Overview

URL1.26b37.ne.wy5532.com/
IP 81.171.22.4 (Belgium)
ASN#60781 LeaseWeb Netherlands B.V.
UserAgentMozilla/5.0 (X11; Linux x86_64; rv:96.0) Gecko/20100101 Firefox/96.0
Referer
Report completed2022-12-04 13:06:02 UTC
StatusLoading report..
IDS alerts0
Blocklist alert1
urlquery alerts No alerts detected
Tags None

Domain Summary (0)

No passive DNS data

Network Intrusion Detection Systemsinfo

Suricata /w Emerging Threats Pro
 No alerts detected

Blocklists

OpenPhish
 No alerts detected

PhishTank
 No alerts detected

Fortinet's Web Filter
Scan Date Severity Indicator Comment
2022-12-04 2 1.26b37.ne.wy5532.com/ Malware

mnemonic secure dns
 No alerts detected

Quad9 DNS
 No alerts detected


Files

No files detected

Recent reports on same IP/ASN/Domain/Screenshot

Last 5 reports on IP: 81.171.22.4
Date UQ / IDS / BL URL IP
2023-02-01 09:00:53 +0000 0 - 0 - 1 ohybfkv.cn.wy5532.com/ 81.171.22.4
2023-02-01 06:23:53 +0000 0 - 2 - 9 xuntoft.gg.wy5532.com/ 81.171.22.4
2023-02-01 05:57:48 +0000 0 - 2 - 6 hfgfgf.7399b.yf.wy5532.com/ 81.171.22.4
2023-01-31 13:23:39 +0000 0 - 0 - 1 edecdc7179b.lv.wy5532.com/ 81.171.22.4
2023-01-31 02:31:05 +0000 0 - 0 - 3 dsasa.8a4a4.yk.wy5532.com/ 81.171.22.4


Last 5 reports on ASN: LeaseWeb Netherlands B.V.
Date UQ / IDS / BL URL IP
2023-02-03 19:51:50 +0000 0 - 0 - 2 gtlbin.pro/play-2 82.192.82.228
2023-02-03 19:21:27 +0000 0 - 0 - 5 filefactory.com/file/5cxxweil2zoh/sft18FM2316 (...) 95.211.200.52
2023-02-03 19:21:19 +0000 0 - 0 - 1 thehammocksource.msnd40.com/tracking/lc/b34db (...) 212.32.243.39
2023-02-03 19:09:37 +0000 0 - 2 - 5 knjghuig.biz/gydfw 5.79.71.205
2023-02-03 18:32:25 +0000 0 - 1 - 0 extreme-ip-lookup.com/ 37.48.65.182


Last 5 reports on domain: wy5532.com
Date UQ / IDS / BL URL IP
2023-02-02 10:55:45 +0000 0 - 0 - 1 qwqee.1e534.tv.wy5532.com/ 37.48.65.148
2023-02-02 04:11:22 +0000 0 - 0 - 1 rhuugcf.wy5532.com/ 81.171.22.5
2023-02-02 02:43:33 +0000 0 - 0 - 3 2490b.zz.wy5532.com/ 37.48.65.149
2023-02-02 00:45:04 +0000 0 - 0 - 3 uyclvmqe.tt.wy5532.com/ 199.115.115.116
2023-02-02 00:17:09 +0000 0 - 0 - 3 1de74.moedcc.wy5532.com/ 81.171.22.5


Last 5 reports with similar screenshot
Date UQ / IDS / BL URL IP
2022-12-23 14:33:54 +0000 0 - 0 - 3 rp.seroteforoh.com/?pcrc=159633513&v=2.0 77.247.179.85
2022-12-21 10:21:33 +0000 0 - 0 - 3 nwv.it/ 64.190.63.111
2022-12-13 06:58:09 +0000 0 - 0 - 4 2.21a1f.hn.wy5532.com/ 172.93.103.102
2022-12-10 13:15:49 +0000 0 - 0 - 5 www.7b6d7.oq.wy5532.com/ 37.48.65.152
2022-12-04 10:33:52 +0000 0 - 0 - 1 ebdolfg.wy5532.com/ 37.48.65.154

JavaScript

Executed Scripts (41)

Executed Evals (10)
#1 JavaScript::Eval (size: 84) - SHA256: 69ba3034ff17c8cae2838bc2fa69b924f4acc3c0e38210d5c5206587835b915c
(function() {
    return "gtm.dom" === google_tag_manager["GTM-NV4Z79H"].macro(27) ? 100 : 0
})();
#2 JavaScript::Eval (size: 581) - SHA256: 4cfa0376561e7ee510b6d93865f5b6fc633789415ae03b5ee4a835a7f9dab7a3
(function() {
    return function(a) {
        var b = google_tag_manager["GTM-NV4Z79H"].macro(28),
            c = google_tag_manager["GTM-NV4Z79H"].macro(29),
            f = "__gtm_campaign_url",
            g = "__gtm_referrer",
            h = "hostelworld.com",
            d = !0,
            e = function(k) {
                document.cookie = k + "\x3d; path\x3d/; domain\x3d" + h + "; expires\x3dThu, 01 Jan 1970 00:00:00 GMT"
            };
        "undefined" !== typeof b && (a.set("location", b), a.set("page", document.location.pathname + document.location.search), !0 === d && e(f));
        "undefined" !== typeof c && (a.set("referrer", c), !0 === d && e(g));
        b = 177;
        a.set("dimension" + b, a.get("hitType"));
        b = 7;
        a.set("dimension" +
            b, a.get("clientId"))
    }
})();
#3 JavaScript::Eval (size: 83) - SHA256: 466e3569ebcfd189dfea9009892061e0400f5f5a51b4846d0eba44b555eed39a
(function() {
    var b = 7;
    return function(a) {
        a.set("dimension" + b, a.get("clientId"))
    }
})();
#4 JavaScript::Eval (size: 136) - SHA256: 99406e575abdcd6f496b9bf9a852292e5f88a0f8dbd85a94f8df919ed2ee4c5f
(function() {
    if (Visitor) {
        var a = "42FE34FA53DB56ED0A490D44@AdobeOrg";
        a = Visitor.getInstance(a);
        return a = a.getMarketingCloudVisitorID()
    }
})();
#5 JavaScript::Eval (size: 83) - SHA256: f76309d12c6518ba9dee0bd8fac0134baddd54bed1e84c30ac2b1612344eeb88
(function() {
    return "gtm.dom" === google_tag_manager["GTM-NV4Z79H"].macro(4) ? 100 : 0
})();
#6 JavaScript::Eval (size: 579) - SHA256: 3b08270ca0fb1d52da67a7d346f29d0b08fb3ad7631fbf2a8e7ed84a9f77fd0d
(function() {
    return function(a) {
        var b = google_tag_manager["GTM-NV4Z79H"].macro(5),
            c = google_tag_manager["GTM-NV4Z79H"].macro(6),
            f = "__gtm_campaign_url",
            g = "__gtm_referrer",
            h = "hostelworld.com",
            d = !0,
            e = function(k) {
                document.cookie = k + "\x3d; path\x3d/; domain\x3d" + h + "; expires\x3dThu, 01 Jan 1970 00:00:00 GMT"
            };
        "undefined" !== typeof b && (a.set("location", b), a.set("page", document.location.pathname + document.location.search), !0 === d && e(f));
        "undefined" !== typeof c && (a.set("referrer", c), !0 === d && e(g));
        b = 177;
        a.set("dimension" + b, a.get("hitType"));
        b = 7;
        a.set("dimension" +
            b, a.get("clientId"))
    }
})();
#7 JavaScript::Eval (size: 581) - SHA256: 1a797841c5247b912b5e4a4b0f9ce9358be5572aefd7e90cfe9caef6b93bfabd
(function() {
    return function(a) {
        var b = google_tag_manager["GTM-NV4Z79H"].macro(15),
            c = google_tag_manager["GTM-NV4Z79H"].macro(16),
            f = "__gtm_campaign_url",
            g = "__gtm_referrer",
            h = "hostelworld.com",
            d = !0,
            e = function(k) {
                document.cookie = k + "\x3d; path\x3d/; domain\x3d" + h + "; expires\x3dThu, 01 Jan 1970 00:00:00 GMT"
            };
        "undefined" !== typeof b && (a.set("location", b), a.set("page", document.location.pathname + document.location.search), !0 === d && e(f));
        "undefined" !== typeof c && (a.set("referrer", c), !0 === d && e(g));
        b = 177;
        a.set("dimension" + b, a.get("hitType"));
        b = 7;
        a.set("dimension" +
            b, a.get("clientId"))
    }
})();
#8 JavaScript::Eval (size: 84) - SHA256: b8250487a91b7c8848db6d96ac780c2e6a830da36eba703e4a22d43e1cc56c36
(function() {
    return "gtm.dom" === google_tag_manager["GTM-NV4Z79H"].macro(19) ? 100 : 0
})();
#9 JavaScript::Eval (size: 581) - SHA256: 1e84ca76c9f97caeea00324537b26e2a1d2aca291b11e5eef75195ccdb172b1c
(function() {
    return function(a) {
        var b = google_tag_manager["GTM-NV4Z79H"].macro(20),
            c = google_tag_manager["GTM-NV4Z79H"].macro(21),
            f = "__gtm_campaign_url",
            g = "__gtm_referrer",
            h = "hostelworld.com",
            d = !0,
            e = function(k) {
                document.cookie = k + "\x3d; path\x3d/; domain\x3d" + h + "; expires\x3dThu, 01 Jan 1970 00:00:00 GMT"
            };
        "undefined" !== typeof b && (a.set("location", b), a.set("page", document.location.pathname + document.location.search), !0 === d && e(f));
        "undefined" !== typeof c && (a.set("referrer", c), !0 === d && e(g));
        b = 177;
        a.set("dimension" + b, a.get("hitType"));
        b = 7;
        a.set("dimension" +
            b, a.get("clientId"))
    }
})();
#10 JavaScript::Eval (size: 581) - SHA256: 12419a253d29f7d4c1ab21dfb029af6bebb57f99996bf0a31abcbbc6aab7867d
(function() {
    return function(a) {
        var b = google_tag_manager["GTM-NV4Z79H"].macro(32),
            c = google_tag_manager["GTM-NV4Z79H"].macro(33),
            f = "__gtm_campaign_url",
            g = "__gtm_referrer",
            h = "hostelworld.com",
            d = !0,
            e = function(k) {
                document.cookie = k + "\x3d; path\x3d/; domain\x3d" + h + "; expires\x3dThu, 01 Jan 1970 00:00:00 GMT"
            };
        "undefined" !== typeof b && (a.set("location", b), a.set("page", document.location.pathname + document.location.search), !0 === d && e(f));
        "undefined" !== typeof c && (a.set("referrer", c), !0 === d && e(g));
        b = 177;
        a.set("dimension" + b, a.get("hitType"));
        b = 7;
        a.set("dimension" +
            b, a.get("clientId"))
    }
})();

Executed Writes (0)


HTTP Transactions (259)


Request Response
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4021
Expires: Sun, 04 Dec 2022 14:12:50 GMT
Date: Sun, 04 Dec 2022 13:05:49 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 827
Cache-Control: max-age=164355
Date: Sun, 04 Dec 2022 13:05:49 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 10:45:04 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /v1/ HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Sun, 04 Dec 2022 12:18:24 GMT
cache-control: public,max-age=3600
age: 2845
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size:   939
Md5:    30db107dcf4380cef05efea409c2e6a3
Sha1:   96e6a306fbc07299aba64e5c14e2bfca35872fa9
Sha256: b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e
                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=5029
Expires: Sun, 04 Dec 2022 14:29:38 GMT
Date: Sun, 04 Dec 2022 13:05:49 GMT
Connection: keep-alive

                                        
                                            GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1 
Host: content-signature-2.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         34.160.144.191
HTTP/2 200 OK
content-type: binary/octet-stream
                                        
x-amz-id-2: WReKDw8izEwN5iNpxvqBFlcuGI9DAU1JOXYXSdzljTkIremEaa5BxXQlE65KIvAhLbi05egcLe0=
x-amz-request-id: T2P9A88BKY7CVVT0
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Sun, 04 Dec 2022 12:47:33 GMT
age: 1096
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PEM certificate\012- , ASCII text
Size:   5348
Md5:    9ebddc2b260d081ebbefee47c037cb28
Sha1:   492bad62a7ca6a74738921ef5ae6f0be5edebf39
Sha256: 74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5
                                        
                                            GET /v1/tiles HTTP/1.1 
Host: contile.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.117.237.239
HTTP/2 200 OK
content-type: application/json
                                        
server: nginx
date: Sun, 04 Dec 2022 13:05:49 GMT
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with no line terminators
Size:   12
Md5:    23e88fb7b99543fb33315b29b1fad9d6
Sha1:   a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
Sha256: 7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3
                                        
                                            GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1 
Host: firefox.settings.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.102.187.140
HTTP/2 200 OK
content-type: application/json
                                        
access-control-allow-origin: *
access-control-expose-headers: Retry-After, ETag, Alert, Expires, Cache-Control, Backoff, Content-Length, Content-Type, Pragma, Last-Modified
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Sun, 04 Dec 2022 12:08:58 GMT
cache-control: public,max-age=3600
age: 3412
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size:   329
Md5:    0333b0655111aa68de771adfcc4db243
Sha1:   63f295a144ac87a7c8e23417626724eeca68a7eb
Sha256: 60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300
                                        
                                            GET / HTTP/1.1 
Host: 1.26b37.ne.wy5532.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Cookie: sid=af14c6a4-73d2-11ed-9ad3-3b63f55b2612
Upgrade-Insecure-Requests: 1

search
                                         81.171.22.4
HTTP/1.1 302 Found
                                        
cache-control: max-age=0, private, must-revalidate
connection: close
content-length: 11
date: Sun, 04 Dec 2022 13:05:49 GMT
location: http://dipaka-ead.com/zcvisitor/5fd63c13-73d4-11ed-abc9-127bf274ace7/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=c0e2d870-bfc4-11ec-bea2-128084d1ce51
server: nginx


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   11
Md5:    32682312d17c7cbf18e73594f5570319
Sha1:   60e22121bdd0bc71cdb2bae2a3aa577006b2eae9
Sha256: e55fb1a1d731153e943b68844af12dcce8bfac917c98ffdea64c80da0607dd47

Alerts:
  Blocklists:
    - fortinet: Malware
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 821
Cache-Control: max-age=159282
Date: Sun, 04 Dec 2022 13:05:50 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 09:20:32 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /zcvisitor/5fd63c13-73d4-11ed-abc9-127bf274ace7/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=c0e2d870-bfc4-11ec-bea2-128084d1ce51 HTTP/1.1 
Host: dipaka-ead.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

search
                                         3.212.50.125
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Date: Sun, 04 Dec 2022 13:05:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
Server: PNWhRqSQ


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text
Size:   1100
Md5:    bc947496b80a4f836bdd7b2057def5ad
Sha1:   6efb2ea659a99d2dc070bc492ac8370d58269fd2
Sha256: 813f5655422751260a319061ba82a5df6b4258ae77cee970cc79d2941252db62
                                        
                                            GET /zcredirect?visitid=5fd63c13-73d4-11ed-abc9-127bf274ace7&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false HTTP/1.1 
Host: dipaka-ead.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dipaka-ead.com/zcvisitor/5fd63c13-73d4-11ed-abc9-127bf274ace7/72092e88-2c53-401c-b988-51ef43ce1034?campaignid=c0e2d870-bfc4-11ec-bea2-128084d1ce51
Upgrade-Insecure-Requests: 1

search
                                         3.212.50.125
HTTP/1.1 200
Content-Type: text/html;charset=UTF-8
                                        
Date: Sun, 04 Dec 2022 13:05:50 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET,POST,OPTIONS
Access-Control-Allow-Headers: X-Requested-With,Content-Type,x-exadsrtb-version,x-openrtb-version,x-zerortb-version,X-Flag
redirected: JS
Server: PtojrDAF


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (331)
Size:   748
Md5:    e1a9cf38a50b4f1050e196f4143e1c2f
Sha1:   d88c9d797f54b2841d3312c472ed1814581e4dbb
Sha256: 81b81404571e6d9c57c46f6a4cda5dc239abf5e8e14ac292a102dc906a612efd
                                        
                                            GET / HTTP/1.1 
Host: push.services.mozilla.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: XO0LrNfCaTY/TpVr00MU8A==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

search
                                         52.42.74.230
HTTP/1.1 101 Switching Protocols
                                        
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 9iXu23E52mh6KIYVkgwntjz0a+8=

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "F0A8F0504544E8FE553C045820F185D60192BABA456375DA57030FB351BF323C"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11295
Expires: Sun, 04 Dec 2022 16:14:05 GMT
Date: Sun, 04 Dec 2022 13:05:50 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: e1.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.77.32
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 345
ETag: "F0A8F0504544E8FE553C045820F185D60192BABA456375DA57030FB351BF323C"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=11295
Expires: Sun, 04 Dec 2022 16:14:05 GMT
Date: Sun, 04 Dec 2022 13:05:50 GMT
Connection: keep-alive

                                        
                                            GET /elkktkvvG?x3v=YOPxIiWTme2bSK2ZGwTaZdGfQQaz5THDfh61AGDexBdvRaK9cTH1tRet9l%2FUS1XqKWO%2F0QRbA0nIcdBDlOXHatYRWrP19Q0BrsoK96CqNeZdTFQLjq6XZSTF3VNMGwnDzGK8n1PSWqkOX0aCLcg78aLshzXpfJpWwBOVPAa92Bo8f8Ko0sC8jR5IBAV2zbNPv3M%3D&sk=ece7d27b62b81f70dd0944dde1289ff3 HTTP/1.1 
Host: hit.teratracker.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.67.180.224
HTTP/2 302 Found
content-type: text/plain;charset=UTF-8
                                        
date: Sun, 04 Dec 2022 13:05:51 GMT
content-length: 0
location: https://trk.buyent.xyz/aff_c?offer_id=9947&aff_id=101167
access-control-allow-origin: *
access-control-expose-headers: X-BurstFire-ReqID, X-BurstFire-ClientID, X-BurstFire-Version, Server
x-burstfire-reqid: 1ff1f83e-f9f0-41fc-8d91-03ff39668469
x-burstfire-clientid: 836bf02e-8f2c-6465-41c2-5ccbed751294
x-burstfire-version: Generic
referrer-policy: no-referrer
via: 1.1 google
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=TcQWlFMrzGCaP338aSWdLpxX3JSOYKFNIt43ogvb%2FWpLoLam6pZcamfGPW5uXI6vq6l6iZdHsfPovDXU071ejbv44v2uPRwhRu%2BeOUv1zAYIZ2KqZWVJeZ%2BLtzlFSwJ5W3Od%2Bajq"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7744c1859c77b4f4-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2

                                        
                                            GET /favicon.ico HTTP/1.1 
Host: dipaka-ead.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Referer: http://dipaka-ead.com/zcredirect?visitid=5fd63c13-73d4-11ed-abc9-127bf274ace7&type=js&browserWidth=1280&browserHeight=939&iframeDetected=false&webdriverDetected=false

search
                                         3.212.50.125
HTTP/1.1 404
Content-Type: text/html;charset=utf-8
                                        
Date: Sun, 04 Dec 2022 13:05:50 GMT
Content-Length: 653
Connection: keep-alive
Cache-Control: no-store, no-cache, pre-check=0, post-check=0
content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
x-content-security-policy: default-src 'self'; script-src 'self' 'unsafe-inline'
X-WebKit-CSP: default-src 'self'; script-src 'self' 'unsafe-inline'
Content-Language: en
Server: PNWhRqSQ


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (649), with no line terminators
Size:   653
Md5:    ba2732b1b2fa2626ffaa15f62f9e7d66
Sha1:   203d4e7fbb1d80449d6e4e1f3ae7a9bf8625debe
Sha256: 879861cb72fe9fbb476dab246021c4c83b4066327de2529e05ec54d3afb0a1c8
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Cache-Control: max-age=92208
Date: Sun, 04 Dec 2022 13:05:51 GMT
Etag: "638b605f-116"
Expires: Mon, 05 Dec 2022 14:42:39 GMT
Last-Modified: Sat, 03 Dec 2022 14:42:39 GMT
Server: nginx
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 0
Cache-Control: max-age=92208
Date: Sun, 04 Dec 2022 13:05:51 GMT
Etag: "638b605f-116"
Expires: Mon, 05 Dec 2022 14:42:39 GMT
Last-Modified: Sat, 03 Dec 2022 14:42:39 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 278

                                        
                                            POST / HTTP/1.1 
Host: ocsp.sectigo.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         172.64.155.188
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 13:05:51 GMT
Content-Length: 471
Connection: keep-alive
Last-Modified: Thu, 01 Dec 2022 04:02:00 GMT
Expires: Thu, 08 Dec 2022 04:01:59 GMT
Etag: "1c31adf90f9591e643077064b84559a07527007c"
Cache-Control: max-age=312367,s-maxage=1800,public,no-transform,must-revalidate
X-CCACDN-Proxy-ID: mcdpinlb3
X-Frame-Options: SAMEORIGIN
CF-Cache-Status: DYNAMIC
Server: cloudflare
CF-RAY: 7744c18828e3b506-OSL

                                        
                                            GET /click/camref:1011l9s5L/pubref:102a8fce2a3e56287a24ca72dac005/adref:101167 HTTP/1.1 
Host: prf.hn
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         5.150.170.5
HTTP/1.1 302 Moved Temporarily
Content-Type: text/html; charset=UTF-8
                                        
Server: nginx
Date: Sun, 04 Dec 2022 13:05:51 GMT
Transfer-Encoding: chunked
P3P: CP="NOI DSP COR PSAa PSDa OUR IND UNI"
Set-Cookie: tPHG-PS=1100l8209973988; expires=Monday, 04-Dec-2023 13:05:51 UTC; path=/; domain=.prf.hn; SameSite=None; Secure
Location: https://www.hostelworld.com?source=affiliate-PHG-1011l9s5L&affiliate=PHG&ref_id=1100lwnphLqB

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4583
Expires: Sun, 04 Dec 2022 14:22:14 GMT
Date: Sun, 04 Dec 2022 13:05:51 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4583
Expires: Sun, 04 Dec 2022 14:22:14 GMT
Date: Sun, 04 Dec 2022 13:05:51 GMT
Connection: keep-alive

                                        
                                            POST / HTTP/1.1 
Host: r3.o.lencr.org
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         23.36.76.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Server: nginx
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=4583
Expires: Sun, 04 Dec 2022 14:22:14 GMT
Date: Sun, 04 Dec 2022 13:05:51 GMT
Connection: keep-alive

                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fd528f6ee-d348-431d-8220-5c8b154b2941.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8315
x-amzn-requestid: f1bcc33b-aad9-4d3b-b1f9-49282f2d4fb9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMGVboAMFfxg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-13472a097177d4751c8f7a8c;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: 6UQ_BhPmpVpe9w6gsExB-EpNq_syeCCK6fr4Y1FFK1jDJh_n1Sd0Eg==
via: 1.1 e291f351a18746d40754b367095a2872.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:47 GMT
age: 54784
etag: "22a8c4bd58c729c1abcf794466e8f3231dfb034b"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8315
Md5:    db1701b7b9d161a0c935bb6e10b17893
Sha1:   22a8c4bd58c729c1abcf794466e8f3231dfb034b
Sha256: b495524a33e5b1d3ba34cfbe867ada0da956c061370b1fcde06b23a6194a9787
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F4d571e0e-b14e-436b-8156-2e49aad75d4f.png HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 16143
x-amzn-requestid: dc86fad4-4e53-42c9-9b0a-5e4d2cfcd087
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cdGyLGqmoAMFnaA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638851a7-0ea324b31e8c6578098b8ab9;Sampled=0
x-amzn-remapped-date: Thu, 01 Dec 2022 07:03:03 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: kRs3oBWnSs5asyPdvz6kkooy7pqm2Yr8R_2x8EXCVn3dBz_aEJurRQ==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 07:26:41 GMT
age: 20350
etag: "1d702df3a64258628f4124eafd580695f2d350af"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   16143
Md5:    14dcca2a9c4792d835ee709bcd947402
Sha1:   1d702df3a64258628f4124eafd580695f2d350af
Sha256: da01dcd8fef7c50bdb6f7a8a6a4955694092f479df3dba72f7fa69d7280d07b2
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fae18d1b5-3b75-4897-bd1b-03651e437c2e.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 4666
x-amzn-requestid: 850d341f-5ccb-453c-8adf-a8194f8fbdad
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clr_-GiboAMFwww=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc066-766293f2526e637235067aca;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:22 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: z5uqgjB-Bsl0U55a8aFi37cpJ65Vnbjm6bJ2GnMpaO7RXsMZsOCbPQ==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 b2f9564ebf9c745cc2ceae96d434977e.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:44:01 GMT
age: 55310
etag: "a9a529dc9894827f6243a1bf57f81caa4fe88fc2"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   4666
Md5:    c01fe1cccdb3b672bbade6d98217ffe9
Sha1:   a9a529dc9894827f6243a1bf57f81caa4fe88fc2
Sha256: c43da6212c79a08e22e78e04e99e8f5422e64b4b0a87f30b7907f1b4bc675c71
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F6df54ea7-8915-4ac7-af2b-6a71ce14dbf4.webp HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 5681
x-amzn-requestid: 8f0d66b8-d532-48d9-9a29-74540cd6ab3a
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltXnEotIAMFqkA=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc296-27349a376ff819ab63b04a81;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:41:42 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: Uz-wJTZjej3sjP-O68BQ4hB_kkAecG0o7GkeZUan90ZgV87g0Cg_ZA==
via: 1.1 26ca01ec7377e425b59b6a08cb1ec342.cloudfront.net (CloudFront), 1.1 3cd7af07832481c336aa1c93c9b4a6fe.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:52:38 GMT
age: 54793
etag: "36f4682ca6a33ff80ee02129c77e6f27e996ede0"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   5681
Md5:    43309032a892c486f9985ef520df696e
Sha1:   36f4682ca6a33ff80ee02129c77e6f27e996ede0
Sha256: 24225ff504f30405d9ec3feb2555c738fcca0d6b265f285aa9c73a64c78a496e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F19c9bb39-be15-49f9-aad9-2cc511601111.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 8989
x-amzn-requestid: abce0b01-f70c-42ad-b242-5a24735fe4c2
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cltl4Gk2oAMFSWQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc2f2-1cccffff5199dffe70264a95;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:43:14 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: PFl7VUrzRkMFNnTiIw_cbGCyrEFn43eUSlZfT0nUhUmjjyXT7JfjMA==
via: 1.1 eece508272520f70691e4eebdc5a6dea.cloudfront.net (CloudFront), 1.1 d8792dbd3191bbe722eba5b536b979c8.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 21:50:01 GMT
age: 54950
etag: "fc5d4f3163ebb9faf85968cbb1d194e8e68418be"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   8989
Md5:    a6e7b32ac999cf3c899a234c621fa91a
Sha1:   fc5d4f3163ebb9faf85968cbb1d194e8e68418be
Sha256: f12db3aed126006fee00649aba0b3eaae900de200b85b9523866a90b5494f18e
                                        
                                            GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F3af2e495-85ff-410f-8418-e683c7f84bcd.jpeg HTTP/1.1 
Host: img-getpocket.cdn.mozilla.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         34.120.237.76
HTTP/2 200 OK
content-type: image/jpeg
                                        
server: nginx
content-length: 7728
x-amzn-requestid: 9f37e7a6-1f00-4a81-9b14-962fd0b6cdf4
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: clsAMEJxoAMFchQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638bc067-4a4cce217327b44525ea1e98;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 21:32:23 GMT
x-amz-cf-pop: HIO50-C1, SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: ztC4S0WeA3ft_9JafrL6fInXo4jwkb0cTWUx4Z8L2uz3EWQS-d6F5A==
via: 1.1 112c6b3f9aea37a6cb00b7d933e5af6e.cloudfront.net (CloudFront), 1.1 d6b180eb367f7de26d67a9f3901b96a6.cloudfront.net (CloudFront), 1.1 google
date: Sat, 03 Dec 2022 22:02:47 GMT
age: 54184
etag: "9f80bb7ca6f699d88eaec2248dec508c589fe994"
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size:   7728
Md5:    027480c06cd67621f373c6765dafee4d
Sha1:   9f80bb7ca6f699d88eaec2248dec508c589fe994
Sha256: f69a0d6bd6e79d8fa7f2f15df11237c0a8b04d45af3cd5870eeef86d18f553bf
                                        
                                            GET /?source=affiliate-PHG-1011l9s5L&affiliate=PHG&ref_id=1100lwnphLqB HTTP/1.1 
Host: www.hostelworld.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         2.23.138.202
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
accept-ranges: none
content-encoding: gzip
etag: "333f0-/tuPCgn6IMMrbWylEAECHHZAt2k"
strict-transport-security: max-age=15552000; includeSubDomains
vary: User-Agent, Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
date: Sun, 04 Dec 2022 13:05:52 GMT
content-length: 29982
set-cookie: optimizely-aid=469c8302-1c52-4a65-b30c-c4f27b063a11; domain=.hostelworld.com; path=/; max-age=63072000 geoCurrency=NOK; Domain=.hostelworld.com; path=/; secure; SameSite=Strict currency=NOK; Domain=.hostelworld.com; path=/; secure; SameSite=Strict country=Norway; Domain=.hostelworld.com; path=/; secure; SameSite=Strict
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, Unicode text, UTF-8 text, with very long lines (55858)
Size:   29982
Md5:    50378fca3bfefdb9e824befe35c7d3fa
Sha1:   33a97ad07b31042858bc175b0b02b4e4f96aa5d6
Sha256: 3f8e8ce3c03e0c64ea92bff18917dac8b4420fef11749fd18b4f99a43da2d305
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 13:05:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6137
Cache-Control: max-age=88258
Date: Sun, 04 Dec 2022 13:05:52 GMT
Etag: "638b38f9-1d7"
Expires: Mon, 05 Dec 2022 13:36:50 GMT
Last-Modified: Sat, 03 Dec 2022 11:54:33 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 6356
Cache-Control: max-age=136768
Date: Sun, 04 Dec 2022 13:05:52 GMT
Etag: "638bf59c-1d7"
Expires: Tue, 06 Dec 2022 03:05:20 GMT
Last-Modified: Sun, 04 Dec 2022 01:19:24 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /static/images/4.19.0.0/tagline.svg HTTP/1.1 
Host: icd.hwstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         163.171.134.109
HTTP/2 200 OK
content-type: image/svg+xml
                                        
date: Sun, 04 Dec 2022 13:05:52 GMT
content-length: 21310
expires: Fri, 09 Dec 2022 06:42:31 GMT
server: PWS/8.3.1.0.8
last-modified: Fri, 04 Nov 2022 11:57:22 GMT
etag: W/"6364fe22-c2d7"
access-control-allow-origin: *
content-encoding: gzip
cache-control: public, max-age=604800
age: 195801
via: 1.1 PSdgflkfFRA1bc200:6 (W), 1.1 PSrdsdgemSTO1sw92:12 (W)
x-px: ht PSrdsdgemSTO1sw92ARN
x-ws-request-id: 638c9b30_PS-ARN-016FX94_3585-56502
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- SVG XML document\012- XML 1.0 document text\012- SVG XML document\012- XML document text\012- exported SGML document text\012- exported SGML document, ASCII text, with very long lines (7346), with CRLF line terminators
Size:   21310
Md5:    8c5a9b86493a645688a019cada924953
Sha1:   42c5f4efe6b73ae9bfe33fa5fac6ede05b651f15
Sha256: 7408315a32a8156002f2ac4d6d1a2ddc62821c70ef87209af79ef25809f41717
                                        
                                            GET /gtag/js?id=AW-792870594 HTTP/1.1 
Host: www.googletagmanager.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.168
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Sun, 04 Dec 2022 13:05:52 GMT
expires: Sun, 04 Dec 2022 13:05:52 GMT
cache-control: private, max-age=900
last-modified: Sun, 04 Dec 2022 12:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 52884
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1921)
Size:   52884
Md5:    d86e946eb9adab835251478684d7a06e
Sha1:   2148c97f83f4a0d4e60c6d4234346c2b8317d23c
Sha256: f35581605ed3edce7812bace01cb62acd7ef355ccff679feed8ed8cc9f8a0503
                                        
                                            GET /_nuxt/app/469b2bf5989332e2cbcb.js HTTP/1.1 
Host: www.hostelworld.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/?source=affiliate-PHG-1011l9s5L&affiliate=PHG&ref_id=1100lwnphLqB
Cookie: optimizely-aid=469c8302-1c52-4a65-b30c-c4f27b063a11; geoCurrency=NOK; currency=NOK; country=Norway
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         2.23.138.202
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
accept-ranges: bytes
content-encoding: gzip
etag: W/"2bdd-184c85aa2f0"
last-modified: Wed, 30 Nov 2022 11:44:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
content-length: 6399
cache-control: public, max-age=604741
date: Sun, 04 Dec 2022 13:05:52 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (11229), with no line terminators
Size:   6399
Md5:    085dfd8dd2c558e85511a09a3ee7ec74
Sha1:   f88dd6c7fb26f509b183230391ff9b6cb6801dfc
Sha256: dfcd5517fc25d48e23b45ec4069585b0f74d443ddefd7365408b59dccdd7ad79
                                        
                                            GET /_nuxt/css/390edf439f6077138b9e.css HTTP/1.1 
Host: www.hostelworld.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/?source=affiliate-PHG-1011l9s5L&affiliate=PHG&ref_id=1100lwnphLqB
Cookie: optimizely-aid=469c8302-1c52-4a65-b30c-c4f27b063a11; geoCurrency=NOK; currency=NOK; country=Norway
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         2.23.138.202
HTTP/2 200 OK
content-type: text/css; charset=UTF-8
                                        
accept-ranges: bytes
content-encoding: gzip
etag: W/"108d-184c85aa2f0"
last-modified: Wed, 30 Nov 2022 11:44:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
content-length: 1687
cache-control: public, max-age=604746
date: Sun, 04 Dec 2022 13:05:52 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (4237), with no line terminators
Size:   1687
Md5:    bc6318bcd868bf050dcdaa922a61f76f
Sha1:   f33ec916c9944d1d16f966753c3c5d4a7ea16c45
Sha256: 59322b44d28c905adcc0f61cb327bfdfe6c7da7d70f2c2aed9ea906e2aace139
                                        
                                            GET /v3 HTTP/1.1 
Host: js.stripe.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.128.176
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
last-modified: Fri, 02 Dec 2022 21:24:46 GMT
etag: "3095c268dab7dd627cd11dfb810a7f24"
cache-control: max-age=60
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Sun, 04 Dec 2022 13:05:52 GMT
via: 1.1 varnish
age: 24
x-request-id: 63290931-6511-4798-a36e-bd4b50001a95
x-served-by: cache-bma1636-BMA
x-cache: HIT
x-cache-hits: 3
vary: Accept-Encoding
timing-allow-origin: *
content-length: 98959
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   98959
Md5:    6e5a6dd75007e3427b2d7ebbc796d8d5
Sha1:   f8d14655e32400ab0f30786bcf9eda48632f2a62
Sha256: 20aec94da8a26beabb8ba676492ebce2ce5c449b5e7d6b36e679536c8f266db8
                                        
                                            GET /_nuxt/img/789e4da.svg HTTP/1.1 
Host: www.hostelworld.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/?source=affiliate-PHG-1011l9s5L&affiliate=PHG&ref_id=1100lwnphLqB
Cookie: optimizely-aid=469c8302-1c52-4a65-b30c-c4f27b063a11; geoCurrency=NOK; currency=NOK; country=Norway
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         2.23.138.202
HTTP/2 200 OK
content-type: image/svg+xml
                                        
accept-ranges: bytes
content-encoding: gzip
etag: W/"138c-184c85aa2f0"
last-modified: Wed, 30 Nov 2022 11:44:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
content-length: 1886
cache-control: public, max-age=604796
date: Sun, 04 Dec 2022 13:05:52 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document text\012- exported SGML document, ASCII text
Size:   1886
Md5:    a7b8c279d32273acd564bceb74072c36
Sha1:   098403f46551d65414ab071c12e6e42d82bacb2c
Sha256: 83ba899f659607439f719a9039a13719ea0d33cd3182d4098785424c0fffbb02
                                        
                                            GET /image/upload/v1644506092/pwa/whosgoing/brazil_png.png HTTP/1.1 
Host: a.hwstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.66.104
HTTP/2 200 OK
content-type: image/png
                                        
etag: "bba5a4742d311565bc8fdb503e80d0ee"
last-modified: Wed, 16 Feb 2022 11:08:28 GMT
date: Sun, 04 Dec 2022 13:05:52 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=31557600
server-timing: fastly;dur=1;start=2022-12-04T13:05:52.377Z;desc=hit,rtt;dur=25
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
content-length: 5303
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 102 x 102, 8-bit/color RGBA, non-interlaced\012- data
Size:   5303
Md5:    bba5a4742d311565bc8fdb503e80d0ee
Sha1:   22397c44c2ac33530e35ff0b6b9a448f245041a7
Sha256: ae15f9f7654332678b3c54b132f80c20b2e1141c06d5226564ed89f5926a1d0b
                                        
                                            GET /image/upload/v1644506092/pwa/whosgoing/usa_png.png HTTP/1.1 
Host: a.hwstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.66.104
HTTP/2 200 OK
content-type: image/png
                                        
etag: "2ec61c621225e6422ceccc2628ac36d1"
last-modified: Wed, 16 Feb 2022 11:08:30 GMT
date: Sun, 04 Dec 2022 13:05:52 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=31557600
server-timing: fastly;dur=1;cpu=0;start=2022-12-04T13:05:52.377Z;desc=hit,rtt;dur=25
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
content-length: 5038
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 102 x 102, 8-bit/color RGBA, non-interlaced\012- data
Size:   5038
Md5:    2ec61c621225e6422ceccc2628ac36d1
Sha1:   946de346b05aaf8d8c2d737b105617a599e7ecfa
Sha256: de05e5e56b5da4d7e457f03133664c9290041afefff1a547b156ba2d0046d313
                                        
                                            GET /image/upload/q_75,h_166/v1644506092/pwa/whosgoing/user-f-luiza.jpg HTTP/1.1 
Host: a.hwstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.66.104
HTTP/2 200 OK
content-type: image/jpeg
                                        
etag: "04874a3f767f81848983b26d6f333c18"
last-modified: Mon, 28 Feb 2022 19:57:23 GMT
date: Sun, 04 Dec 2022 13:05:52 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=300
server-timing: fastly;dur=2;cpu=0;start=2022-12-04T13:05:52.377Z;desc=hit,rtt;dur=25
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
content-length: 6059
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, baseline, precision 8, 166x166, components 3\012- data
Size:   6059
Md5:    04874a3f767f81848983b26d6f333c18
Sha1:   742ee99dc694de7491067ced844c33d217807af4
Sha256: 7f1b3fdb236e87a5141fb47401fc01de58f3acdae3d9a692130386f9c527ecda
                                        
                                            GET /image/upload/q_75,h_166/v1644506092/pwa/whosgoing/user-jenny.jpg HTTP/1.1 
Host: a.hwstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.66.104
HTTP/2 200 OK
content-type: image/jpeg
                                        
etag: "2cbfb1b11db0b7eac8103e9c1c989535"
last-modified: Mon, 28 Feb 2022 19:57:23 GMT
date: Sun, 04 Dec 2022 13:05:52 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=300
server-timing: fastly;dur=2;cpu=1;start=2022-12-04T13:05:52.377Z;desc=hit,rtt;dur=25
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
content-length: 5386
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, baseline, precision 8, 166x166, components 3\012- data
Size:   5386
Md5:    2cbfb1b11db0b7eac8103e9c1c989535
Sha1:   e14f735e72d630d8b38d2ed66aa92a3935a2e6ff
Sha256: 1c6c2dd901351d2f7e3b09d65af8e25cff67167fd25d11a8528b2fb4846d6b6c
                                        
                                            GET /image/upload/v1644506092/pwa/whosgoing/germany_png.png HTTP/1.1 
Host: a.hwstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.66.104
HTTP/2 200 OK
content-type: image/png
                                        
etag: "3ce182462f57510a6c90e5f923c4b25c"
last-modified: Wed, 16 Feb 2022 11:08:28 GMT
date: Sun, 04 Dec 2022 13:05:52 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=31557600
server-timing: fastly;dur=1;cpu=0;start=2022-12-04T13:05:52.378Z;desc=hit,rtt;dur=25
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
content-length: 3541
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 102 x 102, 8-bit/color RGBA, non-interlaced\012- data
Size:   3541
Md5:    3ce182462f57510a6c90e5f923c4b25c
Sha1:   f54bad4386ac615fec23b14758af6d29777b2a5c
Sha256: 1a868eec97c9e14bf90f6b37024e0d8462a1ffd3cbd01d27039a45b4b13a3098
                                        
                                            GET /image/upload/q_75,h_166/v1644506092/pwa/whosgoing/user-laura.jpg HTTP/1.1 
Host: a.hwstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.66.104
HTTP/2 200 OK
content-type: image/jpeg
                                        
etag: "8c39c4c5995873acd7945e3990081cfc"
last-modified: Mon, 28 Feb 2022 19:57:22 GMT
date: Sun, 04 Dec 2022 13:05:52 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=300
server-timing: fastly;dur=1;cpu=0;start=2022-12-04T13:05:52.378Z;desc=hit,rtt;dur=25
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
content-length: 7822
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, baseline, precision 8, 166x166, components 3\012- data
Size:   7822
Md5:    8c39c4c5995873acd7945e3990081cfc
Sha1:   628e3e1c05917fe0f36614e58c89a8a00b2342dd
Sha256: b960ab60ee1cba9c5f6d70948b12958c5ca1062a8eeef4333db9867f3739c3e6
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 13:05:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /image/upload/v1644506092/pwa/whosgoing/portugal_png.png HTTP/1.1 
Host: a.hwstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.66.104
HTTP/2 200 OK
content-type: image/png
                                        
etag: "5360e6e6885d93454f3997c8b8528626"
last-modified: Wed, 16 Feb 2022 11:08:30 GMT
date: Sun, 04 Dec 2022 13:05:52 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=31557600
server-timing: fastly;dur=2;cpu=0;start=2022-12-04T13:05:52.378Z;desc=hit,rtt;dur=25
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
content-length: 5924
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 102 x 102, 8-bit/color RGBA, non-interlaced\012- data
Size:   5924
Md5:    5360e6e6885d93454f3997c8b8528626
Sha1:   d0997dc35d4e50e43576ff818a32cab95ac75961
Sha256: a1fb58401d3bca2f2a859835707f37de626d3aa464f24117d951f5e06ca9c2fd
                                        
                                            GET /image/upload/q_75,h_166/v1644506092/pwa/whosgoing/user-luka.jpg HTTP/1.1 
Host: a.hwstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.66.104
HTTP/2 200 OK
content-type: image/jpeg
                                        
etag: "e400771f7a698155c87ca3e79222d25d"
last-modified: Mon, 28 Feb 2022 19:57:23 GMT
date: Sun, 04 Dec 2022 13:05:52 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=300
server-timing: fastly;dur=2;cpu=1;start=2022-12-04T13:05:52.379Z;desc=hit,rtt;dur=25
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
content-length: 4455
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, baseline, precision 8, 166x166, components 3\012- data
Size:   4455
Md5:    e400771f7a698155c87ca3e79222d25d
Sha1:   935de2619c588e7dd78d0d3852ae524346ae119d
Sha256: 1236a7a113105ba9c0eaa06677e8b9e2bf1fc5cc5da83fba8efc71db752dcd6c
                                        
                                            GET /image/upload/v1645433308/pwa/chat/dashed-circle.svg HTTP/1.1 
Host: a.hwstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.66.104
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-disposition: attachment; filename="dashed-circle.svg"
content-encoding: br
etag: W/"10f4dd964780f0268c27a31167c2819f"
last-modified: Mon, 21 Feb 2022 08:48:30 GMT
date: Sun, 04 Dec 2022 13:05:52 GMT
vary: Accept-Encoding
strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=31557600
server-timing: fastly;dur=1;start=2022-12-04T13:05:52.384Z;desc=hit,rtt;dur=25
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 149
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text
Size:   149
Md5:    5cb52139bc73b7217ae8195e03cfbf72
Sha1:   3a0ebfd2162b0d8fec578cd80a222f57ce5b58e6
Sha256: a393a8ef23238eeaedce45eac481ffc094dfe0fa2a5077831001171cd59f0227
                                        
                                            GET /raw/upload/f_auto,q_auto/wds/logos/cnc.svg HTTP/1.1 
Host: a.hwstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.66.104
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-disposition: attachment; filename="cnc.svg"
content-encoding: br
etag: W/"ff1ec3bcf8e0c5fc68f3c57cb2a0c195"
last-modified: Tue, 02 Aug 2022 14:31:43 GMT
date: Sun, 04 Dec 2022 13:05:52 GMT
vary: Save-Data
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=31557600
server-timing: fastly;dur=2;cpu=0;start=2022-12-04T13:05:52.384Z;desc=hit,rtt;dur=25
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 6721
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (3736)
Size:   6721
Md5:    be3ad47bd86a7a079f6f36bb0439ddf7
Sha1:   4a6f60e97434d9abcca4f47f955f7083937cbc87
Sha256: 39282ff86b7faf08eb50902998cc4556fcd5996312f1b9e548c04c70fb4cecfc
                                        
                                            GET /image/upload/q_75,h_166/v1644506092/pwa/whosgoing/user-tom.jpg HTTP/1.1 
Host: a.hwstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.66.104
HTTP/2 200 OK
content-type: image/jpeg
                                        
etag: "eb28cf64ea368d4aff1b8d51d0fa906c"
last-modified: Mon, 28 Feb 2022 19:57:23 GMT
date: Sun, 04 Dec 2022 13:05:52 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=31557600
server-timing: fastly;dur=2;cpu=1;start=2022-12-04T13:05:52.385Z;desc=hit,rtt;dur=25
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
content-length: 7514
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, baseline, precision 8, 166x166, components 3\012- data
Size:   7514
Md5:    eb28cf64ea368d4aff1b8d51d0fa906c
Sha1:   9c9a5dfa5ee796ee2cd7cdcf89364b31bba43f82
Sha256: 8e1b40b3985c0585661435aebaba823f6b013408f053588c333f69f2b327399b
                                        
                                            GET /raw/upload/f_auto,q_auto/wds/illustrations/lg/eco.svg HTTP/1.1 
Host: a.hwstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.66.104
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-disposition: attachment; filename="eco.svg"
content-encoding: br
etag: W/"fec19b2ed466840767505b28a0da1172"
last-modified: Mon, 01 Aug 2022 13:01:21 GMT
date: Sun, 04 Dec 2022 13:05:52 GMT
vary: Save-Data
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=31557600
server-timing: fastly;dur=2;cpu=0;start=2022-12-04T13:05:52.384Z;desc=hit,rtt;dur=25
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 2525
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (1784)
Size:   2525
Md5:    db952cc37047a9d7e5db7311897e8351
Sha1:   60527c4d3964989f6b6b86c59e42f94fc651c3d7
Sha256: f57c88aca5ab6e6b0f90184ed79d25224d0d4fd9c4d6ab89f5924c8a428995d7
                                        
                                            GET /image/upload/v1644506092/pwa/whosgoing/china_png.png HTTP/1.1 
Host: a.hwstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.66.104
HTTP/2 200 OK
content-type: image/png
                                        
etag: "eb297e0b9361dc07bb862062609cf7a7"
last-modified: Wed, 16 Feb 2022 11:08:28 GMT
date: Sun, 04 Dec 2022 13:05:52 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=31557600
server-timing: fastly;dur=2;cpu=1;start=2022-12-04T13:05:52.385Z;desc=hit,rtt;dur=25
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
content-length: 3765
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 102 x 102, 8-bit/color RGBA, non-interlaced\012- data
Size:   3765
Md5:    eb297e0b9361dc07bb862062609cf7a7
Sha1:   97b8fbde29c0609a9c74d503bdbfaebe829c3424
Sha256: 0cc410beccec921c3e139913dd07cd9f42fd73c37bad5fc2ba0762ab15829876
                                        
                                            GET /image/upload/v1644506092/pwa/whosgoing/france_png.png HTTP/1.1 
Host: a.hwstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.66.104
HTTP/2 200 OK
content-type: image/png
                                        
etag: "ffb3a3c18a6befc51542e38e7ffdabe9"
last-modified: Wed, 16 Feb 2022 11:08:28 GMT
date: Sun, 04 Dec 2022 13:05:52 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=31557600
server-timing: fastly;dur=2;cpu=1;start=2022-12-04T13:05:52.385Z;desc=hit,rtt;dur=25
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
content-length: 2983
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 102 x 102, 8-bit/color RGBA, non-interlaced\012- data
Size:   2983
Md5:    ffb3a3c18a6befc51542e38e7ffdabe9
Sha1:   06f3ba14bc4c015e6abcb55db93764d79d635700
Sha256: 2e3987e1426278f1080d8730dd9db0feb9cde0c09a1d223a65a5cc5b283c203a
                                        
                                            GET /image/upload/q_75,h_166/v1644506092/pwa/whosgoing/user-victoria.jpg HTTP/1.1 
Host: a.hwstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.66.104
HTTP/2 200 OK
content-type: image/jpeg
                                        
etag: "72c6005e23df085ade46d8af4623c954"
last-modified: Mon, 28 Feb 2022 19:57:23 GMT
date: Sun, 04 Dec 2022 13:05:52 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=31557600
server-timing: fastly;dur=2;cpu=1;start=2022-12-04T13:05:52.385Z;desc=hit,rtt;dur=25
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
content-length: 6727
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, baseline, precision 8, 166x166, components 3\012- data
Size:   6727
Md5:    72c6005e23df085ade46d8af4623c954
Sha1:   2bdeb716e6b0c788298ab62845c81691d015c48b
Sha256: 558523837546b75532eb2d339377909939d4247cb41be7bc34363c86b3435742
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1117
Cache-Control: max-age=104509
Date: Sun, 04 Dec 2022 13:05:52 GMT
Etag: "638b8c11-1d7"
Expires: Mon, 05 Dec 2022 18:07:41 GMT
Last-Modified: Sat, 03 Dec 2022 17:49:05 GMT
Server: ECS (amb/6B7E)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /image/upload/q_75,h_166/v1644506092/pwa/whosgoing/user-pierre.jpg HTTP/1.1 
Host: a.hwstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.66.104
HTTP/2 200 OK
content-type: image/jpeg
                                        
etag: "5308dea6ff8047555161ff2c4cdee290"
last-modified: Mon, 28 Feb 2022 19:57:23 GMT
date: Sun, 04 Dec 2022 13:05:52 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=300
server-timing: fastly;dur=2;cpu=0;start=2022-12-04T13:05:52.385Z;desc=hit,rtt;dur=25
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
content-length: 4776
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, baseline, precision 8, 166x166, components 3\012- data
Size:   4776
Md5:    5308dea6ff8047555161ff2c4cdee290
Sha1:   f6338db38dfb96541306702236a7c1501fc2acde
Sha256: 9f18a498a782b659ac707367333080254b5987b4714de5db2f224ffc583d0407
                                        
                                            GET /image/upload/v1644506092/pwa/whosgoing/spain_png.png HTTP/1.1 
Host: a.hwstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.66.104
HTTP/2 200 OK
content-type: image/png
                                        
etag: "4352e8f192391d11983f0f6de59cc3e7"
last-modified: Wed, 16 Feb 2022 11:08:30 GMT
date: Sun, 04 Dec 2022 13:05:52 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=31557600
server-timing: fastly;dur=2;cpu=1;start=2022-12-04T13:05:52.385Z;desc=hit,rtt;dur=25
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
content-length: 6124
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 102 x 102, 8-bit/color RGBA, non-interlaced\012- data
Size:   6124
Md5:    4352e8f192391d11983f0f6de59cc3e7
Sha1:   d3010860604f179ae55b9fb5260e430baf49fd70
Sha256: 84dd4cec031283ec664e5265859cabeadad794eae5bb2d228f3880b16d5c86ae
                                        
                                            GET /image/upload/q_75,h_166/v1644506092/pwa/whosgoing/user-pan.jpg HTTP/1.1 
Host: a.hwstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.66.104
HTTP/2 200 OK
content-type: image/jpeg
                                        
etag: "fa1e6268301514470f6a6ecf4e1d1e24"
last-modified: Mon, 28 Feb 2022 19:57:23 GMT
date: Sun, 04 Dec 2022 13:05:52 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=300
server-timing: fastly;dur=2;cpu=0;start=2022-12-04T13:05:52.385Z;desc=hit,rtt;dur=25
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
content-length: 8273
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, baseline, precision 8, 166x166, components 3\012- data
Size:   8273
Md5:    fa1e6268301514470f6a6ecf4e1d1e24
Sha1:   5120be3f1586ed5e1be0cb5362b44bee509be452
Sha256: 4c612395c56fd5faabe6c8126f4ddd3a38aaf9598d031446781b3b2740f381cf
                                        
                                            GET /image/upload/v1644506092/pwa/whosgoing/south-korea_png.png HTTP/1.1 
Host: a.hwstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.66.104
HTTP/2 200 OK
content-type: image/png
                                        
etag: "1750234397cce89c1acfcd90f7f7c9bf"
last-modified: Wed, 16 Feb 2022 11:08:30 GMT
date: Sun, 04 Dec 2022 13:05:52 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=31557600
server-timing: fastly;dur=2;cpu=1;start=2022-12-04T13:05:52.385Z;desc=hit,rtt;dur=25
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
content-length: 4812
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 102 x 102, 8-bit/color RGBA, non-interlaced\012- data
Size:   4812
Md5:    1750234397cce89c1acfcd90f7f7c9bf
Sha1:   e79179f497a7a3c84f0f033bdd649eba575ee040
Sha256: 8a92beda1c03e585d536e3990c8508e52ae5e8124ae30250fc382d6e72c66995
                                        
                                            GET /raw/upload/f_auto,q_auto/wds/logos/docusign.svg HTTP/1.1 
Host: a.hwstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.66.104
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-disposition: attachment; filename="docusign.svg"
content-encoding: br
etag: W/"b474b1e78d1ac78387991afe95b53e13"
last-modified: Thu, 20 Jan 2022 15:48:57 GMT
date: Sun, 04 Dec 2022 13:05:52 GMT
vary: Save-Data
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=31557600
server-timing: fastly;dur=3;cpu=0;start=2022-12-04T13:05:52.384Z;desc=hit,rtt;dur=25
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 9989
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- , ASCII text, with very long lines (4596)
Size:   9989
Md5:    b7f25f00840530c7d557c3834e6683a8
Sha1:   d82c59574901c515dd4bad51077d004a5cb36c2a
Sha256: 938dae78a810dbb24b3830a34f768a1005c7b383e89e8c37962ca5adc3540062
                                        
                                            GET /image/upload/v1644506092/pwa/whosgoing/italy_png.png HTTP/1.1 
Host: a.hwstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.66.104
HTTP/2 200 OK
content-type: image/png
                                        
etag: "e329c750a958243920620796a8eea5cd"
last-modified: Wed, 16 Feb 2022 11:08:29 GMT
date: Sun, 04 Dec 2022 13:05:52 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=31557600
server-timing: fastly;dur=1;cpu=0;start=2022-12-04T13:05:52.386Z;desc=hit,rtt;dur=25
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
content-length: 3755
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 102 x 102, 8-bit/color RGBA, non-interlaced\012- data
Size:   3755
Md5:    e329c750a958243920620796a8eea5cd
Sha1:   decec82fcedc1b9e46366395abdbade0b11817af
Sha256: ea18a3cec574499d9be6c87569b462e7d41d32004d185b2001c3a0d086fde1c9
                                        
                                            GET /aff_r?offer_id=9947&aff_id=101167&url=https%3A%2F%2Fprf.hn%2Fclick%2Fcamref%3A1011l9s5L%2Fpubref%3A102a8fce2a3e56287a24ca72dac005%2Fadref%3A101167&urlauth=504898936004611376201621661456 HTTP/1.1 
Host: trk.buyent.xyz
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Cookie: enc_aff_session_9947=ENC03bc9840c412078c41363c2b49c35520d4a1e36f07277de2e8c428d3f94559d6d7d937b97a3bc9f2679b2e8106288d20ca786da9380d5cef9691e9dc6f789261a6b3cdbe9d359e9caf306abac2c0a51ddf71acca271412ad56f0392eca50ac952db2e784e689f0fae2c677ff2d436404df855ce4febc5c2ddbb0a082f3ea8eb3ef161adc36; ho_mob=eyJtb2JpbGVfZGV2aWNlX29zIjoiRGVza3RvcCIsIm1vYmlsZV9kZXZpY2VfbW9kZWwiOiJGaXJlZm94IiwibW9iaWxlX2RldmljZV9icmFuZCI6Ik1vemlsbGEiLCJtb2JpbGVfYnJvd3NlciI6IkZpcmVmb3ggRGVza3RvcCIsIm1vYmlsZV9icm93c2VyX3ZlcnNpb24iOiIxMDUuMCIsIm1vYmlsZV9jYXJyaWVyIjoiPyIsInVzZXJfYWdlbnQiOiJNb3ppbGxhLzUuMCAoV2luZG93cyBOVCAxMC4wOyBXaW42NDsgWDY0OyBSdjoxMDUuMCkgR2Vja28vMjAxMDAxMDEgRmlyZWZveC8xMDUuMCIsImFjY2VwdF9sYW5ndWFnZSI6ImVuLVVTLGVuO3E9MC41IiwiY29ubmVjdGlvbl9zcGVlZCI6ImJyb2FkYmFuZCJ9
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         172.67.195.5
HTTP/2 302 Found
content-type: text/html; charset=iso-8859-1
                                        
date: Sun, 04 Dec 2022 13:05:51 GMT
location: https://prf.hn/click/camref:1011l9s5L/pubref:102a8fce2a3e56287a24ca72dac005/adref:101167
cache-control: no-cache, no-store, must-revalidate
expires: Sat, 26 Jul 1997 05:00:00 GMT
pragma: no-cache
access-control-allow-origin: *
x-request-id: c66e781b3e041402d1ab6914038fc4c1
access-control-allow-headers: Tune-SDK-Version
cf-cache-status: DYNAMIC
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=s%2FBd6JjndqRMjj6ABs11lK3HXSZdhYVuNWL72Fk4vFOtIMVPTZspQzCjeaHVefscnfJhF9FtLImIq%2F3vSPn7dXKeIbU1s1xd0e8O9OBLS3%2BMNqPPg1v9ICjIEhZZFxQi3A%3D%3D"}],"group":"cf-nel","max_age":604800}
nel: {"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server: cloudflare
cf-ray: 7744c1876aac0b45-OSL
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   8371
Md5:    72fb57826837834989af0f0466b1e3d1
Sha1:   ec385b7763f35ca8d6a13c94e6f356f114ae0b4c
Sha256: a090347060d8e75549f0eac69ddeabb4c7a01c5f71e8ce30ea011c28c072792b
                                        
                                            GET /image/upload/v1644506092/pwa/whosgoing/ireland_png.png HTTP/1.1 
Host: a.hwstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.66.104
HTTP/2 200 OK
content-type: image/png
                                        
etag: "5e6e457f553df5af4fc4b988a70d50f3"
last-modified: Wed, 16 Feb 2022 11:08:28 GMT
date: Sun, 04 Dec 2022 13:05:52 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=31557600
server-timing: fastly;dur=2;cpu=0;start=2022-12-04T13:05:52.402Z;desc=hit,rtt;dur=19
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
content-length: 3681
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 102 x 102, 8-bit/color RGBA, non-interlaced\012- data
Size:   3681
Md5:    5e6e457f553df5af4fc4b988a70d50f3
Sha1:   f80fa6498000963ec4d6cd9fc7fc9857c4b729b1
Sha256: c89d56c06c91f7b060ec1cd9bd0771a9811cd8a6785cf64308a4360347161785
                                        
                                            GET /image/upload/v1644506092/pwa/whosgoing/poland_png.png HTTP/1.1 
Host: a.hwstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.66.104
HTTP/2 200 OK
content-type: image/png
                                        
etag: "e25c976545d2b46525a097750b9a1817"
last-modified: Wed, 16 Feb 2022 11:08:28 GMT
date: Sun, 04 Dec 2022 13:05:52 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, immutable, max-age=31557600
server-timing: fastly;dur=1;cpu=0;start=2022-12-04T13:05:52.402Z;desc=hit,rtt;dur=19
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
content-length: 2800
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 102 x 102, 8-bit/color RGBA, non-interlaced\012- data
Size:   2800
Md5:    e25c976545d2b46525a097750b9a1817
Sha1:   521fff5c6be71efd05356f6610b40d13fa0cd819
Sha256: 2730f6141ca264f250e47830a84d689daf5820e5d14931e39ca91ce4b1980169
                                        
                                            GET /image/upload/q_75,h_166/v1644506092/pwa/whosgoing/user-anna.jpg HTTP/1.1 
Host: a.hwstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.66.104
HTTP/2 200 OK
content-type: image/jpeg
                                        
etag: "b6282537943d8fcc84e28817a1f013f3"
last-modified: Mon, 28 Feb 2022 19:57:23 GMT
date: Sun, 04 Dec 2022 13:05:52 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=300
server-timing: fastly;dur=1;start=2022-12-04T13:05:52.403Z;desc=hit,rtt;dur=19
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
content-length: 7055
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, baseline, precision 8, 166x166, components 3\012- data
Size:   7055
Md5:    b6282537943d8fcc84e28817a1f013f3
Sha1:   d87578a7e56ed855af75496c2ce432a02a01b1a1
Sha256: faba9023fef04672a4babfbabec3f800a2290c539344ac7e66c9252c5a85fda7
                                        
                                            GET /image/upload/q_75,h_166/v1644506092/pwa/whosgoing/miser-mike.jpg HTTP/1.1 
Host: a.hwstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         151.101.66.104
HTTP/2 200 OK
content-type: image/jpeg
                                        
etag: "666df9c4b7c20fd8e409c74d563ee3e1"
last-modified: Mon, 28 Feb 2022 19:57:23 GMT
date: Sun, 04 Dec 2022 13:05:52 GMT
strict-transport-security: max-age=604800
cache-control: public, no-transform, max-age=300
server-timing: fastly;dur=2;cpu=1;start=2022-12-04T13:05:52.403Z;desc=hit,rtt;dur=19
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,ETag,Server-Timing,X-Content-Type-Options
content-length: 6185
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  JPEG image data, JFIF standard 1.01, resolution (DPI), density 144x144, segment length 16, baseline, precision 8, 166x166, components 3\012- data
Size:   6185
Md5:    666df9c4b7c20fd8e409c74d563ee3e1
Sha1:   108757ae2206d4b9d0b67a39b982bcdca82a67d0
Sha256: f6f4f91083f7c311e3e33b8dfb557ed5f0ea94453dde4a226951a109c14efb07
                                        
                                            GET /_nuxt/chunk/e1505db47f8440c61a78.js HTTP/1.1 
Host: www.hostelworld.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/?source=affiliate-PHG-1011l9s5L&affiliate=PHG&ref_id=1100lwnphLqB
Cookie: optimizely-aid=469c8302-1c52-4a65-b30c-c4f27b063a11; geoCurrency=NOK; currency=NOK; country=Norway
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         2.23.138.202
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
accept-ranges: bytes
content-encoding: gzip
etag: W/"2296a-184c85aa2f0"
last-modified: Wed, 30 Nov 2022 11:44:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
content-length: 47481
cache-control: public, max-age=604690
date: Sun, 04 Dec 2022 13:05:52 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65474)
Size:   47481
Md5:    e79c24718095823ff3eec9a13d0d829e
Sha1:   3f1ba51c2beae94f76d9315e9df97d865d03efce
Sha256: b1d0d6e5441f8303faed943bd44bc13f8f4393235c26b4484655ea907fe13635
                                        
                                            GET /upp/payment/js/secure-fields-2.0.0.js HTTP/1.1 
Host: pay.datatrans.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         193.16.220.35
HTTP/1.1 200
Content-Type: application/javascript;charset=UTF-8
                                        
Server: nginx
Date: Sun, 04 Dec 2022 13:05:52 GMT
Transfer-Encoding: chunked
Connection: keep-alive
Strict-Transport-Security: max-age=31536000; includeSubdomains
P3P: CP="IDC DSP COR ADM DEVi TAIi PSA PSD IVAi IVDi CONi HIS OUR IND CNT"
X-XSS-Protection: 1; mode=block
Content-Security-Policy-Report-Only: default-src 'self'; script-src 'self' 'unsafe-inline' https://pay.google.com; style-src 'self' 'unsafe-inline' https://fonts.googleapis.com; img-src 'self' data: https://www.gstatic.com; font-src 'self' data: https://fonts.gstatic.com; connect-src 'self'; child-src 'self'; frame-src 'self' https://pay.google.com https://3d.sandbox.datatrans.com https://3d.datatrans.com; object-src 'self'; report-uri /upp/csp-report
Cache-Control: public, max-age=300
Expires: Sun, 04 Dec 2022 13:10:52 GMT
ETag: 1669815014765


--- Additional Info ---
Magic:  ASCII text, with CRLF, LF line terminators
Size:   18498
Md5:    251e61b19e5d7d4d55fdc69271608e7d
Sha1:   235ebd6c6afd97233d268832ca026f59a5a8eb4a
Sha256: e239b8289ca6b3c0e5736531d7b9cdcac4c5470dafde7e13b175fd4f13207a58
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 13:05:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 13:05:52 GMT
Content-Length: 938
Connection: keep-alive
Expires: Thu, 08 Dec 2022 11:08:20 GMT
ETag: "301950eb3aa2746a7543b8a31c20f31b53213373"
Last-Modified: Sun, 04 Dec 2022 11:08:21 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7744c18e989a1bfe-OSL

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 13:05:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gseccovsslca2018 HTTP/1.1 
Host: ocsp.globalsign.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 79
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         104.18.21.226
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 13:05:52 GMT
Content-Length: 938
Connection: keep-alive
Expires: Thu, 08 Dec 2022 11:08:20 GMT
ETag: "301950eb3aa2746a7543b8a31c20f31b53213373"
Last-Modified: Sun, 04 Dec 2022 11:08:21 GMT
Cache-Control: public, no-transform, must-revalidate, s-maxage=3600
CF-Cache-Status: HIT
Age: 0
Accept-Ranges: bytes
Vary: Accept-Encoding
Server: cloudflare
CF-RAY: 7744c1905a061bfe-OSL

                                        
                                            GET /image/upload/f_auto,q_auto/CRO/hwpwa-3223/variation3-lg.jpg HTTP/1.1 
Host: a.hwstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.66.104
HTTP/2 200 OK
content-type: image/webp
                                        
content-disposition: inline; filename="variation3-lg.webp"
etag: "5d527e88abcb553db429c590e3842258"
last-modified: Thu, 14 Apr 2022 09:57:57 GMT
date: Sun, 04 Dec 2022 13:05:52 GMT
vary: Save-Data
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=31557600
server-timing: fastly;dur=8;cpu=1;start=2022-12-04T13:05:52.710Z;desc=hit,rtt;dur=16
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 76820
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  RIFF (little-endian) data, Web/P image, VP8 encoding, 1600x754, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size:   76820
Md5:    5d527e88abcb553db429c590e3842258
Sha1:   0cb8fa95c7eb9a33147edef8ca1be33a4ec7b691
Sha256: f00673d131ffcabcd7e0882d69bb450f6b5a9d58c108e6629a43d44bd468393b
                                        
                                            GET /_nuxt/fonts/ee3b3c0.woff2 HTTP/1.1 
Host: www.hostelworld.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Connection: keep-alive
Referer: https://www.hostelworld.com/_nuxt/css/ad59e942803425510036.css
Cookie: optimizely-aid=469c8302-1c52-4a65-b30c-c4f27b063a11; geoCurrency=NOK; currency=NOK; country=Norway
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         2.23.138.202
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
content-length: 4424
etag: W/"1148-184c85aa2f0"
last-modified: Wed, 30 Nov 2022 11:44:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
cache-control: public, max-age=604739
date: Sun, 04 Dec 2022 13:05:52 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 4424, version 1.0\012- data
Size:   4424
Md5:    ee3b3c0deb62997ca4ed94d7a0fdafe6
Sha1:   4f8faf66c8a33b13214a7c4a8f6e42400ed61c73
Sha256: e9ad6c198121e0e23a85fd2451fa5de64831b3416fa90d95c4facaa3c4859b98
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 13:05:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 13:05:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 13:05:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /s/inter/v3/UcC73FwrK3iLTeHuS_fvQtMwCp50KnMa1ZL7W0Q5nw.woff2 HTTP/1.1 
Host: fonts.gstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://www.hostelworld.com
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.227
HTTP/2 200 OK
content-type: font/woff2
                                        
accept-ranges: bytes
access-control-allow-origin: *
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
timing-allow-origin: *
content-length: 36936
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Sat, 03 Dec 2022 14:48:09 GMT
expires: Sun, 03 Dec 2023 14:48:09 GMT
cache-control: public, max-age=31536000
age: 80263
last-modified: Thu, 28 Jan 2021 22:47:12 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Web Open Font Format (Version 2), TrueType, length 36936, version 1.0\012- data
Size:   36936
Md5:    5c87e5e600db85bdc4e94d55efd163ca
Sha1:   dec8cb86bfd07d7bc2958199c4487f463de4d4c2
Sha256: b8f1c14c5b866e78f8a733e4b6dc07939ced609e89fee2bf4e5261cd6b5ecb23
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 13:05:52 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /css2?family=Poppins:ital,wght@1,700&display=swap HTTP/1.1 
Host: fonts.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.106
HTTP/2 200 OK
content-type: text/css; charset=utf-8
                                        
access-control-allow-origin: *
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
strict-transport-security: max-age=31536000
expires: Sun, 04 Dec 2022 13:05:52 GMT
date: Sun, 04 Dec 2022 13:05:52 GMT
cache-control: private, max-age=86400
cross-origin-opener-policy: same-origin-allow-popups
cross-origin-resource-policy: cross-origin
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-frame-options: SAMEORIGIN
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  data
Size:   8246
Md5:    431ef237d6b0a71099ab8d7216b34d96
Sha1:   63d770f62403738b6cd03242817954b93f7c7f1e
Sha256: 4b13a6807a0c3a4bdf94da8bc23a54d0c37935f93032233252161600998d9e7e
                                        
                                            GET /sw.js HTTP/1.1 
Host: www.hostelworld.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Service-Worker: script
Connection: keep-alive
Cookie: optimizely-aid=469c8302-1c52-4a65-b30c-c4f27b063a11; geoCurrency=NOK; currency=NOK; country=Norway
Sec-Fetch-Dest: serviceworker
Sec-Fetch-Mode: same-origin
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         2.23.138.202
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
accept-ranges: bytes
content-encoding: gzip
etag: W/"12d47-184c85b5a88"
last-modified: Wed, 30 Nov 2022 11:45:41 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
content-length: 19840
cache-control: public, max-age=31536
date: Sun, 04 Dec 2022 13:05:53 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   19840
Md5:    1c7cf25baf76e9e81cb8ee239d473c07
Sha1:   e3180e3d77156358882dadc0ea5ae0c5ea5d03ce
Sha256: 3767da2707ff8ddacc41df635534a76de018f67cab55e3a4cd49d43ddace0d19
                                        
                                            GET /v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html HTTP/1.1 
Host: js.stripe.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.128.176
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
etag: "93afeeb17bc37e711759584dbfc50d47"
cache-control: max-age=31536000
content-security-policy: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
content-security-policy-report-only: base-uri 'none'; connect-src 'self' https://r.stripe.com; default-src 'self'; font-src 'none'; form-action 'none'; frame-src https://m.stripe.network; img-src https://q.stripe.com; media-src 'none'; object-src 'none'; script-src 'self'; style-src 'self'; report-uri https://q.stripe.com/csp-report
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Sun, 04 Dec 2022 13:05:53 GMT
via: 1.1 varnish
age: 1789228
x-request-id: e923459c-6b9a-4eda-aff2-51e82fffaae9
x-served-by: cache-bma1636-BMA
x-cache: HIT
x-cache-hits: 404320
vary: Accept-Encoding
timing-allow-origin: *
content-length: 122
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with no line terminators
Size:   122
Md5:    0fb49bf445ceac1dcb1b6c5d284a57a1
Sha1:   8988f3ceef20a494a419e595e8d802a0dc663c7a
Sha256: 5e0d98b9fefc9f5ccf02b5ac4f4e4de3fe727a1ac97a4cd778efd58062afd5e8
                                        
                                            GET /_nuxt/chunk/4c131464366fc2c86a27.js HTTP/1.1 
Host: www.hostelworld.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/?source=affiliate-PHG-1011l9s5L&affiliate=PHG&ref_id=1100lwnphLqB
Cookie: optimizely-aid=469c8302-1c52-4a65-b30c-c4f27b063a11; geoCurrency=NOK; currency=NOK; country=Norway
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         2.23.138.202
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
accept-ranges: bytes
content-encoding: gzip
etag: W/"71105-184c85aa2f0"
last-modified: Wed, 30 Nov 2022 11:44:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
content-length: 138835
cache-control: public, max-age=604780
date: Sun, 04 Dec 2022 13:05:53 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (62945)
Size:   138835
Md5:    da196ae17b52595bbc3e4ab7a7e87691
Sha1:   dcdda813eaccda84c371f906b57bef148b140fd8
Sha256: 5406113c731394ff4fe9ee03c2883a91c2dfecc96d9dbb1aa3160fcac9a06ff4
                                        
                                            GET /_nuxt/chunk/413a8e789f3b2db76020.js HTTP/1.1 
Host: www.hostelworld.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/?source=affiliate-PHG-1011l9s5L&affiliate=PHG&ref_id=1100lwnphLqB
Cookie: optimizely-aid=469c8302-1c52-4a65-b30c-c4f27b063a11; geoCurrency=NOK; currency=NOK; country=Norway
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         2.23.138.202
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
accept-ranges: bytes
content-encoding: gzip
etag: W/"10318-184c85aa2f0"
last-modified: Wed, 30 Nov 2022 11:44:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
content-length: 21631
cache-control: public, max-age=604800
date: Sun, 04 Dec 2022 13:05:53 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (59499), with no line terminators
Size:   21631
Md5:    d7bc141830f0d7bf54f85f676ef9fcfa
Sha1:   f4ba48e8425cdc0780a5b2eb99a05983f7457f1b
Sha256: 27cc3ede43794638da0b72b9fc4eee16529373182ee42df345b894d3c0ffc842
                                        
                                            GET /v3/fingerprinted/js/m-outer-8cb24ab2d649fd36a488d04d8c457933.js HTTP/1.1 
Host: js.stripe.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/v3/m-outer-93afeeb17bc37e711759584dbfc50d47.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         151.101.128.176
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
last-modified: Sun, 13 Nov 2022 20:03:40 GMT
etag: "f8f6a4584135f737b26927596ce6e0a7"
cache-control: max-age=31536000
strict-transport-security: max-age=31556926; includeSubDomains; preload
x-content-type-options: nosniff
access-control-allow-origin: *
server: Fastly
content-encoding: br
accept-ranges: bytes
date: Sun, 04 Dec 2022 13:05:53 GMT
via: 1.1 varnish
age: 1789227
x-request-id: b54cd3ce-f46f-450d-9706-638d70a12590
x-served-by: cache-bma1636-BMA
x-cache: HIT
x-cache-hits: 348178
vary: Accept-Encoding
timing-allow-origin: *
content-length: 332
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (526)
Size:   332
Md5:    ada7d17b721f065b91d249c998f2967e
Sha1:   1c686ed2c2218a3889b7d9a9b1acdf851b0bf563
Sha256: 12125f2ad96bb800b475309dcc276eeddffd6db095e29fe1f8514b3f8c7e544a
                                        
                                            GET /_nuxt/chunk/76248ef24925e9b9b0f6.js HTTP/1.1 
Host: www.hostelworld.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/?source=affiliate-PHG-1011l9s5L&affiliate=PHG&ref_id=1100lwnphLqB
Cookie: optimizely-aid=469c8302-1c52-4a65-b30c-c4f27b063a11; geoCurrency=NOK; currency=NOK; country=Norway
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         2.23.138.202
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
accept-ranges: bytes
content-encoding: gzip
etag: W/"1c322-184c85aa2f0"
last-modified: Wed, 30 Nov 2022 11:44:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
content-length: 42352
cache-control: public, max-age=604694
date: Sun, 04 Dec 2022 13:05:53 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (61231)
Size:   42352
Md5:    c78602ad81022fb1266c98c4df50d3a4
Sha1:   133806e8d4211e2b0fb60f13275a661074b652c9
Sha256: cd16ab08db4abd285b29c1924249bb0815d168ae4a7c492588f9e6b639ba7af4
                                        
                                            GET /inner.html HTTP/1.1 
Host: m.stripe.network
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://js.stripe.com/
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: iframe
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: cross-site

search
                                         54.230.111.59
HTTP/2 200 OK
content-type: text/html; charset=utf-8
                                        
content-length: 930
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
accept-ranges: bytes
server: Cloudfront
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-security-policy: base-uri 'none'; connect-src https://m.stripe.network https://m.stripe.com; default-src 'none'; font-src https://m.stripe.network https://fonts.gstatic.com; form-action 'none'; frame-src https://m.stripe.network https://js.stripe.com; img-src https://m.stripe.network https://m.stripe.com https://b.stripecdn.com; script-src https://m.stripe.network 'sha256-e/Jqu4k9Gk1ZCWO6StAsfhF3i7qgIwfuitaD1g9DyvE='; style-src https://m.stripe.network; report-uri https://q.stripe.com/csp-report
date: Sun, 04 Dec 2022 13:05:00 GMT
cache-control: max-age=300, public
etag: "fc2e029628f163bb59adc6fa5a31161c"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: p8q81U0Xvor0kz8Dc05RGo9K75WpCJs2lG8UjEu75xE7C1_ldTy_zw==
age: 55
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- HTML document text\012- exported SGML document, ASCII text, with very long lines (930), with no line terminators
Size:   930
Md5:    fc2e029628f163bb59adc6fa5a31161c
Sha1:   0f4547ae510d1bf36e3630d41bdab29d64c03d64
Sha256: a5f27af9c0c6f37979ebafcac22eb3a613841a3d4e728f4577baf94e64d42f35
                                        
                                            GET /_nuxt/workbox.4c4f5ca6.js HTTP/1.1 
Host: www.hostelworld.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/sw.js
Cookie: optimizely-aid=469c8302-1c52-4a65-b30c-c4f27b063a11; geoCurrency=NOK; currency=NOK; country=Norway
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         2.23.138.202
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
accept-ranges: bytes
content-encoding: gzip
etag: W/"5e0-184c85b5a88"
last-modified: Wed, 30 Nov 2022 11:45:41 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
content-length: 811
cache-control: public, max-age=604699
date: Sun, 04 Dec 2022 13:05:53 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1463)
Size:   811
Md5:    a17b533c440f9945a1e5d7916c16e3a4
Sha1:   1eb236f7c3b58560ca12fb25d793b038db5ce8f4
Sha256: a84e8323cc43db50fe5365432ef1be4cd4637ad88f3ec51a924c64756f20065d
                                        
                                            GET /assets/session-sw.js HTTP/1.1 
Host: www.hostelworld.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/sw.js
Cookie: optimizely-aid=469c8302-1c52-4a65-b30c-c4f27b063a11; geoCurrency=NOK; currency=NOK; country=Norway
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
Pragma: no-cache
Cache-Control: no-cache
TE: trailers

search
                                         2.23.138.202
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
accept-ranges: bytes
content-encoding: gzip
etag: W/"2f7-184c84a2830"
last-modified: Wed, 30 Nov 2022 11:26:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
content-length: 386
cache-control: public, max-age=31536
date: Sun, 04 Dec 2022 13:05:53 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text
Size:   386
Md5:    515f6f989cb37cee3b225f67f6263208
Sha1:   009a7a0eb7de0d5b86cc29cc7a80bbe9a1945d5f
Sha256: 81fce394239021bcb7c9ae7fbf8f7f22f200a47e008cc84e0a2e0615fa6206e6
                                        
                                            GET /i18n/pixel/events.js?sdkid=C3VRSMHU9OSLU1GC85TG&lib=ttq HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         95.101.11.171
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
x-tt-logid: 20221204130553AEA4E715C49FC070FD94
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb6eb6b846c0a08f69406bdc2f307418fc37ba0a497362faf9b1ca12451a114abb7c1a9387d6e7295bb915b0829938e1cc736c93668c8408db3b6a57b13e103ba08b682c943f0c13f889e562bdcb36f06c7
content-encoding: gzip
content-length: 1083
x-origin-response-time: 9,23.220.106.7
x-akamai-request-id: 22c4df6a.54a829b2
expires: Sun, 04 Dec 2022 13:05:53 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 04 Dec 2022 13:05:53 GMT
x-cache: TCP_MISS from a95-101-11-167.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
set-cookie: _ttp=2IRzOo3yek3MLxIfgFEjtUHhEm6; Path=/; Domain=tiktok.com; Max-Age=33696000; Secure; SameSite=None
x-cache-remote: TCP_MISS from a23-220-106-7.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=91, origin; dur=9, inner; dur=3
x-parent-response-time: 99,95.101.11.167
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2140)
Size:   1083
Md5:    cd3c98f3e6ae3cc1f4a45c5c7fe77b67
Sha1:   7110b6b7d8e5b682f61ea29a567dcc8e05caaece
Sha256: 6491e237935c7d7a8e4253d2aaa6053b5734803ae0a0a9beab4d5f61d7b10858
                                        
                                            GET /_nuxt/chunk/a3a534c3269638911d30.js HTTP/1.1 
Host: www.hostelworld.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/?source=affiliate-PHG-1011l9s5L&affiliate=PHG&ref_id=1100lwnphLqB
Cookie: optimizely-aid=469c8302-1c52-4a65-b30c-c4f27b063a11; geoCurrency=NOK; currency=NOK; country=Norway
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         2.23.138.202
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
accept-ranges: bytes
content-encoding: gzip
etag: W/"9ce6-184c85aa2f0"
last-modified: Wed, 30 Nov 2022 11:44:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
content-length: 14668
cache-control: public, max-age=604800
date: Sun, 04 Dec 2022 13:05:53 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (38122), with no line terminators
Size:   14668
Md5:    d533a611d89fb1efe3061439510aea2e
Sha1:   f823bfceee0f329ec0124d3b2b74d40deeb16574
Sha256: e3e0fb503a59ff4e5d32fe0742f1c12f2551e22fff6152efcfdc295874f84c74
                                        
                                            GET /i18n/pixel/static/main.MTRjZDliOGFlMA.js HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Cookie: _ttp=2IRzOo3yek3MLxIfgFEjtUHhEm6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         95.101.11.171
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
cache-control: public, max-age=31536000, immutable
x-tt-logid: 2022120115193754F856876F5630EF3AAC
x-tt-trace-host: 0138b371619982569569e7e51458027dcf71eb77d3560a9b8b12290872465f43cf25b8af4a756f23a0cc04f027fb40449c31f0673e60744062b31fc5804b3bf4f6eb2181691204127141789f442e9ffb6a
content-encoding: gzip
content-length: 62316
date: Sun, 04 Dec 2022 13:05:53 GMT
x-cache: TCP_MEM_HIT from a95-101-11-167.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=3
x-akamai-request-id: 54a82a0d
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (25602)
Size:   62316
Md5:    d2cdb703aecab83ecac9a55b8200b1f3
Sha1:   d4a26f7b3548d826c239aaeed8204e9c4ab620d1
Sha256: 30f53326df40bda6045644934aa74d2be839b51b00aeeb3f822657d97253cb19
                                        
                                            GET /analytics.js HTTP/1.1 
Host: www.google-analytics.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.14
HTTP/2 200 OK
content-type: text/javascript
                                        
strict-transport-security: max-age=10886400; includeSubDomains; preload
x-content-type-options: nosniff
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
server: Golfe2
content-length: 20039
date: Sun, 04 Dec 2022 12:46:55 GMT
expires: Sun, 04 Dec 2022 14:46:55 GMT
cache-control: public, max-age=7200
age: 1138
last-modified: Tue, 27 Sep 2022 22:01:05 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (1325)
Size:   20039
Md5:    47e6f374ca946fddd5b59871b325736c
Sha1:   baa9282efc8785e84d247c3bff518eaa45f101c4
Sha256: 16580b5c87c58e5702e411f1888fdef511094e4cd6d62bb47d16291ffb25985e
                                        
                                            GET /bat.js HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         204.79.197.200
HTTP/2 200 OK
content-type: application/javascript
                                        
cache-control: private,max-age=1800
content-length: 11421
content-encoding: gzip
last-modified: Wed, 09 Nov 2022 21:23:50 GMT
accept-ranges: bytes
etag: "077538f81f4d81:0"
vary: Accept-Encoding
set-cookie: MUID=25F446B97A9366DC1C8F54C97B666748; domain=.bing.com; expires=Fri, 29-Dec-2023 13:05:53 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 2C80025578A346CDA03886EBB935AFD5 Ref B: OSL30EDGE0115 Ref C: 2022-12-04T13:05:53Z
date: Sun, 04 Dec 2022 13:05:53 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (39007), with no line terminators
Size:   11421
Md5:    22e2e3226eb5ada04929a2e43307eeda
Sha1:   04615fa88f80567974bdeb0f103ca5909746ebd7
Sha256: 41feebdfb0b03cd7fee2eb886adef6f3f1f85d3f14215e9a388d2a50e42efb9b
                                        
                                            GET /favicon.ico HTTP/1.1 
Host: www.hostelworld.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/?source=affiliate-PHG-1011l9s5L&affiliate=PHG&ref_id=1100lwnphLqB
Cookie: optimizely-aid=469c8302-1c52-4a65-b30c-c4f27b063a11; geoCurrency=NOK; currency=NOK; country=Norway; _gcl_au=1.1.241796950.1670159151
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         2.23.138.202
HTTP/2 200 OK
content-type: image/x-icon
                                        
accept-ranges: bytes
content-encoding: gzip
etag: W/"3aee-184c84a2830"
last-modified: Wed, 30 Nov 2022 11:26:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
content-length: 1184
cache-control: public, max-age=31536
date: Sun, 04 Dec 2022 13:05:53 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  MS Windows icon resource - 3 icons, 48x48, 32 bits/pixel, 32x32, 32 bits/pixel\012- data
Size:   1184
Md5:    a50bcf3615af924308fa89ec32507fde
Sha1:   451d5c360837eaa1e340f1466dbccf571ced9632
Sha256: c9199b20afdaa35a0a03cb77bac2c5cb80a1986725c05a9cd4da400ddffa87a8
                                        
                                            GET /_nuxt/icons/icon_512.8008w0E0800.png HTTP/1.1 
Host: www.hostelworld.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/?source=affiliate-PHG-1011l9s5L&affiliate=PHG&ref_id=1100lwnphLqB
Cookie: optimizely-aid=469c8302-1c52-4a65-b30c-c4f27b063a11; geoCurrency=NOK; currency=NOK; country=Norway; _gcl_au=1.1.241796950.1670159151
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         2.23.138.202
HTTP/2 200 OK
content-type: image/png
                                        
accept-ranges: bytes
content-length: 28826
etag: W/"709a-184c85aa2f0"
last-modified: Wed, 30 Nov 2022 11:44:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
cache-control: public, max-age=604786
date: Sun, 04 Dec 2022 13:05:53 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  PNG image data, 512 x 512, 8-bit/color RGBA, non-interlaced\012- data
Size:   28826
Md5:    1e5b728ce3280af4620e5cda33aa3942
Sha1:   769e18682ae9f6557e1a6541d930e938ad283ddd
Sha256: 0ee4f704ebafc7de578d932dfe01823a031c5782083d9edf0761af562db7fbe7
                                        
                                            GET /_nuxt/chunk/b607240d0cb61db36801.js HTTP/1.1 
Host: www.hostelworld.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/?source=affiliate-PHG-1011l9s5L&affiliate=PHG&ref_id=1100lwnphLqB
Cookie: optimizely-aid=469c8302-1c52-4a65-b30c-c4f27b063a11; geoCurrency=NOK; currency=NOK; country=Norway; _gcl_au=1.1.241796950.1670159151
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         2.23.138.202
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
accept-ranges: bytes
content-encoding: gzip
etag: W/"4080-184c85aa2f0"
last-modified: Wed, 30 Nov 2022 11:44:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
content-length: 5721
cache-control: public, max-age=604683
date: Sun, 04 Dec 2022 13:05:53 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (16022), with no line terminators
Size:   5721
Md5:    832fd017cdb87ebbd3616b76534bae67
Sha1:   f8858fc6b82db35991d1f866f35250bd16562725
Sha256: 279cd6d721faf25b5564d35068242d2af24f3007aec0b04b773b2dab3e1948e9
                                        
                                            GET /_nuxt/chunk/6770ba7a4b1101a03ffb.js HTTP/1.1 
Host: www.hostelworld.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/?source=affiliate-PHG-1011l9s5L&affiliate=PHG&ref_id=1100lwnphLqB
Cookie: optimizely-aid=469c8302-1c52-4a65-b30c-c4f27b063a11; geoCurrency=NOK; currency=NOK; country=Norway; _gcl_au=1.1.241796950.1670159151
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         2.23.138.202
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
accept-ranges: bytes
content-encoding: gzip
etag: W/"9dd1-184c85aa2f0"
last-modified: Wed, 30 Nov 2022 11:44:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
content-length: 10349
cache-control: public, max-age=604800
date: Sun, 04 Dec 2022 13:05:53 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (39592), with no line terminators
Size:   10349
Md5:    63e668f32fca86bb600449ef30e15bd1
Sha1:   5a98eb83649245aeda2b7353bb5a52dfcb2cf5f9
Sha256: f714e5ba343f630e2903010eaccf6cc5cda36265d4beaa7a30092cc91cbdd8d1
                                        
                                            GET /modules.90de377b639fd5b933d2.js HTTP/1.1 
Host: script.hotjar.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.68
HTTP/2 200 OK
content-type: application/javascript
                                        
content-length: 68504
date: Thu, 01 Dec 2022 13:37:06 GMT
accept-ranges: bytes
access-control-allow-origin: *
cache-control: max-age=31536000
content-encoding: br
cross-origin-resource-policy: cross-origin
etag: "8766036825574dfbddbfc197bd098f6b"
last-modified: Thu, 01 Dec 2022 13:36:28 GMT
strict-transport-security: max-age=2592000; includeSubDomains
x-content-type-options: nosniff
x-robots-tag: none
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 6a757ab2991da716151f94ca00b38098.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: OLczQveqRVNh29BSYfd6otVEZk3Knb8w-krk1i7y1a87DQD6mnZGjg==
age: 257327
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (48714)
Size:   68504
Md5:    8766036825574dfbddbfc197bd098f6b
Sha1:   3c6087743e1b23d7f071f66d65bec1fdb143a2c2
Sha256: 89c7cf4e7103f90d1cc059e02ac95e97a976de4867e6215945fa6046b04db0b8
                                        
                                            GET /i18n/pixel/static/identify_87671.js HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Cookie: _ttp=2IRzOo3yek3MLxIfgFEjtUHhEm6
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         95.101.11.171
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
server: nginx
cache-control: public, max-age=31536000, immutable
x-tt-logid: 202210251323183BDC731A94464B6C205C
x-tt-trace-host: 010ce13dd9b570053f11c1f282838d539eaea58d4de7916cdbde10fa2ce4a458156e6b6db446a6f25388b99a8a68d37dfbb38d9ba5d7a8c54775036223c0993e87100f489e7a26bfb0388b188a29f5130f
content-encoding: gzip
content-length: 30699
date: Sun, 04 Dec 2022 13:05:53 GMT
x-cache: TCP_MEM_HIT from a95-101-11-167.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
vary: Accept-Encoding
x-tt-trace-tag: id=16;cdn-cache=hit;type=static
server-timing: cdn-cache; desc=HIT, edge; dur=0, inner; dur=12
x-akamai-request-id: 54a82ac4
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (65536), with no line terminators
Size:   30699
Md5:    face512dfb7e7d3351dec12acd579250
Sha1:   60b36a2aa9f626bdeae601633633583124c381b9
Sha256: fafb63bee3b855315f7573c516df39172a53a27d27c41df6d274206e5f0f3128
                                        
                                            GET /action/0?ti=5306710&Ver=2&mid=21f6bc8d-ebfb-4e3b-a15d-c6b55ff5abb8&sid=60ef11d073d411edb1e03f826fd646bb&vid=60ef26d073d411ed836ec7976ee40a43&vids=1&msclkid=N&pi=0&lg=en-US&sw=1280&sh=1024&sc=24&tl=Hostelworld%20-%20Explore%20the%20world%E2%80%99s%20best%20hostels&p=https%3A%2F%2Fwww.hostelworld.com%2F%3Fsource%3Daffiliate-PHG-1011l9s5L%26affiliate%3DPHG%26ref_id%3D1100lwnphLqB&r=&lt=2349&evt=pageLoad&sv=1&rn=311582 HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         204.79.197.200
HTTP/2 204 No Content
                                        
cache-control: no-cache, must-revalidate
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
set-cookie: MUID=0C74E1F2CAB8627C1E98F382CB4D6356; domain=.bing.com; expires=Fri, 29-Dec-2023 13:05:53 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 65C2E40AAC514774A66E57A43F60A289 Ref B: OSL30EDGE0115 Ref C: 2022-12-04T13:05:53Z
date: Sun, 04 Dec 2022 13:05:53 GMT
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 13:05:53 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pagead/viewthroughconversion/792870594/?random=1670159151380&cv=11&fst=1670159151380&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&hn=www.googleadservices.com&frm=0&url=https%3A%2F%2Fwww.hostelworld.com%2F%3Fsource%3Daffiliate-PHG-1011l9s5L%26affiliate%3DPHG%26ref_id%3D1100lwnphLqB&tiba=Hostelworld%20-%20Explore%20the%20world%E2%80%99s%20best%20hostels&auid=241796950.1670159151&data=event%3Dgtag.config&rfmt=3&fmt=4 HTTP/1.1 
Host: googleads.g.doubleclick.net
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.34
HTTP/2 200 OK
content-type: text/javascript; charset=UTF-8
                                        
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 13:05:53 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, must-revalidate
x-content-type-options: nosniff
content-disposition: attachment; filename="f.txt"
content-encoding: br
server: cafe
content-length: 953
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Sun, 04-Dec-2022 13:20:53 GMT; path=/; domain=.doubleclick.net; Secure; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2091), with no line terminators
Size:   953
Md5:    6568b256994b47a2d338868889cfbd71
Sha1:   ef2cb73e6e65142405fb93d5ddda26d22be457d4
Sha256: 857a20e6eca2d2bd098305f2323076d5ba312804a4271fae58d3034d3360a5eb
                                        
                                            POST / HTTP/1.1 
Host: ocsp.digicert.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         93.184.220.29
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Accept-Ranges: bytes
Age: 1783
Cache-Control: 'max-age=158059'
Date: Sun, 04 Dec 2022 13:05:53 GMT
Last-Modified: Sun, 04 Dec 2022 12:36:10 GMT
Server: ECS (ska/F71A)
X-Cache: HIT
Content-Length: 471

                                        
                                            GET /p/action/5306710.js HTTP/1.1 
Host: bat.bing.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         204.79.197.200
HTTP/2 204 No Content
                                        
cache-control: private,max-age=1800
set-cookie: MUID=0EE12D7C453D6ADE341B3F0C44C86BD1; domain=.bing.com; expires=Fri, 29-Dec-2023 13:05:53 GMT; path=/; SameSite=None; Secure; Priority=High;
strict-transport-security: max-age=31536000; includeSubDomains; preload
access-control-allow-origin: *
x-cache: CONFIG_NOCACHE
accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-msedge-ref: Ref A: 220F39A121874C60B332EA26B6B42408 Ref B: OSL30EDGE0115 Ref C: 2022-12-04T13:05:53Z
date: Sun, 04 Dec 2022 13:05:53 GMT
X-Firefox-Spdy: h2

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 826
Origin: https://www.hostelworld.com
Connection: keep-alive
Referer: https://www.hostelworld.com/
Cookie: _ttp=2IRzOo3yek3MLxIfgFEjtUHhEm6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         95.101.11.171
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 20221204130553FD6C701FAF8F5C686AF6
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb6eb6b846c0a08f69406bdc2f307418fc342c2bd2913227e0ad1f2023d3fdc3437302cf674780dd98b2e50440508be4f61a8e182338d1f900604f09c6d5556cb714905dc302298e5f9f38070a9d8741893
x-origin-response-time: 16,23.220.106.10
x-akamai-request-id: c857e4b8.54a82adf
expires: Sun, 04 Dec 2022 13:05:54 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 04 Dec 2022 13:05:54 GMT
x-cache: TCP_MISS from a95-101-11-167.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-cache-remote: TCP_MISS from a23-220-106-10.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=15, inner; dur=13
x-parent-response-time: 107,95.101.11.167
X-Firefox-Spdy: h2

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 13:05:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-017XQ4637F&cid=1473754095.1670159152&gtm=2oebu0&aip=1&z=1733142888 HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 13:05:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /raw/upload/f_auto,q_auto/wds/svg-sprites/critical-16.svg HTTP/1.1 
Host: a.hwstatic.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://www.hostelworld.com/
Origin: https://www.hostelworld.com
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         151.101.66.104
HTTP/2 200 OK
content-type: image/svg+xml
                                        
content-disposition: attachment; filename="critical-16.svg"
content-encoding: br
etag: W/"b78868103b2a7d0e4d282bc92aa113ce"
last-modified: Thu, 20 Jan 2022 16:16:37 GMT
date: Sun, 04 Dec 2022 13:05:54 GMT
vary: Save-Data
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=31557600
server-timing: fastly;dur=2;cpu=1;start=2022-12-04T13:05:54.087Z;desc=hit,rtt;dur=15
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 9990
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  SVG Scalable Vector Graphics image\012- XML 1.0 document text\012- XML document, ASCII text, with very long lines (1532)
Size:   9990
Md5:    b8440f00033ce0d4cea20de3b52b1481
Sha1:   7d9f3a88e00a983b01913e08bd5c465a119f2f0e
Sha256: 3b88cf1a0918487ac92ba413705d1ffb265fab08b6d698f8faf43850fa19f4b0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 13:05:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /pagead/1p-user-list/792870594/?random=1670159151380&cv=11&fst=1670158800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.hostelworld.com%2F%3Fsource%3Daffiliate-PHG-1011l9s5L%26affiliate%3DPHG%26ref_id%3D1100lwnphLqB&tiba=Hostelworld%20-%20Explore%20the%20world%E2%80%99s%20best%20hostels&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=302865721&rmt_tld=1&ipr=y HTTP/1.1 
Host: www.google.no
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         142.250.74.163
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 13:05:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            GET /pagead/1p-user-list/792870594/?random=1670159151380&cv=11&fst=1670158800000&bg=ffffff&guid=ON&async=1&gtm=2oabu0&u_w=1280&u_h=1024&frm=0&url=https%3A%2F%2Fwww.hostelworld.com%2F%3Fsource%3Daffiliate-PHG-1011l9s5L%26affiliate%3DPHG%26ref_id%3D1100lwnphLqB&tiba=Hostelworld%20-%20Explore%20the%20world%E2%80%99s%20best%20hostels&data=event%3Dgtag.config&fmt=3&is_vtc=1&random=302865721&rmt_tld=0&ipr=y HTTP/1.1 
Host: www.google.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

search
                                         216.58.207.228
HTTP/2 200 OK
content-type: image/gif
                                        
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
date: Sun, 04 Dec 2022 13:05:54 GMT
pragma: no-cache
expires: Fri, 01 Jan 1990 00:00:00 GMT
cache-control: no-cache, no-store, must-revalidate
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
content-length: 42
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  GIF image data, version 89a, 1 x 1\012- data
Size:   42
Md5:    d89746888da2d9510b64a9f031eaecd5
Sha1:   d5fceb6532643d0d84ffe09c40c481ecdf59e15a
Sha256: ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 13:05:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 471
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 13:05:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            GET /_nuxt/chunk/f99bf58c2eac079c2a4e.js HTTP/1.1 
Host: www.hostelworld.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/?source=affiliate-PHG-1011l9s5L&affiliate=PHG&ref_id=1100lwnphLqB
Cookie: optimizely-aid=469c8302-1c52-4a65-b30c-c4f27b063a11; geoCurrency=NOK; currency=NOK; country=Norway; _gcl_au=1.1.241796950.1670159151; _uetsid=60ef11d073d411edb1e03f826fd646bb; _uetvid=60ef26d073d411ed836ec7976ee40a43; _ga=GA1.1.1473754095.1670159152; _gid=GA1.2.91753483.1670159152; _gat_UA-59409524-1=1; _tt_enable_cookie=1; _ttp=207c49cb-4985-4518-85eb-f51f9313542d; _ga_017XQ4637F=GS1.1.1670159151.1.0.1670159151.60.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         2.23.138.202
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
accept-ranges: bytes
content-encoding: gzip
etag: W/"1272-184c85aa2f0"
last-modified: Wed, 30 Nov 2022 11:44:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
content-length: 2643
cache-control: public, max-age=604749
date: Sun, 04 Dec 2022 13:05:54 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (4156), with no line terminators
Size:   2643
Md5:    5b98408feb454fde36772b29e563f371
Sha1:   3cc682350d2db71a06fa458403e84c350634dce0
Sha256: 2fe02c92f4a2d90a11a4413cc29d3a37b76e98c1d4029f51f55e78536ab5092f
                                        
                                            GET /_nuxt/chunk/4f788bcdf0f075f446a6.js HTTP/1.1 
Host: www.hostelworld.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/?source=affiliate-PHG-1011l9s5L&affiliate=PHG&ref_id=1100lwnphLqB
Cookie: optimizely-aid=469c8302-1c52-4a65-b30c-c4f27b063a11; geoCurrency=NOK; currency=NOK; country=Norway; _gcl_au=1.1.241796950.1670159151; _uetsid=60ef11d073d411edb1e03f826fd646bb; _uetvid=60ef26d073d411ed836ec7976ee40a43; _ga=GA1.1.1473754095.1670159152; _gid=GA1.2.91753483.1670159152; _gat_UA-59409524-1=1; _tt_enable_cookie=1; _ttp=207c49cb-4985-4518-85eb-f51f9313542d; _ga_017XQ4637F=GS1.1.1670159151.1.0.1670159151.60.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         2.23.138.202
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
accept-ranges: bytes
content-encoding: gzip
etag: W/"1483-184c85aa2f0"
last-modified: Wed, 30 Nov 2022 11:44:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
content-length: 1375
cache-control: public, max-age=604793
date: Sun, 04 Dec 2022 13:05:54 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (5068), with no line terminators
Size:   1375
Md5:    bccaa9d023e69f8b9b0a76f485598899
Sha1:   e5a673398b97738e83516e739bae111165429def
Sha256: d3e7087e22e4e7a74a615a7033c1bf21550c74cd2fac9af4b62539f22118fb70
                                        
                                            GET /out-4.5.42.js HTTP/1.1 
Host: m.stripe.network
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://m.stripe.network/inner.html
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         54.230.111.59
HTTP/2 200 OK
content-type: text/javascript; charset=utf-8
                                        
last-modified: Thu, 17 Mar 2022 19:03:12 GMT
server: Cloudfront
x-content-type-options: nosniff
strict-transport-security: max-age=31556926; includeSubDomains; preload
content-encoding: br
date: Sun, 04 Dec 2022 13:03:58 GMT
cache-control: max-age=300, public
etag: W/"21df7244385e5c0bdf32da01d0dad6c0"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 a343e36742f64defd0a2caf1f96ff772.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yiNjBfHJVLWdZJ9Qb17sOqm1qNAoVLAebTNiONp_D7CQ_fGJW8F1aw==
age: 116
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (65530), with no line terminators
Size:   14464
Md5:    86b16123f54affbfc05a66cd6abc18f0
Sha1:   b88b12f19f7c6b2a5f0a00725fa7e3f9cf3d8907
Sha256: 440f6723689eae870154d774937ed5d6f706daf14faab830972f1f4263503468
                                        
                                            GET /_nuxt/chunk/f40a776635123e18d20e.js HTTP/1.1 
Host: www.hostelworld.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/?source=affiliate-PHG-1011l9s5L&affiliate=PHG&ref_id=1100lwnphLqB
Cookie: optimizely-aid=469c8302-1c52-4a65-b30c-c4f27b063a11; geoCurrency=NOK; currency=NOK; country=Norway; _gcl_au=1.1.241796950.1670159151; _uetsid=60ef11d073d411edb1e03f826fd646bb; _uetvid=60ef26d073d411ed836ec7976ee40a43; _ga=GA1.1.1473754095.1670159152; _gid=GA1.2.91753483.1670159152; _gat_UA-59409524-1=1; _tt_enable_cookie=1; _ttp=207c49cb-4985-4518-85eb-f51f9313542d; _ga_017XQ4637F=GS1.1.1670159151.1.0.1670159151.60.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         2.23.138.202
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
accept-ranges: bytes
content-encoding: gzip
etag: W/"81a-184c85aa2f0"
last-modified: Wed, 30 Nov 2022 11:44:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
content-length: 669
cache-control: public, max-age=604729
date: Sun, 04 Dec 2022 13:05:54 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (2074), with no line terminators
Size:   669
Md5:    8209c3e42d08a7b556bc9f617d8e5128
Sha1:   e2bd694ad073df5709e5477b57c5fa95d7b72e0c
Sha256: 131bef996696880543e9042d79fc8e4d540b7a0ae5154e76731bfce309132a20
                                        
                                            GET /_nuxt/chunk/0d92e1c7cbc864b7caff.js HTTP/1.1 
Host: www.hostelworld.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/?source=affiliate-PHG-1011l9s5L&affiliate=PHG&ref_id=1100lwnphLqB
Cookie: optimizely-aid=469c8302-1c52-4a65-b30c-c4f27b063a11; geoCurrency=NOK; currency=NOK; country=Norway; _gcl_au=1.1.241796950.1670159151; _uetsid=60ef11d073d411edb1e03f826fd646bb; _uetvid=60ef26d073d411ed836ec7976ee40a43; _ga=GA1.1.1473754095.1670159152; _gid=GA1.2.91753483.1670159152; _gat_UA-59409524-1=1; _tt_enable_cookie=1; _ttp=207c49cb-4985-4518-85eb-f51f9313542d; _ga_017XQ4637F=GS1.1.1670159151.1.0.1670159151.60.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         2.23.138.202
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
accept-ranges: bytes
content-encoding: gzip
etag: W/"16f1-184c85aa2f0"
last-modified: Wed, 30 Nov 2022 11:44:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
content-length: 2878
cache-control: public, max-age=604680
date: Sun, 04 Dec 2022 13:05:54 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (5368), with no line terminators
Size:   2878
Md5:    f0e9c09b2acccfd01e965f8042aee72a
Sha1:   69ccc1b6fc5264bde693df20caa9dfef60adf60e
Sha256: acb47487d9027fa08aa83227593b3365c5c779d31a7687d560dec5f08933cd09
                                        
                                            GET /_nuxt/chunk/6d7c1295be3016a5aa77.js HTTP/1.1 
Host: www.hostelworld.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/?source=affiliate-PHG-1011l9s5L&affiliate=PHG&ref_id=1100lwnphLqB
Cookie: optimizely-aid=469c8302-1c52-4a65-b30c-c4f27b063a11; geoCurrency=NOK; currency=NOK; country=Norway; _gcl_au=1.1.241796950.1670159151; _uetsid=60ef11d073d411edb1e03f826fd646bb; _uetvid=60ef26d073d411ed836ec7976ee40a43; _ga=GA1.1.1473754095.1670159152; _gid=GA1.2.91753483.1670159152; _gat_UA-59409524-1=1; _tt_enable_cookie=1; _ttp=207c49cb-4985-4518-85eb-f51f9313542d; _ga_017XQ4637F=GS1.1.1670159151.1.0.1670159151.60.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         2.23.138.202
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
accept-ranges: bytes
content-encoding: gzip
etag: W/"1eb-184c85aa2f0"
last-modified: Wed, 30 Nov 2022 11:44:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
content-length: 331
cache-control: public, max-age=604769
date: Sun, 04 Dec 2022 13:05:54 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (491), with no line terminators
Size:   331
Md5:    d4ecd1510bd4ecd445881b19ac0a28e4
Sha1:   cba8b4b4eac4cf47c21b0f6ad5113a0260239c17
Sha256: d35c1817c6b44aa2418dbaa75d83884de94311507976981535d72ae97884be7d
                                        
                                            GET /_nuxt/chunk/3912f86ed487fb245bea.js HTTP/1.1 
Host: www.hostelworld.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/?source=affiliate-PHG-1011l9s5L&affiliate=PHG&ref_id=1100lwnphLqB
Cookie: optimizely-aid=469c8302-1c52-4a65-b30c-c4f27b063a11; geoCurrency=NOK; currency=NOK; country=Norway; _gcl_au=1.1.241796950.1670159151; _uetsid=60ef11d073d411edb1e03f826fd646bb; _uetvid=60ef26d073d411ed836ec7976ee40a43; _ga=GA1.1.1473754095.1670159152; _gid=GA1.2.91753483.1670159152; _gat_UA-59409524-1=1; _tt_enable_cookie=1; _ttp=207c49cb-4985-4518-85eb-f51f9313542d; _ga_017XQ4637F=GS1.1.1670159151.1.0.1670159151.60.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         2.23.138.202
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
accept-ranges: bytes
content-encoding: gzip
etag: W/"bd9-184c85aa2f0"
last-modified: Wed, 30 Nov 2022 11:44:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
content-length: 1853
cache-control: public, max-age=604713
date: Sun, 04 Dec 2022 13:05:54 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (2670), with no line terminators
Size:   1853
Md5:    71cbc517da2785343b88510c7f349dab
Sha1:   c467484bcbb4f7ce02ddc2145d766868ed672807
Sha256: 232b4a53049a91cb304b6ce8e7d8058b4e5a4fa815487eb4133b613dff3187cf
                                        
                                            GET /_nuxt/chunk/826517d332a626749665.js HTTP/1.1 
Host: www.hostelworld.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/?source=affiliate-PHG-1011l9s5L&affiliate=PHG&ref_id=1100lwnphLqB
Cookie: optimizely-aid=469c8302-1c52-4a65-b30c-c4f27b063a11; geoCurrency=NOK; currency=NOK; country=Norway; _gcl_au=1.1.241796950.1670159151; _uetsid=60ef11d073d411edb1e03f826fd646bb; _uetvid=60ef26d073d411ed836ec7976ee40a43; _ga=GA1.1.1473754095.1670159152; _gid=GA1.2.91753483.1670159152; _gat_UA-59409524-1=1; _tt_enable_cookie=1; _ttp=207c49cb-4985-4518-85eb-f51f9313542d; _ga_017XQ4637F=GS1.1.1670159151.1.0.1670159151.60.0.0
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

search
                                         2.23.138.202
HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
                                        
accept-ranges: bytes
content-encoding: gzip
etag: W/"17b3-184c85aa2f0"
last-modified: Wed, 30 Nov 2022 11:44:54 GMT
strict-transport-security: max-age=15552000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
x-dns-prefetch-control: on
x-download-options: noopen
x-frame-options: SAMEORIGIN
x-permitted-cross-domain-policies: none
x-xss-protection: 1; mode=block
content-length: 2562
cache-control: public, max-age=604776
date: Sun, 04 Dec 2022 13:05:54 GMT
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  Unicode text, UTF-8 text, with very long lines (5521), with no line terminators
Size:   2562
Md5:    328dafe9b4cbc162456e06343aba6ae4
Sha1:   259e4aab61e3111cd4c7ee1126c00da2bbf4e560
Sha256: 765c7c1cfb10aaa9072c773dfe28becd413d6223d676f9020a7dc9ab8030def2
                                        
                                            GET /notice?domain=hostelworld.com&c=footerLegalLinks&gtm=1&js=nj&noticeType=bb&language=en&language=true&text=true&cookieLink=https%3A%2F%2Fwww.hostelworld.com%2Fcookiespolicy.php&privacypolicylink=https%3A%2F%2Fwww.hostelworld.com%2Fsecurityprivacy.php HTTP/1.1 
Host: consent.trustarc.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://www.hostelworld.com
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

search
                                         143.204.55.80
HTTP/2 200 OK
content-type: text/javascript;charset=ISO-8859-1
                                        
content-length: 86
date: Sun, 04 Dec 2022 13:05:54 GMT
expires: Sun, 04 Dec 2022 14:05:54 GMT
cache-control: max-age=3600
x-xss-protection: 1; mode=block
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
cloudfront-viewer-country: NO
cloudfront-viewer-country-region: 03
timing-allow-origin: *
x-cache: Miss from cloudfront
via: 1.1 501ad2910f631f0520a6d389d6f053e8.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-C1
x-amz-cf-id: RYQcN7w4bGdhuSqpfX2A-MA4ldF_kMABdDdhhhbutX0sKlv7-bImrw==
strict-transport-security: max-age=31536000; includeSubDomains
access-control-allow-origin: *
access-control-expose-headers: *
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with no line terminators
Size:   86
Md5:    df4dc934322464fe2bd0a1546107fe4f
Sha1:   edd671f510bb071622c58aaef59833d0db19996c
Sha256: da9576736b64d2d38ad8444c8a007862cf2ed59bb1f9627314103d1ce3fcf9ec
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search
                                         216.58.211.3
HTTP/1.1 200 OK
Content-Type: application/ocsp-response
                                        
Date: Sun, 04 Dec 2022 13:05:54 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

                                        
                                            POST /api/v2/pixel HTTP/1.1 
Host: analytics.tiktok.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: text/plain;charset=UTF-8
Content-Length: 877
Origin: https://www.hostelworld.com
Connection: keep-alive
Referer: https://www.hostelworld.com/
Cookie: _ttp=2IRzOo3yek3MLxIfgFEjtUHhEm6
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

search
                                         95.101.11.171
HTTP/2 200 OK
content-type: application/octet-stream
                                        
server: nginx
content-length: 0
access-control-allow-origin: *
x-tt-logid: 2022120413055469F02118EF9F0C693EE7
x-tt-trace-host: 01250e51f4d5abc0e156abb7e367bacbb6eb6b846c0a08f69406bdc2f307418fc344b3fdf0a0864400b406e4d56491295e4e36f012d2e8a49625c4dcb429c5be5eed740f04582e95280c46125d254c9d3c771d03ed56133ec9434d9ae24b15179f
x-origin-response-time: 18,23.220.106.9
x-akamai-request-id: 68df1faa.54a82c6b
expires: Sun, 04 Dec 2022 13:05:54 GMT
cache-control: max-age=0, no-cache, no-store
pragma: no-cache
date: Sun, 04 Dec 2022 13:05:54 GMT
x-cache: TCP_MISS from a95-101-11-167.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-cache-remote: TCP_MISS from a23-220-106-9.deploy.akamaitechnologies.com (AkamaiGHost/10.10.2-45048955) (-)
x-tt-trace-tag: id=16;cdn-cache=miss;type=dyn
server-timing: cdn-cache; desc=MISS, edge; dur=95, origin; dur=18, inner; dur=16
x-parent-response-time: 108,95.101.11.167
X-Firefox-Spdy: h2

                                        
                                            GET /workbox-cdn/releases/3.6.3/workbox-precaching.prod.js HTTP/1.1 
Host: storage.googleapis.com
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://www.hostelworld.com/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache

search
                                         142.250.74.80
HTTP/2 200 OK
content-type: application/javascript; charset=utf-8
                                        
x-guploader-uploadid: ADPycdt-q_eObMs44bmgLkaPAXEvgT3vxEXpPstqHvPg1vJNVScGFtaEorVeNoCtt6KQr-KTO0jq1GvbuB5NeZG0NLaRjg
x-goog-generation: 1540216597434065
x-goog-metageneration: 1
x-goog-stored-content-encoding: gzip
x-goog-stored-content-length: 2238
content-encoding: gzip
x-goog-hash: crc32c=/m5nCg==, md5=EDthmv5qZ8zIsRZaowchdA==
x-goog-storage-class: MULTI_REGIONAL
accept-ranges: bytes
vary: Accept-Encoding
content-length: 2238
access-control-allow-origin: *
server: UploadServer
access-control-expose-headers: Content-Length, Content-Type, Date, Server, Transfer-Encoding, X-GUploader-UploadID, X-Google-Trace
date: Sun, 04 Dec 2022 12:13:00 GMT
expires: Mon, 04 Dec 2023 12:13:00 GMT
cache-control: public, max-age=31536000
age: 3174
last-modified: Mon, 22 Oct 2018 13:56:37 GMT
etag: "103b619afe6a67ccc8b1165aa3072174"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2


--- Additional Info ---
Magic:  ASCII text, with very long lines (5748)
Size:   2238
Md5:    103b619afe6a67ccc8b1165aa3072174
Sha1:   023fee806ca84390d05c567dd2fbfa4b3583ca26
Sha256: 2a9c952d3186aa991e0ec567f15bdd3773c8571376ae85dc4be9f9d1fad6f6c0
                                        
                                            POST /gts1c3 HTTP/1.1 
Host: ocsp.pki.goog
                                        
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

search