Windows Analysis Report
http://account.booking.com

Overview

General Information

Sample URL:	http://account.booking.com
Analysis ID:	1562502
Infos:

Detection

Score:	1
Range:	0 - 100
Whitelisted:	false
Confidence:	100%

Signatures

HTML body contains low number of good links

HTML body contains password input but no form action

Classification

Signatures

HTML body contains low number of good links

Source: https://account.booking.com/register/password

HTTP Parser: Number of links: 1

HTML body contains password input but no form action

Source: https://account.booking.com/	HTTP Parser: <input type="password" .../> found but no <form action="...
Source: https://account.booking.com/register/password	HTTP Parser: <input type="password" .../> found but no <form action="...

Source: https://account.booking.com/	HTTP Parser: Iframe src: https://www.booking.com/cookiebanner.html
Source: https://account.booking.com/register/password	HTTP Parser: Iframe src: https://www.booking.com/cookiebanner.html

Source: https://account.booking.com/	HTTP Parser: <input type="password" .../> found
Source: https://account.booking.com/register/password	HTTP Parser: <input type="password" .../> found

Source: https://account.booking.com/	HTTP Parser: No favicon
Source: https://account.booking.com/	HTTP Parser: No favicon
Source: https://account.booking.com/register/password	HTTP Parser: No favicon
Source: https://account.booking.com/register/password	HTTP Parser: No favicon
Source: https://account.booking.com/register/password	HTTP Parser: No favicon
Source: https://account.booking.com/register/password	HTTP Parser: No favicon

Source: https://account.booking.com/	HTTP Parser: No <meta name="author".. found
Source: https://account.booking.com/register/password	HTTP Parser: No <meta name="author".. found

Source: https://account.booking.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://account.booking.com/register/password	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 2.18.109.164:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.18.109.164:443 -> 192.168.2.4:49743 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.4:49770 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.4:49923 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.4:49926 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.4:49972 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 217.20.56.98
Source: unknown	TCP traffic detected without corresponding DNS query: 217.20.56.98
Source: unknown	TCP traffic detected without corresponding DNS query: 217.20.56.98
Source: unknown	TCP traffic detected without corresponding DNS query: 217.20.56.98
Source: unknown	TCP traffic detected without corresponding DNS query: 217.20.56.98
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.63

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: account.booking.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /consent/a387750c-a080-4dd0-b2d1-7dbdb601bb14/OtAutoBlock.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/709_c32002792e35c69191e8.css HTTP/1.1Host: cf.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/704_9a0ec8d2f80e7d346616.css HTTP/1.1Host: cf.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/629_a83b0423500bf7bdde4f.css HTTP/1.1Host: cf.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/57_a194fd9bf3b476d89299.css HTTP/1.1Host: cf.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/runtime~index_a9240719fc64a8f3ef82.js HTTP/1.1Host: cf.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/54_97d049b4c4a1c2f7cfdb.js HTTP/1.1Host: cf.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/fvtrpw.gif HTTP/1.1Host: account.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_ap=U2FsdGVkX19akrxw8nLaaIrnHelZlZZoZM0qgYmUXwg8GpSRVjghZi1Ekqaf8H6WpZnQBUXr1KO9%0Al71OwtxybQ%3D%3D%0A; bkng_sso_ses=e30; bkng_ap_sso_session=eyJib29raW5nX2dsb2JhbCI6eyJzZXNzaW9ucyI6W10sImRhdGFfc3ViamVjdF9pZCI6ImExN2JjZmJkLTNkN2QtNGY3OC04NTM4LTdmZDFhYTkxZmZhZiJ9fQ; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t
Source: global traffic	HTTP traffic detected: GET /libs/privacy-consent/1.0.0/customer/cookie-banner.min.js HTTP/1.1Host: www.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /consent/a387750c-a080-4dd0-b2d1-7dbdb601bb14/OtAutoBlock.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/709_bad9882915aa6a1c2b70.js HTTP/1.1Host: cf.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/runtime~index_a9240719fc64a8f3ef82.js HTTP/1.1Host: cf.bstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/704_e7ede50c1fdac354671b.js HTTP/1.1Host: cf.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/624_96ca1b056e9464729f28.js HTTP/1.1Host: cf.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/54_97d049b4c4a1c2f7cfdb.js HTTP/1.1Host: cf.bstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/fvtrpw.gif HTTP/1.1Host: account.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; bkng_ap_sso_session=eyJib29raW5nX2dsb2JhbCI6eyJzZXNzaW9ucyI6W10sImRhdGFfc3ViamVjdF9pZCI6ImExN2JjZmJkLTNkN2QtNGY3OC04NTM4LTdmZDFhYTkxZmZhZiJ9fQ; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; bkng_ap=U2FsdGVkX1%2F5cBjR%2BytXTDTzb5hP6TZ8wixc4LQO58EBgSHtpw0NITJz5REb7jVy2duOUSB0PtL0%0AVESWnGSO4w%3D%3D%0A
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/987_175b3de059909b49ef78.js HTTP/1.1Host: cf.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /libs/privacy-consent/1.0.0/customer/cookie-banner.min.js HTTP/1.1Host: www.bstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/629_b3ab60a933ee60003b06.js HTTP/1.1Host: cf.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/133_878a17a1dd9684883a3d.js HTTP/1.1Host: cf.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/987_175b3de059909b49ef78.js HTTP/1.1Host: cf.bstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/991_a6ad99ceec88bdd4c73c.js HTTP/1.1Host: cf.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/624_96ca1b056e9464729f28.js HTTP/1.1Host: cf.bstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/index_b606a6e5896516848e89.js HTTP/1.1Host: cf.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/704_e7ede50c1fdac354671b.js HTTP/1.1Host: cf.bstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/133_878a17a1dd9684883a3d.js HTTP/1.1Host: cf.bstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/709_bad9882915aa6a1c2b70.js HTTP/1.1Host: cf.bstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/629_b3ab60a933ee60003b06.js HTTP/1.1Host: cf.bstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=phmhfH7UPSs95rn&MD=Ha+zLtAd HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/991_a6ad99ceec88bdd4c73c.js HTTP/1.1Host: cf.bstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/index_b606a6e5896516848e89.js HTTP/1.1Host: cf.bstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cookiebanner.html HTTP/1.1Host: www.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t
Source: global traffic	HTTP traffic detected: GET /backend_static/common/flags/new/48-squared/us.png HTTP/1.1Host: q-xx.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /design-assets/assets/v3.58.1/fonts-brand/BookingExtraBold.woff HTTP/1.1Host: t-cf.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://account.booking.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cf.bstatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /libs/acc-clientlib/v5/clientlib.js HTTP/1.1Host: xx.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/otSDKStub.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js-metric HTTP/1.1Host: account.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; bkng_ap_sso_session=eyJib29raW5nX2dsb2JhbCI6eyJzZXNzaW9ucyI6W10sImRhdGFfc3ViamVjdF9pZCI6ImExN2JjZmJkLTNkN2QtNGY3OC04NTM4LTdmZDFhYTkxZmZhZiJ9fQ; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; bkng_ap=U2FsdGVkX19jZ%2BgJ5OwhKw%2FtfIQ49V4CPyDNSDTwG7dsMttmLlQEgrQa6Aepz0oPGpvN9nSS5IB%2B%0AsvWpV4T%2Fxg%3D%3D%0A; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbKE7bjkbYWzk5unL0%2B7dFndR92ych2FQP8o5qWZtjqT36rKOtZgWEtwlNirpSPQsYaLoz6yyJCcL10%2BXuQ4T5GVJlHstrRF%2FFM2Q720eEDhtw4B22TX3wnSjWC%2BjdtRXtJpXZiMdlymz3pagF9t6tOGCJeguZuNyx
Source: global traffic	HTTP traffic detected: GET /d8c14d4960ca/c2181391033f/challenge.js HTTP/1.1Host: d8c14d4960ca.edge.sdk.awswaf.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /backend_static/common/flags/new/48-squared/us.png HTTP/1.1Host: q-xx.bstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /libs/acc-clientlib/v5/clientlib.js HTTP/1.1Host: xx.bstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/otSDKStub.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /consent/a387750c-a080-4dd0-b2d1-7dbdb601bb14/a387750c-a080-4dd0-b2d1-7dbdb601bb14.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://account.booking.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /a9hs5a4xjv22puki.js?v5pg8okhz744zguf=doregtzf&fvnf8qc8zzjqzym2=43d59af6-e3da-487e-bfc0-caaf3b30acb6 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbKE7bjkbYWzk5unL0%2B7dFndR92ych2FQP8o5qWZtjqT36rKOtZgWEtwlNirpSPQsYaLoz6yyJCcL10%2BXuQ4T5GVJlHstrRF%2FFM2Q720eEDhtw4B22TX3wnSjWC%2BjdtRXtJpXZiMdlymz3pagF9t6tOGCJeguZuNyx
Source: global traffic	HTTP traffic detected: GET /c360/v1/track HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D
Source: global traffic	HTTP traffic detected: GET /js-metric HTTP/1.1Host: account.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; bkng_ap_sso_session=eyJib29raW5nX2dsb2JhbCI6eyJzZXNzaW9ucyI6W10sImRhdGFfc3ViamVjdF9pZCI6ImExN2JjZmJkLTNkN2QtNGY3OC04NTM4LTdmZDFhYTkxZmZhZiJ9fQ; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; bkng_ap=U2FsdGVkX19jZ%2BgJ5OwhKw%2FtfIQ49V4CPyDNSDTwG7dsMttmLlQEgrQa6Aepz0oPGpvN9nSS5IB%2B%0AsvWpV4T%2Fxg%3D%3D%0A; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbKE7bjkbYWzk5unL0%2B7dFndR92ych2FQP8o5qWZtjqT36rKOtZgWEtwlNirpSPQsYaLoz6yyJCcL10%2BXuQ4T5GVJlHstrRF%2FFM2Q720eEDhtw4B22TX3wnSjWC%2BjdtRXtJpXZiMdlymz3pagF9t6tOGCJeguZuNyx
Source: global traffic	HTTP traffic detected: GET /d8c14d4960ca/c2181391033f/challenge.js HTTP/1.1Host: d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /consent/a387750c-a080-4dd0-b2d1-7dbdb601bb14/a387750c-a080-4dd0-b2d1-7dbdb601bb14.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cookieconsentpub/v1/geo/location HTTP/1.1Host: geolocation.onetrust.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"accept: application/jsonsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://account.booking.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cookieconsentpub/v1/geo/location HTTP/1.1Host: geolocation.onetrust.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /T6pHM1Kv1256ky7p?3d2230f7d2a8115c=1d04QixAcLsmMxe1NApuBHDtg8ZUutfGZ5yhDKrZs7AHvWtQNKBtNKgbkxoChMA5IGauAuhuKE3cy9XOUNbrQ9ZQ5rAmVWjtJEXJc6A9sNFmYXfUJvSeI8BtTYE09q2jyyZgsckA-oCAR_aUHYP4idJP4qnplWG73OIZyRM25FZUXHLjkDGNUSpyQLQZpRfrTNqOeL1e5rR9ieir&jb=353b262662736d7735576b6e6467777b246a7b6d3f556966666f7771273032313024687162773d4360726d6f6d26687362354360706f6567273030393337 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAy47yZlXFLAhePZSSt535xRrxFOfSU7bwEsbO04_1e38VW3qaz8JBDtDk9AR212ybSWjVlnV6HJlctGGzj1pjj0x0EdXw
Source: global traffic	HTTP traffic detected: GET /a9hs5a4xjv22puki.js?v5pg8okhz744zguf=doregtzf&fvnf8qc8zzjqzym2=43d59af6-e3da-487e-bfc0-caaf3b30acb6 HTTP/1.1Host: asanalytics.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAy47yZlXFLAhePZSSt535xRrxFOfSU7bwEsbO04_1e38VW3qaz8JBDtDk9AR212ybSWjVlnV6HJlctGGzj1pjj0x0EdXw
Source: global traffic	HTTP traffic detected: GET /tGNM_W8j9T_L5CC9?114e19a2bbfc6044=15J5dmbBUeqIQX0jd-7KOALK-LuXffFvInmoYquIZxxNrUeBTtpR6KUeB2Q9xaAakUKnuzJ5LaWMx0wedgHASe56cw6QbT35oPL0BMr0bNP19aAMfTF4Mp_vtNhRlFpPhNEyphbmIcyI9C3xJbo3_HbisPx3kLD9w4f9dD4 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAy47yZlXFLAhePZSSt535xRrxFOfSU7bwEsbO04_1e38VW3qaz8JBDtDk9AR212ybSWjVlnV6HJlctGGzj1pjj0x0EdXw
Source: global traffic	HTTP traffic detected: GET /js-metric HTTP/1.1Host: account.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; bkng_ap_sso_session=eyJib29raW5nX2dsb2JhbCI6eyJzZXNzaW9ucyI6W10sImRhdGFfc3ViamVjdF9pZCI6ImExN2JjZmJkLTNkN2QtNGY3OC04NTM4LTdmZDFhYTkxZmZhZiJ9fQ; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; bkng_ap=U2FsdGVkX19jZ%2BgJ5OwhKw%2FtfIQ49V4CPyDNSDTwG7dsMttmLlQEgrQa6Aepz0oPGpvN9nSS5IB%2B%0AsvWpV4T%2Fxg%3D%3D%0A; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D
Source: global traffic	HTTP traffic detected: GET /pqF3nGsAyelKT7zM?01c290fe34e6d07b=HlW_oNRa-UbKE1D5iCNafqheOkVg-zuMyanoIWmKrvHVBIXnUlAVpQ44j_XGdi-QYLu4l767TNwZIMd3lGlVTueGL4a-IghokefHIbCphdCWh1-IkClLv1pCjHDy8DAKaxhG8AbB6iHKWB5EwhUe0O3VKVdNuhh1SLyTgGQ HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAy47yZlXFLAhePZSSt535xRrxFOfSU7bwEsbO04_1e38VW3qaz8JBDtDk9AR212ybSWjVlnV6HJlctGGzj1pjj0x0EdXw
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202408.1.0/otBannerSdk.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tGNM_W8j9T_L5CC9?114e19a2bbfc6044=15J5dmbBUeqIQX0jd-7KOALK-LuXffFvInmoYquIZxxNrUeBTtpR6KUeB2Q9xaAakUKnuzJ5LaWMx0wedgHASe56cw6QbT35oPL0BMr0bNP19aAMfTF4Mp_vtNhRlFpPhNEyphbmIcyI9C3xJbo3_HbisPx3kLD9w4f9dD4 HTTP/1.1Host: asanalytics.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /pqF3nGsAyelKT7zM?01c290fe34e6d07b=HlW_oNRa-UbKE1D5iCNafqheOkVg-zuMyanoIWmKrvHVBIXnUlAVpQ44j_XGdi-QYLu4l767TNwZIMd3lGlVTueGL4a-IghokefHIbCphdCWh1-IkClLv1pCjHDy8DAKaxhG8AbB6iHKWB5EwhUe0O3VKVdNuhh1SLyTgGQ HTTP/1.1Host: asanalytics.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /api/identity/authenticate/v1.0/otp/is-enabled HTTP/1.1Host: account.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; bkng_ap_sso_session=eyJib29raW5nX2dsb2JhbCI6eyJzZXNzaW9ucyI6W10sImRhdGFfc3ViamVjdF9pZCI6ImExN2JjZmJkLTNkN2QtNGY3OC04NTM4LTdmZDFhYTkxZmZhZiJ9fQ; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; bkng_ap=U2FsdGVkX19jZ%2BgJ5OwhKw%2FtfIQ49V4CPyDNSDTwG7dsMttmLlQEgrQa6Aepz0oPGpvN9nSS5IB%2B%0AsvWpV4T%2Fxg%3D%3D%0A; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D
Source: global traffic	HTTP traffic detected: GET /d8c14d4960ca/c2181391033f/challenge.js HTTP/1.1Host: d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /T6pHM1Kv1256ky7p?3d2230f7d2a8115c=1d04QixAcLsmMxe1NApuBHDtg8ZUutfGZ5yhDKrZs7AHvWtQNKBtNKgbkxoChMA5IGauAuhuKE3cy9XOUNbrQ9ZQ5rAmVWjtJEXJc6A9sNFmYXfUJvSeI8BtTYE09q2jyyZgsckA-oCAR_aUHYP4idJP4qnplWG73OIZyRM25FZUXHLjkDGNUSpyQLQZpRfrTNqOeL1e5rR9ieir&jb=353b262662736d7735576b6e6467777b246a7b6d3f556966666f7771273032313024687162773d4360726d6f6d26687362354360706f6567273030393337 HTTP/1.1Host: asanalytics.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /fp/clear.png HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: /, doregtzf/f6dcc65ee3c828f243d59af6-e3da-487e-bfc0-caaf3b30acb6sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://account.booking.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rmP2YqmKi1PE6WUH?038c08b040b86474=Oj-y5ZSi8HgFCNUcQHmDQ36xFTJqcQIs9d-pDYEcs2ztWotlomSpLZo6RphtaDZpva9Gx4ttTk6NlCQXFzMJUMpVorDI76xa5N6t52rpQakn9GygjygKmGwvXiCiRIASGGMvaA1nMl8DytmkpJHd4BBe8c1L8dkG_gJBNKVPq1RpuZzvFYp-g0IMiKrsA0mGKzB9T6rCshQk-nVVJ88 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /DzDg5opN2juRAsrB?092f0c70ca0e3e9f=hJPeq60bHTcENM2tWVOjlG05NkAuhvg-7IGMEph-N6SKG4C6ccmKTuKdkTg7vvZDEtp3wUPvHJiVxa7GIt0toZN9f_O8Lv_J7OIqOBu6SCjp7JcgqrmaIw9OmMp-0Y6FQqdw3He9dhJmhnPhzPZb6GRzMo7PyBhqvi0J3Wx3zUNY8IM3EEor-N5Ind_e8FRqg3EgC64RMveVNPx8cPXl HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /kyqRRUMu-GFzfYhf?ff02f82bc3d39c3d=eMxHlyE2Z5erGsvI3T0z8SQp802xhEjTHu1pAjvU8peUxGSJO8-1GGEFjk2hhjlUI3HEVCtJEgzofLY6D8-NBSn-AnO_Pmrpdyn5Pxeg4eurzL0GmXQUDrxlwBywVMfIOlpHRmKE4862cIgL8alsHUrbLqjGtw-gUNYMkZEQaBRdRAArHKIhNAD0qOWNHhD7x8f7eYkssiBCskuMe2ZX HTTP/1.1Host: h.online-metrix.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202408.1.0/otBannerSdk.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /consent/a387750c-a080-4dd0-b2d1-7dbdb601bb14/0191ffb2-0224-7614-89a9-ce4becc49775/en-us.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://account.booking.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-oHbtURoEkKRYMoO?c28be1dcf9880429=uMrb-z-xWyzTksWwCzpBUlTjkR5JD-5c0pGKTa30NzZ8sv1OBpxFlGdJXcwn22YdFATlGp5aPlhWhgSOSaW4SO1HOJcDSnawyDKi0o4U9PBgatyDTLq0zonM-xSvgBZPJuLND8ZoAtRI1VHncsQQCRu1P9ET_KgK8RQPRUhM4-RRMvQ HTTP/1.1Host: h.online-metrix.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/identity/authenticate/v1.0/enter/email/submit HTTP/1.1Host: account.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; bkng_ap=U2FsdGVkX19jZ%2BgJ5OwhKw%2FtfIQ49V4CPyDNSDTwG7dsMttmLlQEgrQa6Aepz0oPGpvN9nSS5IB%2B%0AsvWpV4T%2Fxg%3D%3D%0A; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; bkng_ap_sso_session=eyJib29raW5nX2dsb2JhbCI6eyJkYXRhX3N1YmplY3RfaWQiOiJhMTdiY2ZiZC0zZDdkLTRmNzgtODUzOC03ZmQxYWE5MWZmYWYiLCJzZXNzaW9ucyI6W119fQ
Source: global traffic	HTTP traffic detected: GET /ue8eZwwBYhIaJjN1?dd914517a5d3e626=2wIikL3VyDl-LOyNCkYfgOR80rkSoOy8lackkErbcCDRT1qBf6jjcWDLf1p2JiBYuN_qYD_0gnWcsCqeXlR3pC-ad_YazT9omLg7q-qTjF1jJ-kv8AmeM9W2e5QtidwQWBjdoYnjh1hbPLg1IRzeNUfOKF0&jb=3334266c7b613f363e633738323d393060373d363b666431306437343133663536636667353238 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /fp/clear.png HTTP/1.1Host: asanalytics.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /70mNEHSK0UfSXw0Z?936751dab1490cfe=YV5ThCvsZWcGpJwfx8S7op8Rt0VY_A_cbb_EfjmlI8sZE9OxcYhbXgFBxJouLiaPZb-v0NqAgOF4OKHe1pSpWbk7ucPR0_lKhPCjte2IFeaiMa5k7CKpkod7TQmCeFfDiEJdDvF_6AL8-Y8Tz3jGfcVviFk&jf=3334266c7b623f643f6267326338613b3b32393636353431356531303634663536673b32323b37 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://asanalytics.booking.com/rmP2YqmKi1PE6WUH?038c08b040b86474=Oj-y5ZSi8HgFCNUcQHmDQ36xFTJqcQIs9d-pDYEcs2ztWotlomSpLZo6RphtaDZpva9Gx4ttTk6NlCQXFzMJUMpVorDI76xa5N6t52rpQakn9GygjygKmGwvXiCiRIASGGMvaA1nMl8DytmkpJHd4BBe8c1L8dkG_gJBNKVPq1RpuZzvFYp-g0IMiKrsA0mGKzB9T6rCshQk-nVVJ88Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /c_qAOM6DvykERGlN?c95106941d0de769=-4TlFyZFRv4L4DWzaBqf2PbjhjxxraU6a-vo8CevmKqmkWY3xKg8ai_rvUS_AAoS30ywNzu8L4Rdr7s_SwB4ZM3JiYcdEhV-yC1_jiNmjycYeg6X5EcnPQ0jgdlKuMm0hqmFmeTyl1dK3TLcWQWh1g&fr HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://asanalytics.booking.com/rmP2YqmKi1PE6WUH?038c08b040b86474=Oj-y5ZSi8HgFCNUcQHmDQ36xFTJqcQIs9d-pDYEcs2ztWotlomSpLZo6RphtaDZpva9Gx4ttTk6NlCQXFzMJUMpVorDI76xa5N6t52rpQakn9GygjygKmGwvXiCiRIASGGMvaA1nMl8DytmkpJHd4BBe8c1L8dkG_gJBNKVPq1RpuZzvFYp-g0IMiKrsA0mGKzB9T6rCshQk-nVVJ88Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /d8c14d4960ca/c2181391033f/verify HTTP/1.1Host: d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /consent/a387750c-a080-4dd0-b2d1-7dbdb601bb14/0191ffb2-0224-7614-89a9-ce4becc49775/en-us.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202408.1.0/assets/otCommonStyles.css HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://account.booking.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-oHbtURoEkKRYMoO?8cad62a260ff4642=uMrb-z-xWyzTksWwCzpBUlTjkR5JD-5c0pGKTa30NzZ8sv1OBpxFlGdJXcwn22YdFATlGp5aPlhWhgSOSaW4SO1HOJcDSnawyDKi0o4U9PBgatyDTLq0zonM-xSvgBZPJuLND_J6jTIGoo3DU0a_8mwS8lA&k=2 HTTP/1.1Host: h.online-metrix.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: thx_global_guid=0be6946ae2ba4b3eb338a51c8a885415
Source: global traffic	HTTP traffic detected: GET /js-track HTTP/1.1Host: account.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; bkng_ap=U2FsdGVkX19jZ%2BgJ5OwhKw%2FtfIQ49V4CPyDNSDTwG7dsMttmLlQEgrQa6Aepz0oPGpvN9nSS5IB%2B%0AsvWpV4T%2Fxg%3D%3D%0A; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; bkng_ap_sso_session=eyJib29raW5nX2dsb2JhbCI6eyJkYXRhX3N1YmplY3RfaWQiOiJhMTdiY2ZiZC0zZDdkLTRmNzgtODUzOC03ZmQxYWE5MWZmYWYiLCJzZXNzaW9ucyI6W119fQ; aws-waf-token=4d982762-a2af-4535-90e5-e6f600c49852:EQoAj4NspngYAQAA:QE9b6by8wnhUOSA+zDuwnfIQUfTGBlmw2Q/p0OXiaKrwBKgsgCqDjLrCD84srKrTKQjtBCqYky4CHwaEdFvLBLPeQC1jDS6HrB/PcmazLW1Ez0FuSMGTQa47o6ugneWTZVI1rQOPO4ob4k811U+beydAW7hom4bq/OVTkIABGyJrhtry6ctbSHi79LZOiBwO01MuCIrSX5hsCZ4fjwtRxPJM8Mk=; OptanonConsent=isGpcEnabled=0&datestamp=Mon+Nov+25+2024+10%3A39%3A15+GMT-0500+(Eastern+Standard+Time)&version=202408.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=edd61b56-69cc-4252-884c-e6e1bf4e51db&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Faccount.booking.com%2Fregister%2Fpassword
Source: global traffic	HTTP traffic detected: GET /KN7bd6BuOyWq7gIO?09e1639219b24b5e=zPYl3mKODxpFm8KyJ2lg64bZiakNTp6tueDoCmyXlmsr5X7-EReqwnjNy2P9hwlh-gQisulmvummMXNVPr4ie3p6ckjtZiR0mMKOZQF2LGWkixmE0tyRWLcAlu2PlAGIml4KHgh8X8ILqpLDCdvCfg HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /ue8eZwwBYhIaJjN1?dd914517a5d3e626=2wIikL3VyDl-LOyNCkYfgOR80rkSoOy8lackkErbcCDRT1qBf6jjcWDLf1p2JiBYuN_qYD_0gnWcsCqeXlR3pC-ad_YazT9omLg7q-qTjF1jJ-kv8AmeM9W2e5QtidwQWBjdoYnjh1hbPLg1IRzeNUfOKF0&jb=3334266c7b613f363e633738323d393060373d363b666431306437343133663536636667353238 HTTP/1.1Host: asanalytics.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /70mNEHSK0UfSXw0Z?936751dab1490cfe=YV5ThCvsZWcGpJwfx8S7op8Rt0VY_A_cbb_EfjmlI8sZE9OxcYhbXgFBxJouLiaPZb-v0NqAgOF4OKHe1pSpWbk7ucPR0_lKhPCjte2IFeaiMa5k7CKpkod7TQmCeFfDiEJdDvF_6AL8-Y8Tz3jGfcVviFk&jf=3334266c7b623f643f6267326338613b3b32393636353431356531303634663536673b32323b37 HTTP/1.1Host: asanalytics.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /c_qAOM6DvykERGlN?c95106941d0de769=-4TlFyZFRv4L4DWzaBqf2PbjhjxxraU6a-vo8CevmKqmkWY3xKg8ai_rvUS_AAoS30ywNzu8L4Rdr7s_SwB4ZM3JiYcdEhV-yC1_jiNmjycYeg6X5EcnPQ0jgdlKuMm0hqmFmeTyl1dK3TLcWQWh1g&fr HTTP/1.1Host: asanalytics.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202408.1.0/assets/otCommonStyles.css HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ue8eZwwBYhIaJjN1?dd914517a5d3e626=2wIikL3VyDl-LOyNCkYfgOR80rkSoOy8lackkErbcCDRT1qBf6jjcWDLf1p2JiBYuN_qYD_0gnWcsCqeXlR3pC-ad_YazT9omLg7q-qTjF1jJ-kv8AmeM9W2e5QtidwQWBjdoYnjh1hbPLg1IRzeNUfOKF0&ja=313b30332e26613f2533323026723d3e32266e3f333038387a313030362463663d33303a307a39383c26717a713d3278302e6478703d392e333038382e313030362e333238322e3b38362c313a38322e3130352c313a38382e3930362e322c38246d743f3035643531663133343b65366a66303231623436626c3330356238636431633c246d6e3f30247163643f3036266e683d607476727b253141253a462d30466961616d7566762e626d6d696b6e672c616d6d2732462e706e3f3d2672683d6d383830646e63373735393b33663667606738393b31676236613931323b326c266a683d3d633d61383a6736363038613534603663606238616431343038353c3560323b2668736f3557616c646775712732383330266871603f4368706d6f652732303931352462736d753d5f6966666f7f712468736a773d436a706d6f65266c6a613d36266e6c6d3f3a2e6e6f747035302e767a6c3f436f657a6b63612730444c65775d5b6d7269266d69746a7035343230336c316b30626d613230653e6163353432323a3261663337353630316e64363730383334316c366d63613a366661393c636662663530313133333b34612464723568767678732733412d324e27324e6361616f7d6c742e606d6d69696e652c616f6f25324e26723f786c776769665f6e6e617b6a2737456e636c736723726e75676b6c5d776b6e646777715d656566696157706463796d702737456e636c736723726e75676b6c5d61666f626d5f63617a6f6061742d354d64616471672370647767696c5d7377696369766b6d6725354d66636e7b6523706c7d67616c5f7b6a6d616b7f63766527374764616c716723706e7567616e5d706d616e706c69796d70253d4764636c7b6721706e77656b6e5f746e615f726c61716570273d4564616c7b6529726c7d656b6c5f6c6776616e747027354564636e736721706475656b665f71766757766167776d702737456e636c736723726e75676b6c5d6a6376612d354764696c7165266f6c57613d7f6760656c5f6762474e273032312e322730302a4f706d6e454e2d323245532d3238302e382730324360706f6d6b776f2b576560454e2530304744534e273a304753253a30392c302d30322a4f78676e474e2730324553273032474e534c2d3232475b2530303126302d30304b6a706d6d61776d295567604969745567604b6b74253a3055676a474e414e4f4c4d5d69667176636e6b67645f6370706379732731402530304550545d6064656c645f6569666f6170273140253a324558565d616d6c6f705d60756466657a5f6a6364665d666c67617c27334a2730324550565f666e6d63765f626e676c642733422d32324750545d6672696757666578766a27334a273230475a565d7368636667725d7465707477706d5f6e6f642d334a273238475a565f7c6778747770675d636f6f727065717369676e5d6078746125334a253a324550565d766570767572675d616d6d70706771736b6f6e577265766b253142253a304d5a545776677a747d70655f646b6e7665725d636c69716f747a6f726b6b253142253a304d5a5457715045422d31422530324d47535f676e676d676e7457696c666d785d756966742d31422d30324d455b5d66626d5d70676e6467705d6d6b706d697027314a2530304f4d53577174696c6663726c5d6465706b74637469746771253142253a304d475b5f7665787c757a675f6e6e6d63742d31422530324d47535f76677a7477726557666e6d69745d6c6966656970253b402730304747535f76677a767572675d6a616e665f6e6c6d637c253142253a304747535776677a747d70655f6a636e645f666e6d63745d6c69666563702d33402532384f4d515f7e67707665705d617270637b5d6f62686761742733422d3232554d42454c5f6b6f646d7257607764666d705f666e6d63762533
Source: global traffic	HTTP traffic detected: GET /8ntGuSSDjZCAqIks?bbd0db59142b04bf=cw3jRNj2tSYLi0XaIt08Y6m7vaWvYQBrgyzBnwU9O5DgoAJeWFX6xFdFUed_uXV2Gem5-O52FUFfByodQzEhTOHu-O2kvG3C7M-EX8dXbm9F5BbS9bfRkU1jwNIMXfoejlO2iSyz9fosMiJ-Wmz3yQagec1Qj4e1 HTTP/1.1Host: h64.online-metrix.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/img/favicon.svg HTTP/1.1Host: xx.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-oHbtURoEkKRYMoO?8cad62a260ff4642=uMrb-z-xWyzTksWwCzpBUlTjkR5JD-5c0pGKTa30NzZ8sv1OBpxFlGdJXcwn22YdFATlGp5aPlhWhgSOSaW4SO1HOJcDSnawyDKi0o4U9PBgatyDTLq0zonM-xSvgBZPJuLND_J6jTIGoo3DU0a_8mwS8lA&k=2 HTTP/1.1Host: h.online-metrix.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: thx_global_guid=0be6946ae2ba4b3eb338a51c8a885415
Source: global traffic	HTTP traffic detected: GET /K4ef-Qxf66Ie_55D?1a371f6204d6afce=pcoL9cwR2ipcHup2-SG6rp1j_W-d1225R3CZ4ZXQPNUtVj0y16svqnIb_DAovxSc82KqVyuzbqTkFkKqlz5uMNuPXHAap07M62H1QTtcBqstqMbf7KE33r9m_8WvIGBBQzsUOn57iKZnMl-k1yITv6TUFutghfGecXss HTTP/1.1Host: doregtzf532izs3wyphrvyjbjhgmirxmhw7wjlzuf6dcc65ee3c828f2am1.e.aa.online-metrix.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /d8c14d4960ca/c2181391033f/telemetry HTTP/1.1Host: d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /KN7bd6BuOyWq7gIO?09e1639219b24b5e=zPYl3mKODxpFm8KyJ2lg64bZiakNTp6tueDoCmyXlmsr5X7-EReqwnjNy2P9hwlh-gQisulmvummMXNVPr4ie3p6ckjtZiR0mMKOZQF2LGWkixmE0tyRWLcAlu2PlAGIml4KHgh8X8ILqpLDCdvCfg HTTP/1.1Host: asanalytics.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /8ntGuSSDjZCAqIks?bbd0db59142b04bf=cw3jRNj2tSYLi0XaIt08Y6m7vaWvYQBrgyzBnwU9O5DgoAJeWFX6xFdFUed_uXV2Gem5-O52FUFfByodQzEhTOHu-O2kvG3C7M-EX8dXbm9F5BbS9bfRkU1jwNIMXfoejlO2iSyz9fosMiJ-Wmz3yQagec1Qj4e1 HTTP/1.1Host: h64.online-metrix.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /K4ef-Qxf66Ie_55D?1a371f6204d6afce=pcoL9cwR2ipcHup2-SG6rp1j_W-d1225R3CZ4ZXQPNUtVj0y16svqnIb_DAovxSc82KqVyuzbqTkFkKqlz5uMNuPXHAap07M62H1QTtcBqstqMbf7KE33r9m_8WvIGBBQzsUOn57iKZnMl-k1yITv6TUFutghfGecXss HTTP/1.1Host: doregtzf532izs3wyphrvyjbjhgmirxmhw7wjlzuf6dcc65ee3c828f2am1.e.aa.online-metrix.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&jac=1&je=383626266565666a35283325324b302d304339273041343c316435676134616433633461373665396e623a3b3c663a62323162313432383b3331383b3a3133643064616635676633323062386d373b613a636061393129 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=363426266261613f39266068736a6b3527354a273740253a305a25303027304333273041313533323d343b333d313138302d354c27354c24606a736a695f696c66677a3d30 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /static/img/favicon.svg HTTP/1.1Host: xx.bstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/img/favicon.ico HTTP/1.1Host: xx.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /d8c14d4960ca/c2181391033f/telemetry HTTP/1.1Host: d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=313b33262e6a636135312470676d5f7d72646976673f253f402532303227303225314327374025323a7667702d3230253349332d35442d304127323a332532302731432537402730326a69646c656c2f786171737767726c27323a273143253d4066616e7167273243273030706373737f6f70662d323025324b342d37442d354627324b273232302730302533432735422732327d73677066616f65253a322d31412d37406461647165253041273032656f636b6c2732322d3241362d354625374c253f46 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /ue8eZwwBYhIaJjN1?dd914517a5d3e626=2wIikL3VyDl-LOyNCkYfgOR80rkSoOy8lackkErbcCDRT1qBf6jjcWDLf1p2JiBYuN_qYD_0gnWcsCqeXlR3pC-ad_YazT9omLg7q-qTjF1jJ-kv8AmeM9W2e5QtidwQWBjdoYnjh1hbPLg1IRzeNUfOKF0&jac=1&je=313032352e2660637c73763d253f422d3032646774676c2d3032253143332c3030273041253032737c6176777b253032253b412d30326b6a637067616c6725303027354426637766683f63656e6263673c373a36373f663830666a60663b373b343137343b306662643b6134343730626e35343639363439656a656e333531376360373c376132333335246578313f30626064636e3335346c613434323d35383a333f60303a363a6639373b3636366162603767653633266d78363f6b373a37343a323063616e3b30353438633362643767323962676434376463302e6a716d35576b6e6467777b27323833322475696a3d2535402730326170616a697665637c7570672d3230253349253a307830342730322d3043253030606b746e677171253032253b4127303a363625323a253a41253a3060706166667325303027314125374027374025323a62706366642732322d334927323a456d6d676467253232416a706f6d672730322732432d3230746d7271696f66253a30253b4327303239333725303027354425304127374025323a62706366642732322d334927323a4c6d76253b40412531464070616e662730322732432d3230746d7271696f66253a30253b4327303230273232273546273243273540253032627a616c662d3230253349253a304360706d6f697d6f25323027304125323074677271696f662530302d334325323a313935253a302735442d374425304127303266776e6e56677273616f6c4e61737625323a253b43253d402735422d30326270636c662532302731412732324f6f6d6564652732304b687a6d6d6d273030253a4125323074677073696d6c2732302533492530303931352e30263531313826333130253a30253746273041253740273032607261666427303a253141253a32466d742d314043253b464272636c66273232273041253032766d72716b676e2732322d334927323a3a2c322e382c3025303027354425304127374025323a62706366642732322d334927323a416a706f656b756d27303027324327303076677273616f6c273a322733412d323a33313f2c322c353131382e333130273232273546253744253a4327303a6d6d626964652d30322d314364616471652530412730326d6d66676c2732322d3343273a322732322d324b27323a726e63746e6d726d273030273341273030576b6e64677771273a322732432d323a726c6976646d7265546572716b6d6c25323027314127323239302c3226302732322d324b27323a756d75363c27323227314364616c71672737462675696c3f273f422732326a72696c647b273030253b432535402735402532306070616c64253a3227314925303247676f6f6e652d303241687a6d6d6527303027324327303076677273616f6c273a322733412d323a33313f273030253f462532412735402532306070616c64253a322731492530324e67742d314249273146427a636e6427303027324327303076677273616f6c273a322733412d323a3a253a302735442d30432535402730326270636c642732322d3343273a32416872676d61776d2d303027324b27323274677071696f6c2730322733412d32303339372732322d374c27354c273041253a306d6f606b6e6725323027314164616c7b6527304b2530327064617c646f7a6f2730322d3141253030556b6e646d7571253032253f44 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Se
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&jac=1&je=323526266a687176786e3f25374a253a30363b3b2730322d314131273546 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=313131262e6a636135312462687b636d3f253f4027303278767970677127303225314327374025323a6d6d777b652732322d334933253f462730432d303270767b7267253230273141273232786327303a253544266a687b606b35273740253d402532304527303225304133373537253a4333273d442735442e62607162635d6b6c646d7a3d31 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /ue8eZwwBYhIaJjN1?dd914517a5d3e626=2wIikL3VyDl-LOyNCkYfgOR80rkSoOy8lackkErbcCDRT1qBf6jjcWDLf1p2JiBYuN_qYD_0gnWcsCqeXlR3pC-ad_YazT9omLg7q-qTjF1jJ-kv8AmeM9W2e5QtidwQWBjdoYnjh1hbPLg1IRzeNUfOKF0&jac=1&je=3635262662666c3f393330266a6e683535333137326462303561353b343b323232336334383b653038653a676b3260312662667c6c3d38383335333b3831333024726f3d6e6d HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /static/img/favicon.ico HTTP/1.1Host: xx.bstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /lD_6e2ckuuI85dfO?d9272cc602e934cb=N7gnoMjVMNt9eMJfLdlbQQHx40UBoKRTrBR6k43o9hQXvq0kq29aaYGi3v5qKhBT81oTqQVaAPNWfoOUEaeN6cvhWcn5_1DOeJIkoVMauvseVkfWY8ixBNBh21i_sqRT2NWG0yzfMocMHfO_8r3sP4D6QGIo6AVc3MSTRUiGZxHbDU0x1aB0iw7Pq8c7-9PU3NvgVeMmzjK5vqp6KRg&jf=343338267b69665d7a6e663d746c725765686c406644466a775748375864644c26716b665f6661746d3d33353b3237343939353b247361665d767978673d77676038676364716324736b645f63657b3f3b3037393338313b323638353063383e363863673166323230333234303a32613036363a6b653164303b30393237383136303038323466633b353134663a6636663461633a64353a6d333362313c643c37373a3634326338613934606032326533613160393b30643e6630376a336030353c643f33613c3a31313630673534646436613762633b61653537356b3731606e3834396538303032333c646160333a343762643b353a3866663b35313562346d333a6330332473696c5f7b6b6735313236363830323132323b60646137313b336166616b613667696464383269363a34336a6736343030303637643735666465606731363a38376d3164636d343a38343b3569353330303432323a333030646733603136363363343763366a36333538366762366a666c3a656e373a3434696038666063303a6663363061656736386d3867643a363763363d393e31356b24716b667a3f30 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /d8c14d4960ca/c2181391033f/telemetry HTTP/1.1Host: d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ue8eZwwBYhIaJjN1?dd914517a5d3e626=2wIikL3VyDl-LOyNCkYfgOR80rkSoOy8lackkErbcCDRT1qBf6jjcWDLf1p2JiBYuN_qYD_0gnWcsCqeXlR3pC-ad_YazT9omLg7q-qTjF1jJ-kv8AmeM9W2e5QtidwQWBjdoYnjh1hbPLg1IRzeNUfOKF0&jac=1&je=313032352e2660637c73763d253f422d3032646774676c2d3032253143332c3030273041253032737c6176777b253032253b412d30326b6a637067616c6725303027354426637766683f63656e6263673c373a36373f663830666a60663b373b343137343b306662643b6134343730626e35343639363439656a656e333531376360373c376132333335246578313f30626064636e3335346c613434323d35383a333f60303a363a6639373b3636366162603767653633266d78363f6b373a37343a323063616e3b30353438633362643767323962676434376463302e6a716d35576b6e6467777b27323833322475696a3d2535402730326170616a697665637c7570672d3230253349253a307830342730322d3043253030606b746e677171253032253b4127303a363625323a253a41253a3060706166667325303027314125374027374025323a62706366642732322d334927323a456d6d676467253232416a706f6d672730322732432d3230746d7271696f66253a30253b4327303239333725303027354425304127374025323a62706366642732322d334927323a4c6d76253b40412531464070616e662730322732432d3230746d7271696f66253a30253b4327303230273232273546273243273540253032627a616c662d3230253349253a304360706d6f697d6f25323027304125323074677271696f662530302d334325323a313935253a302735442d374425304127303266776e6e56677273616f6c4e61737625323a253b43253d402735422d30326270636c662532302731412732324f6f6d6564652732304b687a6d6d6d273030253a4125323074677073696d6c2732302533492530303931352e30263531313826333130253a30253746273041253740273032607261666427303a253141253a32466d742d314043253b464272636c66273232273041253032766d72716b676e2732322d334927323a3a2c322e382c3025303027354425304127374025323a62706366642732322d334927323a416a706f656b756d27303027324327303076677273616f6c273a322733412d323a33313f2c322c353131382e333130273232273546253744253a4327303a6d6d626964652d30322d314364616471652530412730326d6d66676c2732322d3343273a322732322d324b27323a726e63746e6d726d273030273341273030576b6e64677771273a322732432d323a726c6976646d7265546572716b6d6c25323027314127323239302c3226302732322d324b27323a756d75363c27323227314364616c71672737462675696c3f273f422732326a72696c647b273030253b432535402735402532306070616c64253a3227314925303247676f6f6e652d303241687a6d6d6527303027324327303076677273616f6c273a322733412d323a33313f273030253f462532412735402532306070616c64253a322731492530324e67742d314249273146427a636e6427303027324327303076677273616f6c273a322733412d323a3a253a302735442d30432535402730326270636c642732322d3343273a32416872676d61776d2d303027324b27323274677071696f6c2730322733412d32303339372732322d374c27354c273041253a306d6f606b6e6725323027314164616c7b6527304b2530327064617c646f7a6f2730322d3141253030556b6e646d7571253032253f44 HTTP/1.1Host: asanalytics.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=393b26266261613f39266068737f3d2d37422d354027374c273243273030273246706765697174657a253044786171737767726c27323a273746266a6a736b7176673f253740273032696e253a32273149302732432d323a69323a3b2730322d314130273546 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /ue8eZwwBYhIaJjN1?dd914517a5d3e626=2wIikL3VyDl-LOyNCkYfgOR80rkSoOy8lackkErbcCDRT1qBf6jjcWDLf1p2JiBYuN_qYD_0gnWcsCqeXlR3pC-ad_YazT9omLg7q-qTjF1jJ-kv8AmeM9W2e5QtidwQWBjdoYnjh1hbPLg1IRzeNUfOKF0&jac=1&je=3635262662666c3f393330266a6e683535333137326462303561353b343b323232336334383b653038653a676b3260312662667c6c3d38383335333b3831333024726f3d6e6d HTTP/1.1Host: asanalytics.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=313438267a643f247a64763d363b333b312d393732322c3d3b30302f333732302c373b32312f313538302e373130302d313d30382e353132312f313d32302c31313a3b2d313732322c373935382d333738302e35393b3125333538322e37393b3b2d313732322e3630313b2f3137303024353b363c2d333530382c3e3234382f333730382e3539313a2f333530322e373235392d39353232243732373025313d323024303333322533353032 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=323239262e6a636135312462687b636d3f253f4027303278767970677127303225314327374025323a6d6d777b652732322d334933253f462730432d303270767b7267253230273141273232786327303a253544266a687b606b35273740253d402532305727303225304130333531253a4327303a7377626d61742d30332d303146495e273233273030273544273041253742253a326c273a322732433a333f36253a4127303278637373756d70662532316c67775d70617b73756d7a642732322d354c27354c24606a736a695f696c66677a3d32 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=393026266261613f392672676557757866617c673f27374a273232312730302533432735422732326665755d786171737767726c27323a273143253d40747277672730432530307261717377677266273a3227324338253d46253f46273544 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /ue8eZwwBYhIaJjN1?dd914517a5d3e626=2wIikL3VyDl-LOyNCkYfgOR80rkSoOy8lackkErbcCDRT1qBf6jjcWDLf1p2JiBYuN_qYD_0gnWcsCqeXlR3pC-ad_YazT9omLg7q-qTjF1jJ-kv8AmeM9W2e5QtidwQWBjdoYnjh1hbPLg1IRzeNUfOKF0&jac=1&je=343326267f656b3f302e36362e39323b2c373d24756b6d357565627076615d696e7667706e636c5f65646c71 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /d8c14d4960ca/c2181391033f/telemetry HTTP/1.1Host: d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=313132262e6a636135312462687b773527354a273540253a3070617171756d72642730316e67775f786171717f6f7064253a322d314138273546253a412532302730447265656b71746772253a4672637b73756f726c253a30253d462460687b697374673f273542253030696e2732322d3343322d324125323a6b3a30392d303027334932253746 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=313b31262e6a636135312462687b636d3f253f4027303278767970677127303225314327374025323a6d6d777b652732322d334930253f462730432d303270767b7267253230273141273232786327303a253544266a687b606b35273740253d402532305727303225304136353a37253a4327303a706373737f6f7a66253a316c67775772617371756d706425303027354625324b2537402d323072253a322d30433c373a3b253a412532302730302535462737442462687b62695d616e6665783533 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /ue8eZwwBYhIaJjN1?dd914517a5d3e626=2wIikL3VyDl-LOyNCkYfgOR80rkSoOy8lackkErbcCDRT1qBf6jjcWDLf1p2JiBYuN_qYD_0gnWcsCqeXlR3pC-ad_YazT9omLg7q-qTjF1jJ-kv8AmeM9W2e5QtidwQWBjdoYnjh1hbPLg1IRzeNUfOKF0&jac=1&je=343326267f656b3f302e36362e39323b2c373d24756b6d357565627076615d696e7667706e636c5f65646c71 HTTP/1.1Host: asanalytics.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=323038262e6a636135312462687b633527354a273740253a307425303027304325303043253033253a33464b5e253033253a322d304339353536253d462532412737402532307427323025324b3130343b2530433938372d304339353536253d462532412737402532306f6f253032253a43343739253043343c362d304339353536253d462532412737402532307627323025324b2530304c495425323b253a314441542730332d303225304136343535273746253043253d4227303a6d6f25323a253a41363c312730433c313825304136343535273746253744266a68716157696c6465703d38 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=313439262e6a636135312470676d5f7d72646976673f253f402532303127303225314327374025323a6e677557706373737f6f7a66253a302731412d374274707767273243273030706373737f6f70662d323025324b342d37442d354627324b273232362730302533432735422732326b6f6c6461726f656457706971737f6d7066253a302533432737407472776727324125323a7063717b776d72642d323a27324b362737442d3544253546 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=383226266261613f39266068736b653527374a273030707c7b706571273030253343273542273232656f77716d253032253b413b27374c273041253a3070747b7267273232273143253032706b2530302d3746 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /d8c14d4960ca/c2181391033f/telemetry HTTP/1.1Host: d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=313730262e6a636135312462687b633527354a273740253a307425303027304325303046495425323b2530314c495425323b253a30253a413332383b332535462730412535402730326f6d253a3227304b363731253a433c36362d304133303031312537462730432537402732306d6d2d3230273a433435322d324b36343f273041313e3b363627374627354424606a73615f696664677a3531 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=phmhfH7UPSs95rn&MD=Ha+zLtAd HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=383226266261613f39266068736b653527374a273030707c7b706571273030253343273542273232656f77716d253032253b413c27374c273041253a3070747b7267273232273143253032706b2530302d3746 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=383226266261613f39266068736b653527374a273030707c7b706571273030253343273542273232656f77716d253032253b413d27374c273041253a3070747b7267273232273143253032706b2530302d3746 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /d8c14d4960ca/c2181391033f/telemetry HTTP/1.1Host: d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/rule120100v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /d8c14d4960ca/c2181391033f/telemetry HTTP/1.1Host: d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /d8c14d4960ca/c2181391033f/telemetry HTTP/1.1Host: d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /d8c14d4960ca/c2181391033f/telemetry HTTP/1.1Host: d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=313730262e6a636135312462687b633527354a273740253a307425303027304325303046495425323b2530314c495425323b253a30253a413032303c372535462730412535402730326f6d253a3227304b363635253a433c36302d304130303836352537462730432537402732306d6d2d3230273a433434362d324b363439273041323b33303627374627354424606a73615f696664677a3532 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /d8c14d4960ca/c2181391033f/telemetry HTTP/1.1Host: d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=383226266261613f39266068736b653527374a273030707c7b706571273030253343273542273232656f77716d253032253b413e27374c273041253a3070747b7267273232273143253032706b2530302d3746 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=383226266261613f39266068736b653527374a273030707c7b706571273030253343273542273232656f77716d253032253b413f27374c273041253a3070747b7267273232273143253032706b2530302d3746 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=313232262e6a636135312462687b633527354a273740253a306d6d27303027324334363b253043343c3427304b323431383d253d46253a412737422d30326d6f2730302532413436332732433c333a273a433039323c382d37442d374624626071635f6b6c6667783d31 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=383226266261613f39266068736b653527374a273030707c7b706571273030253343273542273232656f77716d253032253b413027374c273041253a3070747b7267273232273143253032706b2530302d3746 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=383226266261613f39266068736b653527374a273030707c7b706571273030253343273542273232656f77716d253032253b413127374c273041253a3070747b7267273232273143253032706b2530302d3746 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /d8c14d4960ca/c2181391033f/telemetry HTTP/1.1Host: d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=313232262e6a636135312462687b633527354a273740253a306d6d273030273243343634253043343c3127304b333032393c253d46253a412737422d30326d6f2730302532413436372732433c3430273a433135333d392d37442d374624626071635f6b6c6667783d36 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=383326266261613f39266068736b653527374a273030707c7b706571273030253343273542273232656f77716d253032253b413932253f462730432d303270767b7267253230273141273232786327303a253544 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: account.booking.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: account.booking.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: cf.bstatic.com
Source: global traffic	DNS traffic detected: DNS query: cdn.cookielaw.org
Source: global traffic	DNS traffic detected: DNS query: www.bstatic.com
Source: global traffic	DNS traffic detected: DNS query: xx.bstatic.com
Source: global traffic	DNS traffic detected: DNS query: nellie.booking.com
Source: global traffic	DNS traffic detected: DNS query: www.booking.com
Source: global traffic	DNS traffic detected: DNS query: t-cf.bstatic.com
Source: global traffic	DNS traffic detected: DNS query: q-xx.bstatic.com
Source: global traffic	DNS traffic detected: DNS query: d8c14d4960ca.edge.sdk.awswaf.com
Source: global traffic	DNS traffic detected: DNS query: aa.online-metrix.net
Source: global traffic	DNS traffic detected: DNS query: asanalytics.booking.com
Source: global traffic	DNS traffic detected: DNS query: d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.com
Source: global traffic	DNS traffic detected: DNS query: geolocation.onetrust.com
Source: global traffic	DNS traffic detected: DNS query: h.online-metrix.net
Source: global traffic	DNS traffic detected: DNS query: eu-aa.online-metrix.net
Source: global traffic	DNS traffic detected: DNS query: h64.online-metrix.net
Source: global traffic	DNS traffic detected: DNS query: doregtzf532izs3wyphrvyjbjhgmirxmhw7wjlzuf6dcc65ee3c828f2am1.e.aa.online-metrix.net

Source: unknown

HTTP traffic detected: POST /js-metric HTTP/1.1Host: account.booking.comConnection: keep-aliveContent-Length: 47Cache-Control: max-age=0sec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Content-Type: application/jsonX-Requested-With: XMLHttpRequestsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: */*Origin: https://account.booking.comSec-Fetch-Site: same-originSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; bkng_ap_sso_session=eyJib29raW5nX2dsb2JhbCI6eyJzZXNzaW9ucyI6W10sImRhdGFfc3ViamVjdF9pZCI6ImExN2JjZmJkLTNkN2QtNGY3OC04NTM4LTdmZDFhYTkxZmZhZiJ9fQ; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; bkng_ap=U2FsdGVkX19jZ%2BgJ5OwhKw%2FtfIQ49V4CPyDNSDTwG7dsMttmLlQEgrQa6Aepz0oPGpvN9nSS5IB%2B%0AsvWpV4T%2Fxg%3D%3D%0A

Source: chromecache_113.2.dr	String found in binary or memory: http://cond01.etbxml.com/cond/common.js
Source: chromecache_113.2.dr	String found in binary or memory: http://www.quirksmode.org/js/cookies.html
Source: chromecache_113.2.dr	String found in binary or memory: https://account.booking.com/_/fvtrpw.gif
Source: chromecache_144.2.dr, chromecache_114.2.dr	String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: chromecache_113.2.dr	String found in binary or memory: https://cdn.cookielaw.org/consent/a387750c-a080-4dd0-b2d1-7dbdb601bb14/OtAutoBlock.js
Source: chromecache_122.2.dr, chromecache_149.2.dr	String found in binary or memory: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Source: chromecache_113.2.dr	String found in binary or memory: https://cf.bstatic.com/psb/accountsportal/
Source: chromecache_113.2.dr	String found in binary or memory: https://cf.bstatic.com/psb/accountsportal/assets/133_878a17a1dd9684883a3d.js
Source: chromecache_113.2.dr	String found in binary or memory: https://cf.bstatic.com/psb/accountsportal/assets/54_97d049b4c4a1c2f7cfdb.js
Source: chromecache_113.2.dr	String found in binary or memory: https://cf.bstatic.com/psb/accountsportal/assets/57_a194fd9bf3b476d89299.css
Source: chromecache_113.2.dr	String found in binary or memory: https://cf.bstatic.com/psb/accountsportal/assets/624_96ca1b056e9464729f28.js
Source: chromecache_113.2.dr	String found in binary or memory: https://cf.bstatic.com/psb/accountsportal/assets/629_a83b0423500bf7bdde4f.css
Source: chromecache_113.2.dr	String found in binary or memory: https://cf.bstatic.com/psb/accountsportal/assets/629_b3ab60a933ee60003b06.js
Source: chromecache_113.2.dr	String found in binary or memory: https://cf.bstatic.com/psb/accountsportal/assets/704_9a0ec8d2f80e7d346616.css
Source: chromecache_113.2.dr	String found in binary or memory: https://cf.bstatic.com/psb/accountsportal/assets/704_e7ede50c1fdac354671b.js
Source: chromecache_113.2.dr	String found in binary or memory: https://cf.bstatic.com/psb/accountsportal/assets/709_bad9882915aa6a1c2b70.js
Source: chromecache_113.2.dr	String found in binary or memory: https://cf.bstatic.com/psb/accountsportal/assets/709_c32002792e35c69191e8.css
Source: chromecache_113.2.dr	String found in binary or memory: https://cf.bstatic.com/psb/accountsportal/assets/987_175b3de059909b49ef78.js
Source: chromecache_113.2.dr	String found in binary or memory: https://cf.bstatic.com/psb/accountsportal/assets/991_a6ad99ceec88bdd4c73c.js
Source: chromecache_113.2.dr	String found in binary or memory: https://cf.bstatic.com/psb/accountsportal/assets/index_b606a6e5896516848e89.js
Source: chromecache_113.2.dr	String found in binary or memory: https://cf.bstatic.com/psb/accountsportal/assets/runtime~index_a9240719fc64a8f3ef82.js
Source: chromecache_113.2.dr	String found in binary or memory: https://d8c14d4960ca.edge.sdk.awswaf.com/d8c14d4960ca/c2181391033f/challenge.js
Source: chromecache_142.2.dr, chromecache_151.2.dr	String found in binary or memory: https://play.google.com
Source: chromecache_123.2.dr, chromecache_115.2.dr, chromecache_112.2.dr	String found in binary or memory: https://q.bstatic.com/libs/bui/7.3.1/bui.min.css
Source: chromecache_115.2.dr, chromecache_112.2.dr	String found in binary or memory: https://q.bstatic.com/libs/calango/0.500/bui.css
Source: chromecache_91.2.dr	String found in binary or memory: https://r.bstatic.com/libs/bui/7.3.1/bui.min.css
Source: chromecache_123.2.dr, chromecache_91.2.dr	String found in binary or memory: https://r.bstatic.com/libs/calango/0.500/bui.css
Source: chromecache_114.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: chromecache_144.2.dr, chromecache_114.2.dr	String found in binary or memory: https://tagassistant.google.com/
Source: chromecache_113.2.dr	String found in binary or memory: https://www.booking.com/_etnht
Source: chromecache_88.2.dr	String found in binary or memory: https://www.booking.com/content/privacy.html
Source: chromecache_122.2.dr, chromecache_149.2.dr	String found in binary or memory: https://www.booking.com/cookiebanner.html
Source: chromecache_113.2.dr	String found in binary or memory: https://www.bstatic.com/libs/privacy-consent/1.0.0/customer/cookie-banner.min.js
Source: chromecache_142.2.dr, chromecache_151.2.dr, chromecache_113.2.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: chromecache_144.2.dr, chromecache_114.2.dr	String found in binary or memory: https://www.google-analytics.com/debug/bootstrap?id=
Source: chromecache_144.2.dr, chromecache_114.2.dr	String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: chromecache_144.2.dr, chromecache_114.2.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: chromecache_144.2.dr, chromecache_114.2.dr	String found in binary or memory: https://www.google.com/ads/ga-audiences
Source: chromecache_142.2.dr, chromecache_151.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js
Source: chromecache_144.2.dr, chromecache_114.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: chromecache_113.2.dr	String found in binary or memory: https://xx.bstatic.com/static/img/favicon.ico
Source: chromecache_113.2.dr	String found in binary or memory: https://xx.bstatic.com/static/img/favicon.svg

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49986
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49983
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49981
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49980
Source: unknown	Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49979
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49978
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49977
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49976
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49974
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49973
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49972
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49971
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49970
Source: unknown	Network traffic detected: HTTP traffic on port 49967 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49969
Source: unknown	Network traffic detected: HTTP traffic on port 49978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49968
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49967
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49965
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49963
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49960
Source: unknown	Network traffic detected: HTTP traffic on port 50015 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49989 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50028 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49959
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49958
Source: unknown	Network traffic detected: HTTP traffic on port 49921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49957
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49955
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49953
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49951
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49950
Source: unknown	Network traffic detected: HTTP traffic on port 49944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49949
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49945
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49944
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 50017 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 49968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49980 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49957 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49991 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50005 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49979 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49999
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49998
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49997
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49996
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49995
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 49923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49994
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49993
Source: unknown	Network traffic detected: HTTP traffic on port 50016 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49992
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49991
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49990
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50027 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49989
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49988
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49987
Source: unknown	Network traffic detected: HTTP traffic on port 50013 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50025 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49999 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50001 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50007
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50006
Source: unknown	Network traffic detected: HTTP traffic on port 50012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50009
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50008
Source: unknown	Network traffic detected: HTTP traffic on port 49952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50001
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50000
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50003
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50002
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50005
Source: unknown	Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50004
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49997 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50003 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49965 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49977 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50035 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50014 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50002 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49949 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50022 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49996 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50010 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50009 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50034 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50023 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50018
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50017
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50019
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50032 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50010
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50012
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50011
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50014
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50013
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50016
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50015
Source: unknown	Network traffic detected: HTTP traffic on port 49939 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50029
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50028
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50021
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50020
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50023
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50022
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50025
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50024
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50027
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50026
Source: unknown	Network traffic detected: HTTP traffic on port 49985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50000 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50021 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50030
Source: unknown	Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49995 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50011 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50032
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50031
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50034
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50033
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50035
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50033 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50007 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50018 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49981 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50031 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49992 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49969 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49994 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50020 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50006 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49942
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49939
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49938
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49935
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49934
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49932
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49931
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49930
Source: unknown	Network traffic detected: HTTP traffic on port 49925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50008 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49971 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49876 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49960 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49929
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49927
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49926
Source: unknown	Network traffic detected: HTTP traffic on port 50029 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49925
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49923
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49922
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49921
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50019 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49982 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49916
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49911
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49910
Source: unknown	Network traffic detected: HTTP traffic on port 49948 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49959 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49908
Source: unknown	Network traffic detected: HTTP traffic on port 50030 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49904

Source: unknown	HTTPS traffic detected: 2.18.109.164:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.18.109.164:443 -> 192.168.2.4:49743 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.4:49770 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.4:49923 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.4:49926 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.4:49972 version: TLS 1.2

Source: classification engine

Classification label: clean1.win@22/100@72/24

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2424 --field-trial-handle=2212,i,15516139515336327294,6813732416240638119,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://account.booking.com"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5228 --field-trial-handle=2212,i,15516139515336327294,6813732416240638119,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1848 --field-trial-handle=2212,i,15516139515336327294,6813732416240638119,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2424 --field-trial-handle=2212,i,15516139515336327294,6813732416240638119,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5228 --field-trial-handle=2212,i,15516139515336327294,6813732416240638119,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1848 --field-trial-handle=2212,i,15516139515336327294,6813732416240638119,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

Screenshots

Behavior Graph

Hide Legend

Legend:

Process
Signature
Created File
DNS/IP Info
Is Dropped
Is Windows Process
Number of created Registry Values
Number of created Files
Visual Basic
Delphi
Java
.Net C# or VB.NET
C, C++ or other language
Is malicious
Internet

Network Map

No. of IPs < 25%
25% < No. of IPs < 50%
50% < No. of IPs < 75%
75% < No. of IPs

Contacted Public IPs

IP	Domain	Country	ASN	ASN Name	Malicious
18.165.220.127	unknown	United States	3	MIT-GATEWAYSUS	false
18.165.220.126	du1b3vb35hc0o.cloudfront.net	United States	3	MIT-GATEWAYSUS	false
91.235.133.10	h-doregtzf.online-metrix.net	Netherlands	30286	THMUS	false
91.235.132.129	eu-aa.online-metrix.net	Netherlands	30286	THMUS	false
142.250.181.68	www.google.com	United States	15169	GOOGLEUS	false
91.235.134.131	doregtzf532izs3wyphrvyjbjhgmirxmhw7wjlzuf6dcc65ee3c828f2am1.e.aa.online-metrix.net	Netherlands	30286	THMUS	false
104.18.87.42	cdn.cookielaw.org	United States	13335	CLOUDFLARENETUS	false
18.165.220.38	unknown	United States	3	MIT-GATEWAYSUS	false
18.165.220.18	unknown	United States	3	MIT-GATEWAYSUS	false
18.165.220.78	d1of1hbywxxm65.cloudfront.net	United States	3	MIT-GATEWAYSUS	false
18.165.220.36	unknown	United States	3	MIT-GATEWAYSUS	false
18.165.220.14	unknown	United States	3	MIT-GATEWAYSUS	false
108.158.75.13	de2trjlt8e8rj.cloudfront.net	United States	16509	AMAZON-02US	false
108.158.75.34	d8c14d4960ca.edge.sdk.awswaf.com	United States	16509	AMAZON-02US	false
18.165.220.54	d2i5gg36g14bzn.cloudfront.net	United States	3	MIT-GATEWAYSUS	false
18.165.220.76	unknown	United States	3	MIT-GATEWAYSUS	false
172.64.155.119	geolocation.onetrust.com	United States	13335	CLOUDFLARENETUS	false
239.255.255.250	unknown	Reserved	unknown	unknown	false
108.158.75.82	d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.com	United States	16509	AMAZON-02US	false
192.225.158.1	h64.online-metrix.net	United States	30286	THMUS	false
104.18.86.42	unknown	United States	13335	CLOUDFLARENETUS	false
91.235.132.130	h.online-metrix.net	Netherlands	30286	THMUS	false

Private

IP
192.168.2.4
127.0.0.1

Contacted Domains

Name	IP	Active
d2i5gg36g14bzn.cloudfront.net	18.165.220.54	true
du1b3vb35hc0o.cloudfront.net	18.165.220.126	true
d1of1hbywxxm65.cloudfront.net	18.165.220.78	true
eu-aa.online-metrix.net	91.235.132.129	true
doregtzf532izs3wyphrvyjbjhgmirxmhw7wjlzuf6dcc65ee3c828f2am1.e.aa.online-metrix.net	91.235.134.131	true
d8c14d4960ca.edge.sdk.awswaf.com	108.158.75.34	true
de2trjlt8e8rj.cloudfront.net	108.158.75.13	true
d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.com	108.158.75.82	true
www.google.com	142.250.181.68	true
h64.online-metrix.net	192.225.158.1	true
h-doregtzf.online-metrix.net	91.235.133.10	true
h.online-metrix.net	91.235.132.130	true
cdn.cookielaw.org	104.18.87.42	true
aa.online-metrix.net	91.235.132.129	true
geolocation.onetrust.com	172.64.155.119	true
xx.bstatic.com	unknown	unknown
t-cf.bstatic.com	unknown	unknown
nellie.booking.com	unknown	unknown
asanalytics.booking.com	unknown	unknown
www.booking.com	unknown	unknown
cf.bstatic.com	unknown	unknown
account.booking.com	unknown	unknown
q-xx.bstatic.com	unknown	unknown
www.bstatic.com	unknown	unknown

Contacted URLs

Name	Malicious	Antivirus Detection	Reputation
https://cdn.cookielaw.org/scripttemplates/202408.1.0/otBannerSdk.js	false		high
https://asanalytics.booking.com/U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=383226266261613f39266068736b653527374a273030707c7b706571273030253343273542273232656f77716d253032253b413d27374c273041253a3070747b7267273232273143253032706b2530302d3746	false		high
https://cf.bstatic.com/psb/accountsportal/assets/54_97d049b4c4a1c2f7cfdb.js	false		high
https://asanalytics.booking.com/c_qAOM6DvykERGlN?c95106941d0de769=-4TlFyZFRv4L4DWzaBqf2PbjhjxxraU6a-vo8CevmKqmkWY3xKg8ai_rvUS_AAoS30ywNzu8L4Rdr7s_SwB4ZM3JiYcdEhV-yC1_jiNmjycYeg6X5EcnPQ0jgdlKuMm0hqmFmeTyl1dK3TLcWQWh1g&fr	false		high
https://asanalytics.booking.com/U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=313232262e6a636135312462687b633527354a273740253a306d6d273030273243343634253043343c3127304b333032393c253d46253a412737422d30326d6f2730302532413436372732433c3430273a433135333d392d37442d374624626071635f6b6c6667783d36	false		high
http://account.booking.com/	false		high
https://cf.bstatic.com/psb/accountsportal/assets/709_c32002792e35c69191e8.css	false		high
https://cf.bstatic.com/psb/accountsportal/assets/704_9a0ec8d2f80e7d346616.css	false		high
https://asanalytics.booking.com/pqF3nGsAyelKT7zM?01c290fe34e6d07b=HlW_oNRa-UbKE1D5iCNafqheOkVg-zuMyanoIWmKrvHVBIXnUlAVpQ44j_XGdi-QYLu4l767TNwZIMd3lGlVTueGL4a-IghokefHIbCphdCWh1-IkClLv1pCjHDy8DAKaxhG8AbB6iHKWB5EwhUe0O3VKVdNuhh1SLyTgGQ	false		high
https://asanalytics.booking.com/U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=393b26266261613f39266068737f3d2d37422d354027374c273243273030273246706765697174657a253044786171737767726c27323a273746266a6a736b7176673f253740273032696e253a32273149302732432d323a69323a3b2730322d314130273546	false		high
https://asanalytics.booking.com/U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=383226266261613f39266068736b653527374a273030707c7b706571273030253343273542273232656f77716d253032253b413027374c273041253a3070747b7267273232273143253032706b2530302d3746	false		high
https://cf.bstatic.com/psb/accountsportal/assets/709_bad9882915aa6a1c2b70.js	false		high
https://t-cf.bstatic.com/design-assets/assets/v3.58.1/fonts-brand/BookingExtraBold.woff	false		high
https://doregtzf532izs3wyphrvyjbjhgmirxmhw7wjlzuf6dcc65ee3c828f2am1.e.aa.online-metrix.net/K4ef-Qxf66Ie_55D?1a371f6204d6afce=pcoL9cwR2ipcHup2-SG6rp1j_W-d1225R3CZ4ZXQPNUtVj0y16svqnIb_DAovxSc82KqVyuzbqTkFkKqlz5uMNuPXHAap07M62H1QTtcBqstqMbf7KE33r9m_8WvIGBBQzsUOn57iKZnMl-k1yITv6TUFutghfGecXss	false	Avira URL Cloud: safe	unknown
https://asanalytics.booking.com/ue8eZwwBYhIaJjN1?dd914517a5d3e626=2wIikL3VyDl-LOyNCkYfgOR80rkSoOy8lackkErbcCDRT1qBf6jjcWDLf1p2JiBYuN_qYD_0gnWcsCqeXlR3pC-ad_YazT9omLg7q-qTjF1jJ-kv8AmeM9W2e5QtidwQWBjdoYnjh1hbPLg1IRzeNUfOKF0&ja=313b30332e26613f2533323026723d3e32266e3f333038387a313030362463663d33303a307a39383c26717a713d3278302e6478703d392e333038382e313030362e333238322e3b38362c313a38322e3130352c313a38382e3930362e322c38246d743f3035643531663133343b65366a66303231623436626c3330356238636431633c246d6e3f30247163643f3036266e683d607476727b253141253a462d30466961616d7566762e626d6d696b6e672c616d6d2732462e706e3f3d2672683d6d383830646e63373735393b33663667606738393b31676236613931323b326c266a683d3d633d61383a6736363038613534603663606238616431343038353c3560323b2668736f3557616c646775712732383330266871603f4368706d6f652732303931352462736d753d5f6966666f7f712468736a773d436a706d6f65266c6a613d36266e6c6d3f3a2e6e6f747035302e767a6c3f436f657a6b63612730444c65775d5b6d7269266d69746a7035343230336c316b30626d613230653e6163353432323a3261663337353630316e64363730383334316c366d63613a366661393c636662663530313133333b34612464723568767678732733412d324e27324e6361616f7d6c742e606d6d69696e652c616f6f25324e26723f786c776769665f6e6e617b6a2737456e636c736723726e75676b6c5d776b6e646777715d656566696157706463796d702737456e636c736723726e75676b6c5d61666f626d5f63617a6f6061742d354d64616471672370647767696c5d7377696369766b6d6725354d66636e7b6523706c7d67616c5f7b6a6d616b7f63766527374764616c716723706e7567616e5d706d616e706c69796d70253d4764636c7b6721706e77656b6e5f746e615f726c61716570273d4564616c7b6529726c7d656b6c5f6c6776616e747027354564636e736721706475656b665f71766757766167776d702737456e636c736723726e75676b6c5d6a6376612d354764696c7165266f6c57613d7f6760656c5f6762474e273032312e322730302a4f706d6e454e2d323245532d3238302e382730324360706f6d6b776f2b576560454e2530304744534e273a304753253a30392c302d30322a4f78676e474e2730324553273032474e534c2d3232475b2530303126302d30304b6a706d6d61776d295567604969745567604b6b74253a3055676a474e414e4f4c4d5d69667176636e6b67645f6370706379732731402530304550545d6064656c645f6569666f6170273140253a324558565d616d6c6f705d60756466657a5f6a6364665d666c67617c27334a2730324550565f666e6d63765f626e676c642733422d32324750545d6672696757666578766a27334a273230475a565d7368636667725d7465707477706d5f6e6f642d334a273238475a565f7c6778747770675d636f6f727065717369676e5d6078746125334a253a324550565d766570767572675d616d6d70706771736b6f6e577265766b253142253a304d5a545776677a747d70655f646b6e7665725d636c69716f747a6f726b6b253142253a304d5a5457715045422d31422530324d47535f676e676d676e7457696c666d785d756966742d31422d30324d455b5d66626d5d70676e6467705d6d6b706d697027314a2530304f4d53577174696c6663726c5d6465706b74637469746771253142253a304d475b5f7665787c757a675f6e6e6d63742d31422530324d47535f76677a7477726557666e6d69745d6c6966656970253b402730304747535f76677a767572675d6a616e665f6e6c6d637c253142253a304747535776677a747d70655f6a636e645f666e6d63745d6c69666563702d33402532384f4d515f7e67707665705d617270637b5d6f62686761742733422d3232554d42454c5f6b6f646d7257607764666d705f666e6d63762533402730305545424f4c5d61676d7272657b736d665f7c677a76757a675f6171766127334227303257474247445f616d65707065737b656c5d746d7a7677726d5d657461273140253232554742454c5f6b6f6f727a657173656c5f7c67787c7770675f6d766331273140273230554740474e5f63676d72706d7371656457746d7a747d70675d733b7663253140273030574740454c5d636f657070677b7367645f7c657076757a675d71337c615f7370656027334227303257474247445f66676a75655f726d6e6c67726d705d6b6e6e6d253340273032574540454e5f6665707c685d766d787675726d253b40253a325547424f4e5f647063755d6275646467727125334a2530325f4540474c576c67716557616d6c746d7a74253140273030574740454c5d6d7564746b5d6c726377313e266f6e5f603f3164663d666666363536326464613632376736326a6532673f346632353d343e33303c66363035312477676e743f456f6f656e672530304966632c273a302a476f67676467292e75656e7235434e474e4727303028456d6d676e65253a4327303856776c6b696e2d3030392c312c302d30302851756b6474536a63666570253238446774616367253238285b77627267706d292d303028327a32323030413246452b29253a43273038537569667c536063646d702730306c70697667702b246363663f33&jb=3137302664713f4f677a6b6c6c69253a443526322730302055696e666d75712532324c5625303031382e32273b422732305f696634342d31402732387a36342b2730324170726e675767624b617427304e3531372e3b362d303020494a564d442732432730326e696b67273030456563636f2b273a30416872676d6d27324e3333352e382c302e322730325361646370692732463d33352c3b36	false		high
https://asanalytics.booking.com/U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=313438267a643f247a64763d363b333b312d393732322c3d3b30302f333732302c373b32312f313538302e373130302d313d30382e353132312f313d32302c31313a3b2d313732322c373935382d333738302e35393b3125333538322e37393b3b2d313732322e3630313b2f3137303024353b363c2d333530382c3e3234382f333730382e3539313a2f333530322e373235392d39353232243732373025313d323024303333322533353032	false		high
https://nellie.booking.com/csp-report-uri?type=report&tag=213&pid=a5226e01015300e7&e=UmFuZG9tSVYkc2RlIyh9YSWKtKO5TxgOpTwVTPfHZKNW3Hcrm1RLgSxyia5pklYb7iiWZYqU8bVBIXeK0YZtSgeotbReXRR3	false		high
https://account.booking.com/register/password	false		high
https://cf.bstatic.com/psb/accountsportal/assets/133_878a17a1dd9684883a3d.js	false		high
https://d8c14d4960ca.edge.sdk.awswaf.com/d8c14d4960ca/c2181391033f/challenge.js	false		high
https://q-xx.bstatic.com/backend_static/common/flags/new/48-squared/us.png	false		high
https://h.online-metrix.net/-oHbtURoEkKRYMoO?c28be1dcf9880429=uMrb-z-xWyzTksWwCzpBUlTjkR5JD-5c0pGKTa30NzZ8sv1OBpxFlGdJXcwn22YdFATlGp5aPlhWhgSOSaW4SO1HOJcDSnawyDKi0o4U9PBgatyDTLq0zonM-xSvgBZPJuLND8ZoAtRI1VHncsQQCRu1P9ET_KgK8RQPRUhM4-RRMvQ	false		high
https://cf.bstatic.com/psb/accountsportal/assets/624_96ca1b056e9464729f28.js	false		high
https://cf.bstatic.com/psb/accountsportal/assets/987_175b3de059909b49ef78.js	false		high
https://asanalytics.booking.com/fp/clear.png	false		high
https://asanalytics.booking.com/U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=383226266261613f39266068736b653527374a273030707c7b706571273030253343273542273232656f77716d253032253b413e27374c273041253a3070747b7267273232273143253032706b2530302d3746	false		high
https://asanalytics.booking.com/T6pHM1Kv1256ky7p?3d2230f7d2a8115c=1d04QixAcLsmMxe1NApuBHDtg8ZUutfGZ5yhDKrZs7AHvWtQNKBtNKgbkxoChMA5IGauAuhuKE3cy9XOUNbrQ9ZQ5rAmVWjtJEXJc6A9sNFmYXfUJvSeI8BtTYE09q2jyyZgsckA-oCAR_aUHYP4idJP4qnplWG73OIZyRM25FZUXHLjkDGNUSpyQLQZpRfrTNqOeL1e5rR9ieir&jb=353b262662736d7735576b6e6467777b246a7b6d3f556966666f7771273032313024687162773d4360726d6f6d26687362354360706f6567273030393337	false		high
https://asanalytics.booking.com/U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&jac=1&je=323526266a687176786e3f25374a253a30363b3b2730322d314131273546	false		high
https://cf.bstatic.com/psb/accountsportal/assets/57_a194fd9bf3b476d89299.css	false		high
https://asanalytics.booking.com/U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=313439262e6a636135312470676d5f7d72646976673f253f402532303127303225314327374025323a6e677557706373737f6f7a66253a302731412d374274707767273243273030706373737f6f70662d323025324b342d37442d354627324b273232362730302533432735422732326b6f6c6461726f656457706971737f6d7066253a302533432737407472776727324125323a7063717b776d72642d323a27324b362737442d3544253546	false		high
https://asanalytics.booking.com/rmP2YqmKi1PE6WUH?038c08b040b86474=Oj-y5ZSi8HgFCNUcQHmDQ36xFTJqcQIs9d-pDYEcs2ztWotlomSpLZo6RphtaDZpva9Gx4ttTk6NlCQXFzMJUMpVorDI76xa5N6t52rpQakn9GygjygKmGwvXiCiRIASGGMvaA1nMl8DytmkpJHd4BBe8c1L8dkG_gJBNKVPq1RpuZzvFYp-g0IMiKrsA0mGKzB9T6rCshQk-nVVJ88	false		high
https://asanalytics.booking.com/ue8eZwwBYhIaJjN1?dd914517a5d3e626=2wIikL3VyDl-LOyNCkYfgOR80rkSoOy8lackkErbcCDRT1qBf6jjcWDLf1p2JiBYuN_qYD_0gnWcsCqeXlR3pC-ad_YazT9omLg7q-qTjF1jJ-kv8AmeM9W2e5QtidwQWBjdoYnjh1hbPLg1IRzeNUfOKF0&jac=1&je=343326267f656b3f302e36362e39323b2c373d24756b6d357565627076615d696e7667706e636c5f65646c71	false		high
https://cf.bstatic.com/psb/accountsportal/assets/index_b606a6e5896516848e89.js	false		high
https://asanalytics.booking.com/ue8eZwwBYhIaJjN1?dd914517a5d3e626=2wIikL3VyDl-LOyNCkYfgOR80rkSoOy8lackkErbcCDRT1qBf6jjcWDLf1p2JiBYuN_qYD_0gnWcsCqeXlR3pC-ad_YazT9omLg7q-qTjF1jJ-kv8AmeM9W2e5QtidwQWBjdoYnjh1hbPLg1IRzeNUfOKF0&jb=3334266c7b613f363e633738323d393060373d363b666431306437343133663536636667353238	false		high
https://asanalytics.booking.com/U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=363426266261613f39266068736a6b3527354a273740253a305a25303027304333273041313533323d343b333d313138302d354c27354c24606a736a695f696c66677a3d30	false		high
https://www.booking.com/cookiebanner.html	false		high
https://asanalytics.booking.com/U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=313131262e6a636135312462687b636d3f253f4027303278767970677127303225314327374025323a6d6d777b652732322d334933253f462730432d303270767b7267253230273141273232786327303a253544266a687b606b35273740253d402532304527303225304133373537253a4333273d442735442e62607162635d6b6c646d7a3d31	false		high
https://asanalytics.booking.com/U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=393026266261613f392672676557757866617c673f27374a273232312730302533432735422732326665755d786171737767726c27323a273143253d40747277672730432530307261717377677266273a3227324338253d46253f46273544	false		high
https://cdn.cookielaw.org/scripttemplates/otSDKStub.js	false		high
https://asanalytics.booking.com/ue8eZwwBYhIaJjN1?dd914517a5d3e626=2wIikL3VyDl-LOyNCkYfgOR80rkSoOy8lackkErbcCDRT1qBf6jjcWDLf1p2JiBYuN_qYD_0gnWcsCqeXlR3pC-ad_YazT9omLg7q-qTjF1jJ-kv8AmeM9W2e5QtidwQWBjdoYnjh1hbPLg1IRzeNUfOKF0&jac=1&je=313032352e2660637c73763d253f422d3032646774676c2d3032253143332c3030273041253032737c6176777b253032253b412d30326b6a637067616c6725303027354426637766683f63656e6263673c373a36373f663830666a60663b373b343137343b306662643b6134343730626e35343639363439656a656e333531376360373c376132333335246578313f30626064636e3335346c613434323d35383a333f60303a363a6639373b3636366162603767653633266d78363f6b373a37343a323063616e3b30353438633362643767323962676434376463302e6a716d35576b6e6467777b27323833322475696a3d2535402730326170616a697665637c7570672d3230253349253a307830342730322d3043253030606b746e677171253032253b4127303a363625323a253a41253a3060706166667325303027314125374027374025323a62706366642732322d334927323a456d6d676467253232416a706f6d672730322732432d3230746d7271696f66253a30253b4327303239333725303027354425304127374025323a62706366642732322d334927323a4c6d76253b40412531464070616e662730322732432d3230746d7271696f66253a30253b4327303230273232273546273243273540253032627a616c662d3230253349253a304360706d6f697d6f25323027304125323074677271696f662530302d334325323a313935253a302735442d374425304127303266776e6e56677273616f6c4e61737625323a253b43253d402735422d30326270636c662532302731412732324f6f6d6564652732304b687a6d6d6d273030253a4125323074677073696d6c2732302533492530303931352e30263531313826333130253a30253746273041253740273032607261666427303a253141253a32466d742d314043253b464272636c66273232273041253032766d72716b676e2732322d334927323a3a2c322e382c3025303027354425304127374025323a62706366642732322d334927323a416a706f656b756d27303027324327303076677273616f6c273a322733412d323a33313f2c322c353131382e333130273232273546253744253a4327303a6d6d626964652d30322d314364616471652530412730326d6d66676c2732322d3343273a322732322d324b27323a726e63746e6d726d273030273341273030576b6e64677771273a322732432d323a726c6976646d7265546572716b6d6c25323027314127323239302c3226302732322d324b27323a756d75363c27323227314364616c71672737462675696c3f273f422732326a72696c647b273030253b432535402735402532306070616c64253a3227314925303247676f6f6e652d303241687a6d6d6527303027324327303076677273616f6c273a322733412d323a33313f273030253f462532412735402532306070616c64253a322731492530324e67742d314249273146427a636e6427303027324327303076677273616f6c273a322733412d323a3a253a302735442d30432535402730326270636c642732322d3343273a32416872676d61776d2d303027324b27323274677071696f6c2730322733412d32303339372732322d374c27354c273041253a306d6f606b6e6725323027314164616c7b6527304b2530327064617c646f7a6f2730322d3141253030556b6e646d7571253032253f44	false		high
https://asanalytics.booking.com/U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=313b33262e6a636135312470676d5f7d72646976673f253f402532303227303225314327374025323a7667702d3230253349332d35442d304127323a332532302731432537402730326a69646c656c2f786171737767726c27323a273143253d4066616e7167273243273030706373737f6f70662d323025324b342d37442d354627324b273232302730302533432735422732327d73677066616f65253a322d31412d37406461647165253041273032656f636b6c2732322d3241362d354625374c253f46	false		high
https://asanalytics.booking.com/U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=383326266261613f39266068736b653527374a273030707c7b706571273030253343273542273232656f77716d253032253b413932253f462730432d303270767b7267253230273141273232786327303a253544	false		high
https://account.booking.com/_/fvtrpw.gif	false		high
https://cf.bstatic.com/psb/accountsportal/assets/629_a83b0423500bf7bdde4f.css	false		high
https://cdn.cookielaw.org/scripttemplates/202408.1.0/assets/otCommonStyles.css	false		high
https://asanalytics.booking.com/U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=313132262e6a636135312462687b773527354a273540253a3070617171756d72642730316e67775f786171717f6f7064253a322d314138273546253a412532302730447265656b71746772253a4672637b73756f726c253a30253d462460687b697374673f273542253030696e2732322d3343322d324125323a6b3a30392d303027334932253746	false		high
https://geolocation.onetrust.com/cookieconsentpub/v1/geo/location	false		high
https://asanalytics.booking.com/DzDg5opN2juRAsrB?092f0c70ca0e3e9f=hJPeq60bHTcENM2tWVOjlG05NkAuhvg-7IGMEph-N6SKG4C6ccmKTuKdkTg7vvZDEtp3wUPvHJiVxa7GIt0toZN9f_O8Lv_J7OIqOBu6SCjp7JcgqrmaIw9OmMp-0Y6FQqdw3He9dhJmhnPhzPZb6GRzMo7PyBhqvi0J3Wx3zUNY8IM3EEor-N5Ind_e8FRqg3EgC64RMveVNPx8cPXl	false		high
https://h.online-metrix.net/kyqRRUMu-GFzfYhf?ff02f82bc3d39c3d=eMxHlyE2Z5erGsvI3T0z8SQp802xhEjTHu1pAjvU8peUxGSJO8-1GGEFjk2hhjlUI3HEVCtJEgzofLY6D8-NBSn-AnO_Pmrpdyn5Pxeg4eurzL0GmXQUDrxlwBywVMfIOlpHRmKE4862cIgL8alsHUrbLqjGtw-gUNYMkZEQaBRdRAArHKIhNAD0qOWNHhD7x8f7eYkssiBCskuMe2ZX	false		high
https://asanalytics.booking.com/U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=383226266261613f39266068736b653527374a273030707c7b706571273030253343273542273232656f77716d253032253b413f27374c273041253a3070747b7267273232273143253032706b2530302d3746	false		high
https://cf.bstatic.com/psb/accountsportal/assets/runtime~index_a9240719fc64a8f3ef82.js	false		high
https://www.bstatic.com/libs/privacy-consent/1.0.0/customer/cookie-banner.min.js	false		high
https://asanalytics.booking.com/a9hs5a4xjv22puki.js?v5pg8okhz744zguf=doregtzf&fvnf8qc8zzjqzym2=43d59af6-e3da-487e-bfc0-caaf3b30acb6	false		high
https://xx.bstatic.com/libs/acc-clientlib/v5/clientlib.js	false		high
https://cf.bstatic.com/psb/accountsportal/assets/629_b3ab60a933ee60003b06.js	false		high
https://asanalytics.booking.com/ue8eZwwBYhIaJjN1?dd914517a5d3e626=2wIikL3VyDl-LOyNCkYfgOR80rkSoOy8lackkErbcCDRT1qBf6jjcWDLf1p2JiBYuN_qYD_0gnWcsCqeXlR3pC-ad_YazT9omLg7q-qTjF1jJ-kv8AmeM9W2e5QtidwQWBjdoYnjh1hbPLg1IRzeNUfOKF0&jac=1&je=3635262662666c3f393330266a6e683535333137326462303561353b343b323232336334383b653038653a676b3260312662667c6c3d38383335333b3831333024726f3d6e6d	false		high
https://asanalytics.booking.com/U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=383226266261613f39266068736b653527374a273030707c7b706571273030253343273542273232656f77716d253032253b413127374c273041253a3070747b7267273232273143253032706b2530302d3746	false		high
https://cf.bstatic.com/psb/accountsportal/assets/991_a6ad99ceec88bdd4c73c.js	false		high
https://cf.bstatic.com/psb/accountsportal/assets/704_e7ede50c1fdac354671b.js	false		high
https://d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.com/d8c14d4960ca/c2181391033f/challenge.js	false		high
https://account.booking.com/api/identity/authenticate/v1.0/enter/email/submit	false		high
https://account.booking.com/js-track	false		high
https://asanalytics.booking.com/U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=323038262e6a636135312462687b633527354a273740253a307425303027304325303043253033253a33464b5e253033253a322d304339353536253d462532412737402532307427323025324b3130343b2530433938372d304339353536253d462532412737402532306f6f253032253a43343739253043343c362d304339353536253d462532412737402532307627323025324b2530304c495425323b253a314441542730332d303225304136343535273746253043253d4227303a6d6f25323a253a41363c312730433c313825304136343535273746253744266a68716157696c6465703d38	false		high
https://asanalytics.booking.com/U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=313730262e6a636135312462687b633527354a273740253a307425303027304325303046495425323b2530314c495425323b253a30253a413332383b332535462730412535402730326f6d253a3227304b363731253a433c36362d304133303031312537462730432537402732306d6d2d3230273a433435322d324b36343f273041313e3b363627374627354424606a73615f696664677a3531	false		high
https://asanalytics.booking.com/tGNM_W8j9T_L5CC9?114e19a2bbfc6044=15J5dmbBUeqIQX0jd-7KOALK-LuXffFvInmoYquIZxxNrUeBTtpR6KUeB2Q9xaAakUKnuzJ5LaWMx0wedgHASe56cw6QbT35oPL0BMr0bNP19aAMfTF4Mp_vtNhRlFpPhNEyphbmIcyI9C3xJbo3_HbisPx3kLD9w4f9dD4	false		high
https://asanalytics.booking.com/lD_6e2ckuuI85dfO?d9272cc602e934cb=N7gnoMjVMNt9eMJfLdlbQQHx40UBoKRTrBR6k43o9hQXvq0kq29aaYGi3v5qKhBT81oTqQVaAPNWfoOUEaeN6cvhWcn5_1DOeJIkoVMauvseVkfWY8ixBNBh21i_sqRT2NWG0yzfMocMHfO_8r3sP4D6QGIo6AVc3MSTRUiGZxHbDU0x1aB0iw7Pq8c7-9PU3NvgVeMmzjK5vqp6KRg&jf=343338267b69665d7a6e663d746c725765686c406644466a775748375864644c26716b665f6661746d3d33353b3237343939353b247361665d767978673d77676038676364716324736b645f63657b3f3b3037393338313b323638353063383e363863673166323230333234303a32613036363a6b653164303b30393237383136303038323466633b353134663a6636663461633a64353a6d333362313c643c37373a3634326338613934606032326533613160393b30643e6630376a336030353c643f33613c3a31313630673534646436613762633b61653537356b3731606e3834396538303032333c646160333a343762643b353a3866663b35313562346d333a6330332473696c5f7b6b6735313236363830323132323b60646137313b336166616b613667696464383269363a34336a6736343030303637643735666465606731363a38376d3164636d343a38343b3569353330303432323a333030646733603136363363343763366a36333538366762366a666c3a656e373a3434696038666063303a6663363061656736386d3867643a363763363d393e31356b24716b667a3f30	false		high
https://account.booking.com/	false		high
https://cdn.cookielaw.org/consent/a387750c-a080-4dd0-b2d1-7dbdb601bb14/0191ffb2-0224-7614-89a9-ce4becc49775/en-us.json	false		high
https://asanalytics.booking.com/U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=313b31262e6a636135312462687b636d3f253f4027303278767970677127303225314327374025323a6d6d777b652732322d334930253f462730432d303270767b7267253230273141273232786327303a253544266a687b606b35273740253d402532305727303225304136353a37253a4327303a706373737f6f7a66253a316c67775772617371756d706425303027354625324b2537402d323072253a322d30433c373a3b253a412532302730302535462737442462687b62695d616e6665783533	false		high
https://d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.com/d8c14d4960ca/c2181391033f/verify	false		high
https://xx.bstatic.com/static/img/favicon.ico	false		high
https://asanalytics.booking.com/U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=383226266261613f39266068736b653527374a273030707c7b706571273030253343273542273232656f77716d253032253b413c27374c273041253a3070747b7267273232273143253032706b2530302d3746	false		high
https://d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.com/d8c14d4960ca/c2181391033f/telemetry	false		high
https://account.booking.com/api/identity/authenticate/v1.0/otp/is-enabled	false		high
https://asanalytics.booking.com/U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=313730262e6a636135312462687b633527354a273740253a307425303027304325303046495425323b2530314c495425323b253a30253a413032303c372535462730412535402730326f6d253a3227304b363635253a433c36302d304130303836352537462730432537402732306d6d2d3230273a433434362d324b363439273041323b33303627374627354424606a73615f696664677a3532	false		high
https://account.booking.com/js-metric	false		high
https://xx.bstatic.com/static/img/favicon.svg	false		high
https://account.booking.com/navigation_times?sid=&pid=a5226e01015300e7&nts=0,0,1732549116474,0,0,0,0,1732549118330,1732549118331,1732549118472,1732549118472,1732549120596,1732549118472,1732549120596,1732549121951,1732549122710,1732549121967,1732549138415,1732549138415,1732549138418,1732549157555,1732549157555,1732549157556,0&first=&cdn=cf&dc=12&bo=3&lang=en-us&ref_action=Index&aid=304142&stype=&route=&ua=&ch=&lt=	false		high
https://asanalytics.booking.com/U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=383226266261613f39266068736b653527374a273030707c7b706571273030253343273542273232656f77716d253032253b413b27374c273041253a3070747b7267273232273143253032706b2530302d3746	false		high
https://asanalytics.booking.com/U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=313232262e6a636135312462687b633527354a273740253a306d6d27303027324334363b253043343c3427304b323431383d253d46253a412737422d30326d6f2730302532413436332732433c333a273a433039323c382d37442d374624626071635f6b6c6667783d31	false		high
https://cdn.cookielaw.org/consent/a387750c-a080-4dd0-b2d1-7dbdb601bb14/OtAutoBlock.js	false		high
https://asanalytics.booking.com/U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&jac=1&je=383626266565666a35283325324b302d304339273041343c316435676134616433633461373665396e623a3b3c663a62323162313432383b3331383b3a3133643064616635676633323062386d373b613a636061393129	false		high
https://h.online-metrix.net/-oHbtURoEkKRYMoO?8cad62a260ff4642=uMrb-z-xWyzTksWwCzpBUlTjkR5JD-5c0pGKTa30NzZ8sv1OBpxFlGdJXcwn22YdFATlGp5aPlhWhgSOSaW4SO1HOJcDSnawyDKi0o4U9PBgatyDTLq0zonM-xSvgBZPJuLND_J6jTIGoo3DU0a_8mwS8lA&k=2	false		high
https://h64.online-metrix.net/8ntGuSSDjZCAqIks?bbd0db59142b04bf=cw3jRNj2tSYLi0XaIt08Y6m7vaWvYQBrgyzBnwU9O5DgoAJeWFX6xFdFUed_uXV2Gem5-O52FUFfByodQzEhTOHu-O2kvG3C7M-EX8dXbm9F5BbS9bfRkU1jwNIMXfoejlO2iSyz9fosMiJ-Wmz3yQagec1Qj4e1	false		high
https://www.booking.com/c360/v1/track	false		high

Name	Type	MD5	SHA1	SHA256
Chrome Cache Entry: 100	JSON data	83B403D24FF5CD2FB7D1E31D9E0ED51C	4D0F2248042B947C1909B0081FF16EF33B79F1C2	051A850989BBA254B7C640D8758C05DD7E4662D69BEAE0601BFA2351C3F78E37
Chrome Cache Entry: 101	Unicode text, UTF-8 text, with very long lines (65452)	50661ED4A798150480E02EB240322BCC	97CF099B91D7A4D6BA4AC0C2F5586366BF432042	7A58C2C9BB439A1414365C9E17F0F9A83B552DE39A738987A4D9BBD2748DCB62
Chrome Cache Entry: 102	ASCII text, with no line terminators	1AE6B27EBA211F4CFCD99B904DA88BB7	53CA38F083C4A21F2EDA633EC304CB4582EDEDA2	961635B4E9661208EC118D285B3AC1DBF9F3CC96CDDC97F30E55CD2C6566448C
Chrome Cache Entry: 103	Unicode text, UTF-8 text, with very long lines (65452)	50661ED4A798150480E02EB240322BCC	97CF099B91D7A4D6BA4AC0C2F5586366BF432042	7A58C2C9BB439A1414365C9E17F0F9A83B552DE39A738987A4D9BBD2748DCB62
Chrome Cache Entry: 104	ASCII text, with very long lines (65451)	B6229105523571CBE1163488B97C9358	89EC2F5D13AB3642E13CDC06F0ACC4BEE9DE4616	4B18751F3A50A2525E37E8CAEDA2E00F3C683F1689D629DBB21F3D570A9343AF
Chrome Cache Entry: 105	ASCII text, with very long lines (9049), with no line terminators	E70689D8A4302FE7417ABAD50431C87E	CE3FF45B2C44B2399DA32E745135F4CC82797B34	40408321AE813F04A5ABE32A124B37AB7D3780920541609A73A6B3D0DE7C24C6
Chrome Cache Entry: 106	Unicode text, UTF-8 text, with very long lines (49474), with no line terminators	BF11C9203A892FE6BE724AF6C26BF57D	CE9AD4448CEFBCCE7826F7E9CE4A0F3E35F0E158	7B450522C7D5671970102165D2D247AC3361CA320F2B09224D84E95005914F2A
Chrome Cache Entry: 107	ASCII text, with very long lines (9049), with no line terminators	E70689D8A4302FE7417ABAD50431C87E	CE3FF45B2C44B2399DA32E745135F4CC82797B34	40408321AE813F04A5ABE32A124B37AB7D3780920541609A73A6B3D0DE7C24C6
Chrome Cache Entry: 108	ASCII text, with very long lines (24720), with no line terminators	98B5C29CF94D2FE934D0D126C3E3779F	E0B32752F723123C3F157A36D52E81E5184974E6	6C496FCBE60FEC78DC1B86A9136644D9A97CAE20DF32BE3E9A4A62CE7BD0E6A6
Chrome Cache Entry: 109	ASCII text, with no line terminators	DEC59BE0CB7ED5A372086DC64A4AEBF7	9A271EFD25D0ED8DE97A2AC10F84E2F76E677445	C32E51F3CCE34E937A111EE0683D020B1C3C0F634AE9C9580353185FB336125D
Chrome Cache Entry: 110	PNG image data, 48 x 48, 8-bit colormap, non-interlaced	41A0E840AA47C87E19D2BFE0B1231C3F	B5F588CA91FC9E67B5EA658C5FF943B0639E57B9	A333D02EEDDE7A4DD8643D58B0EA7947268A1762F35F517EB6000EC9E7FCFAE8
Chrome Cache Entry: 111	ASCII text, with very long lines (24720), with no line terminators	98B5C29CF94D2FE934D0D126C3E3779F	E0B32752F723123C3F157A36D52E81E5184974E6	6C496FCBE60FEC78DC1B86A9136644D9A97CAE20DF32BE3E9A4A62CE7BD0E6A6
Chrome Cache Entry: 112	HTML document, ASCII text	D89B01D392C1A60B64C1EB55CCCD1D9D	35607031083971A862472A2BB37FFB8BF0CDCD2D	4D8CEAC04A145BE6F8968D458D8226320737D72F6ADA06990BD842C28F8951B6
Chrome Cache Entry: 113	HTML document, Unicode text, UTF-8 text, with very long lines (24484)	C0A5C2B783919B5D91A45356C2905961	2251F64DC229B4C8970DF044B46A9924FCE47072	CD2F84A6171BCAD1AF9533DDEC7D83EFD31F334E7CDB96EE4BB1F1CE27217F6A
Chrome Cache Entry: 114	ASCII text, with very long lines (2343)	575B5480531DA4D14E7453E2016FE0BC	E5C5F3134FE29E60B591C87EA85951F0AEA36EE1	DE36E50194320A7D3EF1ACE9BD34A875A8BD458B253C061979DD628E9BF49AFD
Chrome Cache Entry: 115	HTML document, ASCII text	D89B01D392C1A60B64C1EB55CCCD1D9D	35607031083971A862472A2BB37FFB8BF0CDCD2D	4D8CEAC04A145BE6F8968D458D8226320737D72F6ADA06990BD842C28F8951B6
Chrome Cache Entry: 116	JSON data	21A3BC7BEB959B528DBF92CDB0790420	B38E158BB0CC6569618AF9A628CB65C214E00804	5DEABAB9CB76F3693AF2FD55FE3564E36F7032CB9178797350EDD0240DE5A0C9
Chrome Cache Entry: 117	ASCII text, with very long lines (11991), with no line terminators	5CC3FBA8F5E14A1BF6DBB08589AD9063	139AD6E4FD4CEE8CFCFD1E82D51C2512A58B9B0A	5BF68F6F50E9505533D496296E87F9CB270A644D7F56211673FF0481FAE7D7F6
Chrome Cache Entry: 118	ASCII text, with very long lines (65536), with no line terminators	95744D9B9384066E908E63BBAD3A188B	865538ADC7434D75E955733AEA35EEE22537B2EC	1623411F7208516B214A1B1CFB5B544DFDEBB718721E871B1AA31C898C21E2D5
Chrome Cache Entry: 119	ASCII text, with very long lines (11991), with no line terminators	5CC3FBA8F5E14A1BF6DBB08589AD9063	139AD6E4FD4CEE8CFCFD1E82D51C2512A58B9B0A	5BF68F6F50E9505533D496296E87F9CB270A644D7F56211673FF0481FAE7D7F6
Chrome Cache Entry: 120	ASCII text, with very long lines (4751), with no line terminators	C51B5D318485406B1443DFD5F55D26D1	39B2CA9A74A822EE1E175FBBC4AB168510C40E0A	76929901D96CD6FE076F40739EE5B7C1208344B2012C3A39885BB6EE5897EFB8
Chrome Cache Entry: 121	ASCII text, with very long lines (65451)	B6229105523571CBE1163488B97C9358	89EC2F5D13AB3642E13CDC06F0ACC4BEE9DE4616	4B18751F3A50A2525E37E8CAEDA2E00F3C683F1689D629DBB21F3D570A9343AF
Chrome Cache Entry: 122	ASCII text, with very long lines (3863), with no line terminators	88339B3D539FCA74C62B7E0C50A96894	5FE3B4DD6D7126A8E81F94318D73FE863ED74FB8	D84999D183797B4F966CB30922EA78D372A2572AE46E4EB91665C59F211A810C
Chrome Cache Entry: 123	HTML document, ASCII text	76B9C58658D750DE8B22DEBA39584059	0362BF98F86F41BD3E5D19DB7C88A2D529E98310	DB541D714E79CF13DC664F756B204CE7769606B4FC4900F46FD4F24557DA5D72
Chrome Cache Entry: 124	ASCII text, with very long lines (799)	2C3950F122B3977DF61B0E077AAA92C8	7BBC3B129BB0F1320C6ECB67688DDC8F78EF6574	6082597F3871C77C9B31AA1383577F8C0E54CB5FF09275DC817BC70D96E6217D
Chrome Cache Entry: 125	Web Open Font Format, TrueType, length 25328, version 1.0	1CE83DBA9B028D54997F401FCC88EE88	0477A4C45C0697562761469726762D136E9EB832	E63D9656C13BAF8786714C53106A0EC404CF8ED4A4B6038345D9029864A3ABB6
Chrome Cache Entry: 126	SVG Scalable Vector Graphics image	E8209D74AD093F151954A3820C12E5D8	12FBF39039F0182026ABAF8B0A22E75C9BB316F7	C80B9838465A2C5AA19E06C25631CD22D81DD8C76563875EBFB4D35304DFBA47
Chrome Cache Entry: 127	ASCII text, with very long lines (19093), with no line terminators	6E8B91CF85447803CC45A165B73683C2	CC925E8717502CD40238E4E3A65785AF07552370	509A5F695C5DE6465E83D342C272BE28BBD94D8D7A3C87869B85DBDC9F79DB79
Chrome Cache Entry: 128	JSON data	83B403D24FF5CD2FB7D1E31D9E0ED51C	4D0F2248042B947C1909B0081FF16EF33B79F1C2	051A850989BBA254B7C640D8758C05DD7E4662D69BEAE0601BFA2351C3F78E37
Chrome Cache Entry: 129	PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced	1B6D2DE2867A3E11063BA25AA1CD4209	BD20B0E089F31F35CBA4D0FA7277E73AA74D944C	95518CBEC0D55A574A9C8EF72A2A7D62AC0D40A4DE5DFE67A76A7D214DC8B743
Chrome Cache Entry: 130	ASCII text, with very long lines (21816), with no line terminators	40D7948D4B56594FCEC42FB794E09867	227FC17DB6489A0D3616C7DB9E9795B224F1A3DA	DB9C85B82C7FAF8449CE08DD17A8468DCB0D085D302D9B89098D4769EFABD50C
Chrome Cache Entry: 131	GIF image data, version 89a, 1 x 1	81144D75B3E69E9AA2FA3E9D83A64D03	F0FBC60B50EDF5B2A0B76E0AA0537B76BF346FFC	9B9265C69A5CC295D1AB0D04E0273B3677DB1A6216CE2CCF4EFC8C277ED84B39
Chrome Cache Entry: 132	ASCII text, with very long lines (33597)	AB6A4A1353FC0D25A859D01F147E1C6D	BAAD42496FD98E319AC151363B563BA1BF2695F6	CE6CC285EE03FBCF92027FE968BF8A18ED165A31A672A0B5161290FB0AA68624
Chrome Cache Entry: 133	ASCII text, with very long lines (65536), with no line terminators	7AE72AF78A6D64C12D462D5FA381BF88	141F4A5332E46B77F414496DDFECB67E7BB8C090	B412F66BF020969261EA9E4951120AE63E1062686AFB68870EAF8FDAF0705525
Chrome Cache Entry: 134	ASCII text, with very long lines (4751), with no line terminators	C51B5D318485406B1443DFD5F55D26D1	39B2CA9A74A822EE1E175FBBC4AB168510C40E0A	76929901D96CD6FE076F40739EE5B7C1208344B2012C3A39885BB6EE5897EFB8
Chrome Cache Entry: 135	ASCII text, with very long lines (19093), with no line terminators	6E8B91CF85447803CC45A165B73683C2	CC925E8717502CD40238E4E3A65785AF07552370	509A5F695C5DE6465E83D342C272BE28BBD94D8D7A3C87869B85DBDC9F79DB79
Chrome Cache Entry: 136	GIF image data, version 89a, 1 x 1	81144D75B3E69E9AA2FA3E9D83A64D03	F0FBC60B50EDF5B2A0B76E0AA0537B76BF346FFC	9B9265C69A5CC295D1AB0D04E0273B3677DB1A6216CE2CCF4EFC8C277ED84B39
Chrome Cache Entry: 137	ASCII text, with very long lines (22445)	1F896D98B7411583B15A172A513F2AA5	FA0A090E659190C28E40B25DDB080B7A52E99A61	ADE920FD5B00CD298AAE7978673A9A64D0BB3FA593D23E91994EC6B6723EBACE
Chrome Cache Entry: 138	ASCII text, with no line terminators	A0094E39DE0B68E9AC21CAE90999D537	D0EF791E38D86B2E4FDEF2081F58CBB9D84A6E43	499D9BC516011CCCCBD335A4DB17DD654E5AA9589FEDE5BD3BE41F06360DFA8B
Chrome Cache Entry: 139	PNG image data, 48 x 48, 8-bit colormap, non-interlaced	41A0E840AA47C87E19D2BFE0B1231C3F	B5F588CA91FC9E67B5EA658C5FF943B0639E57B9	A333D02EEDDE7A4DD8643D58B0EA7947268A1762F35F517EB6000EC9E7FCFAE8
Chrome Cache Entry: 140	ASCII text, with very long lines (20860), with no line terminators	24E17EF5B81B94206DE3FB8CEC4DD0F8	C3F81889356F799FAE0767BCD65F94D4060760D4	322B5234FDB6A83693945424907EE96DE13D4A2A5AA1678351149351033BB61A
Chrome Cache Entry: 141	ASCII text, with very long lines (65454)	7FAC7AC7D44509631D451FF395C84EC8	A9CB4EB095895E73B6FDED7865B6E53D688480CB	5741CFDCE631A1D7680787F5BC7AF5CFF3200A622C053AD676CC7D036C49C8D4
Chrome Cache Entry: 142	ASCII text, with very long lines (564)	7301F10E5D95F7E84072AE475108E15E	258EED273C669495AC66B85759957E9FF54162B0	912EB529C21009ECBC25C4839DB7B9764EEB4CBDCA49BB09C80966F0B76A02CE
Chrome Cache Entry: 143	ASCII text, with very long lines (65454)	7FAC7AC7D44509631D451FF395C84EC8	A9CB4EB095895E73B6FDED7865B6E53D688480CB	5741CFDCE631A1D7680787F5BC7AF5CFF3200A622C053AD676CC7D036C49C8D4
Chrome Cache Entry: 144	ASCII text, with very long lines (2343)	575B5480531DA4D14E7453E2016FE0BC	E5C5F3134FE29E60B591C87EA85951F0AEA36EE1	DE36E50194320A7D3EF1ACE9BD34A875A8BD458B253C061979DD628E9BF49AFD
Chrome Cache Entry: 145	Unicode text, UTF-8 text, with very long lines (49474), with no line terminators	BF11C9203A892FE6BE724AF6C26BF57D	CE9AD4448CEFBCCE7826F7E9CE4A0F3E35F0E158	7B450522C7D5671970102165D2D247AC3361CA320F2B09224D84E95005914F2A
Chrome Cache Entry: 146	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	6018807017AFEAD14417566F975FFDB4	2EE7C3239E4046E9567C8100DECD9ABE6093B79F	99AF6690771B7B62A1325D0C0B38A9A0300C18921E4877DCF38A239B9C977502
Chrome Cache Entry: 147	PNG image data, 32 x 32, 8-bit/color RGBA, non-interlaced	6018807017AFEAD14417566F975FFDB4	2EE7C3239E4046E9567C8100DECD9ABE6093B79F	99AF6690771B7B62A1325D0C0B38A9A0300C18921E4877DCF38A239B9C977502
Chrome Cache Entry: 148	HTML document, ASCII text	D7F862620CB2EFA2734845264AF198EB	28B2B818CAFBC67C7D4AC33E54E8EDF63C485D86	D3C7C4DBE9A235E7BA1DBFE981C2AF6E18B722EF684EF16EB08C4FC2A82A6627
Chrome Cache Entry: 149	ASCII text, with very long lines (3863), with no line terminators	88339B3D539FCA74C62B7E0C50A96894	5FE3B4DD6D7126A8E81F94318D73FE863ED74FB8	D84999D183797B4F966CB30922EA78D372A2572AE46E4EB91665C59F211A810C
Chrome Cache Entry: 150	ASCII text, with very long lines (799)	2C3950F122B3977DF61B0E077AAA92C8	7BBC3B129BB0F1320C6ECB67688DDC8F78EF6574	6082597F3871C77C9B31AA1383577F8C0E54CB5FF09275DC817BC70D96E6217D
Chrome Cache Entry: 151	ASCII text, with very long lines (564)	7301F10E5D95F7E84072AE475108E15E	258EED273C669495AC66B85759957E9FF54162B0	912EB529C21009ECBC25C4839DB7B9764EEB4CBDCA49BB09C80966F0B76A02CE
Chrome Cache Entry: 87	ASCII text, with very long lines (65454)	18BCF08AA92A78490F082FD6E040FB46	B3337E5A94CFD3DEC5659449617015B518A41865	FB9A3791B68B0693889A76C666CEAE106944D46385666FDB1F4F865EFC1D610F
Chrome Cache Entry: 88	JSON data	21A3BC7BEB959B528DBF92CDB0790420	B38E158BB0CC6569618AF9A628CB65C214E00804	5DEABAB9CB76F3693AF2FD55FE3564E36F7032CB9178797350EDD0240DE5A0C9
Chrome Cache Entry: 89	ASCII text, with very long lines (20860), with no line terminators	24E17EF5B81B94206DE3FB8CEC4DD0F8	C3F81889356F799FAE0767BCD65F94D4060760D4	322B5234FDB6A83693945424907EE96DE13D4A2A5AA1678351149351033BB61A
Chrome Cache Entry: 90	PNG image data, 2 x 1, 8-bit/color RGBA, non-interlaced	1B6D2DE2867A3E11063BA25AA1CD4209	BD20B0E089F31F35CBA4D0FA7277E73AA74D944C	95518CBEC0D55A574A9C8EF72A2A7D62AC0D40A4DE5DFE67A76A7D214DC8B743
Chrome Cache Entry: 91	HTML document, ASCII text	7357DA9ECD5088752D4BB8ED7750FF3A	21AFF2D2B0FCE64E3E6559243942D5A41FB767EA	DB20024F333D5CCFF5F562A96974048E75B9ED1E37C72BB7870792D0B6DA1DE7
Chrome Cache Entry: 92	SVG Scalable Vector Graphics image	E8209D74AD093F151954A3820C12E5D8	12FBF39039F0182026ABAF8B0A22E75C9BB316F7	C80B9838465A2C5AA19E06C25631CD22D81DD8C76563875EBFB4D35304DFBA47
Chrome Cache Entry: 93	JSON data	B04CD3F8043EF04F417D4B0E4BCBBC03	88F259A4AE3045409B3657E7D7A791D321BA9DCE	59E58524340CD7AD353BE010374B124C242FDDE10A0ED41047FE2FD4BB9E5A2E
Chrome Cache Entry: 94	ASCII text, with very long lines (57657), with no line terminators	4CFB9C72F58604193C36DF52D6186DA9	A1D4AEAEF1B488FAAE3DCADEEC8BB5B11D96605A	D7E5334EEAC9F460FC5D9BC52FF8C323D3CE72A83EFB4F6A027C4A0CCA48B29E
Chrome Cache Entry: 95	ASCII text, with very long lines (65454)	18BCF08AA92A78490F082FD6E040FB46	B3337E5A94CFD3DEC5659449617015B518A41865	FB9A3791B68B0693889A76C666CEAE106944D46385666FDB1F4F865EFC1D610F
Chrome Cache Entry: 96	ASCII text, with very long lines (22445)	1F896D98B7411583B15A172A513F2AA5	FA0A090E659190C28E40B25DDB080B7A52E99A61	ADE920FD5B00CD298AAE7978673A9A64D0BB3FA593D23E91994EC6B6723EBACE
Chrome Cache Entry: 97	Unicode text, UTF-8 text, with very long lines (19293), with NEL line terminators	BE56A3F6FA7BFD736B4E3FFA8E87FEBA	54DE4B3D722D4D3CAB954536B2677F76A45C522E	F7D55CEC513A1E60367EC69CE4314247FA275F87C01525D389E5E550BE23DCAE
Chrome Cache Entry: 98	ASCII text, with very long lines (65536), with no line terminators	BCE014674AE1B9761DF9100F6C5A7B1B	2370DFFEE92EC8E3CDCE004B40BBE8B94B40F391	1FFE6ABA19A7038F690AFBB7301636973DDE6152014A1A587E3BA61D1BB30E37
Chrome Cache Entry: 99	Unicode text, UTF-8 text, with very long lines (19293), with NEL line terminators	BE56A3F6FA7BFD736B4E3FFA8E87FEBA	54DE4B3D722D4D3CAB954536B2677F76A45C522E	F7D55CEC513A1E60367EC69CE4314247FA275F87C01525D389E5E550BE23DCAE

HTML body contains low number of good links

Source: https://account.booking.com/register/password

HTTP Parser: Number of links: 1

HTML body contains password input but no form action

Source: https://account.booking.com/	HTTP Parser: <input type="password" .../> found but no <form action="...
Source: https://account.booking.com/register/password	HTTP Parser: <input type="password" .../> found but no <form action="...

Source: https://account.booking.com/	HTTP Parser: Iframe src: https://www.booking.com/cookiebanner.html
Source: https://account.booking.com/register/password	HTTP Parser: Iframe src: https://www.booking.com/cookiebanner.html

Source: https://account.booking.com/	HTTP Parser: <input type="password" .../> found
Source: https://account.booking.com/register/password	HTTP Parser: <input type="password" .../> found

Source: https://account.booking.com/	HTTP Parser: No favicon
Source: https://account.booking.com/	HTTP Parser: No favicon
Source: https://account.booking.com/register/password	HTTP Parser: No favicon
Source: https://account.booking.com/register/password	HTTP Parser: No favicon
Source: https://account.booking.com/register/password	HTTP Parser: No favicon
Source: https://account.booking.com/register/password	HTTP Parser: No favicon

Source: https://account.booking.com/	HTTP Parser: No <meta name="author".. found
Source: https://account.booking.com/register/password	HTTP Parser: No <meta name="author".. found

Source: https://account.booking.com/	HTTP Parser: No <meta name="copyright".. found
Source: https://account.booking.com/register/password	HTTP Parser: No <meta name="copyright".. found

Source: unknown	HTTPS traffic detected: 2.18.109.164:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.18.109.164:443 -> 192.168.2.4:49743 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.4:49770 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.4:49923 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.4:49926 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.4:49972 version: TLS 1.2

Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 173.222.162.32
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 2.18.109.164
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 217.20.56.98
Source: unknown	TCP traffic detected without corresponding DNS query: 217.20.56.98
Source: unknown	TCP traffic detected without corresponding DNS query: 217.20.56.98
Source: unknown	TCP traffic detected without corresponding DNS query: 217.20.56.98
Source: unknown	TCP traffic detected without corresponding DNS query: 217.20.56.98
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 4.245.163.56
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.63
Source: unknown	TCP traffic detected without corresponding DNS query: 13.107.246.63

Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: account.booking.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: noneSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: documentsec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /fs/windows/config.json HTTP/1.1Connection: Keep-AliveAccept: /Accept-Encoding: identityIf-Unmodified-Since: Tue, 16 May 2017 22:58:00 GMTRange: bytes=0-2147483646User-Agent: Microsoft BITS/7.8Host: fs.microsoft.com
Source: global traffic	HTTP traffic detected: GET /consent/a387750c-a080-4dd0-b2d1-7dbdb601bb14/OtAutoBlock.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/709_c32002792e35c69191e8.css HTTP/1.1Host: cf.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/704_9a0ec8d2f80e7d346616.css HTTP/1.1Host: cf.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/629_a83b0423500bf7bdde4f.css HTTP/1.1Host: cf.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/57_a194fd9bf3b476d89299.css HTTP/1.1Host: cf.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: text/css,/;q=0.1Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: styleReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/runtime~index_a9240719fc64a8f3ef82.js HTTP/1.1Host: cf.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/54_97d049b4c4a1c2f7cfdb.js HTTP/1.1Host: cf.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/fvtrpw.gif HTTP/1.1Host: account.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_ap=U2FsdGVkX19akrxw8nLaaIrnHelZlZZoZM0qgYmUXwg8GpSRVjghZi1Ekqaf8H6WpZnQBUXr1KO9%0Al71OwtxybQ%3D%3D%0A; bkng_sso_ses=e30; bkng_ap_sso_session=eyJib29raW5nX2dsb2JhbCI6eyJzZXNzaW9ucyI6W10sImRhdGFfc3ViamVjdF9pZCI6ImExN2JjZmJkLTNkN2QtNGY3OC04NTM4LTdmZDFhYTkxZmZhZiJ9fQ; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t
Source: global traffic	HTTP traffic detected: GET /libs/privacy-consent/1.0.0/customer/cookie-banner.min.js HTTP/1.1Host: www.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /consent/a387750c-a080-4dd0-b2d1-7dbdb601bb14/OtAutoBlock.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/709_bad9882915aa6a1c2b70.js HTTP/1.1Host: cf.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/runtime~index_a9240719fc64a8f3ef82.js HTTP/1.1Host: cf.bstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/704_e7ede50c1fdac354671b.js HTTP/1.1Host: cf.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/624_96ca1b056e9464729f28.js HTTP/1.1Host: cf.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/54_97d049b4c4a1c2f7cfdb.js HTTP/1.1Host: cf.bstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /_/fvtrpw.gif HTTP/1.1Host: account.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; bkng_ap_sso_session=eyJib29raW5nX2dsb2JhbCI6eyJzZXNzaW9ucyI6W10sImRhdGFfc3ViamVjdF9pZCI6ImExN2JjZmJkLTNkN2QtNGY3OC04NTM4LTdmZDFhYTkxZmZhZiJ9fQ; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; bkng_ap=U2FsdGVkX1%2F5cBjR%2BytXTDTzb5hP6TZ8wixc4LQO58EBgSHtpw0NITJz5REb7jVy2duOUSB0PtL0%0AVESWnGSO4w%3D%3D%0A
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/987_175b3de059909b49ef78.js HTTP/1.1Host: cf.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /libs/privacy-consent/1.0.0/customer/cookie-banner.min.js HTTP/1.1Host: www.bstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/629_b3ab60a933ee60003b06.js HTTP/1.1Host: cf.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/133_878a17a1dd9684883a3d.js HTTP/1.1Host: cf.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/987_175b3de059909b49ef78.js HTTP/1.1Host: cf.bstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/991_a6ad99ceec88bdd4c73c.js HTTP/1.1Host: cf.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/624_96ca1b056e9464729f28.js HTTP/1.1Host: cf.bstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/index_b606a6e5896516848e89.js HTTP/1.1Host: cf.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/704_e7ede50c1fdac354671b.js HTTP/1.1Host: cf.bstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/133_878a17a1dd9684883a3d.js HTTP/1.1Host: cf.bstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/709_bad9882915aa6a1c2b70.js HTTP/1.1Host: cf.bstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/629_b3ab60a933ee60003b06.js HTTP/1.1Host: cf.bstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /SLS/%7B522D76A4-93E1-47F8-B8CE-07C937AD1A1E%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=phmhfH7UPSs95rn&MD=Ha+zLtAd HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/991_a6ad99ceec88bdd4c73c.js HTTP/1.1Host: cf.bstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /psb/accountsportal/assets/index_b606a6e5896516848e89.js HTTP/1.1Host: cf.bstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cookiebanner.html HTTP/1.1Host: www.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-User: ?1Sec-Fetch-Dest: iframeReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t
Source: global traffic	HTTP traffic detected: GET /backend_static/common/flags/new/48-squared/us.png HTTP/1.1Host: q-xx.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /design-assets/assets/v3.58.1/fonts-brand/BookingExtraBold.woff HTTP/1.1Host: t-cf.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Origin: https://account.booking.comsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: fontReferer: https://cf.bstatic.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /libs/acc-clientlib/v5/clientlib.js HTTP/1.1Host: xx.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/otSDKStub.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /js-metric HTTP/1.1Host: account.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; bkng_ap_sso_session=eyJib29raW5nX2dsb2JhbCI6eyJzZXNzaW9ucyI6W10sImRhdGFfc3ViamVjdF9pZCI6ImExN2JjZmJkLTNkN2QtNGY3OC04NTM4LTdmZDFhYTkxZmZhZiJ9fQ; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; bkng_ap=U2FsdGVkX19jZ%2BgJ5OwhKw%2FtfIQ49V4CPyDNSDTwG7dsMttmLlQEgrQa6Aepz0oPGpvN9nSS5IB%2B%0AsvWpV4T%2Fxg%3D%3D%0A; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbKE7bjkbYWzk5unL0%2B7dFndR92ych2FQP8o5qWZtjqT36rKOtZgWEtwlNirpSPQsYaLoz6yyJCcL10%2BXuQ4T5GVJlHstrRF%2FFM2Q720eEDhtw4B22TX3wnSjWC%2BjdtRXtJpXZiMdlymz3pagF9t6tOGCJeguZuNyx
Source: global traffic	HTTP traffic detected: GET /d8c14d4960ca/c2181391033f/challenge.js HTTP/1.1Host: d8c14d4960ca.edge.sdk.awswaf.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /backend_static/common/flags/new/48-squared/us.png HTTP/1.1Host: q-xx.bstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /libs/acc-clientlib/v5/clientlib.js HTTP/1.1Host: xx.bstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/otSDKStub.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /consent/a387750c-a080-4dd0-b2d1-7dbdb601bb14/a387750c-a080-4dd0-b2d1-7dbdb601bb14.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://account.booking.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /a9hs5a4xjv22puki.js?v5pg8okhz744zguf=doregtzf&fvnf8qc8zzjqzym2=43d59af6-e3da-487e-bfc0-caaf3b30acb6 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbKE7bjkbYWzk5unL0%2B7dFndR92ych2FQP8o5qWZtjqT36rKOtZgWEtwlNirpSPQsYaLoz6yyJCcL10%2BXuQ4T5GVJlHstrRF%2FFM2Q720eEDhtw4B22TX3wnSjWC%2BjdtRXtJpXZiMdlymz3pagF9t6tOGCJeguZuNyx
Source: global traffic	HTTP traffic detected: GET /c360/v1/track HTTP/1.1Host: www.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D
Source: global traffic	HTTP traffic detected: GET /js-metric HTTP/1.1Host: account.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; bkng_ap_sso_session=eyJib29raW5nX2dsb2JhbCI6eyJzZXNzaW9ucyI6W10sImRhdGFfc3ViamVjdF9pZCI6ImExN2JjZmJkLTNkN2QtNGY3OC04NTM4LTdmZDFhYTkxZmZhZiJ9fQ; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; bkng_ap=U2FsdGVkX19jZ%2BgJ5OwhKw%2FtfIQ49V4CPyDNSDTwG7dsMttmLlQEgrQa6Aepz0oPGpvN9nSS5IB%2B%0AsvWpV4T%2Fxg%3D%3D%0A; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbKE7bjkbYWzk5unL0%2B7dFndR92ych2FQP8o5qWZtjqT36rKOtZgWEtwlNirpSPQsYaLoz6yyJCcL10%2BXuQ4T5GVJlHstrRF%2FFM2Q720eEDhtw4B22TX3wnSjWC%2BjdtRXtJpXZiMdlymz3pagF9t6tOGCJeguZuNyx
Source: global traffic	HTTP traffic detected: GET /d8c14d4960ca/c2181391033f/challenge.js HTTP/1.1Host: d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /consent/a387750c-a080-4dd0-b2d1-7dbdb601bb14/a387750c-a080-4dd0-b2d1-7dbdb601bb14.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cookieconsentpub/v1/geo/location HTTP/1.1Host: geolocation.onetrust.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"accept: application/jsonsec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://account.booking.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /cookieconsentpub/v1/geo/location HTTP/1.1Host: geolocation.onetrust.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /T6pHM1Kv1256ky7p?3d2230f7d2a8115c=1d04QixAcLsmMxe1NApuBHDtg8ZUutfGZ5yhDKrZs7AHvWtQNKBtNKgbkxoChMA5IGauAuhuKE3cy9XOUNbrQ9ZQ5rAmVWjtJEXJc6A9sNFmYXfUJvSeI8BtTYE09q2jyyZgsckA-oCAR_aUHYP4idJP4qnplWG73OIZyRM25FZUXHLjkDGNUSpyQLQZpRfrTNqOeL1e5rR9ieir&jb=353b262662736d7735576b6e6467777b246a7b6d3f556966666f7771273032313024687162773d4360726d6f6d26687362354360706f6567273030393337 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAy47yZlXFLAhePZSSt535xRrxFOfSU7bwEsbO04_1e38VW3qaz8JBDtDk9AR212ybSWjVlnV6HJlctGGzj1pjj0x0EdXw
Source: global traffic	HTTP traffic detected: GET /a9hs5a4xjv22puki.js?v5pg8okhz744zguf=doregtzf&fvnf8qc8zzjqzym2=43d59af6-e3da-487e-bfc0-caaf3b30acb6 HTTP/1.1Host: asanalytics.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAy47yZlXFLAhePZSSt535xRrxFOfSU7bwEsbO04_1e38VW3qaz8JBDtDk9AR212ybSWjVlnV6HJlctGGzj1pjj0x0EdXw
Source: global traffic	HTTP traffic detected: GET /tGNM_W8j9T_L5CC9?114e19a2bbfc6044=15J5dmbBUeqIQX0jd-7KOALK-LuXffFvInmoYquIZxxNrUeBTtpR6KUeB2Q9xaAakUKnuzJ5LaWMx0wedgHASe56cw6QbT35oPL0BMr0bNP19aAMfTF4Mp_vtNhRlFpPhNEyphbmIcyI9C3xJbo3_HbisPx3kLD9w4f9dD4 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAy47yZlXFLAhePZSSt535xRrxFOfSU7bwEsbO04_1e38VW3qaz8JBDtDk9AR212ybSWjVlnV6HJlctGGzj1pjj0x0EdXw
Source: global traffic	HTTP traffic detected: GET /js-metric HTTP/1.1Host: account.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; bkng_ap_sso_session=eyJib29raW5nX2dsb2JhbCI6eyJzZXNzaW9ucyI6W10sImRhdGFfc3ViamVjdF9pZCI6ImExN2JjZmJkLTNkN2QtNGY3OC04NTM4LTdmZDFhYTkxZmZhZiJ9fQ; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; bkng_ap=U2FsdGVkX19jZ%2BgJ5OwhKw%2FtfIQ49V4CPyDNSDTwG7dsMttmLlQEgrQa6Aepz0oPGpvN9nSS5IB%2B%0AsvWpV4T%2Fxg%3D%3D%0A; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D
Source: global traffic	HTTP traffic detected: GET /pqF3nGsAyelKT7zM?01c290fe34e6d07b=HlW_oNRa-UbKE1D5iCNafqheOkVg-zuMyanoIWmKrvHVBIXnUlAVpQ44j_XGdi-QYLu4l767TNwZIMd3lGlVTueGL4a-IghokefHIbCphdCWh1-IkClLv1pCjHDy8DAKaxhG8AbB6iHKWB5EwhUe0O3VKVdNuhh1SLyTgGQ HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAy47yZlXFLAhePZSSt535xRrxFOfSU7bwEsbO04_1e38VW3qaz8JBDtDk9AR212ybSWjVlnV6HJlctGGzj1pjj0x0EdXw
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202408.1.0/otBannerSdk.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /tGNM_W8j9T_L5CC9?114e19a2bbfc6044=15J5dmbBUeqIQX0jd-7KOALK-LuXffFvInmoYquIZxxNrUeBTtpR6KUeB2Q9xaAakUKnuzJ5LaWMx0wedgHASe56cw6QbT35oPL0BMr0bNP19aAMfTF4Mp_vtNhRlFpPhNEyphbmIcyI9C3xJbo3_HbisPx3kLD9w4f9dD4 HTTP/1.1Host: asanalytics.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /pqF3nGsAyelKT7zM?01c290fe34e6d07b=HlW_oNRa-UbKE1D5iCNafqheOkVg-zuMyanoIWmKrvHVBIXnUlAVpQ44j_XGdi-QYLu4l767TNwZIMd3lGlVTueGL4a-IghokefHIbCphdCWh1-IkClLv1pCjHDy8DAKaxhG8AbB6iHKWB5EwhUe0O3VKVdNuhh1SLyTgGQ HTTP/1.1Host: asanalytics.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /api/identity/authenticate/v1.0/otp/is-enabled HTTP/1.1Host: account.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; bkng_ap_sso_session=eyJib29raW5nX2dsb2JhbCI6eyJzZXNzaW9ucyI6W10sImRhdGFfc3ViamVjdF9pZCI6ImExN2JjZmJkLTNkN2QtNGY3OC04NTM4LTdmZDFhYTkxZmZhZiJ9fQ; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; bkng_ap=U2FsdGVkX19jZ%2BgJ5OwhKw%2FtfIQ49V4CPyDNSDTwG7dsMttmLlQEgrQa6Aepz0oPGpvN9nSS5IB%2B%0AsvWpV4T%2Fxg%3D%3D%0A; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D
Source: global traffic	HTTP traffic detected: GET /d8c14d4960ca/c2181391033f/challenge.js HTTP/1.1Host: d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /T6pHM1Kv1256ky7p?3d2230f7d2a8115c=1d04QixAcLsmMxe1NApuBHDtg8ZUutfGZ5yhDKrZs7AHvWtQNKBtNKgbkxoChMA5IGauAuhuKE3cy9XOUNbrQ9ZQ5rAmVWjtJEXJc6A9sNFmYXfUJvSeI8BtTYE09q2jyyZgsckA-oCAR_aUHYP4idJP4qnplWG73OIZyRM25FZUXHLjkDGNUSpyQLQZpRfrTNqOeL1e5rR9ieir&jb=353b262662736d7735576b6e6467777b246a7b6d3f556966666f7771273032313024687162773d4360726d6f6d26687362354360706f6567273030393337 HTTP/1.1Host: asanalytics.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /fp/clear.png HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"Accept: /, doregtzf/f6dcc65ee3c828f243d59af6-e3da-487e-bfc0-caaf3b30acb6sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Origin: https://account.booking.comSec-Fetch-Site: same-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rmP2YqmKi1PE6WUH?038c08b040b86474=Oj-y5ZSi8HgFCNUcQHmDQ36xFTJqcQIs9d-pDYEcs2ztWotlomSpLZo6RphtaDZpva9Gx4ttTk6NlCQXFzMJUMpVorDI76xa5N6t52rpQakn9GygjygKmGwvXiCiRIASGGMvaA1nMl8DytmkpJHd4BBe8c1L8dkG_gJBNKVPq1RpuZzvFYp-g0IMiKrsA0mGKzB9T6rCshQk-nVVJ88 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /DzDg5opN2juRAsrB?092f0c70ca0e3e9f=hJPeq60bHTcENM2tWVOjlG05NkAuhvg-7IGMEph-N6SKG4C6ccmKTuKdkTg7vvZDEtp3wUPvHJiVxa7GIt0toZN9f_O8Lv_J7OIqOBu6SCjp7JcgqrmaIw9OmMp-0Y6FQqdw3He9dhJmhnPhzPZb6GRzMo7PyBhqvi0J3Wx3zUNY8IM3EEor-N5Ind_e8FRqg3EgC64RMveVNPx8cPXl HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: same-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /kyqRRUMu-GFzfYhf?ff02f82bc3d39c3d=eMxHlyE2Z5erGsvI3T0z8SQp802xhEjTHu1pAjvU8peUxGSJO8-1GGEFjk2hhjlUI3HEVCtJEgzofLY6D8-NBSn-AnO_Pmrpdyn5Pxeg4eurzL0GmXQUDrxlwBywVMfIOlpHRmKE4862cIgL8alsHUrbLqjGtw-gUNYMkZEQaBRdRAArHKIhNAD0qOWNHhD7x8f7eYkssiBCskuMe2ZX HTTP/1.1Host: h.online-metrix.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0sec-ch-ua-platform: "Windows"Upgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Sec-Fetch-Site: cross-siteSec-Fetch-Mode: navigateSec-Fetch-Dest: iframeReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202408.1.0/otBannerSdk.js HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /consent/a387750c-a080-4dd0-b2d1-7dbdb601bb14/0191ffb2-0224-7614-89a9-ce4becc49775/en-us.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://account.booking.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-oHbtURoEkKRYMoO?c28be1dcf9880429=uMrb-z-xWyzTksWwCzpBUlTjkR5JD-5c0pGKTa30NzZ8sv1OBpxFlGdJXcwn22YdFATlGp5aPlhWhgSOSaW4SO1HOJcDSnawyDKi0o4U9PBgatyDTLq0zonM-xSvgBZPJuLND8ZoAtRI1VHncsQQCRu1P9ET_KgK8RQPRUhM4-RRMvQ HTTP/1.1Host: h.online-metrix.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /api/identity/authenticate/v1.0/enter/email/submit HTTP/1.1Host: account.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; bkng_ap=U2FsdGVkX19jZ%2BgJ5OwhKw%2FtfIQ49V4CPyDNSDTwG7dsMttmLlQEgrQa6Aepz0oPGpvN9nSS5IB%2B%0AsvWpV4T%2Fxg%3D%3D%0A; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; bkng_ap_sso_session=eyJib29raW5nX2dsb2JhbCI6eyJkYXRhX3N1YmplY3RfaWQiOiJhMTdiY2ZiZC0zZDdkLTRmNzgtODUzOC03ZmQxYWE5MWZmYWYiLCJzZXNzaW9ucyI6W119fQ
Source: global traffic	HTTP traffic detected: GET /ue8eZwwBYhIaJjN1?dd914517a5d3e626=2wIikL3VyDl-LOyNCkYfgOR80rkSoOy8lackkErbcCDRT1qBf6jjcWDLf1p2JiBYuN_qYD_0gnWcsCqeXlR3pC-ad_YazT9omLg7q-qTjF1jJ-kv8AmeM9W2e5QtidwQWBjdoYnjh1hbPLg1IRzeNUfOKF0&jb=3334266c7b613f363e633738323d393060373d363b666431306437343133663536636667353238 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /fp/clear.png HTTP/1.1Host: asanalytics.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /70mNEHSK0UfSXw0Z?936751dab1490cfe=YV5ThCvsZWcGpJwfx8S7op8Rt0VY_A_cbb_EfjmlI8sZE9OxcYhbXgFBxJouLiaPZb-v0NqAgOF4OKHe1pSpWbk7ucPR0_lKhPCjte2IFeaiMa5k7CKpkod7TQmCeFfDiEJdDvF_6AL8-Y8Tz3jGfcVviFk&jf=3334266c7b623f643f6267326338613b3b32393636353431356531303634663536673b32323b37 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://asanalytics.booking.com/rmP2YqmKi1PE6WUH?038c08b040b86474=Oj-y5ZSi8HgFCNUcQHmDQ36xFTJqcQIs9d-pDYEcs2ztWotlomSpLZo6RphtaDZpva9Gx4ttTk6NlCQXFzMJUMpVorDI76xa5N6t52rpQakn9GygjygKmGwvXiCiRIASGGMvaA1nMl8DytmkpJHd4BBe8c1L8dkG_gJBNKVPq1RpuZzvFYp-g0IMiKrsA0mGKzB9T6rCshQk-nVVJ88Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /c_qAOM6DvykERGlN?c95106941d0de769=-4TlFyZFRv4L4DWzaBqf2PbjhjxxraU6a-vo8CevmKqmkWY3xKg8ai_rvUS_AAoS30ywNzu8L4Rdr7s_SwB4ZM3JiYcdEhV-yC1_jiNmjycYeg6X5EcnPQ0jgdlKuMm0hqmFmeTyl1dK3TLcWQWh1g&fr HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-originSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://asanalytics.booking.com/rmP2YqmKi1PE6WUH?038c08b040b86474=Oj-y5ZSi8HgFCNUcQHmDQ36xFTJqcQIs9d-pDYEcs2ztWotlomSpLZo6RphtaDZpva9Gx4ttTk6NlCQXFzMJUMpVorDI76xa5N6t52rpQakn9GygjygKmGwvXiCiRIASGGMvaA1nMl8DytmkpJHd4BBe8c1L8dkG_gJBNKVPq1RpuZzvFYp-g0IMiKrsA0mGKzB9T6rCshQk-nVVJ88Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /d8c14d4960ca/c2181391033f/verify HTTP/1.1Host: d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /consent/a387750c-a080-4dd0-b2d1-7dbdb601bb14/0191ffb2-0224-7614-89a9-ce4becc49775/en-us.json HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202408.1.0/assets/otCommonStyles.css HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Origin: https://account.booking.comSec-Fetch-Site: cross-siteSec-Fetch-Mode: corsSec-Fetch-Dest: emptyReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-oHbtURoEkKRYMoO?8cad62a260ff4642=uMrb-z-xWyzTksWwCzpBUlTjkR5JD-5c0pGKTa30NzZ8sv1OBpxFlGdJXcwn22YdFATlGp5aPlhWhgSOSaW4SO1HOJcDSnawyDKi0o4U9PBgatyDTLq0zonM-xSvgBZPJuLND_J6jTIGoo3DU0a_8mwS8lA&k=2 HTTP/1.1Host: h.online-metrix.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: thx_global_guid=0be6946ae2ba4b3eb338a51c8a885415
Source: global traffic	HTTP traffic detected: GET /js-track HTTP/1.1Host: account.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; bkng_ap=U2FsdGVkX19jZ%2BgJ5OwhKw%2FtfIQ49V4CPyDNSDTwG7dsMttmLlQEgrQa6Aepz0oPGpvN9nSS5IB%2B%0AsvWpV4T%2Fxg%3D%3D%0A; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; bkng_ap_sso_session=eyJib29raW5nX2dsb2JhbCI6eyJkYXRhX3N1YmplY3RfaWQiOiJhMTdiY2ZiZC0zZDdkLTRmNzgtODUzOC03ZmQxYWE5MWZmYWYiLCJzZXNzaW9ucyI6W119fQ; aws-waf-token=4d982762-a2af-4535-90e5-e6f600c49852:EQoAj4NspngYAQAA:QE9b6by8wnhUOSA+zDuwnfIQUfTGBlmw2Q/p0OXiaKrwBKgsgCqDjLrCD84srKrTKQjtBCqYky4CHwaEdFvLBLPeQC1jDS6HrB/PcmazLW1Ez0FuSMGTQa47o6ugneWTZVI1rQOPO4ob4k811U+beydAW7hom4bq/OVTkIABGyJrhtry6ctbSHi79LZOiBwO01MuCIrSX5hsCZ4fjwtRxPJM8Mk=; OptanonConsent=isGpcEnabled=0&datestamp=Mon+Nov+25+2024+10%3A39%3A15+GMT-0500+(Eastern+Standard+Time)&version=202408.1.0&browserGpcFlag=0&isIABGlobal=false&hosts=&consentId=edd61b56-69cc-4252-884c-e6e1bf4e51db&interactionCount=0&isAnonUser=1&landingPath=https%3A%2F%2Faccount.booking.com%2Fregister%2Fpassword
Source: global traffic	HTTP traffic detected: GET /KN7bd6BuOyWq7gIO?09e1639219b24b5e=zPYl3mKODxpFm8KyJ2lg64bZiakNTp6tueDoCmyXlmsr5X7-EReqwnjNy2P9hwlh-gQisulmvummMXNVPr4ie3p6ckjtZiR0mMKOZQF2LGWkixmE0tyRWLcAlu2PlAGIml4KHgh8X8ILqpLDCdvCfg HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /ue8eZwwBYhIaJjN1?dd914517a5d3e626=2wIikL3VyDl-LOyNCkYfgOR80rkSoOy8lackkErbcCDRT1qBf6jjcWDLf1p2JiBYuN_qYD_0gnWcsCqeXlR3pC-ad_YazT9omLg7q-qTjF1jJ-kv8AmeM9W2e5QtidwQWBjdoYnjh1hbPLg1IRzeNUfOKF0&jb=3334266c7b613f363e633738323d393060373d363b666431306437343133663536636667353238 HTTP/1.1Host: asanalytics.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /70mNEHSK0UfSXw0Z?936751dab1490cfe=YV5ThCvsZWcGpJwfx8S7op8Rt0VY_A_cbb_EfjmlI8sZE9OxcYhbXgFBxJouLiaPZb-v0NqAgOF4OKHe1pSpWbk7ucPR0_lKhPCjte2IFeaiMa5k7CKpkod7TQmCeFfDiEJdDvF_6AL8-Y8Tz3jGfcVviFk&jf=3334266c7b623f643f6267326338613b3b32393636353431356531303634663536673b32323b37 HTTP/1.1Host: asanalytics.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /c_qAOM6DvykERGlN?c95106941d0de769=-4TlFyZFRv4L4DWzaBqf2PbjhjxxraU6a-vo8CevmKqmkWY3xKg8ai_rvUS_AAoS30ywNzu8L4Rdr7s_SwB4ZM3JiYcdEhV-yC1_jiNmjycYeg6X5EcnPQ0jgdlKuMm0hqmFmeTyl1dK3TLcWQWh1g&fr HTTP/1.1Host: asanalytics.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /scripttemplates/202408.1.0/assets/otCommonStyles.css HTTP/1.1Host: cdn.cookielaw.orgConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ue8eZwwBYhIaJjN1?dd914517a5d3e626=2wIikL3VyDl-LOyNCkYfgOR80rkSoOy8lackkErbcCDRT1qBf6jjcWDLf1p2JiBYuN_qYD_0gnWcsCqeXlR3pC-ad_YazT9omLg7q-qTjF1jJ-kv8AmeM9W2e5QtidwQWBjdoYnjh1hbPLg1IRzeNUfOKF0&ja=313b30332e26613f2533323026723d3e32266e3f333038387a313030362463663d33303a307a39383c26717a713d3278302e6478703d392e333038382e313030362e333238322e3b38362c313a38322e3130352c313a38382e3930362e322c38246d743f3035643531663133343b65366a66303231623436626c3330356238636431633c246d6e3f30247163643f3036266e683d607476727b253141253a462d30466961616d7566762e626d6d696b6e672c616d6d2732462e706e3f3d2672683d6d383830646e63373735393b33663667606738393b31676236613931323b326c266a683d3d633d61383a6736363038613534603663606238616431343038353c3560323b2668736f3557616c646775712732383330266871603f4368706d6f652732303931352462736d753d5f6966666f7f712468736a773d436a706d6f65266c6a613d36266e6c6d3f3a2e6e6f747035302e767a6c3f436f657a6b63612730444c65775d5b6d7269266d69746a7035343230336c316b30626d613230653e6163353432323a3261663337353630316e64363730383334316c366d63613a366661393c636662663530313133333b34612464723568767678732733412d324e27324e6361616f7d6c742e606d6d69696e652c616f6f25324e26723f786c776769665f6e6e617b6a2737456e636c736723726e75676b6c5d776b6e646777715d656566696157706463796d702737456e636c736723726e75676b6c5d61666f626d5f63617a6f6061742d354d64616471672370647767696c5d7377696369766b6d6725354d66636e7b6523706c7d67616c5f7b6a6d616b7f63766527374764616c716723706e7567616e5d706d616e706c69796d70253d4764636c7b6721706e77656b6e5f746e615f726c61716570273d4564616c7b6529726c7d656b6c5f6c6776616e747027354564636e736721706475656b665f71766757766167776d702737456e636c736723726e75676b6c5d6a6376612d354764696c7165266f6c57613d7f6760656c5f6762474e273032312e322730302a4f706d6e454e2d323245532d3238302e382730324360706f6d6b776f2b576560454e2530304744534e273a304753253a30392c302d30322a4f78676e474e2730324553273032474e534c2d3232475b2530303126302d30304b6a706d6d61776d295567604969745567604b6b74253a3055676a474e414e4f4c4d5d69667176636e6b67645f6370706379732731402530304550545d6064656c645f6569666f6170273140253a324558565d616d6c6f705d60756466657a5f6a6364665d666c67617c27334a2730324550565f666e6d63765f626e676c642733422d32324750545d6672696757666578766a27334a273230475a565d7368636667725d7465707477706d5f6e6f642d334a273238475a565f7c6778747770675d636f6f727065717369676e5d6078746125334a253a324550565d766570767572675d616d6d70706771736b6f6e577265766b253142253a304d5a545776677a747d70655f646b6e7665725d636c69716f747a6f726b6b253142253a304d5a5457715045422d31422530324d47535f676e676d676e7457696c666d785d756966742d31422d30324d455b5d66626d5d70676e6467705d6d6b706d697027314a2530304f4d53577174696c6663726c5d6465706b74637469746771253142253a304d475b5f7665787c757a675f6e6e6d63742d31422530324d47535f76677a7477726557666e6d69745d6c6966656970253b402730304747535f76677a767572675d6a616e665f6e6c6d637c253142253a304747535776677a747d70655f6a636e645f666e6d63745d6c69666563702d33402532384f4d515f7e67707665705d617270637b5d6f62686761742733422d3232554d42454c5f6b6f646d7257607764666d705f666e6d63762533
Source: global traffic	HTTP traffic detected: GET /8ntGuSSDjZCAqIks?bbd0db59142b04bf=cw3jRNj2tSYLi0XaIt08Y6m7vaWvYQBrgyzBnwU9O5DgoAJeWFX6xFdFUed_uXV2Gem5-O52FUFfByodQzEhTOHu-O2kvG3C7M-EX8dXbm9F5BbS9bfRkU1jwNIMXfoejlO2iSyz9fosMiJ-Wmz3yQagec1Qj4e1 HTTP/1.1Host: h64.online-metrix.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/img/favicon.svg HTTP/1.1Host: xx.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /-oHbtURoEkKRYMoO?8cad62a260ff4642=uMrb-z-xWyzTksWwCzpBUlTjkR5JD-5c0pGKTa30NzZ8sv1OBpxFlGdJXcwn22YdFATlGp5aPlhWhgSOSaW4SO1HOJcDSnawyDKi0o4U9PBgatyDTLq0zonM-xSvgBZPJuLND_J6jTIGoo3DU0a_8mwS8lA&k=2 HTTP/1.1Host: h.online-metrix.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: thx_global_guid=0be6946ae2ba4b3eb338a51c8a885415
Source: global traffic	HTTP traffic detected: GET /K4ef-Qxf66Ie_55D?1a371f6204d6afce=pcoL9cwR2ipcHup2-SG6rp1j_W-d1225R3CZ4ZXQPNUtVj0y16svqnIb_DAovxSc82KqVyuzbqTkFkKqlz5uMNuPXHAap07M62H1QTtcBqstqMbf7KE33r9m_8WvIGBBQzsUOn57iKZnMl-k1yITv6TUFutghfGecXss HTTP/1.1Host: doregtzf532izs3wyphrvyjbjhgmirxmhw7wjlzuf6dcc65ee3c828f2am1.e.aa.online-metrix.netConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /d8c14d4960ca/c2181391033f/telemetry HTTP/1.1Host: d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /KN7bd6BuOyWq7gIO?09e1639219b24b5e=zPYl3mKODxpFm8KyJ2lg64bZiakNTp6tueDoCmyXlmsr5X7-EReqwnjNy2P9hwlh-gQisulmvummMXNVPr4ie3p6ckjtZiR0mMKOZQF2LGWkixmE0tyRWLcAlu2PlAGIml4KHgh8X8ILqpLDCdvCfg HTTP/1.1Host: asanalytics.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /8ntGuSSDjZCAqIks?bbd0db59142b04bf=cw3jRNj2tSYLi0XaIt08Y6m7vaWvYQBrgyzBnwU9O5DgoAJeWFX6xFdFUed_uXV2Gem5-O52FUFfByodQzEhTOHu-O2kvG3C7M-EX8dXbm9F5BbS9bfRkU1jwNIMXfoejlO2iSyz9fosMiJ-Wmz3yQagec1Qj4e1 HTTP/1.1Host: h64.online-metrix.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /K4ef-Qxf66Ie_55D?1a371f6204d6afce=pcoL9cwR2ipcHup2-SG6rp1j_W-d1225R3CZ4ZXQPNUtVj0y16svqnIb_DAovxSc82KqVyuzbqTkFkKqlz5uMNuPXHAap07M62H1QTtcBqstqMbf7KE33r9m_8WvIGBBQzsUOn57iKZnMl-k1yITv6TUFutghfGecXss HTTP/1.1Host: doregtzf532izs3wyphrvyjbjhgmirxmhw7wjlzuf6dcc65ee3c828f2am1.e.aa.online-metrix.netConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&jac=1&je=383626266565666a35283325324b302d304339273041343c316435676134616433633461373665396e623a3b3c663a62323162313432383b3331383b3a3133643064616635676633323062386d373b613a636061393129 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=363426266261613f39266068736a6b3527354a273740253a305a25303027304333273041313533323d343b333d313138302d354c27354c24606a736a695f696c66677a3d30 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /static/img/favicon.svg HTTP/1.1Host: xx.bstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /static/img/favicon.ico HTTP/1.1Host: xx.bstatic.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: cross-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /d8c14d4960ca/c2181391033f/telemetry HTTP/1.1Host: d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=313b33262e6a636135312470676d5f7d72646976673f253f402532303227303225314327374025323a7667702d3230253349332d35442d304127323a332532302731432537402730326a69646c656c2f786171737767726c27323a273143253d4066616e7167273243273030706373737f6f70662d323025324b342d37442d354627324b273232302730302533432735422732327d73677066616f65253a322d31412d37406461647165253041273032656f636b6c2732322d3241362d354625374c253f46 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /ue8eZwwBYhIaJjN1?dd914517a5d3e626=2wIikL3VyDl-LOyNCkYfgOR80rkSoOy8lackkErbcCDRT1qBf6jjcWDLf1p2JiBYuN_qYD_0gnWcsCqeXlR3pC-ad_YazT9omLg7q-qTjF1jJ-kv8AmeM9W2e5QtidwQWBjdoYnjh1hbPLg1IRzeNUfOKF0&jac=1&je=313032352e2660637c73763d253f422d3032646774676c2d3032253143332c3030273041253032737c6176777b253032253b412d30326b6a637067616c6725303027354426637766683f63656e6263673c373a36373f663830666a60663b373b343137343b306662643b6134343730626e35343639363439656a656e333531376360373c376132333335246578313f30626064636e3335346c613434323d35383a333f60303a363a6639373b3636366162603767653633266d78363f6b373a37343a323063616e3b30353438633362643767323962676434376463302e6a716d35576b6e6467777b27323833322475696a3d2535402730326170616a697665637c7570672d3230253349253a307830342730322d3043253030606b746e677171253032253b4127303a363625323a253a41253a3060706166667325303027314125374027374025323a62706366642732322d334927323a456d6d676467253232416a706f6d672730322732432d3230746d7271696f66253a30253b4327303239333725303027354425304127374025323a62706366642732322d334927323a4c6d76253b40412531464070616e662730322732432d3230746d7271696f66253a30253b4327303230273232273546273243273540253032627a616c662d3230253349253a304360706d6f697d6f25323027304125323074677271696f662530302d334325323a313935253a302735442d374425304127303266776e6e56677273616f6c4e61737625323a253b43253d402735422d30326270636c662532302731412732324f6f6d6564652732304b687a6d6d6d273030253a4125323074677073696d6c2732302533492530303931352e30263531313826333130253a30253746273041253740273032607261666427303a253141253a32466d742d314043253b464272636c66273232273041253032766d72716b676e2732322d334927323a3a2c322e382c3025303027354425304127374025323a62706366642732322d334927323a416a706f656b756d27303027324327303076677273616f6c273a322733412d323a33313f2c322c353131382e333130273232273546253744253a4327303a6d6d626964652d30322d314364616471652530412730326d6d66676c2732322d3343273a322732322d324b27323a726e63746e6d726d273030273341273030576b6e64677771273a322732432d323a726c6976646d7265546572716b6d6c25323027314127323239302c3226302732322d324b27323a756d75363c27323227314364616c71672737462675696c3f273f422732326a72696c647b273030253b432535402735402532306070616c64253a3227314925303247676f6f6e652d303241687a6d6d6527303027324327303076677273616f6c273a322733412d323a33313f273030253f462532412735402532306070616c64253a322731492530324e67742d314249273146427a636e6427303027324327303076677273616f6c273a322733412d323a3a253a302735442d30432535402730326270636c642732322d3343273a32416872676d61776d2d303027324b27323274677071696f6c2730322733412d32303339372732322d374c27354c273041253a306d6f606b6e6725323027314164616c7b6527304b2530327064617c646f7a6f2730322d3141253030556b6e646d7571253032253f44 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Se
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&jac=1&je=323526266a687176786e3f25374a253a30363b3b2730322d314131273546 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=313131262e6a636135312462687b636d3f253f4027303278767970677127303225314327374025323a6d6d777b652732322d334933253f462730432d303270767b7267253230273141273232786327303a253544266a687b606b35273740253d402532304527303225304133373537253a4333273d442735442e62607162635d6b6c646d7a3d31 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /ue8eZwwBYhIaJjN1?dd914517a5d3e626=2wIikL3VyDl-LOyNCkYfgOR80rkSoOy8lackkErbcCDRT1qBf6jjcWDLf1p2JiBYuN_qYD_0gnWcsCqeXlR3pC-ad_YazT9omLg7q-qTjF1jJ-kv8AmeM9W2e5QtidwQWBjdoYnjh1hbPLg1IRzeNUfOKF0&jac=1&je=3635262662666c3f393330266a6e683535333137326462303561353b343b323232336334383b653038653a676b3260312662667c6c3d38383335333b3831333024726f3d6e6d HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /static/img/favicon.ico HTTP/1.1Host: xx.bstatic.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /lD_6e2ckuuI85dfO?d9272cc602e934cb=N7gnoMjVMNt9eMJfLdlbQQHx40UBoKRTrBR6k43o9hQXvq0kq29aaYGi3v5qKhBT81oTqQVaAPNWfoOUEaeN6cvhWcn5_1DOeJIkoVMauvseVkfWY8ixBNBh21i_sqRT2NWG0yzfMocMHfO_8r3sP4D6QGIo6AVc3MSTRUiGZxHbDU0x1aB0iw7Pq8c7-9PU3NvgVeMmzjK5vqp6KRg&jf=343338267b69665d7a6e663d746c725765686c406644466a775748375864644c26716b665f6661746d3d33353b3237343939353b247361665d767978673d77676038676364716324736b645f63657b3f3b3037393338313b323638353063383e363863673166323230333234303a32613036363a6b653164303b30393237383136303038323466633b353134663a6636663461633a64353a6d333362313c643c37373a3634326338613934606032326533613160393b30643e6630376a336030353c643f33613c3a31313630673534646436613762633b61653537356b3731606e3834396538303032333c646160333a343762643b353a3866663b35313562346d333a6330332473696c5f7b6b6735313236363830323132323b60646137313b336166616b613667696464383269363a34336a6736343030303637643735666465606731363a38376d3164636d343a38343b3569353330303432323a333030646733603136363363343763366a36333538366762366a666c3a656e373a3434696038666063303a6663363061656736386d3867643a363763363d393e31356b24716b667a3f30 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: image/avif,image/webp,image/apng,image/svg+xml,image/,/*;q=0.8Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: imageReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /d8c14d4960ca/c2181391033f/telemetry HTTP/1.1Host: d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /ue8eZwwBYhIaJjN1?dd914517a5d3e626=2wIikL3VyDl-LOyNCkYfgOR80rkSoOy8lackkErbcCDRT1qBf6jjcWDLf1p2JiBYuN_qYD_0gnWcsCqeXlR3pC-ad_YazT9omLg7q-qTjF1jJ-kv8AmeM9W2e5QtidwQWBjdoYnjh1hbPLg1IRzeNUfOKF0&jac=1&je=313032352e2660637c73763d253f422d3032646774676c2d3032253143332c3030273041253032737c6176777b253032253b412d30326b6a637067616c6725303027354426637766683f63656e6263673c373a36373f663830666a60663b373b343137343b306662643b6134343730626e35343639363439656a656e333531376360373c376132333335246578313f30626064636e3335346c613434323d35383a333f60303a363a6639373b3636366162603767653633266d78363f6b373a37343a323063616e3b30353438633362643767323962676434376463302e6a716d35576b6e6467777b27323833322475696a3d2535402730326170616a697665637c7570672d3230253349253a307830342730322d3043253030606b746e677171253032253b4127303a363625323a253a41253a3060706166667325303027314125374027374025323a62706366642732322d334927323a456d6d676467253232416a706f6d672730322732432d3230746d7271696f66253a30253b4327303239333725303027354425304127374025323a62706366642732322d334927323a4c6d76253b40412531464070616e662730322732432d3230746d7271696f66253a30253b4327303230273232273546273243273540253032627a616c662d3230253349253a304360706d6f697d6f25323027304125323074677271696f662530302d334325323a313935253a302735442d374425304127303266776e6e56677273616f6c4e61737625323a253b43253d402735422d30326270636c662532302731412732324f6f6d6564652732304b687a6d6d6d273030253a4125323074677073696d6c2732302533492530303931352e30263531313826333130253a30253746273041253740273032607261666427303a253141253a32466d742d314043253b464272636c66273232273041253032766d72716b676e2732322d334927323a3a2c322e382c3025303027354425304127374025323a62706366642732322d334927323a416a706f656b756d27303027324327303076677273616f6c273a322733412d323a33313f2c322c353131382e333130273232273546253744253a4327303a6d6d626964652d30322d314364616471652530412730326d6d66676c2732322d3343273a322732322d324b27323a726e63746e6d726d273030273341273030576b6e64677771273a322732432d323a726c6976646d7265546572716b6d6c25323027314127323239302c3226302732322d324b27323a756d75363c27323227314364616c71672737462675696c3f273f422732326a72696c647b273030253b432535402735402532306070616c64253a3227314925303247676f6f6e652d303241687a6d6d6527303027324327303076677273616f6c273a322733412d323a33313f273030253f462532412735402532306070616c64253a322731492530324e67742d314249273146427a636e6427303027324327303076677273616f6c273a322733412d323a3a253a302735442d30432535402730326270636c642732322d3343273a32416872676d61776d2d303027324b27323274677071696f6c2730322733412d32303339372732322d374c27354c273041253a306d6f606b6e6725323027314164616c7b6527304b2530327064617c646f7a6f2730322d3141253030556b6e646d7571253032253f44 HTTP/1.1Host: asanalytics.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=393b26266261613f39266068737f3d2d37422d354027374c273243273030273246706765697174657a253044786171737767726c27323a273746266a6a736b7176673f253740273032696e253a32273149302732432d323a69323a3b2730322d314130273546 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /ue8eZwwBYhIaJjN1?dd914517a5d3e626=2wIikL3VyDl-LOyNCkYfgOR80rkSoOy8lackkErbcCDRT1qBf6jjcWDLf1p2JiBYuN_qYD_0gnWcsCqeXlR3pC-ad_YazT9omLg7q-qTjF1jJ-kv8AmeM9W2e5QtidwQWBjdoYnjh1hbPLg1IRzeNUfOKF0&jac=1&je=3635262662666c3f393330266a6e683535333137326462303561353b343b323232336334383b653038653a676b3260312662667c6c3d38383335333b3831333024726f3d6e6d HTTP/1.1Host: asanalytics.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=313438267a643f247a64763d363b333b312d393732322c3d3b30302f333732302c373b32312f313538302e373130302d313d30382e353132312f313d32302c31313a3b2d313732322c373935382d333738302e35393b3125333538322e37393b3b2d313732322e3630313b2f3137303024353b363c2d333530382c3e3234382f333730382e3539313a2f333530322e373235392d39353232243732373025313d323024303333322533353032 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=323239262e6a636135312462687b636d3f253f4027303278767970677127303225314327374025323a6d6d777b652732322d334933253f462730432d303270767b7267253230273141273232786327303a253544266a687b606b35273740253d402532305727303225304130333531253a4327303a7377626d61742d30332d303146495e273233273030273544273041253742253a326c273a322732433a333f36253a4127303278637373756d70662532316c67775d70617b73756d7a642732322d354c27354c24606a736a695f696c66677a3d32 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=393026266261613f392672676557757866617c673f27374a273232312730302533432735422732326665755d786171737767726c27323a273143253d40747277672730432530307261717377677266273a3227324338253d46253f46273544 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /ue8eZwwBYhIaJjN1?dd914517a5d3e626=2wIikL3VyDl-LOyNCkYfgOR80rkSoOy8lackkErbcCDRT1qBf6jjcWDLf1p2JiBYuN_qYD_0gnWcsCqeXlR3pC-ad_YazT9omLg7q-qTjF1jJ-kv8AmeM9W2e5QtidwQWBjdoYnjh1hbPLg1IRzeNUfOKF0&jac=1&je=343326267f656b3f302e36362e39323b2c373d24756b6d357565627076615d696e7667706e636c5f65646c71 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ
Source: global traffic	HTTP traffic detected: GET /d8c14d4960ca/c2181391033f/telemetry HTTP/1.1Host: d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=313132262e6a636135312462687b773527354a273540253a3070617171756d72642730316e67775f786171717f6f7064253a322d314138273546253a412532302730447265656b71746772253a4672637b73756f726c253a30253d462460687b697374673f273542253030696e2732322d3343322d324125323a6b3a30392d303027334932253746 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=313b31262e6a636135312462687b636d3f253f4027303278767970677127303225314327374025323a6d6d777b652732322d334930253f462730432d303270767b7267253230273141273232786327303a253544266a687b606b35273740253d402532305727303225304136353a37253a4327303a706373737f6f7a66253a316c67775772617371756d706425303027354625324b2537402d323072253a322d30433c373a3b253a412532302730302535462737442462687b62695d616e6665783533 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /ue8eZwwBYhIaJjN1?dd914517a5d3e626=2wIikL3VyDl-LOyNCkYfgOR80rkSoOy8lackkErbcCDRT1qBf6jjcWDLf1p2JiBYuN_qYD_0gnWcsCqeXlR3pC-ad_YazT9omLg7q-qTjF1jJ-kv8AmeM9W2e5QtidwQWBjdoYnjh1hbPLg1IRzeNUfOKF0&jac=1&je=343326267f656b3f302e36362e39323b2c373d24756b6d357565627076615d696e7667706e636c5f65646c71 HTTP/1.1Host: asanalytics.booking.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=323038262e6a636135312462687b633527354a273740253a307425303027304325303043253033253a33464b5e253033253a322d304339353536253d462532412737402532307427323025324b3130343b2530433938372d304339353536253d462532412737402532306f6f253032253a43343739253043343c362d304339353536253d462532412737402532307627323025324b2530304c495425323b253a314441542730332d303225304136343535273746253043253d4227303a6d6f25323a253a41363c312730433c313825304136343535273746253744266a68716157696c6465703d38 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=313439262e6a636135312470676d5f7d72646976673f253f402532303127303225314327374025323a6e677557706373737f6f7a66253a302731412d374274707767273243273030706373737f6f70662d323025324b342d37442d354627324b273232362730302533432735422732326b6f6c6461726f656457706971737f6d7066253a302533432737407472776727324125323a7063717b776d72642d323a27324b362737442d3544253546 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=383226266261613f39266068736b653527374a273030707c7b706571273030253343273542273232656f77716d253032253b413b27374c273041253a3070747b7267273232273143253032706b2530302d3746 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /d8c14d4960ca/c2181391033f/telemetry HTTP/1.1Host: d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=313730262e6a636135312462687b633527354a273740253a307425303027304325303046495425323b2530314c495425323b253a30253a413332383b332535462730412535402730326f6d253a3227304b363731253a433c36362d304133303031312537462730432537402732306d6d2d3230273a433435322d324b36343f273041313e3b363627374627354424606a73615f696664677a3531 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /SLS/%7BE7A50285-D08D-499D-9FF8-180FDC2332BC%7D/x64/10.0.19045.2006/0?CH=700&L=en-GB&P=&PT=0x30&WUA=10.0.19041.1949&MK=phmhfH7UPSs95rn&MD=Ha+zLtAd HTTP/1.1Connection: Keep-AliveAccept: /User-Agent: Windows-Update-Agent/10.0.10011.16384 Client-Protocol/2.33Host: slscr.update.microsoft.com
Source: global traffic	HTTP traffic detected: GET /rules/other-Win32-v19.bundle HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=383226266261613f39266068736b653527374a273030707c7b706571273030253343273542273232656f77716d253032253b413c27374c273041253a3070747b7267273232273143253032706b2530302d3746 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=383226266261613f39266068736b653527374a273030707c7b706571273030253343273542273232656f77716d253032253b413d27374c273041253a3070747b7267273232273143253032706b2530302d3746 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /d8c14d4960ca/c2181391033f/telemetry HTTP/1.1Host: d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/rule120100v3s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule224902v2s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120608v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120600v4s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120402v21s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /d8c14d4960ca/c2181391033f/telemetry HTTP/1.1Host: d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/rule120609v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120610v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120612v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120611v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120613v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /d8c14d4960ca/c2181391033f/telemetry HTTP/1.1Host: d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/rule120614v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120618v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120616v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120617v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120615v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120619v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /d8c14d4960ca/c2181391033f/telemetry HTTP/1.1Host: d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/rule120620v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120622v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120621v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120623v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120625v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120624v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120626v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120628v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120627v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=313730262e6a636135312462687b633527354a273740253a307425303027304325303046495425323b2530314c495425323b253a30253a413032303c372535462730412535402730326f6d253a3227304b363635253a433c36302d304130303836352537462730432537402732306d6d2d3230273a433434362d324b363439273041323b33303627374627354424606a73615f696664677a3532 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /d8c14d4960ca/c2181391033f/telemetry HTTP/1.1Host: d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/rule120629v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120630v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=383226266261613f39266068736b653527374a273030707c7b706571273030253343273542273232656f77716d253032253b413e27374c273041253a3070747b7267273232273143253032706b2530302d3746 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /rules/rule120632v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120631v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=383226266261613f39266068736b653527374a273030707c7b706571273030253343273542273232656f77716d253032253b413f27374c273041253a3070747b7267273232273143253032706b2530302d3746 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /rules/rule120633v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=313232262e6a636135312462687b633527354a273740253a306d6d27303027324334363b253043343c3427304b323431383d253d46253a412737422d30326d6f2730302532413436332732433c333a273a433039323c382d37442d374624626071635f6b6c6667783d31 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=383226266261613f39266068736b653527374a273030707c7b706571273030253343273542273232656f77716d253032253b413027374c273041253a3070747b7267273232273143253032706b2530302d3746 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=383226266261613f39266068736b653527374a273030707c7b706571273030253343273542273232656f77716d253032253b413127374c273041253a3070747b7267273232273143253032706b2530302d3746 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /d8c14d4960ca/c2181391033f/telemetry HTTP/1.1Host: d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.comConnection: keep-aliveUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: /Sec-Fetch-Site: noneSec-Fetch-Mode: corsSec-Fetch-Dest: emptyAccept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9
Source: global traffic	HTTP traffic detected: GET /rules/rule120634v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120635v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120636v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120638v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120637v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=313232262e6a636135312462687b633527354a273740253a306d6d273030273243343634253043343c3127304b333032393c253d46253a412737422d30326d6f2730302532413436372732433c3430273a433135333d392d37442d374624626071635f6b6c6667783d36 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /U_GY-kq9lC3pRi0y?f86c979369b1a462=JR7Cjl65wWWxGQcjX0LgJP-WIj5jCciTNOTD-Hce2k14zdmzpvIxU65soX7l32Rqt4ui0PcUxn692UgnzY-3Z4Kdu8xXq_o7Fhsdr41U-SRgMTGgQPbb5rzLKII4X3BLGBa-IIJcPrlKYPbB_H-OWm7TMP05tE03_D131SYCEtdM-8osYYpRa9jAnetbUS9KFWR0LtV5vNZvF1k0Nt4&je=383326266261613f39266068736b653527374a273030707c7b706571273030253343273542273232656f77716d253032253b413932253f462730432d303270767b7267253230273141273232786327303a253544 HTTP/1.1Host: asanalytics.booking.comConnection: keep-alivesec-ch-ua: "Google Chrome";v="117", "Not;A=Brand";v="8", "Chromium";v="117"sec-ch-ua-mobile: ?0User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36sec-ch-ua-platform: "Windows"Accept: /Sec-Fetch-Site: same-siteSec-Fetch-Mode: no-corsSec-Fetch-Dest: scriptReferer: https://account.booking.com/Accept-Encoding: gzip, deflate, brAccept-Language: en-US,en;q=0.9Cookie: bkng_sso_session=e30; bkng_sso_ses=e30; pcm_consent=analytical%3Dtrue%26countryCode%3DUS%26consentId%3D923e9697-67ad-46c9-9eea-1ed902282b92%26consentedAt%3D2024-11-25T15%3A38%3A41.927Z%26expiresAt%3D2025-05-24T15%3A38%3A41.927Z%26implicit%3Dtrue%26marketing%3Dtrue%26regionCode%3DNY%26regulation%3Dnone%26legacyRegulation%3Dnone; bkng_sso_auth=CAIQsOnuTRpmcCiQwW+5239mfEZYy6zsZUI5d5fKwPECKXbKziY6JDmrS5pZP/tFsx7yEI7i1S1kUBcZNPNRP1P2fpoenjO9HiBcykduN0S/GPiHiFeeXqLpMv5tDtlFmGxTLTV9qjLQ9PR5mH4t; px_init=0; bkng=11UmFuZG9tSVYkc2RlIyh9Yaa29%2F3xUOLbXpFeYC4TUhAJbaRO0jw2RKMi%2F5Fe%2BvYFzD8Scy3HzOThKIQxs99cDrcSj%2Fz813nIA%2BKEKqBXoE9VE5u2KmMJJENy8kBQmfLyJ%2FrKJH%2Fo2zNdyYVJfr%2BpwmNLTvD22UCf1xN983Sh%2Ffg3efQc9sF0AwUmR%2Bw9Tiu4Ryi%2FnPVfF74%3D; thx_guid=d70dd0e4bbef6c95337b78c99dc9a79e; tmx_guid=AAw8sBThxyQJdxz7qumZht_06We8rIGbbZvrTmzGLSuR0Eo_mQPru0PMr-_7A0UlOj3YzmatP-nUK3SgA1ZsjB9thdywLQ; _ga=GA1.2.1526981724.1732549167; _gid=GA1.2.1219349010.1732549167
Source: global traffic	HTTP traffic detected: GET /rules/rule120639v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120640v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120641v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120642v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET /rules/rule120643v0s19.xml HTTP/1.1Connection: Keep-AliveAccept-Encoding: gzipUser-Agent: Microsoft Office/16.0 (Windows NT 10.0; 16.0.16827; Pro)Host: otelrules.azureedge.net
Source: global traffic	HTTP traffic detected: GET / HTTP/1.1Host: account.booking.comConnection: keep-aliveUpgrade-Insecure-Requests: 1User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,/;q=0.8,application/signed-exchange;v=b3;q=0.7Accept-Encoding: gzip, deflateAccept-Language: en-US,en;q=0.9

Source: global traffic	DNS traffic detected: DNS query: account.booking.com
Source: global traffic	DNS traffic detected: DNS query: www.google.com
Source: global traffic	DNS traffic detected: DNS query: cf.bstatic.com
Source: global traffic	DNS traffic detected: DNS query: cdn.cookielaw.org
Source: global traffic	DNS traffic detected: DNS query: www.bstatic.com
Source: global traffic	DNS traffic detected: DNS query: xx.bstatic.com
Source: global traffic	DNS traffic detected: DNS query: nellie.booking.com
Source: global traffic	DNS traffic detected: DNS query: www.booking.com
Source: global traffic	DNS traffic detected: DNS query: t-cf.bstatic.com
Source: global traffic	DNS traffic detected: DNS query: q-xx.bstatic.com
Source: global traffic	DNS traffic detected: DNS query: d8c14d4960ca.edge.sdk.awswaf.com
Source: global traffic	DNS traffic detected: DNS query: aa.online-metrix.net
Source: global traffic	DNS traffic detected: DNS query: asanalytics.booking.com
Source: global traffic	DNS traffic detected: DNS query: d8c14d4960ca.d2eb2267.us-east-1.token.awswaf.com
Source: global traffic	DNS traffic detected: DNS query: geolocation.onetrust.com
Source: global traffic	DNS traffic detected: DNS query: h.online-metrix.net
Source: global traffic	DNS traffic detected: DNS query: eu-aa.online-metrix.net
Source: global traffic	DNS traffic detected: DNS query: h64.online-metrix.net
Source: global traffic	DNS traffic detected: DNS query: doregtzf532izs3wyphrvyjbjhgmirxmhw7wjlzuf6dcc65ee3c828f2am1.e.aa.online-metrix.net

Source: unknown

Source: chromecache_113.2.dr	String found in binary or memory: http://cond01.etbxml.com/cond/common.js
Source: chromecache_113.2.dr	String found in binary or memory: http://www.quirksmode.org/js/cookies.html
Source: chromecache_113.2.dr	String found in binary or memory: https://account.booking.com/_/fvtrpw.gif
Source: chromecache_144.2.dr, chromecache_114.2.dr	String found in binary or memory: https://ampcid.google.com/v1/publisher:getClientId
Source: chromecache_113.2.dr	String found in binary or memory: https://cdn.cookielaw.org/consent/a387750c-a080-4dd0-b2d1-7dbdb601bb14/OtAutoBlock.js
Source: chromecache_122.2.dr, chromecache_149.2.dr	String found in binary or memory: https://cdn.cookielaw.org/scripttemplates/otSDKStub.js
Source: chromecache_113.2.dr	String found in binary or memory: https://cf.bstatic.com/psb/accountsportal/
Source: chromecache_113.2.dr	String found in binary or memory: https://cf.bstatic.com/psb/accountsportal/assets/133_878a17a1dd9684883a3d.js
Source: chromecache_113.2.dr	String found in binary or memory: https://cf.bstatic.com/psb/accountsportal/assets/54_97d049b4c4a1c2f7cfdb.js
Source: chromecache_113.2.dr	String found in binary or memory: https://cf.bstatic.com/psb/accountsportal/assets/57_a194fd9bf3b476d89299.css
Source: chromecache_113.2.dr	String found in binary or memory: https://cf.bstatic.com/psb/accountsportal/assets/624_96ca1b056e9464729f28.js
Source: chromecache_113.2.dr	String found in binary or memory: https://cf.bstatic.com/psb/accountsportal/assets/629_a83b0423500bf7bdde4f.css
Source: chromecache_113.2.dr	String found in binary or memory: https://cf.bstatic.com/psb/accountsportal/assets/629_b3ab60a933ee60003b06.js
Source: chromecache_113.2.dr	String found in binary or memory: https://cf.bstatic.com/psb/accountsportal/assets/704_9a0ec8d2f80e7d346616.css
Source: chromecache_113.2.dr	String found in binary or memory: https://cf.bstatic.com/psb/accountsportal/assets/704_e7ede50c1fdac354671b.js
Source: chromecache_113.2.dr	String found in binary or memory: https://cf.bstatic.com/psb/accountsportal/assets/709_bad9882915aa6a1c2b70.js
Source: chromecache_113.2.dr	String found in binary or memory: https://cf.bstatic.com/psb/accountsportal/assets/709_c32002792e35c69191e8.css
Source: chromecache_113.2.dr	String found in binary or memory: https://cf.bstatic.com/psb/accountsportal/assets/987_175b3de059909b49ef78.js
Source: chromecache_113.2.dr	String found in binary or memory: https://cf.bstatic.com/psb/accountsportal/assets/991_a6ad99ceec88bdd4c73c.js
Source: chromecache_113.2.dr	String found in binary or memory: https://cf.bstatic.com/psb/accountsportal/assets/index_b606a6e5896516848e89.js
Source: chromecache_113.2.dr	String found in binary or memory: https://cf.bstatic.com/psb/accountsportal/assets/runtime~index_a9240719fc64a8f3ef82.js
Source: chromecache_113.2.dr	String found in binary or memory: https://d8c14d4960ca.edge.sdk.awswaf.com/d8c14d4960ca/c2181391033f/challenge.js
Source: chromecache_142.2.dr, chromecache_151.2.dr	String found in binary or memory: https://play.google.com
Source: chromecache_123.2.dr, chromecache_115.2.dr, chromecache_112.2.dr	String found in binary or memory: https://q.bstatic.com/libs/bui/7.3.1/bui.min.css
Source: chromecache_115.2.dr, chromecache_112.2.dr	String found in binary or memory: https://q.bstatic.com/libs/calango/0.500/bui.css
Source: chromecache_91.2.dr	String found in binary or memory: https://r.bstatic.com/libs/bui/7.3.1/bui.min.css
Source: chromecache_123.2.dr, chromecache_91.2.dr	String found in binary or memory: https://r.bstatic.com/libs/calango/0.500/bui.css
Source: chromecache_114.2.dr	String found in binary or memory: https://stats.g.doubleclick.net/j/collect
Source: chromecache_144.2.dr, chromecache_114.2.dr	String found in binary or memory: https://tagassistant.google.com/
Source: chromecache_113.2.dr	String found in binary or memory: https://www.booking.com/_etnht
Source: chromecache_88.2.dr	String found in binary or memory: https://www.booking.com/content/privacy.html
Source: chromecache_122.2.dr, chromecache_149.2.dr	String found in binary or memory: https://www.booking.com/cookiebanner.html
Source: chromecache_113.2.dr	String found in binary or memory: https://www.bstatic.com/libs/privacy-consent/1.0.0/customer/cookie-banner.min.js
Source: chromecache_142.2.dr, chromecache_151.2.dr, chromecache_113.2.dr	String found in binary or memory: https://www.google-analytics.com/analytics.js
Source: chromecache_144.2.dr, chromecache_114.2.dr	String found in binary or memory: https://www.google-analytics.com/debug/bootstrap?id=
Source: chromecache_144.2.dr, chromecache_114.2.dr	String found in binary or memory: https://www.google-analytics.com/gtm/js?id=
Source: chromecache_144.2.dr, chromecache_114.2.dr	String found in binary or memory: https://www.google.%/ads/ga-audiences
Source: chromecache_144.2.dr, chromecache_114.2.dr	String found in binary or memory: https://www.google.com/ads/ga-audiences
Source: chromecache_142.2.dr, chromecache_151.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js
Source: chromecache_144.2.dr, chromecache_114.2.dr	String found in binary or memory: https://www.googletagmanager.com/gtag/js?id=
Source: chromecache_113.2.dr	String found in binary or memory: https://xx.bstatic.com/static/img/favicon.ico
Source: chromecache_113.2.dr	String found in binary or memory: https://xx.bstatic.com/static/img/favicon.svg

Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49865
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49986
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49743
Source: unknown	Network traffic detected: HTTP traffic on port 49817 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49864
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49985
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49742
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49863
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49984
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49741
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49862
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49983
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49740
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49861
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49982
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49860
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49981
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49980
Source: unknown	Network traffic detected: HTTP traffic on port 49932 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49898 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49875 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49795 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49990 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49859
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49858
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49979
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49857
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49978
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49977
Source: unknown	Network traffic detected: HTTP traffic on port 49772 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49976
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49975
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49974
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49973
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49851
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49972
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49850
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49971
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49970
Source: unknown	Network traffic detected: HTTP traffic on port 49967 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49784 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49749 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50004 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49806 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49943 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49849
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49848
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49969
Source: unknown	Network traffic detected: HTTP traffic on port 49978 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49886 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49968
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49846
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49967
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49966
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49965
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49964
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49963
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49962
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49961
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49960
Source: unknown	Network traffic detected: HTTP traffic on port 50015 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49966 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49989 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49748 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49760 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49828 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49933 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50028 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49805 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49959
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49958
Source: unknown	Network traffic detected: HTTP traffic on port 49921 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49957
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49956
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49955
Source: unknown	Network traffic detected: HTTP traffic on port 49887 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49954
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49832
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49953
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49831
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49952
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49830
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49951
Source: unknown	Network traffic detected: HTTP traffic on port 49864 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49950
Source: unknown	Network traffic detected: HTTP traffic on port 49944 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49910 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49796 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49955 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49829
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49828
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49949
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49827
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49948
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49826
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49947
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49825
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49946
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49824
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49945
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49823
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49944
Source: unknown	Network traffic detected: HTTP traffic on port 49771 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49822
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49943
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49788
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49787
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49785
Source: unknown	Network traffic detected: HTTP traffic on port 49922 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49784
Source: unknown	Network traffic detected: HTTP traffic on port 49945 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49783
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49782
Source: unknown	Network traffic detected: HTTP traffic on port 50017 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49781
Source: unknown	Network traffic detected: HTTP traffic on port 49968 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49785 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50026 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49807 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49980 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49759 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49885 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49898
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49776
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49897
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49896
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49774
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49895
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49773
Source: unknown	Network traffic detected: HTTP traffic on port 49862 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49894
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49772
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49893
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49771
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49892
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49770
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49891
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49890
Source: unknown	Network traffic detected: HTTP traffic on port 49897 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49911 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49957 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49851 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49830 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49991 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49769
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49768
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49889
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49767
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49888
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49766
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49887
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49765
Source: unknown	Network traffic detected: HTTP traffic on port 49758 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49886
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49764
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49885
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49763
Source: unknown	Network traffic detected: HTTP traffic on port 49863 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49884
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49762
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49883
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49761
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49882
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49760
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49881
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49880
Source: unknown	Network traffic detected: HTTP traffic on port 49896 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49770 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49956 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50005 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49979 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49759
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49758
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49879
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49757
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49878
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49999
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49756
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49877
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49998
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49876
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49755
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49997
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49875
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49754
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49996
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49753
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49874
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49995
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49752
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49873
Source: unknown	Network traffic detected: HTTP traffic on port 49923 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49994
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49751
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49872
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49993
Source: unknown	Network traffic detected: HTTP traffic on port 50016 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49750
Source: unknown	Network traffic detected: HTTP traffic on port 49818 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49871
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49992
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49870
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49991
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49990
Source: unknown	Network traffic detected: HTTP traffic on port 49874 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49747 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49829 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49934 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50027 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49749
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49748
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49869
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49747
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49868
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49989
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49746
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49867
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49988
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49866
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49987
Source: unknown	Network traffic detected: HTTP traffic on port 50013 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49746 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49769 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49803 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49826 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49906 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49849 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49900 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49975 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49929 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49872 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50025 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49964 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49861 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49999 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49873 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49787 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49930 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50001 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49986 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49850 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49963 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49799
Source: unknown	Network traffic detected: HTTP traffic on port 49757 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50007
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50006
Source: unknown	Network traffic detected: HTTP traffic on port 50012 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50009
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49796
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50008
Source: unknown	Network traffic detected: HTTP traffic on port 49952 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49795
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49794
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49793
Source: unknown	Network traffic detected: HTTP traffic on port 49814 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49792
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49791
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49790
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50001
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50000
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50003
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50002
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50005
Source: unknown	Network traffic detected: HTTP traffic on port 49895 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50004
Source: unknown	Network traffic detected: HTTP traffic on port 49768 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49825 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49884 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49789
Source: unknown	Network traffic detected: HTTP traffic on port 49997 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49859 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49871 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49894 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50003 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49965 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49799 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49942 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49977 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49816 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50035 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49954 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50014 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49788 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49988 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49767 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49827 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49882 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49848 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49756 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49976 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49953 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49815 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49908 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50024 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49883 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49860 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49755 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49998 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49931 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49804 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50002 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49987 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49926 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49949 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49789 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49766 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49743 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49961 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49984 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50022 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49881 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49675 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49950 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49996 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50010 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49812 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49858 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49893 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49915 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49823 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49869 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49790 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50009 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50034 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49972 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49892 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49904 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49927 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49822 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49870 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49765 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49983 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49938 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50023 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49811 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49754 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50018
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50017
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50019
Source: unknown	Network traffic detected: HTTP traffic on port 49813 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49951 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49974 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50032 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50010
Source: unknown	Network traffic detected: HTTP traffic on port 49916 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50012
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50011
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50014
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50013
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50016
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50015
Source: unknown	Network traffic detected: HTTP traffic on port 49939 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49776 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49791 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49868 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49753 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50029
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50028
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50021
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50020
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50023
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50022
Source: unknown	Network traffic detected: HTTP traffic on port 49742 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50025
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50024
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50027
Source: unknown	Network traffic detected: HTTP traffic on port 49879 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50026
Source: unknown	Network traffic detected: HTTP traffic on port 49985 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50000 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49802 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50021 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50030
Source: unknown	Network traffic detected: HTTP traffic on port 49905 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49995 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50011 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50032
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50031
Source: unknown	Network traffic detected: HTTP traffic on port 49741 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49857 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50034
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50033
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 50035
Source: unknown	Network traffic detected: HTTP traffic on port 49764 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49801 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49824 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49973 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49891 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50033 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49880 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49962 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49846 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49792 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49890 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49970 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50007 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49781 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49878 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49912 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49935 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49958 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49889 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49866 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49820 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49946 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50018 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49763 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49981 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49752 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49901 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49819 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49947 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49793 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49831 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50031 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49751 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49992 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49774 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49782 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49969 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49994 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50020 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49740 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49913 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49808 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50006 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49867 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49821
Source: unknown	Network traffic detected: HTTP traffic on port 49865 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49942
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49820
Source: unknown	Network traffic detected: HTTP traffic on port 49762 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49819
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49818
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49939
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49938
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49817
Source: unknown	Network traffic detected: HTTP traffic on port 49810 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49816
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49815
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49814
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49935
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49813
Source: unknown	Network traffic detected: HTTP traffic on port 49902 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49934
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49812
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49933
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49811
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49932
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49810
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49931
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49930
Source: unknown	Network traffic detected: HTTP traffic on port 49925 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50008 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49971 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49794 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49876 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49960 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49809
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49808
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49929
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49807
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49806
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49927
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49805
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49926
Source: unknown	Network traffic detected: HTTP traffic on port 50029 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49804
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49925
Source: unknown	Network traffic detected: HTTP traffic on port 49773 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49803
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49802
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49923
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49801
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49922
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49921
Source: unknown	Network traffic detected: HTTP traffic on port 49783 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49821 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 50019 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49877 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49914 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49982 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49809 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49916
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49915
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49914
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49913
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49912
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49911
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49910
Source: unknown	Network traffic detected: HTTP traffic on port 49948 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49761 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49959 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 49832 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49908
Source: unknown	Network traffic detected: HTTP traffic on port 50030 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49906
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49905
Source: unknown	Network traffic detected: HTTP traffic on port 49750 -> 443
Source: unknown	Network traffic detected: HTTP traffic on port 443 -> 49904

Source: unknown	HTTPS traffic detected: 2.18.109.164:443 -> 192.168.2.4:49742 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 2.18.109.164:443 -> 192.168.2.4:49743 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.4:49770 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 4.245.163.56:443 -> 192.168.2.4:49923 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.4:49926 version: TLS 1.2
Source: unknown	HTTPS traffic detected: 13.107.246.63:443 -> 192.168.2.4:49972 version: TLS 1.2

Source: classification engine

Classification label: clean1.win@22/100@72/24

Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --start-maximized "about:blank"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2424 --field-trial-handle=2212,i,15516139515336327294,6813732416240638119,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: unknown	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" "http://account.booking.com"
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5228 --field-trial-handle=2212,i,15516139515336327294,6813732416240638119,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1848 --field-trial-handle=2212,i,15516139515336327294,6813732416240638119,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=network.mojom.NetworkService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=2424 --field-trial-handle=2212,i,15516139515336327294,6813732416240638119,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=audio.mojom.AudioService --lang=en-US --service-sandbox-type=audio --mojo-platform-channel-handle=5228 --field-trial-handle=2212,i,15516139515336327294,6813732416240638119,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: C:\Program Files\Google\Chrome\Application\chrome.exe "C:\Program Files\Google\Chrome\Application\chrome.exe" --type=utility --utility-sub-type=video_capture.mojom.VideoCaptureService --lang=en-US --service-sandbox-type=none --mojo-platform-channel-handle=1848 --field-trial-handle=2212,i,15516139515336327294,6813732416240638119,262144 --disable-features=OptimizationGuideModelDownloading,OptimizationHints,OptimizationHintsFetching,OptimizationTargetPrediction /prefetch:8	Jump to behavior
Source: C:\Program Files\Google\Chrome\Application\chrome.exe	Process created: unknown unknown	Jump to behavior

Source: Window Recorder

Window detected: More than 3 window changes detected

ID:	1562502
Product:	CloudBasic
Start time:	16:37:43
Start date:	25.11.2024
Cookbook:	browseurl.jbs
System description:	Windows 10 x64 22H2 with Office Professional Plus 2019, Chrome 117, Firefox 118, Adobe Reader DC 23, Java 8 Update 381, 7zip 23.01
Architecture:	WINDOWS

Windows Analysis Report
http://account.booking.com

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report http://account.booking.com

Overview

General Information

Detection

Signatures

Classification

Signatures

Phishing

Compliance

Networking

System Summary

Screenshots

Behavior Graph

Network Map

Contacted Public IPs

Private

Contacted Domains

Contacted URLs

Windows Analysis Report
http://account.booking.com