT%2Fmx9LmosTBK37MGYhgE%2Bae5UkTLzUV5y9UMbVSs5pfupVU5cCrCCMOhkT7xtRbbs4mNx%2FXcpQBtlgx7%2Bsg%3D%3D&ps=c57e18f43997b225ff64fbe0abbe9af9 HTTP/1.1
Host: www.ukhotelbooking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1
HTTP/1.1 200 OK
Server: nginx/1.22.0
Date: Sat, 25 Mar 2023 13:27:08 GMT
Content-Type: text/html;charset=UTF-8
Content-Length: 644
Connection: keep-alive
access-control-allow-origin: *
access-control-expose-headers: X-BurstFire-ReqID, X-BurstFire-ClientID, X-BurstFire-Version, Server
x-burstfire-reqid: 8758a0f8-4b92-4a06-ac52-706ea87656dd
x-burstfire-clientid: 836bf02e-8f2c-6465-41c2-5ccbed751294
x-burstfire-version: Generic
via: 1.1 google
www.ukhotelbooking.com/UcYQ/pe9Dx_-D71
23.20.162.77302 Found 0 B URL HTTP/1.1 www.ukhotelbooking.com/UcYQ/pe9Dx_-D71
IP 23.20.162.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /UcYQ/pe9Dx_-D71 HTTP/1.1
Host: www.ukhotelbooking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/x-www-form-urlencoded
Content-Length: 164
Origin: http://www.ukhotelbooking.com
Connection: keep-alive
Referer: http://www.ukhotelbooking.com/UcYQ/MkAuKIGD7r?i7c=gP85E3pttTi1pbSNBAjJXP0QLr0fHyf2k6A0jfUchVmWVLpUAvE08JP23SF%2F0ynh97kj9HGsBm10VBVqPyA7ktc8%2BxSINhYhzLFqFwnRPm54Nuo8CW3hQDEOiiqyToECH0pUR%2BIcbzsT%2Fmx9LmosTBK37MGYhgE%2Bae5UkTLzUV5y9UMbVSs5pfupVU5cCrCCMOhkT7xtRbbs4mNx%2FXcpQBtlgx7%2Bsg%3D%3D&ps=c57e18f43997b225ff64fbe0abbe9af9
Upgrade-Insecure-Requests: 1
HTTP/1.1 302 Found
Server: nginx/1.22.0
Date: Sat, 25 Mar 2023 13:27:08 GMT
Content-Type: text/plain;charset=UTF-8
Content-Length: 0
Connection: keep-alive
access-control-allow-origin: *
access-control-expose-headers: X-BurstFire-ReqID, X-BurstFire-ClientID, X-BurstFire-Version, Server
x-burstfire-reqid: 15c195f6-36b2-4d6f-9b04-e279a37d8443
x-burstfire-clientid: 836bf02e-8f2c-6465-41c2-5ccbed751294
x-burstfire-version: Generic
location: https://www.agoda.com/partners/partnersearch.aspx?pcs=1&cid=1912728
via: 1.1 google
www.ukhotelbooking.com/favicon.ico
23.20.162.77404 Not Found 0 B URL HTTP/1.1 www.ukhotelbooking.com/favicon.ico
IP 23.20.162.77:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
GET /favicon.ico HTTP/1.1
Host: www.ukhotelbooking.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://www.ukhotelbooking.com/UcYQ/MkAuKIGD7r?i7c=gP85E3pttTi1pbSNBAjJXP0QLr0fHyf2k6A0jfUchVmWVLpUAvE08JP23SF%2F0ynh97kj9HGsBm10VBVqPyA7ktc8%2BxSINhYhzLFqFwnRPm54Nuo8CW3hQDEOiiqyToECH0pUR%2BIcbzsT%2Fmx9LmosTBK37MGYhgE%2Bae5UkTLzUV5y9UMbVSs5pfupVU5cCrCCMOhkT7xtRbbs4mNx%2FXcpQBtlgx7%2Bsg%3D%3D&ps=c57e18f43997b225ff64fbe0abbe9af9
HTTP/1.1 404 Not Found
Server: nginx/1.22.0
Date: Sat, 25 Mar 2023 13:27:09 GMT
Content-Type: text/html; charset=UTF-8
Transfer-Encoding: chunked
Connection: keep-alive
X-Powered-By: PHP/7.2.34
Location: https://www.ukhotelbooking.com/favicon.ico
www.agoda.com/partners/partnersearch.aspx?pcs=1&cid=1912728
104.110.12.18302 Found 166 B URL HTTP/2 www.agoda.com/partners/partnersearch.aspx?pcs=1&cid=1912728
IP 104.110.12.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document, ASCII text, with CRLF line terminators
Hash 75176d66939940b8862704176cc4d412
0046609723b0d96f321f39d0e111ddedbb577c24
54361c1f7d22736f515c97f983c0031394c00f4c08166d91a78ae09f9d7ecea6
GET /partners/partnersearch.aspx?pcs=1&cid=1912728 HTTP/1.1
Host: www.agoda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ukhotelbooking.com/
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
HTTP/2 302 Found
server: nginx
content-type: text/html; charset=utf-8
content-length: 166
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST
access-control-expose-headers: ag-correlation-id
cache-control: private
location: https://www.agoda.com/deals?pcs=1&cid=1912728
request-context: appId=
ag-correlation-id: 3d5878fe-053a-4a90-9d46-a59499ff7354
x-recruiting: Like HTTP headers? Come write ours: https://careersatagoda.com/job/3931446-senior-software-engineer-full-stack-bangkok-based-relocation-provided/?gh_src=b096bae01us
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
ag-dc: am
ag_server_time: 16
ag_execution_time: 16.613
ag_send_time: 0
x-ua-compatible: IE=edge
vary: User-Agent, Accept-Encoding
date: Sat, 25 Mar 2023 13:27:09 GMT
set-cookie: agoda.analytics=Id=4037138348299807738&Signature=1040514150734268647&Expiry=1679754429192; domain=.agoda.com; expires=Sat, 25-Mar-2023 14:27:09 GMT; path=/; secure
agoda.vuser=UserId=8d4ae1b9-2272-4bbd-a7dd-b02a1623cb91; domain=.agoda.com; expires=Sun, 24-Mar-2024 13:27:09 GMT; path=/; secure
agoda.user.03=UserId=e62e3796-5cdb-43ae-b15c-ddb14887b602; domain=.agoda.com; expires=Sun, 24-Mar-2024 13:27:09 GMT; path=/; secure
UserSession=e62e3796-5cdb-43ae-b15c-ddb14887b602; domain=.agoda.com; path=/; secure
agoda.version.03=CookieId=179544ca-9efd-47d2-a238-9e1a848cb856&AllocId=7978363dc5987d732051d1d558f1056c2df832c91479954f1053fa0e5883cc67c9ad1864f67475c28d422963528c360f704779b322c1b9cfd756fc1467ad0ef4bdb5b73759ea80a2f04588adf2b6e0f5621267cbb6179544ca9efd7d22389e1a848cb856&DLang=en-us&CurLabel=NOK&DPN=1&Alloc=&FEBuildVersion=&TItems=2$1912728$03-25-2023 20:27$03-26-2023 20:27$; domain=agoda.com; expires=Mon, 25-Mar-2024 13:27:09 GMT; path=/; secure
ASP.NET_SessionId=ymnnjje05ix4jdzqtceyxhan; path=/; secure; HttpOnly; SameSite=Lax
agoda.attr.03=CookieId=8c94a3dc-9065-4b8b-8795-1005d27ca47d&ATItems=1912728$03-25-2023 20:27$; domain=agoda.com; expires=Mon, 25-Mar-2024 13:27:09 GMT; path=/; secure
agoda.firstclicks=1912728||||2023-03-25T20:27:09||ymnnjje05ix4jdzqtceyxhan||{"IsPaid":true,"gclid":"","Type":""}; domain=.agoda.com; expires=Mon, 25-Mar-2024 13:27:09 GMT; path=/; secure; HttpOnly
agoda.lastclicks=1912728||||2023-03-25T20:27:09||ymnnjje05ix4jdzqtceyxhan||{"IsPaid":true,"gclid":"","Type":""}; domain=.agoda.com; expires=Mon, 25-Mar-2024 13:27:09 GMT; path=/; secure; HttpOnly
agoda.landings=1912728|||ymnnjje05ix4jdzqtceyxhan|2023-03-25T20:27:09|True|19----1912728|||ymnnjje05ix4jdzqtceyxhan|2023-03-25T20:27:09|True|20----1912728|||ymnnjje05ix4jdzqtceyxhan|2023-03-25T20:27:09|True|99; domain=.agoda.com; expires=Mon, 25-Mar-2024 13:27:09 GMT; path=/; secure; HttpOnly
session_cache={"Cache":"amdata1","Time":"638153476292083368","SessionID":"ymnnjje05ix4jdzqtceyxhan","CheckID":"04a3eac9ec317bf05b41b240e6b5dbbc96725745","CType":"N"}; domain=.agoda.com; path=/; secure
agoda.prius=PriusID=0&PointsMaxTraffic=Agoda; domain=.agoda.com; path=/; expires=Mon, 25-Mar-2024 13:27:09 GMT
X-Firefox-Spdy: h2
www.agoda.com/deals?pcs=1&cid=1912728
104.110.12.18200 OK 27 kB URL HTTP/2 www.agoda.com/deals?pcs=1&cid=1912728
IP 104.110.12.18:0
File type HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (30989), with CRLF, LF line terminators
Hash 18b807019ded73e31159bf5f0a0f4485
1235644a9e3de48f6e6c101e37f40fe96fd73382
b388d6a415162e0875b3d11f44fc564ca5d52b9ad80c207015ff4cb11d437052
GET /deals?pcs=1&cid=1912728 HTTP/1.1
Host: www.agoda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: http://www.ukhotelbooking.com/
Connection: keep-alive
Cookie: agoda.analytics=Id=4037138348299807738&Signature=1040514150734268647&Expiry=1679754429192; agoda.vuser=UserId=8d4ae1b9-2272-4bbd-a7dd-b02a1623cb91; agoda.user.03=UserId=e62e3796-5cdb-43ae-b15c-ddb14887b602; UserSession=e62e3796-5cdb-43ae-b15c-ddb14887b602; agoda.version.03=CookieId=179544ca-9efd-47d2-a238-9e1a848cb856&AllocId=7978363dc5987d732051d1d558f1056c2df832c91479954f1053fa0e5883cc67c9ad1864f67475c28d422963528c360f704779b322c1b9cfd756fc1467ad0ef4bdb5b73759ea80a2f04588adf2b6e0f5621267cbb6179544ca9efd7d22389e1a848cb856&DLang=en-us&CurLabel=NOK&DPN=1&Alloc=&FEBuildVersion=&TItems=2$1912728$03-25-2023 20:27$03-26-2023 20:27$; ASP.NET_SessionId=ymnnjje05ix4jdzqtceyxhan; agoda.attr.03=CookieId=8c94a3dc-9065-4b8b-8795-1005d27ca47d&ATItems=1912728$03-25-2023 20:27$; agoda.firstclicks=1912728||||2023-03-25T20:27:09||ymnnjje05ix4jdzqtceyxhan||{"IsPaid":true,"gclid":"","Type":""}; agoda.lastclicks=1912728||||2023-03-25T20:27:09||ymnnjje05ix4jdzqtceyxhan||{"IsPaid":true,"gclid":"","Type":""}; agoda.landings=1912728|||ymnnjje05ix4jdzqtceyxhan|2023-03-25T20:27:09|True|19----1912728|||ymnnjje05ix4jdzqtceyxhan|2023-03-25T20:27:09|True|20----1912728|||ymnnjje05ix4jdzqtceyxhan|2023-03-25T20:27:09|True|99; session_cache={"Cache":"amdata1","Time":"638153476292083368","SessionID":"ymnnjje05ix4jdzqtceyxhan","CheckID":"04a3eac9ec317bf05b41b240e6b5dbbc96725745","CType":"N"}; agoda.prius=PriusID=0&PointsMaxTraffic=Agoda
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: text/html; charset=utf-8
vary: User-Agent, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST
access-control-expose-headers: ag-correlation-id
cache-control: no-store, no-cache
pragma: no-cache
request-context: appId=
ag-correlation-id: 44cec0df-348d-4e86-87d5-833d7d9e2503
x-recruiting: Like HTTP headers? Come write ours: https://careersatagoda.com/job/3931446-senior-software-engineer-full-stack-bangkok-based-relocation-provided/?gh_src=b096bae01us
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
ag-dc: am
x-ua-compatible: IE=edge
x-frame-options: SAMEORIGIN
content-encoding: gzip
date: Sat, 25 Mar 2023 13:27:09 GMT
content-length: 26753
set-cookie: agoda.attr.03=; path=/; expires=Fri, 24-Mar-2023 13:27:09 GMT; secure; HttpOnly
agoda.firstclicks=; path=/; expires=Fri, 24-Mar-2023 13:27:09 GMT; secure; HttpOnly
agoda.lastclicks=; path=/; expires=Fri, 24-Mar-2023 13:27:09 GMT; secure; HttpOnly
agoda.landings=; path=/; expires=Fri, 24-Mar-2023 13:27:09 GMT; secure; HttpOnly
agoda.version.03=; path=/; expires=Fri, 24-Mar-2023 13:27:09 GMT; secure
agoda.user.03=; path=/; expires=Fri, 24-Mar-2023 13:27:09 GMT; secure
agoda.l2=; domain=www.agoda.com; path=/; expires=Fri, 24-Mar-2023 13:27:09 GMT; secure; HttpOnly
agoda.user.03=UserId=e62e3796-5cdb-43ae-b15c-ddb14887b602; domain=.agoda.com; path=/; expires=Mon, 25-Mar-2024 00:00:00 GMT; secure
agoda.version.03=CookieId=179544ca-9efd-47d2-a238-9e1a848cb856&AllocId=7978363dc5987d732051d1d558f1056c2df832c91479954f1053fa0e5883cc67c9ad1864f67475c28d422963528c360f704779b322c1b9cfd756fc1467ad0ef4bdb5b73759ea80a2f04588adf2b6e0f5621267cbb6179544ca9efd7d22389e1a848cb856&DLang=en-us&CurLabel=NOK&DPN=1&Alloc=&FEBuildVersion=&TItems=2$1912728$03-25-2023 20:27$03-26-2023 20:27$; domain=.agoda.com; path=/; expires=Mon, 25-Mar-2024 00:00:00 GMT; secure
agoda.attr.03=ATItems=1912728$03-25-2023 20:27$; domain=.agoda.com; path=/; expires=Mon, 25-Mar-2024 00:00:00 GMT; secure; HttpOnly
agoda.firstclicks=1912728||||2023-03-25T20:27:09||ymnnjje05ix4jdzqtceyxhan||{"IsPaid":true,"gclid":"","Type":""}; domain=.agoda.com; path=/; expires=Mon, 25-Mar-2024 00:00:00 GMT; secure; HttpOnly
agoda.lastclicks=1912728||||2023-03-25T20:27:09||ymnnjje05ix4jdzqtceyxhan||{"IsPaid":true,"gclid":"","Type":""}; domain=.agoda.com; path=/; expires=Mon, 25-Mar-2024 00:00:00 GMT; secure; HttpOnly
agoda.landings=1912728|||ymnnjje05ix4jdzqtceyxhan|2023-03-25T20:27:09|True|19----1912728|||ymnnjje05ix4jdzqtceyxhan|2023-03-25T20:27:09|True|20----1912728|||ymnnjje05ix4jdzqtceyxhan|2023-03-25T20:27:09|True|99; domain=.agoda.com; path=/; expires=Mon, 25-Mar-2024 00:00:00 GMT; secure; HttpOnly
xsrf_token=CfDJ8Dkuqwv-0VhLoFfD8dw7lYxXpg2LRdN80oPQSTOGkz5u2vjavvjM8YNVbXXNY8V2ci3gCqvOXSTDNaMMTR9KJyCYd1DZHXtutaiv4_EUJ7xJHijgww8Dg-rDsL67Gj9S2DigJ6RjIspJFlZrheOQg8U; path=/; samesite=strict; httponly
agoda.analytics=Id=4037138348299807738&Signature=1040514150734268647&Expiry=1679754429192; domain=.agoda.com; path=/; expires=Sat, 25-Mar-2023 14:27:09 GMT; secure
X-Firefox-Spdy: h2
cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/deals-a5ad5f5049cb.css
184.24.44.239200 OK 75 kB URL HTTP/2 cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/deals-a5ad5f5049cb.css
IP 184.24.44.239:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 34061ec3c52a08d14dce65ecac470e00
68a30dd92034bd88cef1c5ac14d57e0a62d00611
0227d53b25a9e7edca8a06b55304d12537c7b817f8841b6474926a1d38ebeb92
GET /cdn-marketing_cronos/js/assets/cronos/deals-a5ad5f5049cb.css HTTP/1.1
Host: cdn6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: text/css
access-control-allow-origin: *
content-encoding: br
etag: W/"8a8bf1219c2fd645409bae7e959151e8"
last-modified: Mon, 13 Mar 2023 03:56:15 GMT
server: Akamai Resource Optimizer
timing-allow-origin: *
x-cache-status: MISS
x-dc: ASH
x-amz-request-id: tx000000000000001022c8d-00640e9ecb-77998219-ash
x-rgw-object-type: Normal
content-length: 75235
cache-control: max-age=1520727
expires: Wed, 12 Apr 2023 03:52:36 GMT
date: Sat, 25 Mar 2023 13:27:09 GMT
X-Firefox-Spdy: h2
cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/deals-86262d598829.js
184.24.44.239200 OK 534 kB URL HTTP/2 cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/deals-86262d598829.js
IP 184.24.44.239:0
File type ASCII text, with very long lines (49166)
Size 534 kB (534257 bytes)
Hash b2f989d2f754b7af0d82058de33c8288
928999e0d2dca086d21fcd13ff446f96c64b87aa
1206bedcf0dbe0326a6b2949a32a8aac42542028ce6059d8efbeb066435d4753
GET /cdn-marketing_cronos/js/assets/cronos/deals-86262d598829.js HTTP/1.1
Host: cdn6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
content-type: application/x-javascript
access-control-allow-origin: *
content-encoding: br
etag: W/"8174e95f3076639e138a2f5acbb91f8b"
last-modified: Mon, 13 Mar 2023 03:59:08 GMT
server: Akamai Resource Optimizer
timing-allow-origin: *
x-cache-status: MISS
x-dc: ASH
x-amz-request-id: tx000000000000000f9db1c-00640e9ecb-77e4b785-ash
x-rgw-object-type: Normal
content-length: 534257
cache-control: max-age=1521004
expires: Wed, 12 Apr 2023 03:57:13 GMT
date: Sat, 25 Mar 2023 13:27:09 GMT
X-Firefox-Spdy: h2
www.agoda.com/js/assets/cronos/Assets/mcjs-worker.js
104.110.12.18200 OK 22 kB URL HTTP/2 www.agoda.com/js/assets/cronos/Assets/mcjs-worker.js
IP 104.110.12.18:0
File type ASCII text, with very long lines (63261)
Hash 6a4c3e7eedd162891ebd93ca2060ef12
e451cec2e9c6a37885e33e53dd5dc362acc79bee
6ff0148890af802e88d2a59b4abe48c2fc1e96e7b2d05508911756617334cbf2
GET /js/assets/cronos/Assets/mcjs-worker.js HTTP/1.1
Host: www.agoda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: agoda.analytics=Id=4037138348299807738&Signature=1040514150734268647&Expiry=1679754429192; agoda.vuser=UserId=8d4ae1b9-2272-4bbd-a7dd-b02a1623cb91; agoda.user.03=UserId=e62e3796-5cdb-43ae-b15c-ddb14887b602; UserSession=e62e3796-5cdb-43ae-b15c-ddb14887b602; agoda.version.03=CookieId=179544ca-9efd-47d2-a238-9e1a848cb856&AllocId=7978363dc5987d732051d1d558f1056c2df832c91479954f1053fa0e5883cc67c9ad1864f67475c28d422963528c360f704779b322c1b9cfd756fc1467ad0ef4bdb5b73759ea80a2f04588adf2b6e0f5621267cbb6179544ca9efd7d22389e1a848cb856&DLang=en-us&CurLabel=NOK&DPN=1&Alloc=&FEBuildVersion=&TItems=2$1912728$03-25-2023 20:27$03-26-2023 20:27$; ASP.NET_SessionId=ymnnjje05ix4jdzqtceyxhan; agoda.attr.03=ATItems=1912728$03-25-2023 20:27$; agoda.firstclicks=1912728||||2023-03-25T20:27:09||ymnnjje05ix4jdzqtceyxhan||{"IsPaid":true,"gclid":"","Type":""}; agoda.lastclicks=1912728||||2023-03-25T20:27:09||ymnnjje05ix4jdzqtceyxhan||{"IsPaid":true,"gclid":"","Type":""}; agoda.landings=1912728|||ymnnjje05ix4jdzqtceyxhan|2023-03-25T20:27:09|True|19----1912728|||ymnnjje05ix4jdzqtceyxhan|2023-03-25T20:27:09|True|20----1912728|||ymnnjje05ix4jdzqtceyxhan|2023-03-25T20:27:09|True|99; session_cache={"Cache":"amdata1","Time":"638153476292083368","SessionID":"ymnnjje05ix4jdzqtceyxhan","CheckID":"04a3eac9ec317bf05b41b240e6b5dbbc96725745","CType":"N"}; agoda.prius=PriusID=0&PointsMaxTraffic=Agoda; xsrf_token=CfDJ8Dkuqwv-0VhLoFfD8dw7lYxXpg2LRdN80oPQSTOGkz5u2vjavvjM8YNVbXXNY8V2ci3gCqvOXSTDNaMMTR9KJyCYd1DZHXtutaiv4_EUJ7xJHijgww8Dg-rDsL67Gj9S2DigJ6RjIspJFlZrheOQg8U; tealiumEnable=false
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/javascript
accept-ranges: bytes
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST
content-encoding: gzip
etag: "1d95e12b5fedf5d"
last-modified: Fri, 24 Mar 2023 05:37:24 GMT
vary: User-Agent, Accept-Encoding
request-context: appId=
ag-correlation-id: a83c9e63-21b9-404a-a7f2-07ca4bcbf20b
x-ua-compatible: IE=edge
ag-downstream-handler: none.none
content-length: 22351
date: Sat, 25 Mar 2023 13:27:10 GMT
X-Firefox-Spdy: h2
www.agoda.com/favicon.ico
104.110.12.18200 OK 1.3 kB URL HTTP/2 www.agoda.com/favicon.ico
IP 104.110.12.18:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash 776045c4a2721ec29ca46fd7d0676a6d
7477b5ec15a977de49e202812f045ac766dabfaf
135252b70c166cfa35ac7fbb0d7352093d1d4dc4252ae61dad2b2db659acf860
GET /favicon.ico HTTP/1.1
Host: www.agoda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.agoda.com/deals?pcs=1&cid=1912728
Connection: keep-alive
Cookie: agoda.analytics=Id=4037138348299807738&Signature=1040514150734268647&Expiry=1679754429192; agoda.vuser=UserId=8d4ae1b9-2272-4bbd-a7dd-b02a1623cb91; agoda.user.03=UserId=e62e3796-5cdb-43ae-b15c-ddb14887b602; UserSession=e62e3796-5cdb-43ae-b15c-ddb14887b602; agoda.version.03=CookieId=179544ca-9efd-47d2-a238-9e1a848cb856&AllocId=7978363dc5987d732051d1d558f1056c2df832c91479954f1053fa0e5883cc67c9ad1864f67475c28d422963528c360f704779b322c1b9cfd756fc1467ad0ef4bdb5b73759ea80a2f04588adf2b6e0f5621267cbb6179544ca9efd7d22389e1a848cb856&DLang=en-us&CurLabel=NOK&DPN=1&Alloc=&FEBuildVersion=&TItems=2$1912728$03-25-2023 20:27$03-26-2023 20:27$; ASP.NET_SessionId=ymnnjje05ix4jdzqtceyxhan; agoda.attr.03=ATItems=1912728$03-25-2023 20:27$; agoda.firstclicks=1912728||||2023-03-25T20:27:09||ymnnjje05ix4jdzqtceyxhan||{"IsPaid":true,"gclid":"","Type":""}; agoda.lastclicks=1912728||||2023-03-25T20:27:09||ymnnjje05ix4jdzqtceyxhan||{"IsPaid":true,"gclid":"","Type":""}; agoda.landings=1912728|||ymnnjje05ix4jdzqtceyxhan|2023-03-25T20:27:09|True|19----1912728|||ymnnjje05ix4jdzqtceyxhan|2023-03-25T20:27:09|True|20----1912728|||ymnnjje05ix4jdzqtceyxhan|2023-03-25T20:27:09|True|99; session_cache={"Cache":"amdata1","Time":"638153476292083368","SessionID":"ymnnjje05ix4jdzqtceyxhan","CheckID":"04a3eac9ec317bf05b41b240e6b5dbbc96725745","CType":"N"}; agoda.prius=PriusID=0&PointsMaxTraffic=Agoda; xsrf_token=CfDJ8Dkuqwv-0VhLoFfD8dw7lYxXpg2LRdN80oPQSTOGkz5u2vjavvjM8YNVbXXNY8V2ci3gCqvOXSTDNaMMTR9KJyCYd1DZHXtutaiv4_EUJ7xJHijgww8Dg-rDsL67Gj9S2DigJ6RjIspJFlZrheOQg8U; tealiumEnable=false
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/x-icon
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST
access-control-expose-headers: ag-correlation-id
content-encoding: gzip
vary: User-Agent, Accept-Encoding
request-context: appId=
ag-correlation-id: fc7b5f2e-6c54-4511-97df-69db9abcfe24
x-recruiting: Like HTTP headers? Come write ours: https://careersatagoda.com/job/3931446-senior-software-engineer-full-stack-bangkok-based-relocation-provided/?gh_src=b096bae01us
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
ag-dc: am
x-ua-compatible: IE=edge
date: Sat, 25 Mar 2023 13:27:10 GMT
content-length: 1304
set-cookie: agoda.analytics=Id=4037138348299807738&Signature=1040514150734268647&Expiry=1679754429192; domain=.agoda.com; path=/; expires=Sat, 25-Mar-2023 14:27:09 GMT; secure
X-Firefox-Spdy: h2
www.agoda.com/api/cronos/layout/login/params
104.110.12.18200 OK 3.4 kB URL HTTP/2 www.agoda.com/api/cronos/layout/login/params
IP 104.110.12.18:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (8017), with no line terminators
Hash 6bc23ea3b3e3cd9ad352f315ea30a24e
dda5b925030b372bc369818973450bcdafd53b78
82ae8fe5639f67e14c28eb9428f306028d638dbf72acf968e84e19b1d5d8677d
GET /api/cronos/layout/login/params HTTP/1.1
Host: www.agoda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.agoda.com/deals?pcs=1&cid=1912728
X-Requested-With: XMLHttpRequest
Content-type: application/json; charset=utf-8
AG-Language-Locale: en-us, en-us
AG-Language-Id: 1
CR-Currency-Id: 31
CR-Currency-Code: NOK
Connection: keep-alive
Cookie: agoda.analytics=Id=4037138348299807738&Signature=1040514150734268647&Expiry=1679754429192; agoda.vuser=UserId=8d4ae1b9-2272-4bbd-a7dd-b02a1623cb91; agoda.user.03=UserId=e62e3796-5cdb-43ae-b15c-ddb14887b602; UserSession=e62e3796-5cdb-43ae-b15c-ddb14887b602; agoda.version.03=CookieId=179544ca-9efd-47d2-a238-9e1a848cb856&AllocId=7978363dc5987d732051d1d558f1056c2df832c91479954f1053fa0e5883cc67c9ad1864f67475c28d422963528c360f704779b322c1b9cfd756fc1467ad0ef4bdb5b73759ea80a2f04588adf2b6e0f5621267cbb6179544ca9efd7d22389e1a848cb856&DLang=en-us&CurLabel=NOK&DPN=1&Alloc=&FEBuildVersion=&TItems=2$1912728$03-25-2023 20:27$03-26-2023 20:27$; ASP.NET_SessionId=ymnnjje05ix4jdzqtceyxhan; agoda.attr.03=ATItems=1912728$03-25-2023 20:27$; agoda.firstclicks=1912728||||2023-03-25T20:27:09||ymnnjje05ix4jdzqtceyxhan||{"IsPaid":true,"gclid":"","Type":""}; agoda.lastclicks=1912728||||2023-03-25T20:27:09||ymnnjje05ix4jdzqtceyxhan||{"IsPaid":true,"gclid":"","Type":""}; agoda.landings=1912728|||ymnnjje05ix4jdzqtceyxhan|2023-03-25T20:27:09|True|19----1912728|||ymnnjje05ix4jdzqtceyxhan|2023-03-25T20:27:09|True|20----1912728|||ymnnjje05ix4jdzqtceyxhan|2023-03-25T20:27:09|True|99; session_cache={"Cache":"amdata1","Time":"638153476292083368","SessionID":"ymnnjje05ix4jdzqtceyxhan","CheckID":"04a3eac9ec317bf05b41b240e6b5dbbc96725745","CType":"N"}; agoda.prius=PriusID=0&PointsMaxTraffic=Agoda; xsrf_token=CfDJ8Dkuqwv-0VhLoFfD8dw7lYxXpg2LRdN80oPQSTOGkz5u2vjavvjM8YNVbXXNY8V2ci3gCqvOXSTDNaMMTR9KJyCYd1DZHXtutaiv4_EUJ7xJHijgww8Dg-rDsL67Gj9S2DigJ6RjIspJFlZrheOQg8U; tealiumEnable=false
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json; charset=utf-8
vary: User-Agent, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST
access-control-expose-headers: ag-correlation-id
request-context: appId=
ag-correlation-id: af95d516-11f2-4346-81a4-15d9f0f0672c
x-recruiting: Like HTTP headers? Come write ours: https://careersatagoda.com/job/3931446-senior-software-engineer-full-stack-bangkok-based-relocation-provided/?gh_src=b096bae01us
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
ag-dc: am
x-ua-compatible: IE=edge
content-encoding: gzip
content-length: 3409
date: Sat, 25 Mar 2023 13:27:10 GMT
set-cookie: agoda.l2=; domain=www.agoda.com; path=/; expires=Fri, 24-Mar-2023 13:27:10 GMT; secure; HttpOnly
agoda.analytics=Id=4037138348299807738&Signature=1040514150734268647&Expiry=1679754429192; domain=.agoda.com; path=/; expires=Sat, 25-Mar-2023 14:27:09 GMT; secure
X-Firefox-Spdy: h2
cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/theme-agoda-76e64d672275.css
184.24.44.239200 OK 27 kB URL HTTP/2 cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/theme-agoda-76e64d672275.css
IP 184.24.44.239:0
File type ASCII text, with very long lines (65536), with no line terminators
Hash 9687195ebbafd7f2757d156ed375b50c
3d2c38c678ea201b7e94eac646eccc5ba403f30c
0cb124eb7d56ac81c167c42be489c987fe4b01be271c8b4e091ac43909fa6a2f
GET /cdn-marketing_cronos/js/assets/cronos/theme-agoda-76e64d672275.css HTTP/1.1
Host: cdn6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: text/css
access-control-allow-origin: *
content-encoding: br
etag: W/"e276380e5f8d729037aaef57db64c05d"
last-modified: Tue, 07 Mar 2023 03:13:06 GMT
server: Akamai Resource Optimizer
timing-allow-origin: *
x-cache-status: MISS
x-dc: SIN
x-amz-request-id: tx0000000000000036cf6c1-006406aba9-71acec83-sin
x-rgw-object-type: Normal
content-length: 27116
cache-control: max-age=999901
expires: Thu, 06 Apr 2023 03:12:11 GMT
date: Sat, 25 Mar 2023 13:27:10 GMT
X-Firefox-Spdy: h2
cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/theme-agoda-07979c4a8e8c.js
184.24.44.239200 OK 83 B URL HTTP/2 cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/theme-agoda-07979c4a8e8c.js
IP 184.24.44.239:0
File type ASCII text, with no line terminators
Hash 502d2f0c1db61f5abe3ec806a4fb227c
f8d6b61c385c4e64aa78a6d201fe6129c1434667
3fc4fc791795eed8a9a78f42febaef2357a93d3c11006368a56b8bc80d7f48cc
GET /cdn-marketing_cronos/js/assets/cronos/theme-agoda-07979c4a8e8c.js HTTP/1.1
Host: cdn6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
content-type: application/x-javascript
access-control-allow-origin: *
content-encoding: br
etag: W/"fd9c21484dc52432f5369de10103ca99"
last-modified: Tue, 07 Mar 2023 03:09:24 GMT
server: Akamai Resource Optimizer
timing-allow-origin: *
x-cache-status: MISS
x-dc: SIN
x-amz-request-id: tx000000000000003d8cf6f-006406aae4-71b96e2f-sin
x-rgw-object-type: Normal
content-length: 83
cache-control: max-age=999616
expires: Thu, 06 Apr 2023 03:07:26 GMT
date: Sat, 25 Mar 2023 13:27:10 GMT
X-Firefox-Spdy: h2
cdn6.agoda.net/images/kite-js/logo/agoda/color-default.svg
184.24.44.239200 OK 1.8 kB URL HTTP/2 cdn6.agoda.net/images/kite-js/logo/agoda/color-default.svg
IP 184.24.44.239:0
File type SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3926)
Hash b9f679811668abc98dba107e4db54deb
23dfd4e5dbcfa48c724a24af653e77246b442a83
e1b65808ea99d303fd2f77e91deb3287b1bca87a74a3f41a6e9aa59eecf8c9fe
GET /images/kite-js/logo/agoda/color-default.svg HTTP/1.1
Host: cdn6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/svg+xml
last-modified: Fri, 03 Apr 2020 06:25:43 GMT
etag: "297bfbb3809d61:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
unused62: 8096267
vary: Accept-Encoding
content-encoding: gzip
cache-control: max-age=1442858
expires: Tue, 11 Apr 2023 06:14:48 GMT
date: Sat, 25 Mar 2023 13:27:10 GMT
content-length: 1770
X-Firefox-Spdy: h2
cdn6.agoda.net/images/sprite/bg-sprite-partner_v3.png
184.24.44.239200 OK 8.6 kB URL HTTP/2 cdn6.agoda.net/images/sprite/bg-sprite-partner_v3.png
IP 184.24.44.239:0
File type PNG image data, 480 x 198, 8-bit colormap, non-interlaced\012- data
Hash 3c8c245b2fcd4c6ada5c1b65e1aea8f8
4cfdbdcaab5e75c442bd0143711d85f05cc1a4b6
fc4f4bf7b045610a6cafe2c690d3c3d3655475c4af4adaa4287a9c72cf153619
GET /images/sprite/bg-sprite-partner_v3.png HTTP/1.1
Host: cdn6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 8605
last-modified: Mon, 22 Jul 2019 03:27:59 GMT
etag: "cf152763d40d51:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
unused62: 8096267
cache-control: max-age=326826
expires: Wed, 29 Mar 2023 08:14:16 GMT
date: Sat, 25 Mar 2023 13:27:10 GMT
X-Firefox-Spdy: h2
www.agoda.com/api/cronos/layout/notification/get
104.110.12.18200 OK 118 B URL HTTP/2 www.agoda.com/api/cronos/layout/notification/get
IP 104.110.12.18:0
File type JSON data\012- , ASCII text, with no line terminators
Hash ea1d95187eded101385bd336bed2cf02
eaa25394d05c9f6e73420e8b4a55c0daaf780c82
919fedc2e6cb190220d3d462bbeadbac7bae8876850086a891b0e7d0e81ce658
POST /api/cronos/layout/notification/get HTTP/1.1
Host: www.agoda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.agoda.com/deals?pcs=1&cid=1912728
X-Requested-With: XMLHttpRequest
Content-type: application/json; charset=utf-8
AG-Language-Locale: en-us
AG-Language-Id: 1
CR-Currency-Id: 31
CR-Currency-Code: NOK
Request-Id: |01a04da08f9040489f3b88905bb6ae28.53f1b35dd6ea4407
traceparent: 00-01a04da08f9040489f3b88905bb6ae28-53f1b35dd6ea4407-01
Content-Length: 167
Origin: https://www.agoda.com
Connection: keep-alive
Cookie: agoda.analytics=Id=4037138348299807738&Signature=1040514150734268647&Expiry=1679754429192; agoda.vuser=UserId=8d4ae1b9-2272-4bbd-a7dd-b02a1623cb91; agoda.user.03=UserId=e62e3796-5cdb-43ae-b15c-ddb14887b602; UserSession=e62e3796-5cdb-43ae-b15c-ddb14887b602; agoda.version.03=CookieId=179544ca-9efd-47d2-a238-9e1a848cb856&AllocId=7978363dc5987d732051d1d558f1056c2df832c91479954f1053fa0e5883cc67c9ad1864f67475c28d422963528c360f704779b322c1b9cfd756fc1467ad0ef4bdb5b73759ea80a2f04588adf2b6e0f5621267cbb6179544ca9efd7d22389e1a848cb856&DLang=en-us&CurLabel=NOK&DPN=1&Alloc=&FEBuildVersion=&TItems=2$1912728$03-25-2023 20:27$03-26-2023 20:27$; ASP.NET_SessionId=ymnnjje05ix4jdzqtceyxhan; agoda.attr.03=ATItems=1912728$03-25-2023 20:27$; agoda.firstclicks=1912728||||2023-03-25T20:27:09||ymnnjje05ix4jdzqtceyxhan||{"IsPaid":true,"gclid":"","Type":""}; agoda.lastclicks=1912728||||2023-03-25T20:27:09||ymnnjje05ix4jdzqtceyxhan||{"IsPaid":true,"gclid":"","Type":""}; agoda.landings=1912728|||ymnnjje05ix4jdzqtceyxhan|2023-03-25T20:27:09|True|19----1912728|||ymnnjje05ix4jdzqtceyxhan|2023-03-25T20:27:09|True|20----1912728|||ymnnjje05ix4jdzqtceyxhan|2023-03-25T20:27:09|True|99; session_cache={"Cache":"amdata1","Time":"638153476292083368","SessionID":"ymnnjje05ix4jdzqtceyxhan","CheckID":"04a3eac9ec317bf05b41b240e6b5dbbc96725745","CType":"N"}; agoda.prius=PriusID=0&PointsMaxTraffic=Agoda; xsrf_token=CfDJ8Dkuqwv-0VhLoFfD8dw7lYxXpg2LRdN80oPQSTOGkz5u2vjavvjM8YNVbXXNY8V2ci3gCqvOXSTDNaMMTR9KJyCYd1DZHXtutaiv4_EUJ7xJHijgww8Dg-rDsL67Gj9S2DigJ6RjIspJFlZrheOQg8U; tealiumEnable=false; ai_user=bK44kVCGDwxVnP4OR1t5pE|2023-03-25T13:27:23.330Z
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json; charset=utf-8
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST
access-control-allow-origin: https://www.agoda.com
access-control-expose-headers: ag-correlation-id
vary: Accept-Encoding, User-Agent, Accept-Encoding
request-context: appId=
ag-correlation-id: 0b35df62-9723-49ce-a086-221029b1c42d
x-recruiting: Like HTTP headers? Come write ours: https://careersatagoda.com/job/3931446-senior-software-engineer-full-stack-bangkok-based-relocation-provided/?gh_src=b096bae01us
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
ag-dc: am
x-ua-compatible: IE=edge
content-encoding: gzip
date: Sat, 25 Mar 2023 13:27:10 GMT
content-length: 118
set-cookie: agoda.l2=; domain=www.agoda.com; path=/; expires=Fri, 24-Mar-2023 13:27:10 GMT; secure; HttpOnly
agoda.analytics=Id=4037138348299807738&Signature=1040514150734268647&Expiry=1679754429192; domain=.agoda.com; path=/; expires=Sat, 25-Mar-2023 14:27:09 GMT; secure
X-Firefox-Spdy: h2
cdn0.agoda.net/images/fonts/mallory-medium.woff2
184.24.44.239200 OK 54 kB URL HTTP/2 cdn0.agoda.net/images/fonts/mallory-medium.woff2
IP 184.24.44.239:0
File type Web Open Font Format (Version 2), TrueType, length 53637, version 1.0\012- data
Hash 3211aebce77f169fe755c52a0955c9f6
4140b90790d1a49f8637ae641e55a6c870c8631e
de630979937e5b5b6ed1f6b237383779bd2c23f5b4104e132f6d048f9f1ffe92
GET /images/fonts/mallory-medium.woff2 HTTP/1.1
Host: cdn0.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.agoda.com
Connection: keep-alive
Referer: https://cdn6.agoda.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
server: nginx
content-type: font/x-woff2
content-length: 53637
last-modified: Wed, 10 Aug 2016 06:51:53 GMT
etag: "42d4e1add3f2d11:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=865778
expires: Tue, 04 Apr 2023 13:56:48 GMT
date: Sat, 25 Mar 2023 13:27:10 GMT
X-Firefox-Spdy: h2
cdn0.agoda.net/images/fonts/mallory-light-webfont-v01.woff2
184.24.44.239200 OK 52 kB URL HTTP/2 cdn0.agoda.net/images/fonts/mallory-light-webfont-v01.woff2
IP 184.24.44.239:0
File type Web Open Font Format (Version 2), TrueType, length 52321, version 1.0\012- data
Hash 93f441bab86ee3e21d43e0dc3b3bbad2
95558f8ed5b02877438f97ccc9d26a13069c38bf
fb023437a64f3743a90c382f70c6726e3e3862ba00ffaf6e7e0bc3a65a33f0c8
GET /images/fonts/mallory-light-webfont-v01.woff2 HTTP/1.1
Host: cdn0.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.agoda.com
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: font/x-woff2
content-length: 52321
last-modified: Fri, 07 May 2021 10:15:20 GMT
etag: "8e35bce22943d71:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=1367137
expires: Mon, 10 Apr 2023 09:12:47 GMT
date: Sat, 25 Mar 2023 13:27:10 GMT
X-Firefox-Spdy: h2
www.agoda.com/api/cronos/layout/culture/getlanguages
104.110.12.18200 OK 1.7 kB URL HTTP/2 www.agoda.com/api/cronos/layout/culture/getlanguages
IP 104.110.12.18:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (8504), with no line terminators
Hash a53f0538589911590cdc5021bdf2c0b0
6277677bd8d03e17cff4c2ae26fa286db39fde80
9a64b7ea82350a7cebb1bd0a6dca0825140bbb9bea0566981497d8d51867fc48
GET /api/cronos/layout/culture/getlanguages HTTP/1.1
Host: www.agoda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.agoda.com/deals?pcs=1&cid=1912728
X-Requested-With: XMLHttpRequest
Content-type: application/json; charset=utf-8
AG-Language-Locale: en-us
AG-Language-Id: 1
CR-Currency-Id: 31
CR-Currency-Code: NOK
Request-Id: |01a04da08f9040489f3b88905bb6ae28.f833f7fa80c943bb
traceparent: 00-01a04da08f9040489f3b88905bb6ae28-f833f7fa80c943bb-01
Connection: keep-alive
Cookie: agoda.analytics=Id=4037138348299807738&Signature=1040514150734268647&Expiry=1679754429192; agoda.vuser=UserId=8d4ae1b9-2272-4bbd-a7dd-b02a1623cb91; agoda.user.03=UserId=e62e3796-5cdb-43ae-b15c-ddb14887b602; UserSession=e62e3796-5cdb-43ae-b15c-ddb14887b602; agoda.version.03=CookieId=179544ca-9efd-47d2-a238-9e1a848cb856&AllocId=7978363dc5987d732051d1d558f1056c2df832c91479954f1053fa0e5883cc67c9ad1864f67475c28d422963528c360f704779b322c1b9cfd756fc1467ad0ef4bdb5b73759ea80a2f04588adf2b6e0f5621267cbb6179544ca9efd7d22389e1a848cb856&DLang=en-us&CurLabel=NOK&DPN=1&Alloc=&FEBuildVersion=&TItems=2$1912728$03-25-2023 20:27$03-26-2023 20:27$; ASP.NET_SessionId=ymnnjje05ix4jdzqtceyxhan; agoda.attr.03=ATItems=1912728$03-25-2023 20:27$; agoda.firstclicks=1912728||||2023-03-25T20:27:09||ymnnjje05ix4jdzqtceyxhan||{"IsPaid":true,"gclid":"","Type":""}; agoda.lastclicks=1912728||||2023-03-25T20:27:09||ymnnjje05ix4jdzqtceyxhan||{"IsPaid":true,"gclid":"","Type":""}; agoda.landings=1912728|||ymnnjje05ix4jdzqtceyxhan|2023-03-25T20:27:09|True|19----1912728|||ymnnjje05ix4jdzqtceyxhan|2023-03-25T20:27:09|True|20----1912728|||ymnnjje05ix4jdzqtceyxhan|2023-03-25T20:27:09|True|99; session_cache={"Cache":"amdata1","Time":"638153476292083368","SessionID":"ymnnjje05ix4jdzqtceyxhan","CheckID":"04a3eac9ec317bf05b41b240e6b5dbbc96725745","CType":"N"}; agoda.prius=PriusID=0&PointsMaxTraffic=Agoda; xsrf_token=CfDJ8Dkuqwv-0VhLoFfD8dw7lYxXpg2LRdN80oPQSTOGkz5u2vjavvjM8YNVbXXNY8V2ci3gCqvOXSTDNaMMTR9KJyCYd1DZHXtutaiv4_EUJ7xJHijgww8Dg-rDsL67Gj9S2DigJ6RjIspJFlZrheOQg8U; tealiumEnable=false; ai_user=bK44kVCGDwxVnP4OR1t5pE|2023-03-25T13:27:23.330Z
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json; charset=utf-8
vary: User-Agent, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST
access-control-expose-headers: ag-correlation-id
request-context: appId=
ag-correlation-id: 47fc4821-6e14-4ce0-aece-2af5d39dd970
x-recruiting: Like HTTP headers? Come write ours: https://careersatagoda.com/job/3931446-senior-software-engineer-full-stack-bangkok-based-relocation-provided/?gh_src=b096bae01us
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
ag-dc: am
x-ua-compatible: IE=edge
content-encoding: gzip
content-length: 1659
date: Sat, 25 Mar 2023 13:27:10 GMT
set-cookie: agoda.l2=; domain=www.agoda.com; path=/; expires=Fri, 24-Mar-2023 13:27:10 GMT; secure; HttpOnly
agoda.analytics=Id=4037138348299807738&Signature=1040514150734268647&Expiry=1679754429192; domain=.agoda.com; path=/; expires=Sat, 25-Mar-2023 14:27:09 GMT; secure
X-Firefox-Spdy: h2
www.agoda.com/api/cronos/mkt/GetConsentBanner
104.110.12.18200 OK 395 B URL HTTP/2 www.agoda.com/api/cronos/mkt/GetConsentBanner
IP 104.110.12.18:0
File type JSON data\012- , ASCII text, with very long lines (679), with no line terminators
Hash 760cc319c1d0912e4b22a555ed78d9c5
1aca4a9a304acfd215778206506ff5924114de9e
d21dae3cb3b293d854e10570d88e9acc32fdf601229887a8a008cf052782eee9
GET /api/cronos/mkt/GetConsentBanner HTTP/1.1
Host: www.agoda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.agoda.com/deals?pcs=1&cid=1912728
request-id: |01a04da08f9040489f3b88905bb6ae28.e8ec64aa675a4a24
traceparent: 00-01a04da08f9040489f3b88905bb6ae28-e8ec64aa675a4a24-01
Connection: keep-alive
Cookie: agoda.analytics=Id=4037138348299807738&Signature=1040514150734268647&Expiry=1679754429192; agoda.vuser=UserId=8d4ae1b9-2272-4bbd-a7dd-b02a1623cb91; agoda.user.03=UserId=e62e3796-5cdb-43ae-b15c-ddb14887b602; UserSession=e62e3796-5cdb-43ae-b15c-ddb14887b602; agoda.version.03=CookieId=179544ca-9efd-47d2-a238-9e1a848cb856&AllocId=7978363dc5987d732051d1d558f1056c2df832c91479954f1053fa0e5883cc67c9ad1864f67475c28d422963528c360f704779b322c1b9cfd756fc1467ad0ef4bdb5b73759ea80a2f04588adf2b6e0f5621267cbb6179544ca9efd7d22389e1a848cb856&DLang=en-us&CurLabel=NOK&DPN=1&Alloc=&FEBuildVersion=&TItems=2$1912728$03-25-2023 20:27$03-26-2023 20:27$; ASP.NET_SessionId=ymnnjje05ix4jdzqtceyxhan; agoda.attr.03=ATItems=1912728$03-25-2023 20:27$; agoda.firstclicks=1912728||||2023-03-25T20:27:09||ymnnjje05ix4jdzqtceyxhan||{"IsPaid":true,"gclid":"","Type":""}; agoda.lastclicks=1912728||||2023-03-25T20:27:09||ymnnjje05ix4jdzqtceyxhan||{"IsPaid":true,"gclid":"","Type":""}; agoda.landings=1912728|||ymnnjje05ix4jdzqtceyxhan|2023-03-25T20:27:09|True|19----1912728|||ymnnjje05ix4jdzqtceyxhan|2023-03-25T20:27:09|True|20----1912728|||ymnnjje05ix4jdzqtceyxhan|2023-03-25T20:27:09|True|99; session_cache={"Cache":"amdata1","Time":"638153476292083368","SessionID":"ymnnjje05ix4jdzqtceyxhan","CheckID":"04a3eac9ec317bf05b41b240e6b5dbbc96725745","CType":"N"}; agoda.prius=PriusID=0&PointsMaxTraffic=Agoda; xsrf_token=CfDJ8Dkuqwv-0VhLoFfD8dw7lYxXpg2LRdN80oPQSTOGkz5u2vjavvjM8YNVbXXNY8V2ci3gCqvOXSTDNaMMTR9KJyCYd1DZHXtutaiv4_EUJ7xJHijgww8Dg-rDsL67Gj9S2DigJ6RjIspJFlZrheOQg8U; tealiumEnable=false; ai_user=bK44kVCGDwxVnP4OR1t5pE|2023-03-25T13:27:23.330Z
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json; charset=utf-8
vary: User-Agent, Accept-Encoding
access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: GET,POST
access-control-expose-headers: ag-correlation-id
request-context: appId=
ag-correlation-id: b48f0ed7-9101-4d4c-9a2f-6adf3dfe7409
x-recruiting: Like HTTP headers? Come write ours: https://careersatagoda.com/job/3931446-senior-software-engineer-full-stack-bangkok-based-relocation-provided/?gh_src=b096bae01us
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
ag-dc: am
x-ua-compatible: IE=edge
content-encoding: gzip
content-length: 395
date: Sat, 25 Mar 2023 13:27:10 GMT
set-cookie: agoda.l2=; domain=www.agoda.com; path=/; expires=Fri, 24-Mar-2023 13:27:10 GMT; secure; HttpOnly
agoda.analytics=Id=4037138348299807738&Signature=1040514150734268647&Expiry=1679754429192; domain=.agoda.com; path=/; expires=Sat, 25-Mar-2023 14:27:09 GMT; secure
X-Firefox-Spdy: h2
cdn6.agoda.net/images/mvc/flags/bg-sprite-flags.png
184.24.44.239200 OK 38 kB URL HTTP/2 cdn6.agoda.net/images/mvc/flags/bg-sprite-flags.png
IP 184.24.44.239:0
File type PNG image data, 480 x 504, 8-bit colormap, non-interlaced\012- data
Hash dc18177716fd53fa6b434fa9f0fa209d
88cad39c99d72a11950932aa0fb3ad3b426a356e
c35f5b6b805f12f7e9f7f58a9ae0a89fa5e55b8c5f2746c65df4105effa9aa9e
GET /images/mvc/flags/bg-sprite-flags.png HTTP/1.1
Host: cdn6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/deals-a5ad5f5049cb.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 38332
last-modified: Wed, 21 Feb 2018 04:26:08 GMT
etag: "1dcf3918ccaad31:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=1998728
expires: Mon, 17 Apr 2023 16:39:18 GMT
date: Sat, 25 Mar 2023 13:27:10 GMT
X-Firefox-Spdy: h2
cdn0.agoda.net/images/emailmarketing/HD-icon/agoji_vacation_loading.png
184.24.44.239200 OK 43 kB URL HTTP/2 cdn0.agoda.net/images/emailmarketing/HD-icon/agoji_vacation_loading.png
IP 184.24.44.239:0
File type PNG image data, 347 x 317, 8-bit/color RGBA, non-interlaced\012- data
Hash 41144488ba6170077c9a5f98596443b6
19f3fbefc69e29cedd4a5a418de89cb286b1abb8
63a202669655ccebcc99177684a9b861a48391ea4ef5b5602f6d026079553606
GET /images/emailmarketing/HD-icon/agoji_vacation_loading.png HTTP/1.1
Host: cdn0.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 43077
last-modified: Thu, 16 Dec 2021 07:49:25 GMT
etag: "561c767251f2d71:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=1561729
expires: Wed, 12 Apr 2023 15:15:59 GMT
date: Sat, 25 Mar 2023 13:27:10 GMT
X-Firefox-Spdy: h2
pix6.agoda.net/images/MVC/default/logo-en.svg
184.24.44.239200 OK 42 B URL HTTP/2 pix6.agoda.net/images/MVC/default/logo-en.svg
IP 184.24.44.239:0
File type GIF image data, version 89a, 1 x 1\012- data
Hash accba0b69f352b4c9440f05891b015c5
9d01cc5dc8e042c0d4ad6cfb8b3ac38e84a5ef9f
47043e4823a6c21a8881de789b4185355330b5804629d23f6b43dd93f5265292
GET /images/MVC/default/logo-en.svg HTTP/1.1
Host: pix6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/gif
content-length: 42
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH, ASH
cache-control: max-age=10
expires: Sat, 25 Mar 2023 13:27:20 GMT
date: Sat, 25 Mar 2023 13:27:10 GMT
X-Firefox-Spdy: h2
cdn0.agoda.net/images/fonts/Mallory-Book.woff2
184.24.44.239200 OK 52 kB URL HTTP/2 cdn0.agoda.net/images/fonts/Mallory-Book.woff2
IP 184.24.44.239:0
File type Web Open Font Format (Version 2), TrueType, length 52237, version 1.0\012- data
Hash 9da57a7cb768ee379fddf2c4185d5603
10461b27648f83f961e583119cfaec22f0f57a00
3455511856790dabab542f954b002cc62a0a75f096b58aeb4ffd52a06eb9883e
GET /images/fonts/Mallory-Book.woff2 HTTP/1.1
Host: cdn0.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.agoda.com
Connection: keep-alive
Referer: https://cdn6.agoda.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: font/x-woff2
content-length: 52237
last-modified: Wed, 31 Aug 2016 08:13:19 GMT
etag: "429bd6885f3d21:0"
x-cache-status: EXPIRED
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
unused62: 8096267
cache-control: max-age=1456953
expires: Tue, 11 Apr 2023 10:09:43 GMT
date: Sat, 25 Mar 2023 13:27:10 GMT
X-Firefox-Spdy: h2
cdn0.agoda.net/images/blt2/dealshub/mainbanner.png
184.24.44.239200 OK 63 kB URL HTTP/2 cdn0.agoda.net/images/blt2/dealshub/mainbanner.png
IP 184.24.44.239:0
File type PNG image data, 2880 x 376, 8-bit colormap, non-interlaced\012- data
Hash c7061d6bc589e884a628e9fabe589963
d9969e17b73989ab37d0d19c0aa566c440869580
4180ea756142745b499f65fbfa22a3f51bd6b34d0368cee6fb30a335d61d790f
GET /images/blt2/dealshub/mainbanner.png HTTP/1.1
Host: cdn0.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn6.agoda.net/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 62800
last-modified: Fri, 17 Dec 2021 07:42:36 GMT
etag: "147011a919f3d71:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=1320941
expires: Sun, 09 Apr 2023 20:22:51 GMT
date: Sat, 25 Mar 2023 13:27:10 GMT
X-Firefox-Spdy: h2
cdn0.agoda.net/images/emailmarketing/custmkt/deals_email_elements/internationalDeals.png
184.24.44.239200 OK 11 kB URL HTTP/2 cdn0.agoda.net/images/emailmarketing/custmkt/deals_email_elements/internationalDeals.png
IP 184.24.44.239:0
File type PNG image data, 288 x 184, 8-bit colormap, non-interlaced\012- data
Hash 8f3985fdfd8880ebd03a74356ac36630
a1853b223403ae9e44b0b21dbb28c5bebffb0e13
82ff3eae8f613d7d9611f9116193148550cd528aa80663d45028021d4561da85
GET /images/emailmarketing/custmkt/deals_email_elements/internationalDeals.png HTTP/1.1
Host: cdn0.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 10732
last-modified: Wed, 11 Jan 2023 04:47:32 GMT
etag: "c084e3d07725d91:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=1516030
expires: Wed, 12 Apr 2023 02:34:20 GMT
date: Sat, 25 Mar 2023 13:27:10 GMT
X-Firefox-Spdy: h2
cdn0.agoda.net/images/emailmarketing/deals_elements/Web_Deals_Page_More_Deals.png
184.24.44.239200 OK 79 kB URL HTTP/2 cdn0.agoda.net/images/emailmarketing/deals_elements/Web_Deals_Page_More_Deals.png
IP 184.24.44.239:0
File type PNG image data, 575 x 369, 8-bit/color RGBA, non-interlaced\012- data
Hash 881a204ca353e0aaf76328e581dca8ae
7b417f9bd3235900788bd35d9dbbd835e868c745
f4fbad6df1feec5bf091b7e07b2cc62a4a58d08e3cdf05390119778879082024
GET /images/emailmarketing/deals_elements/Web_Deals_Page_More_Deals.png HTTP/1.1
Host: cdn0.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 79241
last-modified: Tue, 04 Oct 2022 07:50:28 GMT
etag: "03a32f8c5d7d81:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=1562612
expires: Wed, 12 Apr 2023 15:30:42 GMT
date: Sat, 25 Mar 2023 13:27:10 GMT
X-Firefox-Spdy: h2
cdn0.agoda.net/images/emailmarketing/js_elements/full-img-2x.png
184.24.44.239200 OK 186 kB URL HTTP/2 cdn0.agoda.net/images/emailmarketing/js_elements/full-img-2x.png
IP 184.24.44.239:0
File type PNG image data, 2104 x 602, 8-bit/color RGBA, non-interlaced\012- data
Size 186 kB (185758 bytes)
Hash 3d83516b86d47b9ecd7874ea720b5789
a1c40174fcd5c89b218a6d679886786a58c4e7eb
c0668f12486a9dc5532ea771a6576ec63849d5bf98cbc2e0c459649217c69d5c
GET /images/emailmarketing/js_elements/full-img-2x.png HTTP/1.1
Host: cdn0.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 185758
last-modified: Wed, 05 Jan 2022 08:04:08 GMT
etag: "f82f21d1a2d81:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=1561352
expires: Wed, 12 Apr 2023 15:09:42 GMT
date: Sat, 25 Mar 2023 13:27:10 GMT
X-Firefox-Spdy: h2
cdn6.agoda.net/images/WebCampaign/NewWebDealsPage/Highlight_AgodaVIP_1.png
184.24.44.239200 OK 96 kB URL HTTP/2 cdn6.agoda.net/images/WebCampaign/NewWebDealsPage/Highlight_AgodaVIP_1.png
IP 184.24.44.239:0
File type PNG image data, 574 x 368, 8-bit/color RGBA, non-interlaced\012- data
Hash faecdcafb15b6845e9c2aeaa4450c029
3886dd1e7ac68528f336b385206f813c3f19cb05
a4dd96eb6a28cd3c7105c4145b45aa6bdcdf9ecd5eb3673e352b152a04630083
GET /images/WebCampaign/NewWebDealsPage/Highlight_AgodaVIP_1.png HTTP/1.1
Host: cdn6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 96058
last-modified: Tue, 14 Dec 2021 09:32:29 GMT
etag: "4a27be83cdf0d71:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=1470702
expires: Tue, 11 Apr 2023 13:58:52 GMT
date: Sat, 25 Mar 2023 13:27:10 GMT
X-Firefox-Spdy: h2
cdn6.agoda.net/images/fonts/global-refresh/icons-89a6761cd841725e350b9c0a886b1fb8.woff
184.24.44.239200 OK 240 kB URL HTTP/2 cdn6.agoda.net/images/fonts/global-refresh/icons-89a6761cd841725e350b9c0a886b1fb8.woff
IP 184.24.44.239:0
File type Web Open Font Format, TrueType, length 240036, version 1.0\012- data
Size 240 kB (240036 bytes)
Hash a0e54b533a77430aa1c348d922ba87b4
498aec94ad5c1ca93d5f324e794423165be72134
135054a864e36dd5eedd2bb43dd4add245224b1f5dfb66776de5a02b8840c886
GET /images/fonts/global-refresh/icons-89a6761cd841725e350b9c0a886b1fb8.woff HTTP/1.1
Host: cdn6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.agoda.com
Connection: keep-alive
Referer: https://cdn6.agoda.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: font/x-woff
content-length: 240036
last-modified: Thu, 21 Jan 2021 16:52:55 GMT
etag: "808d31dd15f0d61:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
unused62: 8096267
cache-control: max-age=1449543
expires: Tue, 11 Apr 2023 08:06:13 GMT
date: Sat, 25 Mar 2023 13:27:10 GMT
X-Firefox-Spdy: h2
www.agoda.com/api/contentCard/campaigns
104.110.12.18200 OK 1.0 kB URL HTTP/2 www.agoda.com/api/contentCard/campaigns
IP 104.110.12.18:0
File type JSON data\012- , Unicode text, UTF-8 text, with very long lines (3996), with no line terminators
Hash 6dd1e9edc1c17121288d1ca31889a638
5c1957291cf4ad3e8f557c9cd5e528d44ab32cba
3fb18da616c854883b50288b6f78574fcc2b397ccaa662046f4cb40d005a9aa6
POST /api/contentCard/campaigns HTTP/1.1
Host: www.agoda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.agoda.com/deals?pcs=1&cid=1912728
X-Requested-With: XMLHttpRequest
Content-type: application/json; charset=utf-8
AG-Language-Locale: en-us
AG-Language-Id: 1
CR-Currency-Id: 31
CR-Currency-Code: NOK
X-CLIENT-ID: 2000
Request-Id: |01a04da08f9040489f3b88905bb6ae28.7fdc9c8e4b8c4af0
traceparent: 00-01a04da08f9040489f3b88905bb6ae28-7fdc9c8e4b8c4af0-01
Content-Length: 191
Origin: https://www.agoda.com
Connection: keep-alive
Cookie: agoda.analytics=Id=4037138348299807738&Signature=1040514150734268647&Expiry=1679754429192; agoda.vuser=UserId=8d4ae1b9-2272-4bbd-a7dd-b02a1623cb91; agoda.user.03=UserId=e62e3796-5cdb-43ae-b15c-ddb14887b602; UserSession=e62e3796-5cdb-43ae-b15c-ddb14887b602; agoda.version.03=CookieId=179544ca-9efd-47d2-a238-9e1a848cb856&AllocId=7978363dc5987d732051d1d558f1056c2df832c91479954f1053fa0e5883cc67c9ad1864f67475c28d422963528c360f704779b322c1b9cfd756fc1467ad0ef4bdb5b73759ea80a2f04588adf2b6e0f5621267cbb6179544ca9efd7d22389e1a848cb856&DLang=en-us&CurLabel=NOK&DPN=1&Alloc=&FEBuildVersion=&TItems=2$1912728$03-25-2023 20:27$03-26-2023 20:27$; ASP.NET_SessionId=ymnnjje05ix4jdzqtceyxhan; agoda.attr.03=ATItems=1912728$03-25-2023 20:27$; agoda.firstclicks=1912728||||2023-03-25T20:27:09||ymnnjje05ix4jdzqtceyxhan||{"IsPaid":true,"gclid":"","Type":""}; agoda.lastclicks=1912728||||2023-03-25T20:27:09||ymnnjje05ix4jdzqtceyxhan||{"IsPaid":true,"gclid":"","Type":""}; agoda.landings=1912728|||ymnnjje05ix4jdzqtceyxhan|2023-03-25T20:27:09|True|19----1912728|||ymnnjje05ix4jdzqtceyxhan|2023-03-25T20:27:09|True|20----1912728|||ymnnjje05ix4jdzqtceyxhan|2023-03-25T20:27:09|True|99; session_cache={"Cache":"amdata1","Time":"638153476292083368","SessionID":"ymnnjje05ix4jdzqtceyxhan","CheckID":"04a3eac9ec317bf05b41b240e6b5dbbc96725745","CType":"N"}; agoda.prius=PriusID=0&PointsMaxTraffic=Agoda; xsrf_token=CfDJ8Dkuqwv-0VhLoFfD8dw7lYxXpg2LRdN80oPQSTOGkz5u2vjavvjM8YNVbXXNY8V2ci3gCqvOXSTDNaMMTR9KJyCYd1DZHXtutaiv4_EUJ7xJHijgww8Dg-rDsL67Gj9S2DigJ6RjIspJFlZrheOQg8U; tealiumEnable=false; ai_user=bK44kVCGDwxVnP4OR1t5pE|2023-03-25T13:27:23.330Z
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: application/json
access-control-allow-credentials: true
access-control-allow-origin: https://www.agoda.com
access-control-expose-headers: ag-correlation-id
vary: Accept-Encoding, User-Agent, Accept-Encoding
request-context: appId=
ag-correlation-id: 0670f272-1159-4604-9e63-1afa123090c6
x-recruiting: Like HTTP headers? Come write ours: https://careersatagoda.com/job/3931446-senior-software-engineer-full-stack-bangkok-based-relocation-provided/?gh_src=b096bae01us
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
ag-dc: am
ag-http-server-time: 10707 mcs
content-encoding: gzip
date: Sat, 25 Mar 2023 13:27:10 GMT
content-length: 1003
set-cookie: agoda.analytics=Id=4037138348299807738&Signature=1040514150734268647&Expiry=1679754429192; domain=.agoda.com; path=/; expires=Sat, 25-Mar-2023 14:27:09 GMT; secure
X-Firefox-Spdy: h2
cdn6.agoda.net/images/desktop/bg-sprite-flags.png
184.24.44.239200 OK 66 kB URL HTTP/2 cdn6.agoda.net/images/desktop/bg-sprite-flags.png
IP 184.24.44.239:0
File type PNG image data, 480 x 1092, 8-bit colormap, non-interlaced\012- data
Hash a49b79bbde78f08f8d66c0eddaaff977
019167ed9ecee7bcd228fb4639e490a3746c7d1f
33e880aa212095a2f1be3428fc8d42848c1b028907cf7fe26882d732f938af0a
GET /images/desktop/bg-sprite-flags.png HTTP/1.1
Host: cdn6.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://cdn6.agoda.net/cdn-marketing_cronos/js/assets/cronos/theme-agoda-76e64d672275.css
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 65795
last-modified: Mon, 17 Oct 2016 07:24:38 GMT
etag: "07f9f844728d21:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
unused62: 8096267
cache-control: max-age=1439157
expires: Tue, 11 Apr 2023 05:13:07 GMT
date: Sat, 25 Mar 2023 13:27:10 GMT
X-Firefox-Spdy: h2
cdn0.agoda.net/images/emailmarketing/contentcard/pmc-7pct-web.png
184.24.44.239200 OK 7.4 kB URL HTTP/2 cdn0.agoda.net/images/emailmarketing/contentcard/pmc-7pct-web.png
IP 184.24.44.239:0
File type PNG image data, 575 x 369, 8-bit colormap, non-interlaced\012- data
Hash e161d498f386f0e267e6df3b12fc3c73
c0a5da7fd10b8e58f573af8167120b1ff823e73b
dae6286da70d610833588ccd197538b9c1f4523ecf0a2165d90493d83ced59ac
GET /images/emailmarketing/contentcard/pmc-7pct-web.png HTTP/1.1
Host: cdn0.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 7359
last-modified: Tue, 13 Dec 2022 02:21:53 GMT
etag: "8076eaa99ed91:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=2129585
expires: Wed, 19 Apr 2023 05:00:15 GMT
date: Sat, 25 Mar 2023 13:27:10 GMT
X-Firefox-Spdy: h2
cdn0.agoda.net/images/emailmarketing/contentcard/pmc-6pct-web-2.png
184.24.44.239200 OK 3.5 kB URL HTTP/2 cdn0.agoda.net/images/emailmarketing/contentcard/pmc-6pct-web-2.png
IP 184.24.44.239:0
File type PNG image data, 288 x 185, 8-bit colormap, non-interlaced\012- data
Hash c9a8457639c203eff94728754825f10e
ee0d21deb604cfaa6816e533f65bcdb1cfc3b187
9691c7d82e4a83360f6cb743efb6d9d84c2ceae98839b74c93cb68a77c1848f2
GET /images/emailmarketing/contentcard/pmc-6pct-web-2.png HTTP/1.1
Host: cdn0.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 3543
last-modified: Thu, 19 Jan 2023 14:18:55 GMT
etag: "807173f6102cd91:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=2129587
expires: Wed, 19 Apr 2023 05:00:17 GMT
date: Sat, 25 Mar 2023 13:27:10 GMT
X-Firefox-Spdy: h2
cdn0.agoda.net/images/emailmarketing/contentcard/pmc-5pct-web-2.png
184.24.44.239200 OK 3.6 kB URL HTTP/2 cdn0.agoda.net/images/emailmarketing/contentcard/pmc-5pct-web-2.png
IP 184.24.44.239:0
File type PNG image data, 288 x 185, 8-bit colormap, non-interlaced\012- data
Hash d3fa6930002163385781c48275292adf
41c88461c04bc0269b6565038888f329a15c8fb2
f5931028e59d67b872bab0f9fbc691af48f54fa43be7df6148ec620041da9ecd
GET /images/emailmarketing/contentcard/pmc-5pct-web-2.png HTTP/1.1
Host: cdn0.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 3614
last-modified: Thu, 19 Jan 2023 14:13:58 GMT
etag: "0d76c45102cd91:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=453476
expires: Thu, 30 Mar 2023 19:25:06 GMT
date: Sat, 25 Mar 2023 13:27:10 GMT
X-Firefox-Spdy: h2
cdn0.agoda.net/images/emailmarketing/contentcard/pmc-3pct-web.png
184.24.44.239200 OK 7.6 kB URL HTTP/2 cdn0.agoda.net/images/emailmarketing/contentcard/pmc-3pct-web.png
IP 184.24.44.239:0
File type PNG image data, 575 x 369, 8-bit colormap, non-interlaced\012- data
Hash 5e45132aebe5424043c3588a0bcc2e72
6855aae8a47cbac3d100039f4c235699eec06ce0
9c08a8ef35e0534137ac8c4b20d359a7aa9f7219df1039bdc68d2d65b1732dad
GET /images/emailmarketing/contentcard/pmc-3pct-web.png HTTP/1.1
Host: cdn0.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 7629
last-modified: Tue, 13 Dec 2022 02:15:48 GMT
etag: "0e27fd098ed91:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=2129600
expires: Wed, 19 Apr 2023 05:00:30 GMT
date: Sat, 25 Mar 2023 13:27:10 GMT
X-Firefox-Spdy: h2
braze-images.com/appboy/communication/assets/image_assets/images/63cf5375912f497fa9fcc264/original.png?1674531701
104.19.153.69200 OK 26 kB URL HTTP/2 braze-images.com/appboy/communication/assets/image_assets/images/63cf5375912f497fa9fcc264/original.png?1674531701
IP 104.19.153.69:0
File type PNG image data, 287 x 184, 8-bit/color RGBA, non-interlaced\012- data
Hash 154310d7dd606c16e556b14c1b8033e1
37f01759e92a84d1acc0895674b11ae832c7e981
8f3286135883981c6c8cdc7bf3b28dc2944a4cd7dec4e33be669cbb9ff0bc70b
GET /appboy/communication/assets/image_assets/images/63cf5375912f497fa9fcc264/original.png?1674531701 HTTP/1.1
Host: braze-images.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
HTTP/2 200 OK
date: Sat, 25 Mar 2023 13:27:10 GMT
content-type: image/png
content-length: 25573
x-amz-id-2: UK+2gkueOVND99ETz9aUQSa8m5b7pUJk3C47/BOi5+j6IGqlzVGqD+7rhdfMU7W7tcJpBpTukrM=
x-amz-request-id: 2J019E62MH9KVXYP
last-modified: Tue, 24 Jan 2023 03:41:42 GMT
etag: "154310d7dd606c16e556b14c1b8033e1"
x-amz-server-side-encryption: AES256
cf-cache-status: HIT
age: 3265
expires: Sat, 25 Mar 2023 17:27:10 GMT
cache-control: public, max-age=14400
accept-ranges: bytes
vary: Accept-Encoding
server: cloudflare
cf-ray: 7ad77d650efcb509-OSL
X-Firefox-Spdy: h2
cdn0.agoda.net/images/emailmarketing/contentcard/blocklist-removal-web.png
184.24.44.239200 OK 19 kB URL HTTP/2 cdn0.agoda.net/images/emailmarketing/contentcard/blocklist-removal-web.png
IP 184.24.44.239:0
File type PNG image data, 575 x 369, 8-bit/color RGBA, non-interlaced\012- data
Hash 066cb8f3de2e6d293db125d7313645a6
05cdc167e526a89f75aa21f509fcced8be81c63e
0aeeb1802d102be5d4a4f6fbf1890826c3b0f0416de90c0466f41b931f3d5cdf
GET /images/emailmarketing/contentcard/blocklist-removal-web.png HTTP/1.1
Host: cdn0.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 18627
last-modified: Wed, 07 Dec 2022 08:06:57 GMT
etag: "80a61fe012ad91:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=2123999
expires: Wed, 19 Apr 2023 03:27:09 GMT
date: Sat, 25 Mar 2023 13:27:10 GMT
X-Firefox-Spdy: h2
cdn0.agoda.net/images/consentbanner/cookie.png
184.24.44.239200 OK 938 B URL HTTP/2 cdn0.agoda.net/images/consentbanner/cookie.png
IP 184.24.44.239:0
File type PNG image data, 48 x 48, 8-bit/color RGBA, non-interlaced\012- data
Hash ef95ac3b6488dd54e1262c043a39c008
46b6ef5b828e240925afb6a04ef8923041fed392
db113ee98dd4e8a8474e5a86ea18813bbcbad7ee139e55467df84760c4771b30
GET /images/consentbanner/cookie.png HTTP/1.1
Host: cdn0.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-type: image/png
content-length: 938
last-modified: Tue, 09 Aug 2022 11:25:03 GMT
etag: "284b70abe2abd81:0"
x-cache-status: HIT
accept-ranges: bytes
timing-allow-origin: *
access-control-allow-origin: *
x-dc: ASH
cache-control: max-age=2159631
expires: Wed, 19 Apr 2023 13:21:01 GMT
date: Sat, 25 Mar 2023 13:27:10 GMT
X-Firefox-Spdy: h2
aai.agoda.net/v2/track
184.24.44.239204 No Content 0 B IP 184.24.44.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
OPTIONS /v2/track HTTP/1.1
Host: aai.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://www.agoda.com/
Origin: https://www.agoda.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 204 No Content
server: nginx
access-control-allow-credentials: true
access-control-allow-headers: content-type
access-control-allow-methods: POST
access-control-allow-origin: https://www.agoda.com
access-control-max-age: 1200
vary: Origin
request-context: appId=
date: Sat, 25 Mar 2023 13:27:11 GMT
X-Firefox-Spdy: h2
aai.agoda.net/v2/track
184.24.44.239200 OK 0 B IP 184.24.44.239:0
Hash d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
POST /v2/track HTTP/1.1
Host: aai.agoda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-type: application/json
Content-Length: 5795
Origin: https://www.agoda.com
Connection: keep-alive
Referer: https://www.agoda.com/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers
HTTP/2 200 OK
server: nginx
content-length: 0
access-control-allow-credentials: true
access-control-allow-origin: https://www.agoda.com
access-control-expose-headers: ag-correlation-id
vary: Origin
request-context: appId=
ag-correlation-id: 551dde18-5407-4326-ab60-b60fcb9f4729
x-recruiting: Like HTTP headers? Come write ours: https://careersatagoda.com/job/3931446-senior-software-engineer-full-stack-bangkok-based-relocation-provided/?gh_src=b096bae01us
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
ag-dc: am
date: Sat, 25 Mar 2023 13:27:11 GMT
set-cookie: agoda.analytics=Id=-5214216661502594923&Signature=2447272583487171898&Expiry=1679754431353; domain=agoda.net; path=/; expires=Sat, 25-Mar-2023 14:27:11 GMT; secure
agoda.user.03=UserId=7e1b0abe-175c-4d0c-b73f-1f374ec72762; domain=agoda.net; path=/; expires=Mon, 25-Mar-2024 13:27:11 GMT; secure
agoda.prius=PriusID=0&PointsMaxTraffic=Agoda; domain=agoda.net; path=/; expires=Mon, 25-Mar-2024 13:27:11 GMT
X-Firefox-Spdy: h2
ocsp.sectigo.com/
172.64.155.188200 OK 471 B IP 172.64.155.188:0
Hash 04b4a9482636a938eeaf71cd01c3b4c3
683d03c98d6eccbc2677779c60dcec53635bd03a
be2bc6aabf76a15060d0ae0141ea8a0d8415fea476a8303fffe77f6783c40c01
POST / HTTP/1.1
Host: ocsp.sectigo.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
HTTP/1.1 200 OK
Date: Sat, 25 Mar 2023 13:27:12 GMT
Content-Type: application/ocsp-response
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 23 Mar 2023 17:17:43 GMT
Expires: Thu, 30 Mar 2023 17:17:42 GMT
Etag: "683d03c98d6eccbc2677779c60dcec53635bd03a"
Cache-Control: max-age=445229,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb6
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7ad77d6dee3fb4f3-OSL
bento.agoda.com/v2_1?p=js&v=1.3.73&t=1679750845273
103.200.108.57200 OK 2 B URL HTTP/2 bento.agoda.com/v2_1?p=js&v=1.3.73&t=1679750845273
IP 103.200.108.57:0
ASN #45530 The Offices at Central World, 27th floor
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /v2_1?p=js&v=1.3.73&t=1679750845273 HTTP/1.1
Host: bento.agoda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.agoda.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www.agoda.com
Content-Length: 15759
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 13:27:12 GMT
content-type: application/json
content-length: 2
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Encoding, Accept, Accept-Encoding, Accept-Language, Host, Referer, User-Agent
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.agoda.com
access-control-expose-headers: ag-correlation-id
set-cookie: agoda.user.03=UserId=74368384-f55d-422a-9d59-36f076ab5575; domain=.agoda.com; path=/; expires=Mon, 25-Mar-2024 13:27:12 GMT; secure
agoda.analytics=Id=2300725591104278394&Signature=-488637546634296143&Expiry=1679754432545; domain=.agoda.com; path=/; expires=Sat, 25-Mar-2023 14:27:12 GMT; secure
agoda.prius=PriusID=0&PointsMaxTraffic=Agoda; domain=.agoda.com; path=/; expires=Mon, 25-Mar-2024 13:27:12 GMT
vary: Origin
request-context: appId=
ag-correlation-id: 184074e4-f012-460c-895a-5b97184f7766
x-recruiting: Like HTTP headers? Come write ours: https://careersatagoda.com/job/3931446-senior-software-engineer-full-stack-bangkok-based-relocation-provided/?gh_src=b096bae01us
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
ag-dc: am
X-Firefox-Spdy: h2
bento.agoda.com/v2_1?p=js&v=1.3.73&t=1679750847732
103.200.108.57200 OK 2 B URL HTTP/2 bento.agoda.com/v2_1?p=js&v=1.3.73&t=1679750847732
IP 103.200.108.57:0
ASN #45530 The Offices at Central World, 27th floor
File type JSON data\012- , ASCII text, with no line terminators
Hash 99914b932bd37a50b983c5e7c90ae93b
bf21a9e8fbc5a3846fb05b4fa0859e0917b2202f
44136fa355b3678a1146ad16f7e8649e94fb4fc21fe77e8310c060f61caaff8a
POST /v2_1?p=js&v=1.3.73&t=1679750847732 HTTP/1.1
Host: bento.agoda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.agoda.com/
Content-Type: text/plain;charset=UTF-8
Origin: https://www.agoda.com
Content-Length: 18284
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-site
TE: trailers
HTTP/2 200 OK
server: nginx
date: Sat, 25 Mar 2023 13:27:14 GMT
content-type: application/json
content-length: 2
access-control-allow-credentials: true
access-control-allow-headers: Origin, X-Requested-With, Content-Type, Content-Encoding, Accept, Accept-Encoding, Accept-Language, Host, Referer, User-Agent
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-origin: https://www.agoda.com
access-control-expose-headers: ag-correlation-id
set-cookie: agoda.user.03=UserId=0fe5d7de-e542-423f-8f21-62f2478bba95; domain=.agoda.com; path=/; expires=Mon, 25-Mar-2024 13:27:14 GMT; secure
agoda.analytics=Id=7568596823802617050&Signature=6097028891995285345&Expiry=1679754434677; domain=.agoda.com; path=/; expires=Sat, 25-Mar-2023 14:27:14 GMT; secure
agoda.prius=PriusID=0&PointsMaxTraffic=Agoda; domain=.agoda.com; path=/; expires=Mon, 25-Mar-2024 13:27:14 GMT
vary: Origin
request-context: appId=
ag-correlation-id: 6492b346-c8ee-4586-a592-f8d216bdf9c2
x-recruiting: Like HTTP headers? Come write ours: https://careersatagoda.com/job/3931446-senior-software-engineer-full-stack-bangkok-based-relocation-provided/?gh_src=b096bae01us
strict-transport-security: max-age=2592000
x-content-type-options: nosniff
ag-dc: am
X-Firefox-Spdy: h2