Windows Analysis Report
https://ramadawynd.com/wakdl

AV Detection

Source: https://ramadawynd.com/wakdl

SlashNext: detection malicious, Label: Credential Stealing type: Phishing & Social Engineering

Source: https://ramadawynd.com/wakdl

Virustotal: Detection: 13%

Perma Link

Phishing

Source: https://ramadawynd.com/wakdl

LLM: Score: 9 Reasons: The brand 'Booking.com' is a well-known online travel agency., The legitimate domain for Booking.com is 'booking.com'., The provided URL 'ramadawynd.com' does not match the legitimate domain for Booking.com., The URL 'ramadawynd.com' appears to be unrelated to Booking.com and could be a potential phishing attempt., The input fields requested (First name, Last name, Email, Country/region, Telephone) are typical for phishing sites attempting to gather personal information. DOM: 0.0.pages.csv

Source: https://ramadawynd.com/wakdl

LLM: Score: 9 Reasons: The brand 'Booking.com' is well-known and has a strong online presence., The URL 'ramadawynd.com' does not match the legitimate domain 'booking.com'., The URL 'ramadawynd.com' appears unrelated to 'Booking.com' and could be a hotel or another entity., The URL contains no direct reference to 'Booking.com', which is suspicious., The input fields requested (First name, Last name, Email, Country/region, Telephone) are typical for phishing attempts to gather personal information. DOM: 0.1.pages.csv

Source: https://ramadawynd.com/wakdl	HTTP Parser: Iframe src: /chat/wakdl
Source: https://ramadawynd.com/wakdl	HTTP Parser: Iframe src: /chat/wakdl

Source: https://ramadawynd.com/wakdl

HTTP Parser: Number of links: 0

Source: https://ramadawynd.com/wakdl

HTTP Parser: Title: Booking.com | Official site | The best hotels & accommodation does not match URL

Source: https://ramadawynd.com/wakdl	HTTP Parser: Invalid link: Customer Service help
Source: https://ramadawynd.com/wakdl	HTTP Parser: Invalid link: Terms & Conditions
Source: https://ramadawynd.com/wakdl	HTTP Parser: Invalid link: Terms & Conditions
Source: https://ramadawynd.com/wakdl	HTTP Parser: Invalid link: Privacy & Cookie Statement
Source: https://ramadawynd.com/wakdl	HTTP Parser: Invalid link: Terms & Conditions
Source: https://ramadawynd.com/wakdl	HTTP Parser: Invalid link: Terms & Conditions
Source: https://ramadawynd.com/wakdl	HTTP Parser: Invalid link: Privacy & Cookies
Source: https://ramadawynd.com/wakdl	HTTP Parser: Invalid link: Customer Service help
Source: https://ramadawynd.com/wakdl	HTTP Parser: Invalid link: Terms & Conditions
Source: https://ramadawynd.com/wakdl	HTTP Parser: Invalid link: Terms & Conditions
Source: https://ramadawynd.com/wakdl	HTTP Parser: Invalid link: Privacy & Cookie Statement
Source: https://ramadawynd.com/wakdl	HTTP Parser: Invalid link: Terms & Conditions
Source: https://ramadawynd.com/wakdl	HTTP Parser: Invalid link: Terms & Conditions
Source: https://ramadawynd.com/wakdl	HTTP Parser: Invalid link: Privacy & Cookies

Source: https://ramadawynd.com/wakdl	HTTP Parser: No <meta name="author".. found
Source: https://ramadawynd.com/wakdl	HTTP Parser: No <meta name="author".. found

Source: https://ramadawynd.com/wakdl	HTTP Parser: No <meta name="copyright".. found
Source: https://ramadawynd.com/wakdl	HTTP Parser: No <meta name="copyright".. found

Compliance

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49747 version: TLS 1.2

Networking

Source: global traffic	TCP traffic: 192.168.2.4:52022 -> 1.1.1.1:53
Source: global traffic	TCP traffic: 192.168.2.4:54126 -> 162.159.36.2:53

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 184.28.90.27
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 162.159.36.2
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	TCP traffic detected without corresponding DNS query: 93.184.221.240
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknown	UDP traffic detected without corresponding DNS query: 1.1.1.1

Source: global traffic	HTTP traffic detected: GET /wakdl HTTP/1.1Host: ramadawynd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/booking1/styles-new4.css HTTP/1.1Host: ramadawynd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://ramadawynd.com/wakdlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /build/chat.css HTTP/1.1Host: ramadawynd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://ramadawynd.com/wakdlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /xdata/images/hotel/max1024x768/135121263.jpg?k=38cabd877fbf75e56c9877f26de5ef6710991e6f31c035d0bedae304e101e018&o= HTTP/1.1Host: q-xx.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ramadawynd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: */*Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /xdata/images/hotel/max1024x768/135121263.jpg?k=38cabd877fbf75e56c9877f26de5ef6710991e6f31c035d0bedae304e101e018&o= HTTP/1.1Host: q-xx.bstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js/jquery.min.js HTTP/1.1Host: ramadawynd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://ramadawynd.com/wakdlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /chat/wakdl HTTP/1.1Host: ramadawynd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-originSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://ramadawynd.com/wakdlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /js/jquery.min.js HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /css/booking1/submit-new8.js HTTP/1.1Host: ramadawynd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://ramadawynd.com/wakdlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /css/booking1/blur_input.js HTTP/1.1Host: ramadawynd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://ramadawynd.com/wakdlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/libs/font-awesome/4.7.0/css/font-awesome.min.css HTTP/1.1Host: cdnjs.cloudflare.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://ramadawynd.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /css/chat.css HTTP/1.1Host: ramadawynd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,*/*;q=0.1Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://ramadawynd.com/chat/wakdlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/user_send_status.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /img/support-open.png HTTP/1.1Host: ramadawynd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ramadawynd.com/chat/wakdlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /dist/new_card_design/jquery.min.js HTTP/1.1Host: ramadawynd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://ramadawynd.com/chat/wakdlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /css/booking1/img/flags.png HTTP/1.1Host: ramadawynd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ramadawynd.com/css/booking1/styles-new4.cssAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /css/booking1/submit-new8.js HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /css/booking1/blur_input.js HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /dist/new_card_design/jquery.min.js HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /img/support-open.png HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /css/booking1/img/flags.png HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /img/support.png HTTP/1.1Host: ramadawynd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ramadawynd.com/chat/wakdlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/msg_check.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /chat/%7Bimage%7D HTTP/1.1Host: ramadawynd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ramadawynd.com/chat/wakdlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /img/support.png HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /chat/%7Bimage%7D HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/user_send_status.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/payment_card_status.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbca8KLfxLPecSZUYbFEmzg%2Fcdenn3lqv5nnIlZPsMz4oABQoqkIUxelfYoEcNboRWfXYo2RhFx3Tcmq3QQSE8I6YDLzIzyc%2Bzz%2F8A6shJLZ3uy0HAxZlznCFjHpv6sgygOpan7H%2FiOHjhpksppd4YGVYoGHXW2bIW; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: ramadawynd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://ramadawynd.com/wakdlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /css/chat.mp3 HTTP/1.1Host: ramadawynd.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept-Encoding: identity;q=1, *;q=0sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: audioReferer: https://ramadawynd.com/chat/wakdlAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3lRange: bytes=0-
Source: global traffic	HTTP traffic detected: GET /favicon.ico HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/msg_check.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbnmKTRaewPBv6D4N3gsbyVA6TaKJ2TWCoCUsW6bdLTMW73OP3tHSaIuemHPWXMVLWLXs2kPNTzXc2KQFfBu5If%2Bs%2BHtvWW6%2BAnai3eeNPc2JwHn1piDR4AxZjldatTLFzenofFjZmSn%2B1qDI8fLrGhEvu9lR%2BhqI1W2aH4oEGAQg%3D
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbof7CEiNviT%2BKiro%2BD%2Fd%2BbEYg2dIjOTVgZx0n4mX0wsh%2F1Wa2JnJGCWuXkiFjyzpUbkcowxj78F8W00H1zeoiZGL4k9cjuVqd%2Fs9ZKMpRxNrFnRoWRJ3DcmI7tzlb7wXBCAbDCwULsffoiQWOVfHQphMG%2Byjss8XhuthszdPMDWE%3D
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/payment_card_status.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/user_send_status.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbca8KLfxLPecycdScdyX0Hmhw8xicEW5REeGhbcKfOr%2BfCWXK1lTBknjfiQGLZ6mVrr%2BqWPKxMzC6N55Bddi52xlBHJJFwgyNSGnAf9OP35S8bxQfWk0vJ36kkQ42TCQTVH%2Bzm7LZP0s4Ro%2BuyAabpTvw5UAdsccyxKXiG5RDhI8%3D
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbbmD9q%2B5pe3XHNRMedXrYtRcmsHuVGPx6ydc2GlsSApWlS2ZbgFD6Ti8jMejZNqA%2Bxo398YpelfYbPBRM5BCQ6SmLBRPG742XNcvztv5S41JG7YwJdpOOE0xjzOaOxrrVeWyEUvMVFaC4wSbfCFm%2FX%2FuNMlCygFEs49za%2BlNKPfA%3D
Source: global traffic	HTTP traffic detected: GET /ajax/msg_check.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbbmD9q%2B5pe3XHNRMedXrYtRcmsHuVGPx6ydc2GlsSApWlS2ZbgFD6Ti8jMejZNqA%2Bxo398YpelfYbPBRM5BCQ6SmLBRPG742XNcvztv5S41JG7YwJdpOOE0xjzOaOxrrVeWyEUvMVFaC4wSbfCFm%2FX%2FuNMlCygFEs49za%2BlNKPfA%3D
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbbmD9q%2B5pe3UQPQTAZa%2BlQoKgztFWqO%2FFQT5DTiYE44RtW33rI59xMHRsF0yoZQZNecrkZKefbHEGmnbtSgK5jnLT0HgMJUvh3aSHgDqe00lC4Et%2FUrHABs8wD0K5zcGDRuBqK6997%2FjuhlpqW%2B5WJdZIphhghSgrZ%2BFHbJU4yA4%3D
Source: global traffic	HTTP traffic detected: GET /ajax/payment_card_status.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/user_send_status.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbbmD9q%2B5pe3UQPQTAZa%2BlQoKgztFWqO%2FFQT5DTiYE44RtW33rI59xMHRsF0yoZQZNecrkZKefbHEGmnbtSgK5jnLT0HgMJUvh3aSHgDqe00lC4Et%2FUrHABs8wD0K5zcGDRuBqK6997%2FjuhlpqW%2B5WJdZIphhghSgrZ%2BFHbJU4yA4%3D
Source: global traffic	HTTP traffic detected: GET /ajax/msg_check.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbbmD9q%2B5pe3UQPQTAZa%2BlQoKgztFWqO%2FFQT5DTiYE44RtW33rI59xMHRsF0yoZQZNecrkZKefbHEGmnbtSgK5jnLT0HgMJUvh3aSHgDqe00lC4Et%2FUrHABs8wD0K5zcGDRuBqK6997%2FjuhlpqW%2B5WJdZIphhghSgrZ%2BFHbJU4yA4%3D
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLblgO%2Fz4BDP5tLlwCxUN8AKuxt7XdvfKtF9rlecg6yBm7ga93hhKw87dIsvMIseqtt06e9JyO6dypO0zEkeUur%2B4XWAaU7v70ngvWKYFrM5TVAh0I8RKK7iTE%2FhWQ3lO%2Bw6p1gvmJPt8uK5Tnsyp%2FHLjW1l4qANcRfvCNJpwBUApI%3D
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/payment_card_status.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/user_send_status.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbof7CEiNviT8%2BtDv5f2isrDSqVp%2BtL%2Bpbl9ug7b%2BO3oUOcOfJido%2BBbFSJuj8bWW%2BdRrAtV09KyX3TNoOc%2B%2FTCsdtswkIZIuUtWMN4LV2G5mlceQInj1EIywQxflCWgMiAyFpLWIjA%2B6lC%2BuHSYN7%2FHgulCPjLi408F2%2F6w4iPGg%3D
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbKE7bjkbYWzkd2Gc3KUyC4kPxWyFOAE0AMFYLuA6tzyikIWqgywrflvlN6FNq0XKEC7WYyFd0%2BZj7Y5PVIAUCPELr10Ym1udT4d2YMJbQ9MMPhJvw1VIWqnglmBChXp%2FCNzAZDqPp6IsDJny3IQIIkqOUHjKzAb3yq%2BdgyrJY92g%3D
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/msg_check.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbKE7bjkbYWzkd2Gc3KUyC4kPxWyFOAE0AMFYLuA6tzyikIWqgywrflvlN6FNq0XKEC7WYyFd0%2BZj7Y5PVIAUCPELr10Ym1udT4d2YMJbQ9MMPhJvw1VIWqnglmBChXp%2FCNzAZDqPp6IsDJny3IQIIkqOUHjKzAb3yq%2BdgyrJY92g%3D
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/user_send_status.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/payment_card_status.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbKE7bjkbYWznNF%2FKpKLEsUjzoVwsFxhzCGchRWzm41bIYtwj6%2BJOHrm5jSKabUUIo7U%2FxfC0UhPOJ1%2BzZDcDB%2BUeWJqRKlebzvZSpUXCXrLDYm6bsuDLKDq5bigDIqVgFXo8I3072QMkrD3U8Bpli2ZZibWFl8bN%2BNn50bWE7J64%3D
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbnmKTRaewPBv6D4N3gsbyVA6TaKJ2TWCoCUsW6bdLTMW73OP3tHSaImcAIvzijSJ%2FvDpaf5LdSbxyCNoj63UU%2BO0z%2BnupLD9cRrVvO4bY4Fapwt00KjfprUOQgUoMRJ%2FL4YMjG7%2FxHIXZZf4dukMX4letpRfz%2FvoBMm6y2znIDbg%3D
Source: global traffic	HTTP traffic detected: GET /ajax/msg_check.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbca8KLfxLPeeJvfKSKAJ7y79nWSxEdbWZBPtQXXL2a57izjPr0W9T5xQsdcEnIG2XZ4KJKJrS%2FMYI3KTZ0xij%2FVvZiFD5oeocYPNTJFi0T2ZVtywUIG8jKGxear%2Fj963Bki0Ld4Y0GKzFdgrbkAzV01AWJCnbO%2BQsEliSs0btpvg%3D
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/payment_card_status.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/user_send_status.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbKE7bjkbYWzmPXWgz8hIo9NnOlssH%2Brwe7r1IZhloK2Jjcmz69jzEhaDasPo48B%2B3fs9WdQis8Go3%2Fi3Vc%2FvTMgmB5CjogRFWIqtufM7OTt6wN0IAirvSkODiaCX2%2BIsPUPTaw4P259lDhSTegzWRGHpmi3AljRZshhSYATGxKm0%3D
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhC2Bxpad7rBkhZNPRfETCJt%2FgmTrI%2B0JxRKnul6OEl0y1dJ557oF4nyB5%2Fa5i4Qn%2FpCERJ6OAwf4FCDjW1nF4ZdQ02BXlpO7vLWXWodH8NGtzYhktZLZlGcpqWKYWSxNqvh2Skcsc5h0q5J2SsSSWjATobmHqwwQyw%3D
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/msg_check.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhC2Bxpad7rBkhZNPRfETCJt%2FgmTrI%2B0JxRKnul6OEl0y1dJ557oF4nyB5%2Fa5i4Qn%2FpCERJ6OAwf4FCDjW1nF4ZdQ02BXlpO7vLWXWodH8NGtzYhktZLZlGcpqWKYWSxNqvh2Skcsc5h0q5J2SsSSWjATobmHqwwQyw%3D
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbnmKTRaewPBv6D4N3gsbyVA6TaKJ2TWCoCUsW6bdLTMW73OP3tHSaIju58pnnq5aMWrhktmGh%2FPre3dvTX1ryWoHCWLCUd17LT0pevvSYN0Qf7PCHzR3yD0MT5FN2zBw9ulVN9Z5eAA7EXBWWQc1tIRQ697%2Fy%2BND8RfcWj3CJsAo%3D
Source: global traffic	HTTP traffic detected: GET /ajax/user_send_status.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/payment_card_status.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/msg_check.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbiKbS0JOgDBK6LEtX6%2Blc%2BRtdHZzU16aCxqewqQu3KkRtC5sHfksh2yaHXG3X9nfVhYGkpu1lsbhny9kuE0uWBXHfhVUcxlR9qPWdfzVmlGkavqMmrMiWAHsHr1TggvWQ28dfYWC8GlYzVlXXXQ2O2uOtihT7g%2B1qj%2BUidJm%2BVA0%3D
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbiKbS0JOgDBK6LEtX6%2Blc%2BRtdHZzU16aCxqewqQu3KkRtC5sHfksh2yaHXG3X9nfVhYGkpu1lsbhny9kuE0uWBXHfhVUcxlR9qPWdfzVmlGkavqMmrMiWAHsHr1TggvWQ28dfYWC8GlYzVlXXXQ2O2uOtihT7g%2B1qj%2BUidJm%2BVA0%3D
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/payment_card_status.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbKE7bjkbYWzkssVfMmPBJG%2BWaws7xtXQXoRTRDu7eYv8BUrqRj6fgBGNQCsFxXKsI4WLXvoY2MZtM56jBh2qUFsvRqYweILKf9RM%2FPelx3mI1gvZieq7D6tx8r3Lvqv3f%2FJSAkM35C1BGdNaJ0NzuUjlVt5esxP5lS%2FbgdLIS8dU%3D
Source: global traffic	HTTP traffic detected: GET /ajax/user_send_status.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/msg_check.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbca8KLfxLPeekx4DW18uO%2FtR8Fl8tPO6gvNdQXMp9ncoZChmk9olvylmHjc8UAby%2FqAcmETTMpZYnsMOH8xtdv5qYiBF1bfaRAnAn3H1NLcB3NCb4jhqqsN82pt3YTPKRB7w5AptG2NYYMkKYvjXRlPigfaxrQncopxUcFUw4vA0%3D
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbnmKTRaewPBv6D4N3gsbyVA6TaKJ2TWCoCUsW6bdLTMW73OP3tHSaIju58pnnq5aMscn9a1KkR5ye4JsuluH4g6kqM7ouCM80ZiJ0OWZ7of2Ea4%2FdXdXyVILD7W1zNyK5VYX3Q8SEBAq5A3DHzzRDu%2F8ozPqjvEry464l0M1Dum0%3D
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/user_send_status.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/payment_card_status.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbca8KLfxLPefnCYslHtOOqQsVuinKi4OXEwpAboEgzVOyjnWAEzWsP72OzjOt%2BPGp8IE2uhjjBP88ZFgR8yL2TYJaVOXk2esa6JXC7p9N5xexWGQfvFlm44ZNifi6OPRr9bRJT2hYggABzFAOe0dCVmJ7MLPf7V%2F641cOAn%2Bdg%2FU%3D
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/msg_check.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbnmKTRaewPBv6D4N3gsbyVA6TaKJ2TWCoCUsW6bdLTMW73OP3tHSaImXzEdh1oXRB42IZPFt1DEGgc6sa5%2FSqInM0F%2FiyU379UhZpA5%2FEHLd65gaBR2FmpKYjYThPoxJDmhcvDJMp0DmO6lQ0dgUZba2Tvnjv%2FzSrH9h0neb%2FtGA%3D
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbnmKTRaewPBv6D4N3gsbyVA6TaKJ2TWCoCUsW6bdLTMW73OP3tHSaImXzEdh1oXRB42IZPFt1DEGgc6sa5%2FSqInM0F%2FiyU379UhZpA5%2FEHLd65gaBR2FmpKYjYThPoxJDmhcvDJMp0DmO6lQ0dgUZba2Tvnjv%2FzSrH9h0neb%2FtGA%3D
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/payment_card_status.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/user_send_status.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbwcLxQQ4VaCpDaJTBtMfaZtgSZoueRebqei8r3AcFct6QVyMlUJQ%2BLzJVehJ%2FLCYYl0WIJua%2Bz2JIdOre1NSrA1gD%2B23OBnM7R3blG6jIZNLrDWFU9p3UNhsyqPE%2Fh9F2qo2wFaRbf0b5EBTR033CrtESnRQrOvN1FGNXz87f4RU%3D
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbKE7bjkbYWzkd%2BwJK4Aig3ONMZt5iVm0Y%2Bys2uoqTQfr7sJDIgT2nxluuMVrQoAxNMF7jQOwNF%2BQzdLdj2PS9b7S9cz4zrgBG%2F2oCVPpsKH1njTN%2FJAQtAtegm01AwSm6ME%2FEDCw1%2Fa%2FEBEwFZYqpnFKFlBv%2FU%2F9%2Fc5d1WmcBC7E%3D
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/msg_check.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbwcLxQQ4VaCpKVI3eBZoOVkigdWIvED75kXnCmcRQzxLFz1fFxtZ2R62ufGblaZAI0%2B3UqPXr3%2BxA1l2cJizLKEDuySnZouMp0H7CWIT6GFUHHsjAvfven%2FmpxIe%2Fj7MdDn3QlG6TIvp5cfT3wu5yWsXU8Ih9SfopMEJxyNg8TYk%3D
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/payment_card_status.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbwcLxQQ4VaCpKVI3eBZoOVkigdWIvED75kXnCmcRQzxLFz1fFxtZ2R62ufGblaZAI0%2B3UqPXr3%2BxA1l2cJizLKEDuySnZouMp0H7CWIT6GFUHHsjAvfven%2FmpxIe%2Fj7MdDn3QlG6TIvp5cfT3wu5yWsXU8Ih9SfopMEJxyNg8TYk%3D
Source: global traffic	HTTP traffic detected: GET /ajax/user_send_status.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhANX62ShUX%2F50X3LwOoEIP%2BLKyrh%2F2RTuh2Az6fGWrvbAIzj2l4sBwG2Vh%2Bc7vzogq2jRVC1sme10FCy7U%2FtmtGNvtIhExZ8dIZ0Io%2B4XfBHld5QcOAWqrH4iJbwStuPNCvDj9ID7%2BsOXIw5ImCIaPtnoi3KjAWqdc%3D
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/msg_check.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhANX62ShUX%2F50X3LwOoEIP%2BLKyrh%2F2RTuh2Az6fGWrvbAIzj2l4sBwG2Vh%2Bc7vzogq2jRVC1sme10FCy7U%2FtmtGNvtIhExZ8dIZ0Io%2B4XfBHld5QcOAWqrH4iJbwStuPNCvDj9ID7%2BsOXIw5ImCIaPtnoi3KjAWqdc%3D
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/payment_card_status.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/user_send_status.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbKE7bjkbYWznlSlRZNNCt3huDjxvNYw%2FWhRd1tPnc8D7BRLJRaRWeev4CdyoA2%2F9TUw5dj5W%2BnlY7V%2BtWS1VUh%2BbnEVZHno2ypGCr2GZqa6txnneYYOlk2apd98DkoUH5qCpwQFA3uZAWUjdjhYsSEqaq3sGviKrjeLSnJAeCCN8%3D
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbKE7bjkbYWznaWUYYm9KqpBMbLdYx0moyjvgpBRz75nrPz6mDAZDIEJ1dQDykhQ9juZouR8bhC1mSgtdVMv83p4v%2B9PYtyQGgGWZ142FieL1VNhNJzJQGE2AVhNUh%2FxzJaM9FFY7H7BgDhPop4iTKY2U5xYDrHEhHz%2FB%2BsrvFqzA%3D
Source: global traffic	HTTP traffic detected: GET /ajax/msg_check.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbiKbS0JOgDBLmZvRm0QRe6X5mHXi3S6FOYEY%2BcYXqpYFbdsZQuc%2BNQo6V%2FrO7ETxVtEjosgXWjy2mnv92crqZ8PN1Yfes3%2FGj8bo4rFbYXR3Lr3USopBLK0ddMs1MrHNkaEqWjXZChW7BlCh0HXr2uTsljO28Efn5VBfxUgW3ZXA%3D
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/user_send_status.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/payment_card_status.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbiKbS0JOgDBLmZvRm0QRe6X5mHXi3S6FOYEY%2BcYXqpYFbdsZQuc%2BNQo6V%2FrO7ETxVtEjosgXWjy2mnv92crqZ8PN1Yfes3%2FGj8bo4rFbYXR3Lr3USopBLK0ddMs1MrHNkaEqWjXZChW7BlCh0HXr2uTsljO28Efn5VBfxUgW3ZXA%3D
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLblgO%2Fz4BDP5tLlwCxUN8AKuxt7XdvfKtFXANmTSWdUdWnLzavwEgbUtZM4L0jKU7zlXSm2U1A9%2FShMSpafKe1ekFUUwUGpF89sSwkpN6Ccmy77phqc2qRoDUQLrYj2zl489lRyjQx3tHJKXiqchaGAabpXsUsgPXk8l%2F%2FLiT%2BOnI%3D
Source: global traffic	HTTP traffic detected: GET /ajax/msg_check.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLblgO%2Fz4BDP5tLlwCxUN8AKuxt7XdvfKtFXANmTSWdUdWnLzavwEgbUtZM4L0jKU7zlXSm2U1A9%2FShMSpafKe1ekFUUwUGpF89sSwkpN6Ccmy77phqc2qRoDUQLrYj2zl489lRyjQx3tHJKXiqchaGAabpXsUsgPXk8l%2F%2FLiT%2BOnI%3D
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbnmKTRaewPBv6D4N3gsbyVA6TaKJ2TWCoCUsW6bdLTMW73OP3tHSaIlWHok3QGopDzOZ1W588cfBr1RJ2rDsrTtH3jz26VE6CMuNHtJNV9ZMYY383gh0wqqVXm45%2FqBVdb7RQaa2u1Vn56LyDVYhrNFPnCduJ2Ju1K0VG8TBHTKc%3D
Source: global traffic	HTTP traffic detected: GET /ajax/user_send_status.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/payment_card_status.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/msg_check.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbbmD9q%2B5pe3W%2BHk8d55u6cviilUiAHZFRnhfAgw7V6NzHb81OX0bM7sytmWhYlpFaW7YnIx3CDwY75c0LQ7bqyv2UpbMcb7Rp%2FdnQQ1TgRHz3%2FdJuOxRbHmGTpVnbv18nDMSuGTvIv6mdXfQ%2Bcs2MQ0fukjxFtYTAt0S2niMIAD0%3D
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET /ajax/payment_card_status.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: px_init=0; pcm_personalization_disabled=0; bkng_sso_auth=CAIQsOnuTRpmWRWR+u9soBpACiAfv7ngQKC1IRe4CdruwWuDhBjZTMXv3pm2sJSH5bMshbZj2K9TJfCqsXrunTkLxnMKGiX1gBmASZVh0qHhIViOgPmZJzHd6vpm1C6h9EKRinb60UaKf98L38K/; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D49a598ac-27d2-43e0-8f81-04215f1b7607%26consentedAt%3D2024-09-28T02%3A37%3A54.799Z%26expiresAt%3D2025-03-27T02%3A37%3A54.799Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbbmD9q%2B5pe3W%2BHk8d55u6cviilUiAHZFRnhfAgw7V6NzHb81OX0bM7sytmWhYlpFaW7YnIx3CDwY75c0LQ7bqyv2UpbMcb7Rp%2FdnQQ1TgRHz3%2FdJuOxRbHmGTpVnbv18nDMSuGTvIv6mdXfQ%2Bcs2MQ0fukjxFtYTAt0S2niMIAD0%3D
Source: global traffic	HTTP traffic detected: GET /ajax/user_send_status.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: ramadawynd.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: */*Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l

Source: chromecache_136.2.dr

String found in binary or memory: "https://www.facebook.com/bookingcom/", equals www.facebook.com (Facebook)

Source: global traffic	DNS traffic detected: DNS query: ramadawynd.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: q-xx.bstatic.com
Source: global traffic	DNS traffic detected: DNS query: cdnjs.cloudflare.com
Source: global traffic	DNS traffic detected: DNS query: booking.com
Source: global traffic	DNS traffic detected: DNS query: www.booking.com
Source: global traffic	DNS traffic detected: DNS query: nellie.booking.com

Source: unknown

HTTP traffic detected: POST /ajax/user_send_status.php HTTP/1.1Host: ramadawynd.comConnection: keep-aliveContent-Length: 33sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: application/json, text/javascript, */*; q=0.01Content-Type: application/x-www-form-urlencoded; charset=UTF-8X-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://ramadawynd.comSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://ramadawynd.com/wakdlAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: PHPSESSID=jrootop87gg13f0ob9ikpdkc3l

Source: chromecache_136.2.dr	String found in binary or memory: http://a9.com/-/spec/opensearch/1.1/
Source: chromecache_135.2.dr	String found in binary or memory: http://fontawesome.io
Source: chromecache_135.2.dr	String found in binary or memory: http://fontawesome.io/license
Source: chromecache_136.2.dr	String found in binary or memory: http://ogp.me/ns#
Source: chromecache_136.2.dr	String found in binary or memory: http://ogp.me/ns/fb#
Source: chromecache_136.2.dr	String found in binary or memory: http://ogp.me/ns/fb/booking_com#
Source: chromecache_136.2.dr	String found in binary or memory: http://schema.org
Source: chromecache_136.2.dr	String found in binary or memory: https://account.booking.com/auth/oauth2?client_id=vO1Kblk7xX9tUn2cpZLS&redirect_uri=https%3A%2F%
Source: chromecache_136.2.dr	String found in binary or memory: https://account.booking.com/oauth2/authorize?aid=304142;client_id=d1cDdLj40ACItEtxJLTo;redirect_uri=
Source: chromecache_136.2.dr	String found in binary or memory: https://account.booking.com/sso/logout/v3
Source: chromecache_136.2.dr	String found in binary or memory: https://careers.booking.com/
Source: chromecache_136.2.dr	String found in binary or memory: https://carrier.booking.com/google/places/webautocompletesimple
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/images/
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/libs/privacy-consent/releases/2.1.56/customer/cookie-banner.min.js
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/css/assistant_entrypoint_cloudfront_sd.iq_ltr/611b70b00745fa4412a01012
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/css/async_tt_quiz_cloudfront_sd.iq_ltr/ac73a1533c9b137d154e412af58b0b6
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/css/async_wpm_overlay_assets_cloudfront_sd.iq_ltr/abb304bf3600a5cf5f74
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/css/gprof_icons_cloudfront_sd.iq_ltr/308436ca26aacf6a7553e4c0cf298d0f7
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/css/incentives_cloudfront_sd.iq_ltr/f1558a6e9832a4eb8cfe1d3d14db176bd3
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/css/index_cloudfront_sd.iq_ltr/8c4382cb776a747249815b8dfc6e41527a56143
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/css/main_cloudfront_sd.iq_ltr/2ee63c50562eff5b15bd5494ec6df807b8ad79c2
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/css/main_exps_cloudfront_sd.iq_ltr/22870d2036e5b5667d39fb7d0c2c8e937d5
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/css/print/0cc4ce4b7108d42a9f293fc9b654f749d84ba4eb.css
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/css/searchresults_cloudfront_sd.iq_ltr/633191d164d93a0ad3dd5102b5dba15
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/css/ski_lp_overview_panel_cloudfront_sd.iq_ltr/2b3350935410fe4e36d74ef
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/css/xp-index-sb_cloudfront_sd.iq_ltr/5b5ab8ab66a5ce3092875d0725122439c
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/img
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/img/apple-touch-icon/5db9fd30d96b1796883ee94be7dddce50b73bb38.png
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/img/booking_logo_knowledge_graph/247454a990efac1952e44dddbf30c58677aa0
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/img/favicon/40749a316c45e239a7149b6711ea4c48d10f8d89.ico
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/img/favicon/4a3b40c4059be39cbf1ebaa5f97dbb7d150926b9.png
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/img/favicon/9ca83ba2a5a3293ff07452cb24949a5843af4592.svg
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/img/fb/9/0177df691e59d2f4926f0ad7e18a7c867487fe93.jpg
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/img/nobg_all_blue_iq/b700d9e3067c1186a3364012df4fe1c48ae6da44.png
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/img/twitter-image-else/566c7081f1deeaca39957e96365c3908f83b95af.jpg
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/js/assistant_entrypoint_cloudfront_sd/ef4280b820a27ed734dd50de76d082ea
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/js/async_atlas_v2_cn_cloudfront_sd/bd7e7adbf9731810a79badc567cd4846b1a
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/js/async_atlas_v2_non_cn_cloudfront_sd/880672823d34a6cc1366fd38f98c6b4
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/js/async_flash_deals_countdown_cloudfront_sd/ed6ec8a2950ae6f5f3420107a
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/js/async_index_postcards_c360_cloudfront_sd/11d2b12d25c970340e0e5c5707
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/js/async_lists_cloudfront_sd/216b2f573c19eba663f686dd8f7cd4747a4d4cb7.
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/js/async_tt_quiz_cloudfront_sd/8e3159ed1f490736c8984a2b979c73d5dbf0c86
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/js/async_wpm_overlay_assets_cloudfront_sd/c6cb9b63eea61102d4e96fe72b7c
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/js/atlas_cloudfront_sd/ed3c4c1b930b70d5167fcfbf6e3aaa28a793fe5e.js
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/js/atlas_cst_cloudfront_sd/8a1e83c4336018070ee81eb566910595f1ca81c4.js
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/js/atlas_places_async_cloudfront_sd/c94b60c4da2dae6b55fd9eabf168f146fc
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/js/calendar2_cloudfront_sd/06071dd1c4e89fbe99e5ad6e21584a6bf9585e84.js
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/js/core-deps-inlinedet_cloudfront_sd/f62025e692b596dd53ecd1bd082dfd319
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/js/crossorigin_check_cloudfront_sd/2454015045ef79168d452ff4e7f30bdadff
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/js/error_catcher_bec_cloudfront_sd/0acd2ada6c74d5dec978a04ea837952bdf0
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/js/genius_vip_cloudfront_sd/aae975495cc56436f4f59463b9ea4e594bdb102a.j
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/js/index_cloudfront_sd/693a0892efdf573b00d83496327ad37b653d73d5.js
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/js/jquery_cloudfront_sd/e1e8c0e862309cb4caf3c0d5fbea48bfb8eaad42.js
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/js/landingpage_cloudfront_sd/f1c8c212c0149249fef02a562a6669d167bc56bc.
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/js/lazy_load_images_cloudfront_sd/77204d4da4aa41b08b1a4062c8e66e462955
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/js/main_cloudfront_sd/0f9aa5e6bd51fe081f94c12bc31252328fcf3740.js
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/js/plugable-access-form_cloudfront_sd/3ae2aaac8c7322f2908109b6a9e74460
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/js/raf_cloudfront_sd/ed36fcb3b802629d6a22b8ea1307ea68d6bc1f4b.js
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/js/searchbox_cloudfront_sd/8c409b90db8d2ce96d4f48a8b2eca3f43a705428.js
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/js/searchresults_cloudfront_sd/cf2a65346f0e3531401565e3c3fb44799051d8a
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/js/searchresults_slick_cloudfront_sd/528359eb9f21194adf8c26f81e07c6eb2
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/js/ski_lp_overview_panel_cloudfront_sd/9d8e7cfd33a37ffb15285d98f697002
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/js/sp-on-maps_cloudfront_sd/1b5ab45c2163d623661ae52ed8605d70640c7f2e.j
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/static/opensearch/en-us/e19e3ca297c466eb18e0b783736192a638f6a66e.xml
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/xdata/images/xphoto/540x405/266633264.jpg?k=7f9eb9bcfb7cd9189036fd6b28f51eb23
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/xdata/images/xphoto/540x405/281113733.jpg?k=43768154acdf2261706ad890b1e6196e0
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/xdata/images/xphoto/540x405/288300879.jpg?k=20a291605b4d1cc6c15b1ee3f9598c22d
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/xdata/images/xphoto/540x405/292049346.jpg?k=ad53f89eb6ed386bcdb6100d5c729e6db
Source: chromecache_136.2.dr	String found in binary or memory: https://cf.bstatic.com/xdata/images/xphoto/540x405/292056369.jpg?k=358d8cd9ede268c8a9660de4debc48b68
Source: chromecache_136.2.dr	String found in binary or memory: https://community.booking.com/?profile.language=en
Source: chromecache_136.2.dr	String found in binary or memory: https://d8c14d4960ca.edge.sdk.awswaf.com/d8c14d4960ca/a18a4859af9c/challenge.js
Source: chromecache_136.2.dr	String found in binary or memory: https://plus.google.com/105443419075154950489
Source: chromecache_136.2.dr	String found in binary or memory: https://q-xx.bstatic.com/psb/capla/static/media/bh_aw_cpg_main_image.b4347622.png
Source: chromecache_136.2.dr	String found in binary or memory: https://q-xx.bstatic.com/xdata/images/xphoto/1440x434/385632507.jpeg?k=b60dbd5ac89068565bac4efdfb377
Source: chromecache_136.2.dr	String found in binary or memory: https://q-xx.bstatic.com/xdata/images/xphoto/500x500/184698944.png?k=6bb1bf3c13db4a7ba3c22a2d1f1051f
Source: chromecache_136.2.dr	String found in binary or memory: https://q-xx.bstatic.com/xdata/images/xphoto/500x500/295240491.png?k=717ea4eeea32110334bf30c06e2ccda
Source: chromecache_136.2.dr	String found in binary or memory: https://q-xx.bstatic.com/xdata/images/xphoto/720x217/385632507.jpeg?k=b60dbd5ac89068565bac4efdfb377c
Source: chromecache_136.2.dr	String found in binary or memory: https://r-xx.bstatic.com/xdata/images/xphoto/2880x868/385632507.jpeg?k=b60dbd5ac89068565bac4efdfb377
Source: chromecache_136.2.dr	String found in binary or memory: https://r-xx.bstatic.com/xdata/images/xphoto/500x500/240858582.png?k=e46cebd6ecfd667a8ac109141e528f8
Source: chromecache_136.2.dr	String found in binary or memory: https://r-xx.bstatic.com/xdata/images/xphoto/500x500/295262540.png?k=3448b4913c3e4c983c0679f249dc056
Source: chromecache_136.2.dr	String found in binary or memory: https://r-xx.bstatic.com/xdata/images/xphoto/500x500/312750432.png?k=9ba070f0a3d9781d739acfb4f8134cd
Source: chromecache_136.2.dr	String found in binary or memory: https://r-xx.bstatic.com/xdata/images/xphoto/500x500/319580025.png?k=3788ea30f77622c889cc3828a3f6fe0
Source: chromecache_136.2.dr	String found in binary or memory: https://r-xx.bstatic.com/xdata/images/xphoto/500x500/372051085.jpeg?k=f5182852fa2c998e2b47cfd922da41
Source: chromecache_136.2.dr	String found in binary or memory: https://r-xx.bstatic.com/xdata/images/xphoto/714x300/350960127.jpeg?k=e2732d40882766c8edd0001d7cca56
Source: chromecache_136.2.dr	String found in binary or memory: https://schema.org
Source: chromecache_136.2.dr	String found in binary or memory: https://secure.booking.com
Source: chromecache_136.2.dr	String found in binary or memory: https://secure.booking.com/company/reservations.html?label=gen173nr-1FCAEoggI46AdIM1gEaKcCiAEBmAExuA
Source: chromecache_136.2.dr	String found in binary or memory: https://secure.booking.com/company/search.html?label=gen173nr-1FCAEoggI46AdIM1gEaKcCiAEBmAExuAEXyAEM
Source: chromecache_136.2.dr	String found in binary or memory: https://secure.booking.com/help.html?label=gen173nr-1FCAEoggI46AdIM1gEaKcCiAEBmAExuAEXyAEM2AEB6AEB-A
Source: chromecache_136.2.dr	String found in binary or memory: https://secure.booking.com/login.html?op=oauth_return
Source: chromecache_136.2.dr	String found in binary or memory: https://secure.booking.com/myreservations.html?label=gen173nr-1FCAEoggI46AdIM1gEaKcCiAEBmAExuAEXyAEM
Source: chromecache_136.2.dr	String found in binary or memory: https://secure.booking.com/mysettings.html?label=gen173nr-1FCAEoggI46AdIM1gEaKcCiAEBmAExuAEXyAEM2AEB
Source: chromecache_136.2.dr	String found in binary or memory: https://secure.booking.com/reviewtimeline.html?label=gen173nr-1FCAEoggI46AdIM1gEaKcCiAEBmAExuAEXyAEM
Source: chromecache_136.2.dr	String found in binary or memory: https://securepubads.g.doubleclick.net/tag/js/gpt.js
Source: chromecache_136.2.dr	String found in binary or memory: https://shelves.booking.com/
Source: chromecache_136.2.dr	String found in binary or memory: https://t-cf.bstatic.com/design-assets/assets/v3.125.0/illustrations-traveller/GeniusGenericGiftBox
Source: chromecache_136.2.dr	String found in binary or memory: https://t-cf.bstatic.com/design-assets/assets/v3.125.0/illustrations-traveller/GeniusGenericGiftBox.
Source: chromecache_136.2.dr	String found in binary or memory: https://twitter.com/bookingcom
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/_frdtcr?aid=304142
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/articles.html?aid=304142
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/articles/bangkok-rooftop-bars.xu.html?label=gen173nr-1FCAEoggI46AdIM1gEaKcCi
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/articles/best-hotels-los-angeles.xu.html?label=gen173nr-1FCAEoggI46AdIM1gEaK
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/articles/best-orlando-hotels-families.xu.html?label=gen173nr-1FCAEoggI46AdIM
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/articles/best-ski-towns.xu.html?label=gen173nr-1FCAEoggI46AdIM1gEaKcCiAEBmAE
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/articles/usa-thanksgiving-holiday-homes.xu.html?label=gen173nr-1FCAEoggI46Ad
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/booking-home/index.en-us.html?aid=304142&label=gen173nr-1FCAEoggI46AdIM1
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/business.html?label=gen173nr-1FCAEoggI46AdIM1gEaKcCiAEBmAExuAEXyAEM2AEB6AEB-
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/dealspage.en-us.html?aid=304142&label=gen173nr-1FCAEoggI46AdIM1gEaKcCiAE
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/destinationfinderdeals.html?label=gen173nr-1FCAEoggI46AdIM1gEaKcCiAEBmAExuAE
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/flights/index.en-us.html?aid=304142&label=gen173nr-1FCAEoggI46AdIM1gEaKc
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/genius.html?label=gen173nr-1FCAEoggI46AdIM1gEaKcCiAEBmAExuAEXyAEM2AEB6AEB-AE
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.ar.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.bg.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.ca.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.cs.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.da.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.de.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.el.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.en-gb.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.es-ar.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.es-mx.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.es.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.et.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.fi.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.fr.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.he.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.hi.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.hr.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.html?label=gen173nr-1FCAEoggI46AdIM1gEaKcCiAEBmAExuAEXyAEM2AEB6AEB-AEC
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.hu.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.id.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.is.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.it.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.ja.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.ko.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.lt.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.lv.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.ms.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.nl.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.no.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.pl.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.pt-br.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.pt-pt.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.ro.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.ru.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.sk.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.sl.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.sr.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.sv.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.th.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.tl.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.tr.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.uk.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.vi.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.zh-cn.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/index.zh-tw.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/searchresults.html
Source: chromecache_136.2.dr	String found in binary or memory: https://www.booking.com/searchresults.html?aid=800210&si=ai
Source: chromecache_136.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtm.js?id=GTM-5Q664QZ
Source: chromecache_136.2.dr	String found in binary or memory: https://www.googletagmanager.com/ns.html?id=GTM-5Q664QZ
Source: chromecache_136.2.dr	String found in binary or memory: https://www.instagram.com/bookingcom/
Source: chromecache_136.2.dr	String found in binary or memory: https://www.tiktok.com/

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49744
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 54150 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54138 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54218 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52037 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49737
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49736
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49735
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49841 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54287 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 54184 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54206 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52048 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54149 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54241 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52083 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54276 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52072 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 54230 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 54173 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49847
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49845
Source: unknown	Network traffic detected: HTTP traffic on port 54309 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49844
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49843
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49842
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49841
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49840
Source: unknown	Network traffic detected: HTTP traffic on port 52084 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54185 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54242 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52061 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54298 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54162 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54275 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49839
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49838
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49837
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49836
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49835
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49834
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49833
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 54321 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 49839 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54151 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54264 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52025 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54310 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54137 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54253 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 54196 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 54219 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 52036 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 49737 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52095 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 54286 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49786
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 54263 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49780
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54179
Source: unknown	Network traffic detected: HTTP traffic on port 54148 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54178
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54299
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54240 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52082 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54184
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54183
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54182
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54181
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54188
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54187
Source: unknown	Network traffic detected: HTTP traffic on port 54228 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54186
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54185
Source: unknown	Network traffic detected: HTTP traffic on port 52050 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54174 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54300 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49736 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54180
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49779
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49778
Source: unknown	Network traffic detected: HTTP traffic on port 54197 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49777
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49775
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 52027 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54189
Source: unknown	Network traffic detected: HTTP traffic on port 54311 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54195
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54194
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54193
Source: unknown	Network traffic detected: HTTP traffic on port 54251 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54192
Source: unknown	Network traffic detected: HTTP traffic on port 54297 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54163 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54199
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54198
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54197
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54196
Source: unknown	Network traffic detected: HTTP traffic on port 52059 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54217 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52038 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54191
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54190
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 52093 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 54152 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49840 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54207 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54312 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52049 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49797 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54252 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54136 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52071 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 52094 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 54285 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 52060 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54147 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49786 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54186 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54229 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54274 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 54175 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49745
Source: unknown	Network traffic detected: HTTP traffic on port 54129 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54209 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54244 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54221 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54170 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54141 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54193 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52092 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49837 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52023 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54279 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52069 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54255 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52034 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54301 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49735 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54290 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54278 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52045 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49745 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54245 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54159 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54302 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54233 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52058 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49797
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 52033 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 54256 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 54182 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54222 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52081 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54313 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54140 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54267 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54171 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52070 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49779 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52047 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54160 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54314 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54183 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54277 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54254 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54231 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54289 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52056 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52079 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54128 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54266 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54220 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54139 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54194 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52080 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49838 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54288 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54127 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54265 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52068 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52035 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54172 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49778 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54210 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54195 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54243 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54161 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52046 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52091 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49744 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54299 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54303 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54232 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52057 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54282 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49800 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54201 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52089 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52100 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54224 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54247 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54304 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52077 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54178 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54212 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54309
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54308
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54307
Source: unknown	Network traffic detected: HTTP traffic on port 54258 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52031 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54132 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54302
Source: unknown	Network traffic detected: HTTP traffic on port 54293 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54301
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54300
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54306
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54305
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54304
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54303
Source: unknown	Network traffic detected: HTTP traffic on port 54315 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52066 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54167 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54190 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49777 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52078 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54236 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52055 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54319
Source: unknown	Network traffic detected: HTTP traffic on port 54156 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54318
Source: unknown	Network traffic detected: HTTP traffic on port 54259 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54313
Source: unknown	Network traffic detected: HTTP traffic on port 49834 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54312
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54311
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54310
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54317
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54316
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54315
Source: unknown	Network traffic detected: HTTP traffic on port 54200 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54314
Source: unknown	Network traffic detected: HTTP traffic on port 54316 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52042 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52090 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54191 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54320
Source: unknown	Network traffic detected: HTTP traffic on port 54143 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49847 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54209
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54281 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52024
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54203
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52025
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54202
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54201
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52023
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54200
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54321
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52028
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54207
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52029
Source: unknown	Network traffic detected: HTTP traffic on port 54168 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54206
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52067 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54205
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52027
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54204
Source: unknown	Network traffic detected: HTTP traffic on port 54225 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52031
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54210
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52032
Source: unknown	Network traffic detected: HTTP traffic on port 54270 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52030
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54179 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54211 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52053 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54234 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54257 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54292 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49836 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52044 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49845 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54157 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54180 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52087 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54202 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49780 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54223 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54269 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54142 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54305 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52076 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54213 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54181 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52032 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54280 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52088 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54169 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52065 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54268 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54306 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52054 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54235 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54291 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52101
Source: unknown	Network traffic detected: HTTP traffic on port 49835 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52102
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52100
Source: unknown	Network traffic detected: HTTP traffic on port 54317 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52043 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54192 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54246 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49775 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54158 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52099 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52028 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54238 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52079
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54137
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54258
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54136
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54257
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52077
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54135
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54256
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52078
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54134
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54255
Source: unknown	Network traffic detected: HTTP traffic on port 52063 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54187 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52086 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54139
Source: unknown	Network traffic detected: HTTP traffic on port 54318 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54138
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54259
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52082
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54140
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54261
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52083
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54260
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52080
Source: unknown	Network traffic detected: HTTP traffic on port 54164 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54296 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52081
Source: unknown	Network traffic detected: HTTP traffic on port 54250 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52086
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54144
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54265
Source: unknown	Network traffic detected: HTTP traffic on port 52040 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52087
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54143
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54264
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52084
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54142
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54263
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52085
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54141
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54262
Source: unknown	Network traffic detected: HTTP traffic on port 54273 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54153 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 54262 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 52052 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54148
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54269
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54147
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54268
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52088
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54146
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54267
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52089
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54145
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54266
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54149
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52093
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54151
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54272
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 52094
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 54150

Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49746 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 184.28.90.27:443 -> 192.168.2.4:49747 version: TLS 1.2

System Summary

Source: classification engine

Classification label: mal64.phis.win@23/42@20/13

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1992,i,13184340910222023404,7207311649821444817,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "https://ramadawynd.com/wakdl"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4044 --field-trial-handle=1992,i,13184340910222023404,7207311649821444817,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2032 --field-trial-handle=1992,i,13184340910222023404,7207311649821444817,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=4044 --field-trial-handle=1992,i,13184340910222023404,7207311649821444817,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown			Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected