Report - booking.hotelsparerhof.it/

Report Overview

Submitted URL
booking.hotelsparerhof.it/
IP
135.125.240.140
ASN
#16276 OVH SAS
Submitted
2022-12-05 01:11:38
Access
Website Title
Final URL
Tags
None
urlquery detections
No alerts detected

Detections

urlquery
0
Network Intrusion Detection
0
Threat Detection Systems
8

Domain Summary

Domain / FQDN	Rank	First Seen	Last Seen	Sent	Received	IP
ibe.seekda.com	608329	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	440 B	289 B	135.125.240.149
content-signature-2.cdn.mozilla.net	1152	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	413 B	5.8 kB	34.160.144.191
res.cloudinary.com	2520	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.1 kB	103 kB	151.101.1.137
s.mts-online.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.7 kB	299 kB	188.40.17.54
quality.seekda.com	569749	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	4.2 kB	5.9 kB	135.125.240.141
switch.seekda.com	653763	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	448 B	3.4 kB	135.125.240.145
u.mts-online.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	1.4 kB	76.76.21.98
r3.o.lencr.org	344	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	2.4 kB	6.2 kB	23.33.119.27
contile.services.mozilla.com	1114	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	333 B	229 B	34.117.237.239
ocsp.pki.goog	175	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	343 B	700 B	142.250.74.131
img-getpocket.cdn.mozilla.net	1631	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.6 kB	32 kB	34.120.237.76
apm-server.seekda.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.0 kB	668 B	135.125.240.139
firefox.settings.services.mozilla.com	867	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	782 B	2.4 kB	34.102.187.140
d2jtzd336hs8un.cloudfront.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	16 kB	528 kB	54.230.245.158
push.services.mozilla.com	2140	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	606 B	127 B	52.39.96.8
cdn.jsdelivr.net	439	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	391 B	23 kB	151.101.129.229
www.googletagmanager.com	75	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	391 B	51 kB	142.250.74.168
images.seekda.net	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	416 B	674 B	135.125.240.142
hbe-api.kognitiv.com	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	3.5 kB	13 kB	135.125.240.149
static.seekda.com	507078	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	462 B	701 B	135.125.240.147
booking.hotelsparerhof.it	unknown	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	1.9 kB	1.5 kB	135.125.240.140
ocsp.digicert.com	86	0001-01-01T00:00:00Z	0001-01-01T00:00:00Z	682 B	1.6 kB	93.184.220.29

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

No alerts detected

Threat Detection Systems

OpenPhish

No alerts detected

PhishTank

No alerts detected

Fortinet's Web Filter

Scan Date	Severity	Indicator	Alert
2022-12-05	medium	booking.hotelsparerhof.it/	Phishing
2022-12-05	medium	booking.hotelsparerhof.it/static/trust-you-bubbles.svg	Phishing
2022-12-05	medium	booking.hotelsparerhof.it/static/bookingFlowCustomTracking.js	Phishing
2022-12-05	medium	booking.hotelsparerhof.it/	Phishing

mnemonic secure dns

No alerts detected

Quad9 DNS

No alerts detected

JavaScript (43)

	URL	Size	First Seen	Last Seen
	booking.hotelsparerhof.it/static/bookingFlowCustomTracking.js	284 B	2023-03-07	2023-03-17
Pretty URL booking.hotelsparerhof.it/static/bookingFlowCustomTracking.js IP 135.125.240.140 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:29 Last Seen2023-03-17 10:33:08 Times Seen1 Hash 128341df652e8362fb2947c104f8110e ccfd19000ef50353d36a9595932f2d83c61d2772 d252467d6d5bab9e70c65fc5eaf58fa6522dff626d409afe99fb4f818496b983 Loading...

	cdn.jsdelivr.net/npm/litepicker/dist/bundle.js	105 kB	2023-03-07	2024-03-13
Pretty URL cdn.jsdelivr.net/npm/litepicker/dist/bundle.js IP 151.101.129.229 ASN #54113 FASTLY Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:29 Last Seen2024-03-13 12:27:45 Times Seen46 Hash af9ae8360d98e7568b5fff9603be48ca 02bb601b04131d3240581bf8b09678fdf0a4c484 2011ce87819326cd9f9c44947b99231aa2deed8d139bdbbaf2b8de9ea59f70be Loading...

	d2jtzd336hs8un.cloudfront.net/_next/static/chunks/99d407f1-740efc49d6ddee4e.js	384 kB	2023-03-08	2023-03-11
Pretty URL d2jtzd336hs8un.cloudfront.net/_next/static/chunks/99d407f1-740efc49d6ddee4e.js IP 54.230.245.158 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:27:58 Last Seen2023-03-11 23:52:31 Times Seen1 Hash b5115c0e05a48993d0abd068a1604e03 e4d8afd78bcbbebc75efb41167e397a22fa9b8ca b051f0eb4ecf6b572977c922c1448a6dfd6844e9089dac4eb4e23ab7c84d2f6f Loading...

	d2jtzd336hs8un.cloudfront.net/_next/static/chunks/364-89bf8dd5b58b10a4.js	8.8 kB	2023-03-08	2023-03-11
Pretty URL d2jtzd336hs8un.cloudfront.net/_next/static/chunks/364-89bf8dd5b58b10a4.js IP 54.230.245.158 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:52:14 Last Seen2023-03-11 23:52:31 Times Seen1 Hash 6d27f012a9d000e369c0aef4ba9596e1 b2ce065556c2f46e89db03e82d0b0e1ee4fe6836 67ee1a11486dee1f43fae145dccdaa629e4575f4e5019d8a11f4e30790de1ac5 Loading...

	d2jtzd336hs8un.cloudfront.net/_next/static/chunks/695-5ea418b3362d2010.js	65 kB	2023-03-07	2023-03-13
Pretty URL d2jtzd336hs8un.cloudfront.net/_next/static/chunks/695-5ea418b3362d2010.js IP 54.230.245.158 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:22:31 Last Seen2023-03-13 01:26:28 Times Seen1 Hash e819733e17717292de4c083f88b7d57f a60bc128dbdda2b78d9de9fb9f61b08403da2c0b f123039ae6e614722874ff0b74ebe1843d0878de8419d1b050aef5d802dca22a Loading...

	d2jtzd336hs8un.cloudfront.net/_next/static/chunks/928-20b3fd6334a5c778.js	75 kB	2023-03-08	2023-03-11
Pretty URL d2jtzd336hs8un.cloudfront.net/_next/static/chunks/928-20b3fd6334a5c778.js IP 54.230.245.158 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:52:14 Last Seen2023-03-11 23:52:31 Times Seen1 Hash 4cad695255d0e5c35be75f0a7220d25b f337cb2d56380b05c1f6520da3fa72adfc3e1cc8 c0fce4a2af338b0475ec7352e091d79ba9a0afd70e51e72a241a61a53fbddaad Loading...

	d2jtzd336hs8un.cloudfront.net/_next/static/chunks/framework-4774102d6f75bb1e.js	157 kB	2023-03-07	2023-03-17
Pretty URL d2jtzd336hs8un.cloudfront.net/_next/static/chunks/framework-4774102d6f75bb1e.js IP 54.230.245.158 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:02 Last Seen2023-03-17 10:39:35 Times Seen1 Hash 5f2c27f9f9284a2c803b4ff20e30f3d4 ebfb6d7d25fd05e07ba5860c572c25f04d9a39b6 a62655e682702ec4d1a20b133c88e79b0fecf79187ef24e305b99f4c742d1846 Loading...

	booking.hotelsparerhof.it/	405 B	2023-03-07	2023-05-13
Pretty URL booking.hotelsparerhof.it/ IP 135.125.240.140 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:29 Last Seen2023-05-13 21:47:18 Times Seen5 Hash 84719ac9b111b830814db617bf9f6d68 7e141425665ee12899c6cc1b2d2cff3bdab8366a d813ceccf0d9400fbedeb3970fbffb8c823b6954955ca834d12e5652f7d98be8 Loading...

	booking.hotelsparerhof.it/	460 B	2023-03-08	2023-05-13
Pretty URL booking.hotelsparerhof.it/ IP 135.125.240.140 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 04:51:00 Last Seen2023-05-13 21:47:18 Times Seen5 Hash 86740e0a18959b8dbab1d014833b3446 163a144ad8b57884967ffb08671dccb3bb41b231 88db95b7a083a1602d308dc8a2162fa1a2485f0118f948d9ee46c71621b1b744 Loading...

	d2jtzd336hs8un.cloudfront.net/_next/static/ehIawmgvLPiidfXQEXmP0/_middlewareManifest.js	92 B	2023-03-07	2024-04-18
Pretty URL d2jtzd336hs8un.cloudfront.net/_next/static/ehIawmgvLPiidfXQEXmP0/_middlewareManifest.js IP 54.230.245.158 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:01 Last Seen2024-04-18 11:50:46 Times Seen7634 Hash 7c3f7e060745668041278118c0bb3d6d e639f56695b3cc30d78dce7a0084aa8299a1311a de5341313a4dc5d982ca50ae4a491e84bc5e80b0f439d87f05fc3973c1b7e59a Loading...

	d2jtzd336hs8un.cloudfront.net/_next/static/chunks/234-5f3fb97a1b4a275f.js	29 kB	2023-03-08	2023-03-12
Pretty URL d2jtzd336hs8un.cloudfront.net/_next/static/chunks/234-5f3fb97a1b4a275f.js IP 54.230.245.158 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:52:14 Last Seen2023-03-12 19:12:44 Times Seen1 Hash 04a646407ee05d9ebf6684a838c42396 45b75bd4e2f5ede2f16a6e0d6ac6b474a51e98bc 48c0bea8359f032bf392dbd22b5cee9f8292d3b0ee368858c792e7d7f4e7cb26 Loading...

	d2jtzd336hs8un.cloudfront.net/_next/static/chunks/38-7f41f4a9e2fe47a2.js	10 kB	2023-03-07	2023-03-13
Pretty URL d2jtzd336hs8un.cloudfront.net/_next/static/chunks/38-7f41f4a9e2fe47a2.js IP 54.230.245.158 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 16:42:43 Last Seen2023-03-13 01:26:28 Times Seen1 Hash ca9c4682119675c0ca10f4cb35d62e95 f17bc79079e083a8d23addc9511a5802476baaec a19f16c3fa25d5282585abb229555cbf35af28bc5b3efcd5a9ff900e798f8203 Loading...

	d2jtzd336hs8un.cloudfront.net/_next/static/chunks/373-95390337f262d59f.js	51 kB	2023-03-08	2023-03-12
Pretty URL d2jtzd336hs8un.cloudfront.net/_next/static/chunks/373-95390337f262d59f.js IP 54.230.245.158 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:52:14 Last Seen2023-03-12 08:57:37 Times Seen1 Hash 79fd272997f237fa9224bb2637eccf68 553394e4a30064f04f74dd47e3c153092c5549d9 450712778a4166ac88ff6ebe1558f04af20662a43eb8736929a1f90d8cd4509a Loading...

	d2jtzd336hs8un.cloudfront.net/_next/static/chunks/818-2d46f7d1223300d3.js	381 kB	2023-03-08	2023-03-11
Pretty URL d2jtzd336hs8un.cloudfront.net/_next/static/chunks/818-2d46f7d1223300d3.js IP 54.230.245.158 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:52:14 Last Seen2023-03-11 23:52:31 Times Seen1 Hash b131b2ae8bb7971d1a87c509856d7e9f 1eef95336021ac65e63806d644db29ca9bc4e308 62b2cc826d0d2b291065584176a9648d451bd572e3f0636d605a349a479853cd Loading...

	switch.seekda.com/switch/api/hotel/S000306/tracking.js	491 B	2023-03-07	2023-05-13
Pretty URL switch.seekda.com/switch/api/hotel/S000306/tracking.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:29 Last Seen2023-05-13 21:47:18 Times Seen4 Hash ac24c8839a7a75cd5b8581d54a95c04a 85fc057c7b44c1b733dc85f024e16bf0dcf5c5d6 5a3dfb885c0eb56a7485e0050d9b37d67a649095759c74cd1c65b13d4a1a4b58 Loading...

	d2jtzd336hs8un.cloudfront.net/_next/static/chunks/c0a33b72-efbe3e99c4b6522e.js	312 kB	2023-03-07	2023-11-23
Pretty URL d2jtzd336hs8un.cloudfront.net/_next/static/chunks/c0a33b72-efbe3e99c4b6522e.js IP 54.230.245.158 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:02 Last Seen2023-11-23 19:59:38 Times Seen111 Hash 20c05803e9be70b8330e9546dae4477b bc2b89e091cd34d89ae6ed55665f3edf0679934e 817819a1854e0f9c39282414af31975125cbd459e94b1fea0ed4f4143608ccd5 Loading...

	d2jtzd336hs8un.cloudfront.net/_next/static/chunks/648-b7d007e5ee685d28.js	243 kB	2023-03-08	2023-03-11
Pretty URL d2jtzd336hs8un.cloudfront.net/_next/static/chunks/648-b7d007e5ee685d28.js IP 54.230.245.158 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:52:14 Last Seen2023-03-11 23:52:31 Times Seen1 Hash 24678a880cf3bfc261551483f838823d 0fff67fa3ab9192efb28de0451306e492fe0f747 6cd4bddac9880c4e7cbe0954931935788304f6016c531194b678465e6ce16811 Loading...

	d2jtzd336hs8un.cloudfront.net/static/scripts/elastic-apm-rum.umd.min.js?checksum=e93c8d4d150530d83ee4ee385157b262	62 kB	2023-03-07	2023-11-23
Pretty URL d2jtzd336hs8un.cloudfront.net/static/scripts/elastic-apm-rum.umd.min.js?checksum=e93c8d4d150530d83ee4ee385157b262 IP 54.230.245.158 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:02 Last Seen2023-11-23 19:59:38 Times Seen125 Hash e93c8d4d150530d83ee4ee385157b262 495438c2d303efb3d2339e80da82ee3b96a5aa60 2610f6bab7dcab2b2f2865240c47dc983e2e5785e60ac0f382a0c86e3e62c1c2 Loading...

	booking.hotelsparerhof.it/	19 kB	2023-03-07	2024-04-10
Pretty URL booking.hotelsparerhof.it/ IP 135.125.240.140 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:02 Last Seen2024-04-10 13:51:05 Times Seen90 Hash 45877a71ad06ad133861a12601587957 84f766f58bec8935e96505636142c6f55a70c47b d6b59bc54940106116d4ee88781066bd91b5c8b65dec58c2ef6b0da2ef68d1bb Loading...

	ibe.seekda.com/dsr/S000306/attribution?callback=skdtracking1670202686922399&cookie-enabled=true	230 B	2023-03-08	2023-03-08
Pretty URL ibe.seekda.com/dsr/S000306/attribution?callback=skdtracking1670202686922399&cookie-enabled=true IP 135.125.240.149 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:27:58 Last Seen2023-03-08 16:27:58 Times Seen1 Hash 8f0f0621aec2dcaa88bdbf9a19186373 82f8a37c7d108258f315ab104174f0ecdd55887f 46d4a82aa0f5f1f40b3e4581605339c65dd800e5f5f68198d522a27cbf2997f4 Loading...

	d2jtzd336hs8un.cloudfront.net/_next/static/chunks/659-a75792a0129c3b75.js	272 kB	2023-03-08	2023-03-12
Pretty URL d2jtzd336hs8un.cloudfront.net/_next/static/chunks/659-a75792a0129c3b75.js IP 54.230.245.158 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:52:14 Last Seen2023-03-12 08:57:36 Times Seen1 Hash 110f77484e4a6fa56fd0fd02c313647b 3a2481138159d0c802e5947b621e591e3c6a4a5e 8cdd7a387ade14b669d7e116e1173fda97173ad8e465c19c0ffb3bfa25c773f6 Loading...

	d2jtzd336hs8un.cloudfront.net/_next/static/chunks/333-f51e7b20f7750937.js	206 kB	2023-03-08	2023-03-11
Pretty URL d2jtzd336hs8un.cloudfront.net/_next/static/chunks/333-f51e7b20f7750937.js IP 54.230.245.158 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:52:14 Last Seen2023-03-11 23:52:31 Times Seen1 Hash 0510f3c0cec814e726e5b26ff39e1416 dbe2a7f5d9e3a69bd21da9d686692533ed9525b2 d334cbfcff9b768a38214b36475d6a5c9bdc20165e1e476d5588b7408864091d Loading...

	s.mts-online.com/u1043/en/widget/kube.js	206 kB	2023-03-08	2023-03-08
Pretty URL s.mts-online.com/u1043/en/widget/kube.js IP 188.40.17.54 ASN #24940 Hetzner Online GmbH Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:27:58 Last Seen2023-03-08 16:27:58 Times Seen1 Hash cc8f9659c1bb027fda3e4499709345f5 6bb366061db22bc00ef8488c69eb1bab19133972 cd185e5fb97b335194c2c340c7f9e8f976c2852920eacb5298ec84eec393e11b Loading...

	booking.hotelsparerhof.it/	614 B	2023-03-07	2023-03-17
Pretty URL booking.hotelsparerhof.it/ IP 135.125.240.140 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:02 Last Seen2023-03-17 10:39:35 Times Seen1 Hash 9ccd0569c31e516026cf0d148ed93a10 d2c26425bb55400ac83145ba61b43adf815567f4 565248d98a5255359cf2e14d8bcceabfe813aea78a98c80cdea5782b67e010c4 Loading...

	d2jtzd336hs8un.cloudfront.net/_next/static/chunks/956-9885616c4f0e27cf.js	67 kB	2023-03-08	2023-03-13
Pretty URL d2jtzd336hs8un.cloudfront.net/_next/static/chunks/956-9885616c4f0e27cf.js IP 54.230.245.158 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:52:14 Last Seen2023-03-13 01:26:28 Times Seen1 Hash 4d7578b2d6bb180c05bc6cec3037e8e9 f3f2882c205c83c4d3e48f4d740989c375f64d12 1db4152f3d7bd381b84957db5f122ae111605697243e5a923054934d22d4ccef Loading...

	d2jtzd336hs8un.cloudfront.net/_next/static/ehIawmgvLPiidfXQEXmP0/_buildManifest.js	3.6 kB	2023-03-08	2023-03-11
Pretty URL d2jtzd336hs8un.cloudfront.net/_next/static/ehIawmgvLPiidfXQEXmP0/_buildManifest.js IP 54.230.245.158 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:52:14 Last Seen2023-03-11 23:52:31 Times Seen1 Hash 383f4e550f85910505d5bf72348cb04d e3d31b34905b452d8246994462661b3f32bd5bc8 17ad31f730be94ce449a8c3e247b2ed44dff0da12cf885c63ea46ad36f891b28 Loading...

	d2jtzd336hs8un.cloudfront.net/_next/static/chunks/0b7b90cd-2a28d1759dacf41f.js	142 kB	2023-03-07	2023-03-17
Pretty URL d2jtzd336hs8un.cloudfront.net/_next/static/chunks/0b7b90cd-2a28d1759dacf41f.js IP 54.230.245.158 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:02 Last Seen2023-03-17 10:39:35 Times Seen1 Hash 5c50a7ab91d793a8f9c26dda875a9116 92b53d2d2e63b7e62ab7a5be4a28121833523a80 28a37349775c126a9cfe54589e2d4511ab5fb22261456a0c18ac309a74b87c81 Loading...

	d2jtzd336hs8un.cloudfront.net/_next/static/chunks/979-fc9d9c0ee5b8eeaa.js	33 kB	2023-03-07	2023-03-13
Pretty URL d2jtzd336hs8un.cloudfront.net/_next/static/chunks/979-fc9d9c0ee5b8eeaa.js IP 54.230.245.158 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:22:31 Last Seen2023-03-13 01:26:28 Times Seen1 Hash 47df750212e1d304e7827e5da25d0228 7d5ddc45e2f80b298fc77d61b4163eb5ec434b65 1cd89ea35119ea4b93c793f1908140261c3a82170284b7079feb212ad6332b53 Loading...

	booking.hotelsparerhof.it/	324 B	2023-03-07	2023-05-13
Pretty URL booking.hotelsparerhof.it/ IP 135.125.240.140 ASN #16276 OVH SAS Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 12:05:29 Last Seen2023-05-13 21:47:18 Times Seen5 Hash 84ccb5c0d24ca940ba41cfad592c5570 7852843f4a3684380ccc0e2716d7a2e3e5e1be0d 4fcba8b6a4ea8357fb0da6f7169942847c58d63b9935cbe6d8e7b593caf06b93 Loading...

	d2jtzd336hs8un.cloudfront.net/_next/static/chunks/804-13fd754e32aa16c3.js	30 kB	2023-03-07	2023-03-13
Pretty URL d2jtzd336hs8un.cloudfront.net/_next/static/chunks/804-13fd754e32aa16c3.js IP 54.230.245.158 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 13:22:31 Last Seen2023-03-13 01:26:28 Times Seen1 Hash 71bbf3d5113ea7292eff8f549924719f 4bbc455e6b68efe2809e51fb0eb9c3495350ad9b 0237565bd7444834066a423ec756c1dfe466f5dec3cfb843f604918b7b00b0b2 Loading...

	d2jtzd336hs8un.cloudfront.net/_next/static/chunks/pages/index-4f91dc75cd41d669.js	78 kB	2023-03-08	2023-03-11
Pretty URL d2jtzd336hs8un.cloudfront.net/_next/static/chunks/pages/index-4f91dc75cd41d669.js IP 54.230.245.158 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:52:14 Last Seen2023-03-11 23:52:31 Times Seen1 Hash 6353c76b292a54e1c9010e27067742f3 d2551f62bd6d7c68681644c5f193f5b02558ef22 fc0933e4114cdf2ecc7f67966972f6b7c0ed0c89461b0bca0feeddad6b56a953 Loading...

	cloud.seekda.com/w/w-tracking-api/group:BookingFlow/69549e60-3d6e-0136-cbf5-0050568253f2.js	19 kB	2023-03-08	2023-03-12
Pretty URL cloud.seekda.com/w/w-tracking-api/group:BookingFlow/69549e60-3d6e-0136-cbf5-0050568253f2.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:52:14 Last Seen2023-03-12 19:12:44 Times Seen1 Hash 22db3319eb65f407f66a7f4279770598 30e982addc7a2f110d064cd16ee4ac281c78f372 1fa6d6950fee1c170bdc270cedb845638bab483726a52839d0f2279b5b53524d Loading...

	d2jtzd336hs8un.cloudfront.net/_next/static/chunks/55ba302e-56c033a647309a77.js	66 kB	2023-03-08	2023-03-12
Pretty URL d2jtzd336hs8un.cloudfront.net/_next/static/chunks/55ba302e-56c033a647309a77.js IP 54.230.245.158 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:52:14 Last Seen2023-03-12 16:29:34 Times Seen1 Hash c853b9a1b767ecdd6e547aa3b811ca53 7183849d91ddb766bcfa8c7684fa9e5b6a89b2fc 93b9f5ac1bbb1c4a9eead8fe51a47fbc2842c2cd83ac7a0f4fb89e483e7b0c09 Loading...

	unknown	0 B	2023-03-07	2024-04-19
Pretty Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:01:59 Last Seen2024-04-19 05:56:24 Times Seen36952796 Hash d41d8cd98f00b204e9800998ecf8427e da39a3ee5e6b4b0d3255bfef95601890afd80709 e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Loading...

	d2jtzd336hs8un.cloudfront.net/_next/static/chunks/7e0f675c-7628088f2378fdb4.js	52 kB	2023-03-08	2023-03-13
Pretty URL d2jtzd336hs8un.cloudfront.net/_next/static/chunks/7e0f675c-7628088f2378fdb4.js IP 54.230.245.158 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 02:37:49 Last Seen2023-03-13 19:39:48 Times Seen1 Hash 0fa52166e7c8bbd5e5189791358643f2 dc9aa299399f45ea394a03fc95afe1a510745e0e 7469f9011eb8989078a5891b63f052e2ede931ae925b469cf4de6590d471dc01 Loading...

	d2jtzd336hs8un.cloudfront.net/_next/static/chunks/433-a2824426e6ccb54e.js	274 kB	2023-03-08	2023-03-12
Pretty URL d2jtzd336hs8un.cloudfront.net/_next/static/chunks/433-a2824426e6ccb54e.js IP 54.230.245.158 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:52:14 Last Seen2023-03-12 08:57:37 Times Seen1 Hash c52e2aee92dbd613eaa0eac98788bfa1 1b2e173adcec11b282e08c0864e7737d94e5ce3f b0d10f6b562a9b9ee10dff7646e0600fdb3a1fe9fa7ca8d3926a25bbb1ddd787 Loading...

	d2jtzd336hs8un.cloudfront.net/_next/static/chunks/914-7d07b1ef6b622c87.js	68 kB	2023-03-08	2023-03-12
Pretty URL d2jtzd336hs8un.cloudfront.net/_next/static/chunks/914-7d07b1ef6b622c87.js IP 0.0.0.0 ASN #0 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:52:14 Last Seen2023-03-12 08:57:36 Times Seen1 Hash bb3b52f885200e978bdca6cacc5cc61a 9652eaa0648bd41156c5b28dea97f989a99830c2 65e71d4d8c19103f25010dd4df68ed09b58d91f22a21e74457cc863b3f4f4e92 Loading...

	d2jtzd336hs8un.cloudfront.net/_next/static/chunks/webpack-af0fc1fb1b57cb39.js	2.0 kB	2023-03-07	2024-04-10
Pretty URL d2jtzd336hs8un.cloudfront.net/_next/static/chunks/webpack-af0fc1fb1b57cb39.js IP 54.230.245.158 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:02 Last Seen2024-04-10 02:00:44 Times Seen25 Hash a1820ca3389cbdd7e75dabdcf95e85a1 699fe0521e91bb2975d021fa5417281970bfb623 d8793e374dab2ae48fafd92ebc35cddfa733d706e51a0afc4d15b406362f0e39 Loading...

	d2jtzd336hs8un.cloudfront.net/_next/static/chunks/d099b070-221cabf5ffd73869.js	72 kB	2023-03-07	2023-03-17
Pretty URL d2jtzd336hs8un.cloudfront.net/_next/static/chunks/d099b070-221cabf5ffd73869.js IP 54.230.245.158 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:02 Last Seen2023-03-17 10:39:35 Times Seen1 Hash 735819074c12554182aa6a191be3901e eb0efe89e8939164708f819554e5549cd4a160ad 99482492ebd1dff6c4db8b2fb982195a7770f905519952a5418df871e1f4d78f Loading...

	d2jtzd336hs8un.cloudfront.net/_next/static/chunks/302-7b32094aede33cd2.js	21 kB	2023-03-08	2023-03-11
Pretty URL d2jtzd336hs8un.cloudfront.net/_next/static/chunks/302-7b32094aede33cd2.js IP 54.230.245.158 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 15:52:14 Last Seen2023-03-11 23:52:31 Times Seen1 Hash 7ca50249caa177ab5cd610f8cd2bf5a0 5af5e540839df637b06d8ae308dd63b59b3dd3c1 44fbeee701628b86e1046bcbdf911c3bdd1718330f59211e0ef183003384e2be Loading...

	d2jtzd336hs8un.cloudfront.net/_next/static/ehIawmgvLPiidfXQEXmP0/_ssgManifest.js	77 B	2023-03-07	2024-04-19
Pretty URL d2jtzd336hs8un.cloudfront.net/_next/static/ehIawmgvLPiidfXQEXmP0/_ssgManifest.js IP 54.230.245.158 ASN #16509 AMAZON-02 Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-07 01:03:02 Last Seen2024-04-19 03:20:24 Times Seen85043 Hash b6652df95db52feb4daf4eca35380933 65451d110137761b318c82d9071c042db80c4036 6f5b4aa00d2f8d6aed9935b471806bf7acef464d0c1d390260e5fe27f800c67e Loading...

	www.googletagmanager.com/gtm.js?id=GTM-TX2LPWK	140 kB	2023-03-08	2023-03-08
Pretty URL www.googletagmanager.com/gtm.js?id=GTM-TX2LPWK IP 142.250.74.168 ASN #15169 GOOGLE Introduced by scriptElement Embedded in HTML false Observations First Seen2023-03-08 16:27:58 Last Seen2023-03-08 16:27:58 Times Seen1 Hash b25b2419b0063d0209fcb7e331ef52f7 32137e4540530b4724d2e6f0a412f80c030002c8 e3e286eecd6f0b6ab8133ac993e0418532e80693baaada863aa164dd1826a835 Loading...

		Size	First Seen	Last Seen
	#1 Write - edc50d8f42d6500ac8aca348cf6ebb84	72 B	2023-03-07	2023-05-13
Pretty Observations First Seen2023-03-07 12:05:29 Last Seen2023-05-13 21:47:18 Times Seen5 Hash edc50d8f42d6500ac8aca348cf6ebb84 05f8a42692056ca70e2b6185e6a1152db270dec1 c1680e44b6a5c5686181de262b6af499d9082aec9272d6f187d313d3bd03978f Loading...

HTTP Transactions (91)

URL IP Response Size

booking.hotelsparerhof.it/

135.125.240.140

302 Found

0 B

URL HTTP/1.1
booking.hotelsparerhof.it/
IP
135.125.240.140:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: booking.hotelsparerhof.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Connection: keep-alive
Upgrade-Insecure-Requests: 1

HTTP/1.1 302 Found
content-length: 0
location: https://booking.hotelsparerhof.it/
cache-control: no-cache

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
cfec3d7283a9b66d2be426ce54d210f3
808c1feb1ba918951d1928c1f6bfc0c253262774
1bad6c06aa3e88dcbc125fc98a6cb753eb2b18d2c8dd61da21d12209aeeda3f9

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "1BAD6C06AA3E88DCBC125FC98A6CB753EB2B18D2C8DD61DA21D12209AEEDA3F9"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=14065
Expires: Mon, 05 Dec 2022 05:05:51 GMT
Date: Mon, 05 Dec 2022 01:11:26 GMT
Connection: keep-alive

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
fb2c0697c6d9a96a5411dd2952947458
79e57f831ec396bbdaa5bfe9472a05e6c9fb31f4
3fd7edcc349ab4402f62e54a142be6b4cecf0e7ee3f431d3168bdf0643ba4d92

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4786
Cache-Control: max-age=124777
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:11:26 GMT
Etag: "638c76f5-1d7"
Expires: Tue, 06 Dec 2022 11:51:03 GMT
Last-Modified: Sun, 04 Dec 2022 10:31:17 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

firefox.settings.services.mozilla.com/v1/

34.102.187.140

200 OK

939 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (939), with no line terminators
Size
939 B (939 bytes)
Hash
30db107dcf4380cef05efea409c2e6a3
96e6a306fbc07299aba64e5c14e2bfca35872fa9
b64051a4a8e346e3c72b2aef77f360a5736ab5e16711d8e0bae3876feaa15b6e

HTTP Headers

GET /v1/ HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Retry-After, Content-Type, Backoff, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 939
via: 1.1 google
date: Mon, 05 Dec 2022 00:18:26 GMT
cache-control: public,max-age=3600
content-type: application/json
age: 3180
alt-svc: clear
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
1ea206ac3c440825741687351f8c6e4e
2f38dafd8c43dcce2411a0590bc5c02cd6286735
7d7232c8c91bcd18161ba2c9d23e3bff159604e058bd5b3fc1c7fcbcd03a7ee3

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "7D7232C8C91BCD18161BA2C9D23E3BFF159604E058BD5B3FC1C7FCBCD03A7EE3"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=13832
Expires: Mon, 05 Dec 2022 05:01:58 GMT
Date: Mon, 05 Dec 2022 01:11:26 GMT
Connection: keep-alive

content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain

34.160.144.191

200 OK

5.3 kB

URL HTTP/2
content-signature-2.cdn.mozilla.net/chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain
IP
34.160.144.191:0
ASN
#15169 GOOGLE

File type
PEM certificate\012- , ASCII text
Size
5.3 kB (5348 bytes)
Hash
9ebddc2b260d081ebbefee47c037cb28
492bad62a7ca6a74738921ef5ae6f0be5edebf39
74bbb7cba16f7d084a08a0907d47d7496e5c148f904707ec6950f8f6a61027e5

HTTP Headers

GET /chains/remote-settings.content-signature.mozilla.org-2022-12-30-09-21-26.chain HTTP/1.1
Host: content-signature-2.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-amz-id-2: Tf2s3cYbGHM4y6zHPIb8SMlThTq6yL82/mrxUVKtU0JGoOCAV7P+/T806Cg8AC421B7Jqwv9OOY=
x-amz-request-id: BWM2593CGGHDWYGW
content-disposition: attachment
accept-ranges: bytes
server: AmazonS3
content-length: 5348
via: 1.1 google
date: Mon, 05 Dec 2022 00:47:46 GMT
age: 1420
last-modified: Thu, 10 Nov 2022 09:21:27 GMT
etag: "9ebddc2b260d081ebbefee47c037cb28"
content-type: binary/octet-stream
cache-control: public,max-age=3600
alt-svc: clear
X-Firefox-Spdy: h2

contile.services.mozilla.com/v1/tiles

34.117.237.239

200 OK

12 B

URL HTTP/2
contile.services.mozilla.com/v1/tiles
IP
34.117.237.239:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with no line terminators
Size
12 B (12 bytes)
Hash
23e88fb7b99543fb33315b29b1fad9d6
a48926c4ec03c7c8a4e8dffcd31e5a6cdda417ce
7d8f1de8b7de7bc21dfb546a1d0c51bf31f16eee5fad49dbceae1e76da38e5c3

HTTP Headers

GET /v1/tiles HTTP/1.1
Host: contile.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
date: Mon, 05 Dec 2022 01:11:26 GMT
content-type: application/json
content-length: 12
strict-transport-security: max-age=31536000
via: 1.1 google
alt-svc: clear
X-Firefox-Spdy: h2

firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US

34.102.187.140

200 OK

329 B

URL HTTP/2
firefox.settings.services.mozilla.com/v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US
IP
34.102.187.140:0
ASN
#15169 GOOGLE

File type
JSON data\012- , ASCII text, with very long lines (329), with no line terminators
Size
329 B (329 bytes)
Hash
0333b0655111aa68de771adfcc4db243
63f295a144ac87a7c8e23417626724eeca68a7eb
60636eb1dc67c9ed000fe0b49f03777ad6f549cb1d2b9ff010cf198465ae6300

HTTP Headers

GET /v1/buckets/main/collections/ms-language-packs/records/cfr-v1-en-US HTTP/1.1
Host: firefox.settings.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: Last-Modified, Retry-After, Cache-Control, Content-Type, Pragma, Backoff, ETag, Expires, Content-Length, Alert
content-security-policy: default-src 'none'; frame-ancestors 'none'; base-uri 'none';
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
content-length: 329
via: 1.1 google
date: Mon, 05 Dec 2022 01:08:58 GMT
cache-control: public,max-age=3600
age: 149
last-modified: Fri, 25 Mar 2022 17:45:46 GMT
etag: "1648230346554"
content-type: application/json
alt-svc: clear
X-Firefox-Spdy: h2

ocsp.digicert.com/

93.184.220.29

200 OK

471 B

URL HTTP/1.1
ocsp.digicert.com/
IP
93.184.220.29:0
ASN
#15133 EDGECAST

File type
data
Size
471 B (471 bytes)
Hash
31b129c94a90b1e695b21395cb54e378
a3cae46b48d469cc61ab0581303bcd5f5b654db9
fac3f681be358a20f78958dff10c89b7a91365c5114c81246c1bc34c1362ba1e

HTTP Headers

POST / HTTP/1.1
Host: ocsp.digicert.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 83
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Accept-Ranges: bytes
Age: 4775
Cache-Control: max-age=119699
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:11:27 GMT
Etag: "638c632b-1d7"
Expires: Tue, 06 Dec 2022 10:26:26 GMT
Last-Modified: Sun, 04 Dec 2022 09:06:51 GMT
Server: ECS (ska/F719)
X-Cache: HIT
Content-Length: 471

push.services.mozilla.com/

52.39.96.8

101 Switching Protocols

0 B

URL HTTP/1.1
push.services.mozilla.com/
IP
52.39.96.8:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET / HTTP/1.1
Host: push.services.mozilla.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Sec-WebSocket-Version: 13
Origin: wss://push.services.mozilla.com/
Sec-WebSocket-Protocol: push-notification
Sec-WebSocket-Extensions: permessage-deflate
Sec-WebSocket-Key: ZxlGfkTlAbDs4SVld3o9bw==
Connection: keep-alive, Upgrade
Sec-Fetch-Dest: websocket
Sec-Fetch-Mode: websocket
Sec-Fetch-Site: cross-site
Pragma: no-cache
Cache-Control: no-cache
Upgrade: websocket

HTTP/1.1 101 Switching Protocols
Connection: Upgrade
Upgrade: websocket
Sec-WebSocket-Accept: 83PR0vOU7h3auMoqOL8NsmR3XLE=

d2jtzd336hs8un.cloudfront.net/_next/static/media/bf-icons-extended.00ff8422.ttf

54.230.245.158

200 OK

94 kB

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/_next/static/media/bf-icons-extended.00ff8422.ttf
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Size
94 kB (93868 bytes)
Hash
439b52438c772a69ba68cddd45b0ba56
acc851fc76bade985719ddd6b688e184f1096121
fd15c1d08eecfa3bebd1c8a1e28836de2f04036509f7ee65e1945cc0decd725d

HTTP Headers

GET /_next/static/media/bf-icons-extended.00ff8422.ttf HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://booking.hotelsparerhof.it
Connection: keep-alive
Referer: https://d2jtzd336hs8un.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 93868
date: Tue, 15 Nov 2022 13:37:21 GMT
last-modified: Tue, 03 May 2022 12:24:17 GMT
etag: "62711ef1-16eac"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
strict-transport-security: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gyyzO8R3rOckTNe4jI6wNqntccu1gi3zLeL-uH7vuuqkLnml7k6q0g==
age: 1683247
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/static/themes/default/assets/fonts/icons.woff

54.230.245.158

200 OK

50 kB

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/static/themes/default/assets/fonts/icons.woff
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type
Web Open Font Format, TrueType, length 50524, version 1.0\012- data
Size
50 kB (50524 bytes)
Hash
faff92145777a3cbaf8e7367b4807987
9c293328f39dc54bd654d273d0cc5af0d11905c6
95b6a4840f8711ecab427bc236eb86098db7e5c782bafb139c8c30805aa5ffe1

HTTP Headers

GET /static/themes/default/assets/fonts/icons.woff HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://booking.hotelsparerhof.it
Connection: keep-alive
Referer: https://d2jtzd336hs8un.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/font-woff
content-length: 50524
date: Sun, 04 Dec 2022 08:03:41 GMT
last-modified: Tue, 03 May 2022 12:24:30 GMT
etag: "62711efe-c55c"
access-control-allow-origin: *
accept-ranges: bytes
strict-transport-security: max-age=15768000
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: wn6exJCXRR3-wR084oHXp5pLmfKgSQ6kOAIyVQJI1R8YfMNh3PcAyQ==
age: 61667
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/_next/static/media/bf-icons.3014e895.ttf

54.230.245.158

200 OK

156 kB

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/_next/static/media/bf-icons.3014e895.ttf
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type
TrueType Font data, 11 tables, 1st "OS/2", 14 names, Macintosh, type 1 string, icomoon \012- data
Size
156 kB (156184 bytes)
Hash
e457529d073c28d569d2808199a9bffe
689f15a06422982cc641b6406abb13db284a9ab1
6004f0b7111e09c8acdae325b3e75d38f965d89d6321df8811dabaf44d76d5df

HTTP Headers

GET /_next/static/media/bf-icons.3014e895.ttf HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://booking.hotelsparerhof.it
Connection: keep-alive
Referer: https://d2jtzd336hs8un.cloudfront.net/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/octet-stream
content-length: 156184
date: Tue, 15 Nov 2022 13:37:21 GMT
last-modified: Tue, 03 May 2022 12:34:30 GMT
etag: "62712156-26218"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
accept-ranges: bytes
strict-transport-security: max-age=31536000
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ZPQEDJiR-w1unLwwpfXoxZWi6WjNMPo6UV-NGRqkxbS7IE-0hhmKYA==
age: 1683247
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
aadd308b7be5b34c25b80471b08cf503
5f9ecf8d75f43bb4950d04aea40a1d9f667a7ff3
0f72c93a3ff7db91d593f05bb99704283f89fb3fe995cfe5c4b774549a313531

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "0F72C93A3FF7DB91D593F05BB99704283F89FB3FE995CFE5C4B774549A313531"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=6028
Expires: Mon, 05 Dec 2022 02:51:56 GMT
Date: Mon, 05 Dec 2022 01:11:28 GMT
Connection: keep-alive

s.mts-online.com/u1043/en/widget/kube.js

188.40.17.54

200 OK

56 kB

URL HTTP/1.1
s.mts-online.com/u1043/en/widget/kube.js
IP
188.40.17.54:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (65241)
Size
56 kB (56431 bytes)
Hash
e7d39e4402525590d50526259270ce3a
f9868179f05b9539799e5cd52c483ee92492d573
1b27281008055997bef5bc840ad94ff85ae1eb50666435a728ac8f15c20328e4

HTTP Headers

GET /u1043/en/widget/kube.js HTTP/1.1
Host: s.mts-online.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 01:11:28 GMT
Server: Apache/2.4.18 (Ubuntu)
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Etag
Cache-Control: private, max-age=900, must-revalidate
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
ETag: "c71d9ec97f7c19abef0ae9d95ace5256"
Last-Modified: Mon, 05 Dec 2022 01:11:28 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/javascript

cdn.jsdelivr.net/npm/litepicker/dist/bundle.js

151.101.129.229

200 OK

22 kB

URL HTTP/2
cdn.jsdelivr.net/npm/litepicker/dist/bundle.js
IP
151.101.129.229:0
ASN
#54113 FASTLY

File type
Unicode text, UTF-8 text, with very long lines (63805)
Size
22 kB (22511 bytes)
Hash
de04e462c177d5ebb1d555ddef62b8bf
683dde85388687bf80670097d7dea1e99104a9ea
4067a4d422a1b5500675f13c6c366f32c0ef4eaab3eec550aaf990022a6b1b5b

HTTP Headers

GET /npm/litepicker/dist/bundle.js HTTP/1.1
Host: cdn.jsdelivr.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-origin: *
access-control-expose-headers: *
timing-allow-origin: *
cache-control: public, max-age=604800, s-maxage=43200
cross-origin-resource-policy: cross-origin
x-content-type-options: nosniff
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/javascript; charset=utf-8
x-jsd-version: 2.0.12
x-jsd-version-type: version
etag: W/"19b4e-ArtgGwQTHTJAWBv4sJZ4/fCkxIQ"
content-encoding: gzip
accept-ranges: bytes
date: Mon, 05 Dec 2022 01:11:28 GMT
age: 24879
x-served-by: cache-fra-eddf8230139-FRA, cache-bma1661-BMA
x-cache: HIT, HIT
vary: Accept-Encoding
alt-svc: h3=":443";ma=86400,h3-29=":443";ma=86400,h3-27=":443";ma=86400
content-length: 22511
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/_next/static/chunks/pages/index-4f91dc75cd41d669.js

54.230.245.158

200 OK

19 kB

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/pages/index-4f91dc75cd41d669.js
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type
data
Size
19 kB (19365 bytes)
Hash
bb376d5ffcbb1ac330df765123c2dda2
10df302a8b7b916401aeb6a481dcd40b4b11f2fa
1990d59db12495b9d1e9d4bfa33a84df4ce10ec3009b386efdea85119eaf05c3

HTTP Headers

GET /_next/static/chunks/pages/index-4f91dc75cd41d669.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 16:02:09 GMT
last-modified: Mon, 28 Nov 2022 16:01:42 GMT
etag: W/"6384db66-1326b"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: RmqCmtxdZBzvDpPI_BJXqhvHUhOvFlqZ2OAgBWUSQLq_Nr9JtjF0Iw==
age: 551358
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/_next/static/ehIawmgvLPiidfXQEXmP0/_buildManifest.js

54.230.245.158

200 OK

1.7 kB

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/_next/static/ehIawmgvLPiidfXQEXmP0/_buildManifest.js
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type
data
Size
1.7 kB (1668 bytes)
Hash
bee39334548661c03343fa968fd9fa6a
83e974fe1b18cdc018349b35da08e4780385955f
303b6107f913a82a99e6edbcf69419b0db52706f1eb472a000560b057a7485fa

HTTP Headers

GET /_next/static/ehIawmgvLPiidfXQEXmP0/_buildManifest.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 16:02:09 GMT
last-modified: Mon, 28 Nov 2022 16:01:50 GMT
etag: W/"6384db6e-e22"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vQ95y4CNwTyHzn_yRdAV5cTbF2vm_TXHG10gvqBy3h2PvCMiOPnp2g==
age: 551358
X-Firefox-Spdy: h2

www.googletagmanager.com/gtm.js?id=GTM-TX2LPWK

142.250.74.168

200 OK

50 kB

URL HTTP/2
www.googletagmanager.com/gtm.js?id=GTM-TX2LPWK
IP
142.250.74.168:0
ASN
#15169 GOOGLE

File type
ASCII text, with very long lines (7461)
Size
50 kB (50092 bytes)
Hash
2aa04a9c26e957494e9916ded16273be
8315b9ca2c15f0b1fd812efb9211472e900ff619
aec2136618720dc1e9a64c806f4ca04573d59996cc65da9546bddab19b94b47c

HTTP Headers

GET /gtm.js?id=GTM-TX2LPWK HTTP/1.1
Host: www.googletagmanager.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
content-encoding: br
vary: Accept-Encoding
date: Mon, 05 Dec 2022 01:11:28 GMT
expires: Mon, 05 Dec 2022 01:11:28 GMT
cache-control: private, max-age=900
last-modified: Mon, 05 Dec 2022 00:00:00 GMT
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
server: Google Tag Manager
content-length: 50092
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
X-Firefox-Spdy: h2

ocsp.pki.goog/gts1c3

142.250.74.131

200 OK

472 B

URL HTTP/1.1
ocsp.pki.goog/gts1c3
IP
142.250.74.131:0
ASN
#15169 GOOGLE

File type
data
Size
472 B (472 bytes)
Hash
3c4319f54a5675ee9acda96c58f97ac6
210ea86db1836d430b321d59b4bd1b016c914f22
cb20ad3ec895ed3a2ae9b1a90dda6b7cc174d8851f3a15ba054a435746cbdc65

HTTP Headers

POST /gts1c3 HTTP/1.1
Host: ocsp.pki.goog
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 84
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Content-Type: application/ocsp-response
Date: Mon, 05 Dec 2022 01:11:28 GMT
Cache-Control: public, max-age=14400
Server: ocsp_responder
Content-Length: 472
X-XSS-Protection: 0
X-Frame-Options: SAMEORIGIN

res.cloudinary.com/seekda/image/upload/w_1920,h_1080,c_limit,f_auto,fl_lossy,q_auto/production/S000306/sparerhof-hotel-restaurant.png

151.101.1.137

200 OK

2.4 kB

URL HTTP/2
res.cloudinary.com/seekda/image/upload/w_1920,h_1080,c_limit,f_auto,fl_lossy,q_auto/production/S000306/sparerhof-hotel-restaurant.png
IP
151.101.1.137:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.4 kB (2396 bytes)
Hash
6a8562c1219857e18df7efca8adaa56c
ef89b8dc28823b8c0072a9bc612c22fb0d32d528
0aa479c24f8f62e270d1f0ba62c3e76be5da5e9425c039c446fbd36d145e9097

HTTP Headers

GET /seekda/image/upload/w_1920,h_1080,c_limit,f_auto,fl_lossy,q_auto/production/S000306/sparerhof-hotel-restaurant.png HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-disposition: inline; filename="sparerhof-hotel-restaurant.webp"
content-type: image/webp
etag: "6a8562c1219857e18df7efca8adaa56c"
last-modified: Fri, 10 Jun 2022 09:40:38 GMT
date: Mon, 05 Dec 2022 01:11:29 GMT
vary: Save-Data
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=1;start=2022-12-05T01:11:29.043Z;desc=hit,rtt;dur=9
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 2396
X-Firefox-Spdy: h2

res.cloudinary.com/seekda/image/upload/w_1920,ar_2.8,c_fill,f_auto,fl_lossy,q_auto/production/S000306/Spargelmaultaschen_mit_Kalbsragout-Sparerhof-2.jpg

151.101.1.137

200 OK

67 kB

URL HTTP/2
res.cloudinary.com/seekda/image/upload/w_1920,ar_2.8,c_fill,f_auto,fl_lossy,q_auto/production/S000306/Spargelmaultaschen_mit_Kalbsragout-Sparerhof-2.jpg
IP
151.101.1.137:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image, VP8 encoding, 1920x686, Scaling: [none]x[none], YUV color, decoders should clamp\012- data
Size
67 kB (66552 bytes)
Hash
f91614ed3ab05d6660a4103ee4f327fc
2b3e84fcea593775acc3cd2223b13ae227153b9e
9affe47b10b9382a1df74ea7c7cba96c3d419629c970bca8dd06569d39bfd34e

HTTP Headers

GET /seekda/image/upload/w_1920,ar_2.8,c_fill,f_auto,fl_lossy,q_auto/production/S000306/Spargelmaultaschen_mit_Kalbsragout-Sparerhof-2.jpg HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-disposition: inline; filename="Spargelmaultaschen_mit_Kalbsragout-Sparerhof-2.webp"
content-type: image/webp
etag: "f91614ed3ab05d6660a4103ee4f327fc"
last-modified: Tue, 15 Mar 2022 07:14:56 GMT
date: Mon, 05 Dec 2022 01:11:29 GMT
vary: Save-Data
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=1;cpu=0;start=2022-12-05T01:11:29.044Z;desc=hit,rtt;dur=9
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 66552
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/_next/static/chunks/webpack-af0fc1fb1b57cb39.js

54.230.245.158

200 OK

1.5 kB

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/webpack-af0fc1fb1b57cb39.js
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type
data
Size
1.5 kB (1493 bytes)
Hash
c37ad93dab064aac8b15a7eae013abfd
ac21fdc24713e9d1779e86c67a90dc4664ea5da6
4eb0192dc33c25575222bd71b79f9582ed64041a3966ab756745d616b4aba95f

HTTP Headers

GET /_next/static/chunks/webpack-af0fc1fb1b57cb39.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Tue, 03 May 2022 12:34:30 GMT
etag: W/"62712156-7ce"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: F8Wd36BWqCJaIVs3HjcRvf75_beZfxhXvJDE5w2K0gp_8U7JlK1gGA==
age: 1683444
X-Firefox-Spdy: h2

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7492
Expires: Mon, 05 Dec 2022 03:16:21 GMT
Date: Mon, 05 Dec 2022 01:11:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7492
Expires: Mon, 05 Dec 2022 03:16:21 GMT
Date: Mon, 05 Dec 2022 01:11:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7492
Expires: Mon, 05 Dec 2022 03:16:21 GMT
Date: Mon, 05 Dec 2022 01:11:29 GMT
Connection: keep-alive

r3.o.lencr.org/

23.33.119.27

200 OK

503 B

URL HTTP/1.1
r3.o.lencr.org/
IP
23.33.119.27:0
ASN
#20940 Akamai International B.V.

File type
data
Size
503 B (503 bytes)
Hash
83e0936435ad95a15c9ec5ff9520f4fe
a8225ee0d8ae117f977f7ff817c342c62e91b5a9
ef0f5b2ab2055446d4ea8b738f605c3bf835cf72e872d6a9c9a6c9b2917737e7

HTTP Headers

POST / HTTP/1.1
Host: r3.o.lencr.org
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate
Content-Type: application/ocsp-request
Content-Length: 85
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache

HTTP/1.1 200 OK
Server: nginx
Content-Type: application/ocsp-response
Content-Length: 503
ETag: "EF0F5B2AB2055446D4EA8B738F605C3BF835CF72E872D6A9C9A6C9B2917737E7"
Last-Modified: Sat, 03 Dec 2022 21:00:00 UTC
Cache-Control: public, no-transform, must-revalidate, max-age=7492
Expires: Mon, 05 Dec 2022 03:16:21 GMT
Date: Mon, 05 Dec 2022 01:11:29 GMT
Connection: keep-alive

img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg

34.120.237.76

200 OK

8.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
gzip compressed data, from Unix\012- data
Size
8.6 kB (8564 bytes)
Hash
9c147a44b8a47f2da04b04f1cd8c654d
5477955c4b9e8a987ce3392102e3201670cd184a
980facd26202751c6bde62822ee9c5763bf4aaaf562728a256141077f5caba18

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F15537f94-1f24-4010-9d46-d70fec20ced3.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 6827
x-amzn-requestid: 68443283-d7bf-4a40-8b2a-32c81e160d35
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUkE6foAMFb3w=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb6-570021b92c46c99d1ad363bd;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:38 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: S96VFv064j3TfGQEG2cAJxe7UdaSey-JJUGERVgpm8mtdTmPk7FE6g==
via: 1.1 4f87745990545c1ac0195c157e1668f8.cloudfront.net (CloudFront), 1.1 570075675953459325e00b7bcd171df2.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:21:44 GMT
age: 78585
etag: "8d3d92355304ccfcd50ae96f55b2754220f05187"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/_next/static/css/e45bafd752dbfc1b.css

54.230.245.158

200 OK

62 kB

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/_next/static/css/e45bafd752dbfc1b.css
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type
data
Size
62 kB (62389 bytes)
Hash
25b79a347a9aaa351389642ba5753b93
c4434df5d4e53e12f301755b1316ba178b31587c
475c04d90cba19ccc7ebe5f4cecdead143aecbb88dada16fc2b74dbbb3b31d05

HTTP Headers

GET /_next/static/css/e45bafd752dbfc1b.css HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
date: Mon, 28 Nov 2022 15:47:45 GMT
last-modified: Mon, 28 Nov 2022 15:47:13 GMT
etag: W/"6384d801-50631"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EUtrLh43Ow1zSJxMCMCM0wB_xucGefjbia0yIQuf3cM-5PGMjpKwIA==
age: 552222
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/static/icons.css?checksum=10237f48c3fa09118c62aea0fad9d4f4

54.230.245.158

200 OK

14 kB

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/static/icons.css?checksum=10237f48c3fa09118c62aea0fad9d4f4
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type
data
Size
14 kB (13808 bytes)
Hash
863210584bc5d45f4962abbccd2ce929
3e4f960f7dd6b1c3d793457c90b549a227d3f347
0f21f474e2ea22e970df136844d5305071c798db2937a98d52cc89005efe430e

HTTP Headers

GET /static/icons.css?checksum=10237f48c3fa09118c62aea0fad9d4f4 HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
date: Sun, 04 Dec 2022 11:08:27 GMT
last-modified: Tue, 03 May 2022 12:24:30 GMT
etag: W/"62711efe-4a0a"
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=15768000
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uQMSxU7YvqAAXsAjXOChZBesVKQZ2nBP0rDOqbKCP_5-rNxrmTgGEg==
age: 50580
X-Firefox-Spdy: h2

34.120.237.76

200 OK

12 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
12 kB (12348 bytes)
Hash
b8e6f84dff61fedd8ff9baa9bb648883
f8d5cc7b315879b66a11b403463da1330617d2fa
025c66a4a0e7927353e1733d7f8cfb6ec3c9c0228d34267cbff11f09cf112127

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2Fe9e8d044-2cda-4dba-9da8-c0a296845bca.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 12348
x-amzn-requestid: 72f681ef-9ae7-4fc5-8539-230e1d4277a1
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKa_HpTIAMFrcg=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abddf-43ef45165fd982997e5018c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:09:19 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Hit from cloudfront
x-amz-cf-id: tGsNaADKr1KoJT7rxDSFf8dxM1_IXsaF67Eqe8DIO9PAJy8HtqQKng==
via: 1.1 49b94a8674d6e86a841d6523f7dbaf14.cloudfront.net (CloudFront), 1.1 556b99c6be8d7078b9f067347c62df6a.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:21:42 GMT
age: 78587
etag: "f8d5cc7b315879b66a11b403463da1330617d2fa"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/static/semantic.min.css?checksum=c693bf067390b2ec6106c2aec0a1c2b1

54.230.245.158

200 OK

108 kB

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/static/semantic.min.css?checksum=c693bf067390b2ec6106c2aec0a1c2b1
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type
data
Size
108 kB (108305 bytes)
Hash
e3489b0fa3e7322cafb2a10426b3f4d6
efe1997282b72461005b3bac39dcafb3054a2ce2
e1adc77541fd0611e72638f3b7e8bd2cac1f6bd0457e1d376f452d2f680d5626

HTTP Headers

GET /static/semantic.min.css?checksum=c693bf067390b2ec6106c2aec0a1c2b1 HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: text/css
date: Sun, 04 Dec 2022 02:36:24 GMT
last-modified: Wed, 27 Jul 2022 15:15:58 GMT
etag: W/"62e156ae-996ea"
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=15768000
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 8I4My_a1eH9N293NLexqPXYyCAodCgC5lmkr7oppG8I-5Ly6RCyOyQ==
age: 81303
X-Firefox-Spdy: h2

34.120.237.76

200 OK

7.6 kB

URL HTTP/2
img-getpocket.cdn.mozilla.net/296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b8e1482-c241-410e-81b0-55ea5ac84c98.jpeg
IP
34.120.237.76:0
ASN
#15169 GOOGLE

File type
JPEG image data, JFIF standard 1.01, aspect ratio, density 1x1, segment length 16, progressive, precision 8, 296x148, components 3\012- data
Size
7.6 kB (7631 bytes)
Hash
50eeb012f0903f0848c8afcd6b26a7ec
ff7740d3c12ce7ab23291272221c0d9503f9c139
f4aeac45941c34d8e0794d20a4bb2658b020fed85c5059f247844f2755bc9d72

HTTP Headers

GET /296x148/filters:format(jpeg):quality(60):no_upscale():strip_exif()/https%3A%2F%2Fs3.amazonaws.com%2Fpocket-curatedcorpusapi-prod-images%2F7b8e1482-c241-410e-81b0-55ea5ac84c98.jpeg HTTP/1.1
Host: img-getpocket.cdn.mozilla.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: null
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: nginx
content-length: 7631
x-amzn-requestid: 9fc3a621-dcd9-4332-b085-6cda0cb25ac9
x-xss-protection: 1; mode=block
access-control-allow-origin: *
strict-transport-security: max-age=63072000; includeSubdomains; preload
x-frame-options: DENY
content-security-policy: default-src 'none'; img-src 'self'; script-src 'self'; style-src 'self'; object-src 'none'
x-amz-apigw-id: cjKUYF2toAMFVkQ=
x-content-type-options: nosniff
x-amzn-trace-id: Root=1-638abdb5-36f6c7d67940ed18394328c8;Sampled=0
x-amzn-remapped-date: Sat, 03 Dec 2022 03:08:37 GMT
x-amz-cf-pop: SEA19-C2
x-cache: Miss from cloudfront
x-amz-cf-id: azPc-KWHbEA3DMhyphQq3zERUrF14hxrEHwxDZZfcFlu5-IpyKwtgw==
via: 1.1 da5952aa802df39905ceb16592e9698a.cloudfront.net (CloudFront), 1.1 57a21088b36c69a83578b5a5579df58e.cloudfront.net (CloudFront), 1.1 google
date: Sun, 04 Dec 2022 03:17:41 GMT
age: 78828
etag: "ff7740d3c12ce7ab23291272221c0d9503f9c139"
content-type: image/jpeg
cache-control: max-age=3600,public,public
alt-svc: clear
X-Firefox-Spdy: h2

s.mts-online.com/u1043/widget/kube.css

188.40.17.54

200 OK

11 kB

URL HTTP/1.1
s.mts-online.com/u1043/widget/kube.css
IP
188.40.17.54:0
ASN
#24940 Hetzner Online GmbH

File type
ASCII text, with very long lines (65536), with no line terminators
Size
11 kB (10862 bytes)
Hash
e617804762f2ceca8d636905c45790a6
cb0de8bcce1fed76f8b80c04c5f428303106e9aa
d8d9b8699dc684b8e1cce2d238bc9e17e118617373d77a50e433a9526a84f02b

HTTP Headers

GET /u1043/widget/kube.css HTTP/1.1
Host: s.mts-online.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/css,*/*;q=0.1
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: style
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 01:11:28 GMT
Server: Apache/2.4.18 (Ubuntu)
Access-Control-Allow-Origin: *
Access-Control-Expose-Headers: Etag
Cache-Control: private, max-age=900, must-revalidate
Content-Encoding: gzip
Vary: Accept-Encoding
Strict-Transport-Security: max-age=0
ETag: "c605b4385fc223250701273a907ac7be"
Last-Modified: Thu, 01 Dec 2022 10:03:40 GMT
Keep-Alive: timeout=5, max=99
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: text/css;charset=UTF-8

s.mts-online.com/u1043/2.6/Vollkorn-Regular.woff2

188.40.17.54

200 OK

111 kB

URL HTTP/1.1
s.mts-online.com/u1043/2.6/Vollkorn-Regular.woff2
IP
188.40.17.54:0
ASN
#24940 Hetzner Online GmbH

File type
Web Open Font Format (Version 2), TrueType, length 111156, version 1.0\012- data
Size
111 kB (111156 bytes)
Hash
d8dc0f62049bfc71135f21c206a2e0ee
bf3ec35e50d4c7db89ae567b5081e2124ced8767
e80613b15d1942c45d026094ed01b89bc4aa69e036a5fe9b09199c36017786d6

HTTP Headers

GET /u1043/2.6/Vollkorn-Regular.woff2 HTTP/1.1
Host: s.mts-online.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://booking.hotelsparerhof.it
Connection: keep-alive
Referer: https://s.mts-online.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 01:11:29 GMT
Server: Apache/2.4.18 (Ubuntu)
Access-Control-Allow-Origin: *
Expires: Tue, 05 Dec 2023 01:11:29 GMT
Strict-Transport-Security: max-age=0
ETag: "ffaf9aa7658f52ce14bd5f1f867821a6"
Last-Modified: Mon, 14 Mar 2022 13:17:51 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/font-woff2

s.mts-online.com/u1043/2.6/Vollkorn-Bold.woff2

188.40.17.54

200 OK

118 kB

URL HTTP/1.1
s.mts-online.com/u1043/2.6/Vollkorn-Bold.woff2
IP
188.40.17.54:0
ASN
#24940 Hetzner Online GmbH

File type
Web Open Font Format (Version 2), TrueType, length 118540, version 1.0\012- data
Size
118 kB (118540 bytes)
Hash
5a8cbd8b654f9bffd9cdfa5862db7e2b
023ef830fc1af09ac0cb86a735dfa7d895ad36de
195eeaee5b15b20e91f9c9635cb32c4af22989d2c248e729a72b94766493b9d3

HTTP Headers

GET /u1043/2.6/Vollkorn-Bold.woff2 HTTP/1.1
Host: s.mts-online.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/font-woff2;q=1.0,application/font-woff;q=0.9,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: identity
Origin: https://booking.hotelsparerhof.it
Connection: keep-alive
Referer: https://s.mts-online.com/
Sec-Fetch-Dest: font
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/1.1 200 OK
Date: Mon, 05 Dec 2022 01:11:29 GMT
Server: Apache/2.4.18 (Ubuntu)
Access-Control-Allow-Origin: *
Expires: Tue, 05 Dec 2023 01:11:29 GMT
Strict-Transport-Security: max-age=0
ETag: "76b31e224eb225d71521020ecb825c8a"
Last-Modified: Mon, 14 Mar 2022 13:17:52 GMT
Keep-Alive: timeout=5, max=100
Connection: Keep-Alive
Transfer-Encoding: chunked
Content-Type: application/font-woff2

quality.seekda.com/events/ibe/searchBoxInit?

135.125.240.141

200 OK

0 B

URL HTTP/2
quality.seekda.com/events/ibe/searchBoxInit?
IP
135.125.240.141:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /events/ibe/searchBoxInit? HTTP/1.1
Host: quality.seekda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: cache-control,content-type
Referer: https://booking.hotelsparerhof.it/
Origin: https://booking.hotelsparerhof.it
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://booking.hotelsparerhof.it
access-control-allow-methods: POST
access-control-allow-headers: cache-control, content-type
access-control-allow-credentials: true
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
content-length: 0
date: Mon, 05 Dec 2022 01:11:29 GMT
strict-transport-security: max-age=15768000
set-cookie: VCSADDYFIHLUNGF=cheiG8ch; path=/; HttpOnly; Secure; SameSite=none
X-Firefox-Spdy: h2

quality.seekda.com/events/ibe/pageLoaded?

135.125.240.141

200 OK

0 B

URL HTTP/2
quality.seekda.com/events/ibe/pageLoaded?
IP
135.125.240.141:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /events/ibe/pageLoaded? HTTP/1.1
Host: quality.seekda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: cache-control,content-type
Referer: https://booking.hotelsparerhof.it/
Origin: https://booking.hotelsparerhof.it
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://booking.hotelsparerhof.it
access-control-allow-methods: POST
access-control-allow-headers: cache-control, content-type
access-control-allow-credentials: true
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
content-length: 0
date: Mon, 05 Dec 2022 01:11:29 GMT
strict-transport-security: max-age=15768000
set-cookie: VCSADDYFIHLUNGF=thei9zuS; path=/; HttpOnly; Secure; SameSite=none
X-Firefox-Spdy: h2

images.seekda.net/S000306/sparerhof_favicon_96.png

135.125.240.142

307 Temporary Redirect

0 B

URL HTTP/2
images.seekda.net/S000306/sparerhof_favicon_96.png
IP
135.125.240.142:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

GET /S000306/sparerhof_favicon_96.png HTTP/1.1
Host: images.seekda.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 307 Temporary Redirect
location: https://res.cloudinary.com/seekda/image/upload/if_ar_gte_16:9,w_3888,h_1080,c_limit/if_ar_gte_9:16_and_ar_lt_16:9,w_1920,h_1920,c_limit/if_ar_lt_9:16,w_1080,h_3888,c_limit/f_auto,fl_lossy,q_auto/production/S000306/sparerhof_favicon_96.png
allow: GET,HEAD,POST,OPTIONS
access-control-allow-origin: https://hotels.kognitiv.com
access-control-allow-methods: GET, POST, OPTIONS
access-control-allow-headers: DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type
content-length: 0
date: Mon, 05 Dec 2022 01:11:29 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

hbe-api.kognitiv.com/marketing?channelId=ibe&context=DETAIL

135.125.240.149

200 OK

2 B

URL HTTP/2
hbe-api.kognitiv.com/marketing?channelId=ibe&context=DETAIL
IP
135.125.240.149:0
ASN
#16276 OVH SAS

File type
JSON data\012- , ASCII text, with no line terminators
Size
2 B (2 bytes)
Hash
d751713988987e9331980363e24189ce
97d170e1550eee4afc0af065b78cda302a97674c
4f53cda18c2baa0c0354bb5f9a3ecbe5ed12ab4d8e11ba873c2f11161202b945

HTTP Headers

GET /marketing?channelId=ibe&context=DETAIL HTTP/1.1
Host: hbe-api.kognitiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://booking.hotelsparerhof.it
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/json; charset=utf-8
content-length: 2
status: 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://booking.hotelsparerhof.it
vary: Origin, Accept-Encoding
date: Mon, 05 Dec 2022 01:11:29 GMT
etag: W/"2-l9Fw4VUO7kr8CvBlt4zaMCqXZ0w"
set-cookie: MGLH51CKJDVB=VEI1698VEKLN9; path=/; HttpOnly; Secure
cache-control: private
X-Firefox-Spdy: h2

res.cloudinary.com/seekda/image/upload/if_ar_gte_16:9,w_3888,h_1080,c_limit/if_ar_gte_9:16_and_ar_lt_16:9,w_1920,h_1920,c_limit/if_ar_lt_9:16,w_1080,h_3888,c_limit/f_auto,fl_lossy,q_auto/production/S000306/sparerhof_favicon_96.png

151.101.1.137

200 OK

2.2 kB

URL HTTP/2
res.cloudinary.com/seekda/image/upload/if_ar_gte_16:9,w_3888,h_1080,c_limit/if_ar_gte_9:16_and_ar_lt_16:9,w_1920,h_1920,c_limit/if_ar_lt_9:16,w_1080,h_3888,c_limit/f_auto,fl_lossy,q_auto/production/S000306/sparerhof_favicon_96.png
IP
151.101.1.137:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image\012- data
Size
2.2 kB (2228 bytes)
Hash
1e33e085df24f726c8af072f4f983fe2
41df01e99d0f8d7812704424f7282df42a46d921
ebc7821fba6052ca63cfb77ed2ab091f9330930bfd765dde184df1082bc68479

HTTP Headers

GET /seekda/image/upload/if_ar_gte_16:9,w_3888,h_1080,c_limit/if_ar_gte_9:16_and_ar_lt_16:9,w_1920,h_1920,c_limit/if_ar_lt_9:16,w_1080,h_3888,c_limit/f_auto,fl_lossy,q_auto/production/S000306/sparerhof_favicon_96.png HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://booking.hotelsparerhof.it/
Connection: keep-alive
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-disposition: inline; filename="sparerhof_favicon_96.webp"
content-type: image/webp
etag: "1e33e085df24f726c8af072f4f983fe2"
last-modified: Fri, 10 Jun 2022 09:40:39 GMT
date: Mon, 05 Dec 2022 01:11:30 GMT
vary: Save-Data
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=0;start=2022-12-05T01:11:30.019Z;desc=hit,rtt;dur=8
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 2228
X-Firefox-Spdy: h2

hbe-api.kognitiv.com/unavailable-days

135.125.240.149

200 OK

7.4 kB

URL HTTP/2
hbe-api.kognitiv.com/unavailable-days
IP
135.125.240.149:0
ASN
#16276 OVH SAS

File type
data
Size
7.4 kB (7376 bytes)
Hash
6a6ba6fd25bdfb4ae474921bb9d6efb7
ad67c10dd0b6922c5a983ae898af217b2def89e1
2e933a42fe431a48dc17e589a26c9be0fd6dc1bc3c07c11721f8887f648ff9d4

HTTP Headers

POST /unavailable-days HTTP/1.1
Host: hbe-api.kognitiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 61
Origin: https://booking.hotelsparerhof.it
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://booking.hotelsparerhof.it
vary: Accept-Encoding, Origin, Accept-Encoding
date: Mon, 05 Dec 2022 01:11:30 GMT
etag: W/"5b-guzHEpyOWKfcgWRbSF3Ymamt6aU"
content-encoding: gzip
set-cookie: MGLH51CKJDVB=VEI1698VEKLN9; path=/; HttpOnly; Secure
X-Firefox-Spdy: h2

hbe-api.kognitiv.com/offers

135.125.240.149

200 OK

2.5 kB

URL HTTP/2
hbe-api.kognitiv.com/offers
IP
135.125.240.149:0
ASN
#16276 OVH SAS

File type
JSON data\012- , ASCII text, with very long lines (32574), with no line terminators
Size
2.5 kB (2518 bytes)
Hash
e08ace521cf0091d4a2fe22e121fdfd0
308392e00daefb2d6cf3e27bc92fc90a924d631c
86b7bc0bb31a0dc3b843f5d227e033eab67ad21afae1b33f0ca8ec93b54be9f8

HTTP Headers

POST /offers HTTP/1.1
Host: hbe-api.kognitiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 568
Origin: https://booking.hotelsparerhof.it
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://booking.hotelsparerhof.it
vary: Origin, Accept-Encoding
content-encoding: gzip
date: Mon, 05 Dec 2022 01:11:30 GMT
etag: W/"7f3e-79GyxTVX+g+7Nh7cm+rMwGtX3VE"
set-cookie: MGLH51CKJDVB=HBE7KSGFADL4; path=/; HttpOnly; Secure
X-Firefox-Spdy: h2

quality.seekda.com/events/ibe/viewTrustYouBadge?

135.125.240.141

200 OK

0 B

URL HTTP/2
quality.seekda.com/events/ibe/viewTrustYouBadge?
IP
135.125.240.141:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /events/ibe/viewTrustYouBadge? HTTP/1.1
Host: quality.seekda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: cache-control,content-type
Referer: https://booking.hotelsparerhof.it/
Origin: https://booking.hotelsparerhof.it
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://booking.hotelsparerhof.it
access-control-allow-methods: POST
access-control-allow-headers: cache-control, content-type
access-control-allow-credentials: true
access-control-max-age: 1800
allow: GET, HEAD, POST, PUT, DELETE, TRACE, OPTIONS, PATCH
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
content-length: 0
date: Mon, 05 Dec 2022 01:11:30 GMT
strict-transport-security: max-age=15768000
set-cookie: VCSADDYFIHLUNGF=thei9zuS; path=/; HttpOnly; Secure; SameSite=none
X-Firefox-Spdy: h2

quality.seekda.com/events/ibe/pageReady?

135.125.240.141

200 OK

79 B

URL HTTP/2
quality.seekda.com/events/ibe/pageReady?
IP
135.125.240.141:0
ASN
#16276 OVH SAS

File type
JSON data\012- , ASCII text, with no line terminators
Size
79 B (79 bytes)
Hash
41a600227c8d0071dbee9c5e71e96a60
e18f5a698a689c9dec4a8774fe2bdeebce0dc059
9b363b3777247dc54e3abb91cbb15d638f87633dd27bee967d104c9dccbd6a52

HTTP Headers

POST /events/ibe/pageReady? HTTP/1.1
Host: quality.seekda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Cache-Control: no-cache
Content-Length: 813
Origin: https://booking.hotelsparerhof.it
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://booking.hotelsparerhof.it
access-control-allow-credentials: true
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
content-type: application/json
date: Mon, 05 Dec 2022 01:11:30 GMT
strict-transport-security: max-age=15768000
set-cookie: VCSADDYFIHLUNGF=cheiG8ch; path=/; HttpOnly; Secure; SameSite=none
X-Firefox-Spdy: h2

res.cloudinary.com/seekda/image/upload/w_768,h_432,c_fill,f_auto,fl_lossy,q_auto/production/S000306/IMG_9051.jpg

151.101.1.137

200 OK

29 kB

URL HTTP/2
res.cloudinary.com/seekda/image/upload/w_768,h_432,c_fill,f_auto,fl_lossy,q_auto/production/S000306/IMG_9051.jpg
IP
151.101.1.137:0
ASN
#54113 FASTLY

File type
RIFF (little-endian) data, Web/P image\012- data
Size
29 kB (28978 bytes)
Hash
78cb532b6ccb0cce8990492f4e3d833e
3c068e0739b71317efb898c7f23a20e8c307ce23
59f45f9c2494eeb06235a4afa194a41ac2118ed55d538275b4cc366cd29eea56

HTTP Headers

GET /seekda/image/upload/w_768,h_432,c_fill,f_auto,fl_lossy,q_auto/production/S000306/IMG_9051.jpg HTTP/1.1
Host: res.cloudinary.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-disposition: inline; filename="IMG_9051.webp"
content-type: image/webp
etag: "78cb532b6ccb0cce8990492f4e3d833e"
last-modified: Tue, 31 May 2022 18:49:42 GMT
date: Mon, 05 Dec 2022 01:11:30 GMT
vary: Save-Data
strict-transport-security: max-age=604800
cache-control: private, no-transform, immutable, max-age=2592000
server-timing: fastly;dur=2;cpu=0;start=2022-12-05T01:11:30.558Z;desc=hit,rtt;dur=8
server: Cloudinary
timing-allow-origin: *
access-control-allow-origin: *
accept-ranges: bytes
x-content-type-options: nosniff
access-control-expose-headers: Content-Length,Content-Disposition,ETag,Server-Timing,Vary,X-Content-Type-Options
content-length: 28978
X-Firefox-Spdy: h2

quality.seekda.com/events/ibe/searchBoxInit?

135.125.240.141

200 OK

252 B

URL HTTP/2
quality.seekda.com/events/ibe/searchBoxInit?
IP
135.125.240.141:0
ASN
#16276 OVH SAS

File type
JSON data\012- data
Size
252 B (252 bytes)
Hash
5f6258ef9c4301d82345ae420f2e367c
1c66ab2395490976d0c2e8705adf98b5fa0d2eed
55a5d54b4a2b5c10ef14f4ac2a8dbce61f426962f0375eaf458f9df2b9507dab

HTTP Headers

POST /events/ibe/searchBoxInit? HTTP/1.1
Host: quality.seekda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Cache-Control: no-cache
Content-Length: 601
Origin: https://booking.hotelsparerhof.it
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://booking.hotelsparerhof.it
access-control-allow-credentials: true
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
content-type: application/json
date: Mon, 05 Dec 2022 01:11:29 GMT
strict-transport-security: max-age=15768000
set-cookie: VCSADDYFIHLUNGF=cheiG8ch; path=/; HttpOnly; Secure; SameSite=none
X-Firefox-Spdy: h2

switch.seekda.com/switch/api/properties/S000306/bookability.json

135.125.240.145

200 OK

3.1 kB

URL HTTP/2
switch.seekda.com/switch/api/properties/S000306/bookability.json
IP
135.125.240.145:0
ASN
#16276 OVH SAS

File type
data
Size
3.1 kB (3057 bytes)
Hash
8f904aeef01a7d9576606003e1211ba2
c3e4426c2bcfe03662a08a44e88d9bcd18bd1df1
3b9e23705f9c4e131e5048f6809a9d91d40744175c04e372427f32387a328b1c

HTTP Headers

GET /switch/api/properties/S000306/bookability.json HTTP/1.1
Host: switch.seekda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Origin: https://booking.hotelsparerhof.it
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
x-robots-tag: noindex
access-control-allow-origin: https://booking.hotelsparerhof.it
access-control-allow-credentials: true
vary: accept-encoding
content-encoding: gzip
content-type: application/json
date: Mon, 05 Dec 2022 01:11:30 GMT
set-cookie: KLJIQWJ38ASK=5ee71ba80beb7e0; path=/; HttpOnly; Secure; SameSite=none
cache-control: private
X-Firefox-Spdy: h2

u.mts-online.com/api/graphql/cm/u1043/1

76.76.21.98

200 OK

163 B

URL HTTP/2
u.mts-online.com/api/graphql/cm/u1043/1
IP
76.76.21.98:0
ASN
#16509 AMAZON-02

File type
JSON data\012- , ASCII text, with no line terminators
Size
163 B (163 bytes)
Hash
3d7b3f9b52468026e05a7fe48c7ebfe7
9129b7605d74fc191eb725d4efc25e6097d6c34a
d383b7c0b0c6b352d2911fc06f0451c7a780d56e9b6e15a2f79afe161b8cb424

HTTP Headers

OPTIONS /api/graphql/cm/u1043/1 HTTP/1.1
Host: u.mts-online.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://booking.hotelsparerhof.it/
Origin: https://booking.hotelsparerhof.it
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-headers: X-Requested-With,Access-Control-Allow-Origin,X-HTTP-Method-Override,Content-Type,Authorization,Accept
access-control-allow-methods: POST,HEAD
access-control-allow-origin: *
access-control-max-age: 86400
cache-control: public, max-age=0, must-revalidate
content-type: application/json; charset=utf-8
date: Mon, 05 Dec 2022 01:11:31 GMT
etag: "a3-kSm3YF10/BketyXU78JeYJfWw0o"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /api/graphql/[source]/[client]/[version]
x-vercel-cache: MISS
x-vercel-id: arn1::fra1::zqxxj-1670202690905-c5e73952a4fc
content-length: 163
X-Firefox-Spdy: h2

quality.seekda.com/events/ibe/viewTrustYouBadge?

135.125.240.141

200 OK

249 B

URL HTTP/2
quality.seekda.com/events/ibe/viewTrustYouBadge?
IP
135.125.240.141:0
ASN
#16276 OVH SAS

File type
JSON data\012- data
Size
249 B (249 bytes)
Hash
1067ecfb911c28bf66ba760df4655f3c
d83e79838d8138be34aad03d3efb95c6bd027ae8
be1adea3d1c203b59d72598d5d4441f09412e682d6b4762f671e7ae17907c484

HTTP Headers

POST /events/ibe/viewTrustYouBadge? HTTP/1.1
Host: quality.seekda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Cache-Control: no-cache
Content-Length: 900
Origin: https://booking.hotelsparerhof.it
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://booking.hotelsparerhof.it
access-control-allow-credentials: true
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
content-type: application/json
date: Mon, 05 Dec 2022 01:11:30 GMT
strict-transport-security: max-age=15768000
set-cookie: VCSADDYFIHLUNGF=thei9zuS; path=/; HttpOnly; Secure; SameSite=none
X-Firefox-Spdy: h2

booking.hotelsparerhof.it/static/trust-you-bubbles.svg

135.125.240.140

200 OK

368 B

URL HTTP/2
booking.hotelsparerhof.it/static/trust-you-bubbles.svg
IP
135.125.240.140:0
ASN
#16276 OVH SAS

File type
SVG Scalable Vector Graphics image\012- , ASCII text
Size
368 B (368 bytes)
Hash
b790689f40532c460fdf8ae0fd23ae53
8ebf475e7ee62602d34c656f6297201cc39fbc5c
fa446de041d2ad8712d9517fd0042b15e74886046b591a999d70e9815133cc0b

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/trust-you-bubbles.svg HTTP/1.1
Host: booking.hotelsparerhof.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: image/avif,image/webp,*/*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/?activeBookingEngine=KBE&propertyCode=S000306&skd-checkin=2022-12-06&skd-checkout=2022-12-07&skd-property-code=S000306
Cookie: BF_QUERYPARAMS={%22skd-checkin%22:%222022-12-06%22%2C%22skd-checkout%22:%222022-12-07%22%2C%22skd-property-code%22:%22S000306%22}
Sec-Fetch-Dest: image
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 01:11:31 GMT
content-type: image/svg+xml
content-length: 368
last-modified: Tue, 03 May 2022 12:24:30 GMT
etag: "62711efe-170"
access-control-allow-origin: *
accept-ranges: bytes
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

apm-server.seekda.com/intake/v2/rum/events

135.125.240.139

200 OK

0 B

URL HTTP/2
apm-server.seekda.com/intake/v2/rum/events
IP
135.125.240.139:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

OPTIONS /intake/v2/rum/events HTTP/1.1
Host: apm-server.seekda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://booking.hotelsparerhof.it/
Origin: https://booking.hotelsparerhof.it
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
access-control-allow-headers: Content-Type, Content-Encoding, Accept
access-control-allow-methods: POST, OPTIONS
access-control-allow-origin: https://booking.hotelsparerhof.it
access-control-expose-headers: Etag
access-control-max-age: 3600
content-length: 0
vary: Origin
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 01:11:32 GMT
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

apm-server.seekda.com/intake/v2/rum/events

135.125.240.139

202 Accepted

0 B

URL HTTP/2
apm-server.seekda.com/intake/v2/rum/events
IP
135.125.240.139:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash
d41d8cd98f00b204e9800998ecf8427e
da39a3ee5e6b4b0d3255bfef95601890afd80709
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

HTTP Headers

POST /intake/v2/rum/events HTTP/1.1
Host: apm-server.seekda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/x-ndjson
Content-Length: 41864
Origin: https://booking.hotelsparerhof.it
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 202 Accepted
access-control-allow-origin: https://booking.hotelsparerhof.it
x-content-type-options: nosniff
date: Mon, 05 Dec 2022 01:11:32 GMT
content-length: 0
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

quality.seekda.com/events/ibe/pageLoaded?

135.125.240.141

200 OK

79 B

URL HTTP/2
quality.seekda.com/events/ibe/pageLoaded?
IP
135.125.240.141:0
ASN
#16276 OVH SAS

File type
JSON data\012- , ASCII text, with no line terminators
Size
79 B (79 bytes)
Hash
41a600227c8d0071dbee9c5e71e96a60
e18f5a698a689c9dec4a8774fe2bdeebce0dc059
9b363b3777247dc54e3abb91cbb15d638f87633dd27bee967d104c9dccbd6a52

HTTP Headers

POST /events/ibe/pageLoaded? HTTP/1.1
Host: quality.seekda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Cache-Control: no-cache
Content-Length: 618
Origin: https://booking.hotelsparerhof.it
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://booking.hotelsparerhof.it
access-control-allow-credentials: true
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
content-type: application/json
date: Mon, 05 Dec 2022 01:11:29 GMT
strict-transport-security: max-age=15768000
set-cookie: VCSADDYFIHLUNGF=thei9zuS; path=/; HttpOnly; Secure; SameSite=none
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/_next/static/chunks/804-13fd754e32aa16c3.js

54.230.245.158

200 OK

0 B

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/804-13fd754e32aa16c3.js
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/804-13fd754e32aa16c3.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Wed, 07 Sep 2022 13:23:58 GMT
etag: W/"63189b6e-7319"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: N2tYtEkTgIyFxd2VxB--qP29MPa5ik-wtgWNFe7buOVV3I6LqzL29g==
age: 1683444
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/_next/static/chunks/818-2d46f7d1223300d3.js

54.230.245.158

200 OK

0 B

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/818-2d46f7d1223300d3.js
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/818-2d46f7d1223300d3.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 15:47:45 GMT
last-modified: Mon, 28 Nov 2022 15:47:13 GMT
etag: W/"6384d801-5d13a"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vy2xGltlLcfipdsVZZQ6RRtwHOX7z1uCJlJrelwgaBcqteJth1a2Qg==
age: 552222
X-Firefox-Spdy: h2

hbe-api.kognitiv.com/banners

135.125.240.149

200 OK

0 B

URL HTTP/2
hbe-api.kognitiv.com/banners
IP
135.125.240.149:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

OPTIONS /banners HTTP/1.1
Host: hbe-api.kognitiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://booking.hotelsparerhof.it/
Origin: https://booking.hotelsparerhof.it
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
status: 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://booking.hotelsparerhof.it
vary: Origin
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: content-type
date: Mon, 05 Dec 2022 01:11:29 GMT
set-cookie: MGLH51CKJDVB=HBE7KSGFADL4; path=/; HttpOnly; Secure
cache-control: private
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/_next/static/chunks/234-5f3fb97a1b4a275f.js

54.230.245.158

200 OK

0 B

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/234-5f3fb97a1b4a275f.js
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/234-5f3fb97a1b4a275f.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 14:08:22 GMT
last-modified: Tue, 15 Nov 2022 14:07:29 GMT
etag: W/"63739d21-70cc"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: IBNi-5ZJJjrULJ4JLzB-VqApBupKHoFf8qKJdZs_xpa7qJEDR2e9Fg==
age: 1681385
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/_next/static/chunks/38-7f41f4a9e2fe47a2.js

54.230.245.158

200 OK

0 B

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/38-7f41f4a9e2fe47a2.js
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/38-7f41f4a9e2fe47a2.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Tue, 27 Sep 2022 13:45:54 GMT
etag: W/"6332fe92-2832"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: NU75siiRh4731ZQLBmM_LJHOxqyWWEZdAt3I_GwbxrBrZUzR6o_JEg==
age: 1683444
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/_next/static/chunks/928-20b3fd6334a5c778.js

54.230.245.158

200 OK

0 B

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/928-20b3fd6334a5c778.js
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/928-20b3fd6334a5c778.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 15:47:45 GMT
last-modified: Mon, 28 Nov 2022 15:47:13 GMT
etag: W/"6384d801-12605"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: cWR6RfRWIJiyRAJJ7ZQ-H9XBdHeXZ6tWfzeUmKNR756_KQSU2yrtxA==
age: 552222
X-Firefox-Spdy: h2

quality.seekda.com/events/ibe/viewOffers?

135.125.240.141

200 OK

0 B

URL HTTP/2
quality.seekda.com/events/ibe/viewOffers?
IP
135.125.240.141:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /events/ibe/viewOffers? HTTP/1.1
Host: quality.seekda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Cache-Control: no-cache
Content-Length: 1565
Origin: https://booking.hotelsparerhof.it
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
vary: Origin, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-origin: https://booking.hotelsparerhof.it
access-control-allow-credentials: true
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: 0
x-frame-options: DENY
content-type: application/json
date: Mon, 05 Dec 2022 01:11:30 GMT
strict-transport-security: max-age=15768000
set-cookie: VCSADDYFIHLUNGF=thei9zuS; path=/; HttpOnly; Secure; SameSite=none
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/_next/static/chunks/framework-4774102d6f75bb1e.js

54.230.245.158

200 OK

0 B

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/framework-4774102d6f75bb1e.js
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/framework-4774102d6f75bb1e.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Tue, 03 May 2022 12:24:17 GMT
etag: W/"62711ef1-2640a"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: WRMUc2PAffuImjx5xtUHJXv0x9u2Xlbs3TbKUpoVu3W-ZQpcnFhUlQ==
age: 1683444
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/_next/static/chunks/55ba302e-56c033a647309a77.js

54.230.245.158

200 OK

0 B

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/55ba302e-56c033a647309a77.js
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/55ba302e-56c033a647309a77.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Mon, 14 Nov 2022 12:48:16 GMT
etag: W/"63723910-100e3"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 3qk2-arbdx0hnJtLN3iEDyvhdxnekz_QZVohOhhrQB9tOn0FK_FpEQ==
age: 1683444
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/_next/static/chunks/pages/_app-064f454970a46d93.js

54.230.245.158

200 OK

0 B

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/pages/_app-064f454970a46d93.js
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/pages/_app-064f454970a46d93.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 15:47:45 GMT
last-modified: Mon, 28 Nov 2022 15:47:13 GMT
etag: W/"6384d801-1b79e9"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: lrA9nwvnSXpJK94XTxjhoX5JAfvsBFSAOgdSkoHDooLl5dG1ehkqaQ==
age: 552222
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/_next/static/chunks/364-89bf8dd5b58b10a4.js

54.230.245.158

200 OK

0 B

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/364-89bf8dd5b58b10a4.js
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/364-89bf8dd5b58b10a4.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 15:47:45 GMT
last-modified: Mon, 28 Nov 2022 15:47:03 GMT
etag: W/"6384d7f7-2236"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: uupA87VVS_8VT2hhe0KRsQ-dMohAT5y_UtC_IsPfviM8FKqfOn8YZw==
age: 552222
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/_next/static/chunks/c0a33b72-efbe3e99c4b6522e.js

54.230.245.158

200 OK

0 B

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/c0a33b72-efbe3e99c4b6522e.js
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/c0a33b72-efbe3e99c4b6522e.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Tue, 03 May 2022 12:24:17 GMT
etag: W/"62711ef1-4c0a4"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: Fh40v3MzA_9JykF5zR7cnQ16naeDDmKaF05-W8jg3-JzQ_iDQ6TF4A==
age: 1683444
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/_next/static/chunks/433-a2824426e6ccb54e.js

54.230.245.158

200 OK

0 B

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/433-a2824426e6ccb54e.js
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/433-a2824426e6ccb54e.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Mon, 14 Nov 2022 12:48:39 GMT
etag: W/"63723927-42f15"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: OrauNwBfq9Cc-lBpGnW6rvpwLNm5ZjKwMsqDbFecp3jZMiOhWWM3kQ==
age: 1683444
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/_next/static/chunks/695-5ea418b3362d2010.js

54.230.245.158

200 OK

0 B

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/695-5ea418b3362d2010.js
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/695-5ea418b3362d2010.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Wed, 07 Sep 2022 13:23:58 GMT
etag: W/"63189b6e-fd62"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: gk31EsQtD9LAgqK9EZnI7_TNbdede5b1FFuhl1FsmoAHHjuuvtgepA==
age: 1683444
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/_next/static/chunks/956-9885616c4f0e27cf.js

54.230.245.158

200 OK

0 B

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/956-9885616c4f0e27cf.js
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/956-9885616c4f0e27cf.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Mon, 14 Nov 2022 12:48:16 GMT
etag: W/"63723910-1052d"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: UuO5N3RpRfGkK00RVZI9Bcj0AoU_KKmf8EKakyotm-gAcO25ap6mew==
age: 1683444
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/static/scripts/elastic-apm-rum.umd.min.js?checksum=e93c8d4d150530d83ee4ee385157b262

54.230.245.158

200 OK

0 B

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/static/scripts/elastic-apm-rum.umd.min.js?checksum=e93c8d4d150530d83ee4ee385157b262
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /static/scripts/elastic-apm-rum.umd.min.js?checksum=e93c8d4d150530d83ee4ee385157b262 HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
last-modified: Wed, 11 May 2022 16:35:36 GMT
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=15768000
date: Sun, 04 Dec 2022 11:44:04 GMT
etag: W/"627be5d8-f0b3"
vary: Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kEFy8lrvBLgq1xgyD7vY1jQJLPeM9CBS_ug2aQ1LVBIpSgVjtWNmZQ==
age: 48443
X-Firefox-Spdy: h2

hbe-api.kognitiv.com/banners

135.125.240.149

200 OK

0 B

URL HTTP/2
hbe-api.kognitiv.com/banners
IP
135.125.240.149:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /banners HTTP/1.1
Host: hbe-api.kognitiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: application/json, text/plain, */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Content-Type: application/json
Content-Length: 185
Origin: https://booking.hotelsparerhof.it
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/json; charset=utf-8
status: 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://booking.hotelsparerhof.it
vary: Accept-Encoding, Origin, Accept-Encoding
date: Mon, 05 Dec 2022 01:11:30 GMT
etag: W/"24c-Re2c59UxBOnt0cl0JuZXApBkUJ4"
content-encoding: gzip
set-cookie: MGLH51CKJDVB=VEI1698VEKLN9; path=/; HttpOnly; Secure
X-Firefox-Spdy: h2

booking.hotelsparerhof.it/static/bookingFlowCustomTracking.js

135.125.240.140

200 OK

0 B

URL HTTP/2
booking.hotelsparerhof.it/static/bookingFlowCustomTracking.js
IP
135.125.240.140:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET /static/bookingFlowCustomTracking.js HTTP/1.1
Host: booking.hotelsparerhof.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: same-origin
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 01:11:27 GMT
content-type: application/javascript
last-modified: Tue, 03 May 2022 12:24:30 GMT
vary: Accept-Encoding, Accept-Encoding
etag: W/"62711efe-11c"
access-control-allow-origin: *
content-encoding: gzip
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/_next/static/chunks/0b7b90cd-2a28d1759dacf41f.js

54.230.245.158

200 OK

0 B

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/0b7b90cd-2a28d1759dacf41f.js
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/0b7b90cd-2a28d1759dacf41f.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Tue, 03 May 2022 12:24:17 GMT
etag: W/"62711ef1-22c77"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: ge8QXjUl4-3ug9i_05EEF6Hw6XGOgYXwsbCBtTsxwWcnXECOd9tsDg==
age: 1683444
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/_next/static/chunks/648-b7d007e5ee685d28.js

54.230.245.158

200 OK

0 B

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/648-b7d007e5ee685d28.js
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/648-b7d007e5ee685d28.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 15:47:45 GMT
last-modified: Mon, 28 Nov 2022 15:47:03 GMT
etag: W/"6384d7f7-3b3e0"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: PhkllDaHElR05VGld8QUsyGyKaf1XxpEo7IN4Fcogv2gsTM1X6vhDA==
age: 552222
X-Firefox-Spdy: h2

ibe.seekda.com/dsr/S000306/attribution?callback=skdtracking1670202686922399&cookie-enabled=true

135.125.240.149

200 OK

0 B

URL HTTP/2
ibe.seekda.com/dsr/S000306/attribution?callback=skdtracking1670202686922399&cookie-enabled=true
IP
135.125.240.149:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /dsr/S000306/attribution?callback=skdtracking1670202686922399&cookie-enabled=true HTTP/1.1
Host: ibe.seekda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
server: Apache-Coyote/1.1
content-type: application/javascript;charset=ISO-8859-1
content-encoding: gzip
vary: Accept-Encoding
date: Mon, 05 Dec 2022 01:11:29 GMT
set-cookie: ULTZCTLUCKO67=qwiuxs88; path=/; HttpOnly; Secure
cache-control: private
X-Firefox-Spdy: h2

hbe-api.kognitiv.com/offers

135.125.240.149

200 OK

0 B

URL HTTP/2
hbe-api.kognitiv.com/offers
IP
135.125.240.149:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

OPTIONS /offers HTTP/1.1
Host: hbe-api.kognitiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://booking.hotelsparerhof.it/
Origin: https://booking.hotelsparerhof.it
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
status: 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://booking.hotelsparerhof.it
vary: Origin
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: content-type
date: Mon, 05 Dec 2022 01:11:29 GMT
set-cookie: MGLH51CKJDVB=HBE7KSGFADL4; path=/; HttpOnly; Secure
cache-control: private
X-Firefox-Spdy: h2

u.mts-online.com/api/graphql/cm/u1043/1

76.76.21.98

200 OK

0 B

URL HTTP/2
u.mts-online.com/api/graphql/cm/u1043/1
IP
76.76.21.98:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

POST /api/graphql/cm/u1043/1 HTTP/1.1
Host: u.mts-online.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Referer: https://booking.hotelsparerhof.it/
Content-Type: application/json
Origin: https://booking.hotelsparerhof.it
Content-Length: 670
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
access-control-allow-credentials: true
access-control-allow-origin: *
cache-control: public, max-age=0, must-revalidate
content-encoding: br
content-type: application/json; charset=utf-8
date: Mon, 05 Dec 2022 01:11:31 GMT
etag: W/"b04-+5TSmdWF/GQ9TKWuXNjL1Ui3Rlc"
server: Vercel
strict-transport-security: max-age=63072000
x-matched-path: /api/graphql/[source]/[client]/[version]
x-vercel-cache: MISS
x-vercel-id: arn1::fra1::zqxxj-1670202691041-ec0eb9c3e6b5
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/_next/static/chunks/d099b070-221cabf5ffd73869.js

54.230.245.158

200 OK

0 B

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/d099b070-221cabf5ffd73869.js
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/d099b070-221cabf5ffd73869.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Wed, 27 Jul 2022 15:16:14 GMT
etag: W/"62e156be-11876"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: K2o4gohmI3cWQlb1LTwe58MHfFGEj94ZcgGZuXrBBAYLzDpH1BlAYg==
age: 1683444
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/_next/static/ehIawmgvLPiidfXQEXmP0/_middlewareManifest.js

54.230.245.158

200 OK

0 B

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/_next/static/ehIawmgvLPiidfXQEXmP0/_middlewareManifest.js
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/ehIawmgvLPiidfXQEXmP0/_middlewareManifest.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 16:02:09 GMT
last-modified: Mon, 28 Nov 2022 16:01:42 GMT
etag: W/"6384db66-5c"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: kxDaC3pmgBvVs1uzPIYQr1i-l5jqk5RojFb69bJ5S2UUmlzxjp5drg==
age: 551358
X-Firefox-Spdy: h2

static.seekda.com/widgets/tracking-api/js/tracking-api.min.js?R9f343f5a1880f9815284e9ef9423a193ba6976d2

135.125.240.147

200 OK

0 B

URL HTTP/2
static.seekda.com/widgets/tracking-api/js/tracking-api.min.js?R9f343f5a1880f9815284e9ef9423a193ba6976d2
IP
135.125.240.147:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /widgets/tracking-api/js/tracking-api.min.js?R9f343f5a1880f9815284e9ef9423a193ba6976d2 HTTP/1.1
Host: static.seekda.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
date: Mon, 05 Dec 2022 01:11:29 GMT
content-type: application/javascript
content-security-policy: block-all-mixed-content
etag: W/"3868633285d5ac63f9bd0ba84f051796"
last-modified: Thu, 13 Oct 2022 12:11:40 GMT
vary: Accept-Encoding, Origin, Accept-Encoding
x-amz-replication-status: COMPLETED
x-amz-request-id: 172DC07F2FB900B6
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
x-amz-version-id: 01da0275-ff14-45b1-acdb-50ac57ea90aa
content-encoding: gzip
strict-transport-security: max-age=15768000
server: Kognitiv
set-cookie: WEIU3SASDIO=5e60c02c30b5580; path=/; HttpOnly; Secure; SameSite=none
cache-control: max-age=43200, private
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/_next/static/chunks/979-fc9d9c0ee5b8eeaa.js

54.230.245.158

200 OK

0 B

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/979-fc9d9c0ee5b8eeaa.js
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/979-fc9d9c0ee5b8eeaa.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Wed, 07 Sep 2022 13:23:35 GMT
etag: W/"63189b57-7ff8"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: C1xiWgz8cpM-3UUtdyO5r6mG7nBGefjwxNHmsjT4Cs8zejcOAWrGhQ==
age: 1683444
X-Firefox-Spdy: h2

hbe-api.kognitiv.com/unavailable-days

135.125.240.149

200 OK

0 B

URL HTTP/2
hbe-api.kognitiv.com/unavailable-days
IP
135.125.240.149:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

OPTIONS /unavailable-days HTTP/1.1
Host: hbe-api.kognitiv.com
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Access-Control-Request-Method: POST
Access-Control-Request-Headers: content-type
Referer: https://booking.hotelsparerhof.it/
Origin: https://booking.hotelsparerhof.it
Connection: keep-alive
Sec-Fetch-Dest: empty
Sec-Fetch-Mode: cors
Sec-Fetch-Site: cross-site

HTTP/2 200 OK
status: 200 OK
access-control-allow-credentials: true
access-control-allow-origin: https://booking.hotelsparerhof.it
vary: Origin
access-control-allow-methods: GET,HEAD,PUT,PATCH,POST,DELETE
access-control-allow-headers: content-type
date: Mon, 05 Dec 2022 01:11:29 GMT
set-cookie: MGLH51CKJDVB=VEI1698VEKLN9; path=/; HttpOnly; Secure
cache-control: private
X-Firefox-Spdy: h2

booking.hotelsparerhof.it/

135.125.240.140

200 OK

0 B

URL HTTP/2
booking.hotelsparerhof.it/
IP
135.125.240.140:0
ASN
#16276 OVH SAS

File type

Size
0 B (0 bytes)
Hash

Detections

Analyzer	Verdict	Alert
fortinet	Phishing

HTTP Headers

GET / HTTP/1.1
Host: booking.hotelsparerhof.it
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,*/*;q=0.8
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Upgrade-Insecure-Requests: 1
Sec-Fetch-Dest: document
Sec-Fetch-Mode: navigate
Sec-Fetch-Site: none
Sec-Fetch-User: ?1

HTTP/2 200 OK
date: Mon, 05 Dec 2022 01:11:27 GMT
content-type: text/html; charset=utf-8
status: 200 OK
cache-control: private, no-cache, no-store, max-age=0, must-revalidate
vary: Accept-Encoding
content-encoding: gzip
etag: "37e11-SvgXkryz7SkZGx1AnrYDQ1SQeI4"
x-frame-options: SAMEORIGIN
content-security-policy: frame-ancestors 'self' *.kognitiv.com
strict-transport-security: max-age=15768000
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/_next/static/chunks/main-1f7489bfb2b58832.js

54.230.245.158

200 OK

0 B

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/main-1f7489bfb2b58832.js
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/main-1f7489bfb2b58832.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Tue, 27 Sep 2022 13:45:30 GMT
etag: W/"6332fe7a-23bda"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: LQU4Xj73koO1DQaZbTfWzzx9f1G6iarLR24bGW6wUH0f6ImdXArfcg==
age: 1683444
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/_next/static/chunks/333-f51e7b20f7750937.js

54.230.245.158

200 OK

0 B

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/333-f51e7b20f7750937.js
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/333-f51e7b20f7750937.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 15:47:45 GMT
last-modified: Mon, 28 Nov 2022 15:47:03 GMT
etag: W/"6384d7f7-324cb"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: EDDlAwdUR7R_LsakvL9IABweHqi7vAadGm-dNokos0ZnpVusivLl0g==
age: 552222
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/_next/static/chunks/302-7b32094aede33cd2.js

54.230.245.158

200 OK

0 B

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/302-7b32094aede33cd2.js
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/302-7b32094aede33cd2.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Mon, 14 Nov 2022 12:48:16 GMT
etag: W/"63723910-52fd"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: 35zry9JvnUI_k-IDhqcygi4gFJL305CfrTDniBVIBxg2Vxz9NDQ3lQ==
age: 1683444
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/_next/static/ehIawmgvLPiidfXQEXmP0/_ssgManifest.js

54.230.245.158

200 OK

0 B

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/_next/static/ehIawmgvLPiidfXQEXmP0/_ssgManifest.js
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/ehIawmgvLPiidfXQEXmP0/_ssgManifest.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 16:02:09 GMT
last-modified: Mon, 28 Nov 2022 16:01:42 GMT
etag: W/"6384db66-4d"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: vGBRVxQSBFVid3pcA2nPKFM7jC_lKfYHklLNrMXH7ZZP2Y9gOLU9Nw==
age: 551358
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/_next/static/chunks/373-95390337f262d59f.js

54.230.245.158

200 OK

0 B

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/373-95390337f262d59f.js
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/373-95390337f262d59f.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Mon, 14 Nov 2022 12:48:16 GMT
etag: W/"63723910-c616"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: xPTZCg-HVC3hsS5eBnfDz3UrH98T7aa3dT0U6NNjbEhyxv7Y1LDs1A==
age: 1683444
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/_next/static/chunks/99d407f1-740efc49d6ddee4e.js

54.230.245.158

200 OK

0 B

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/99d407f1-740efc49d6ddee4e.js
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/99d407f1-740efc49d6ddee4e.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Mon, 28 Nov 2022 15:47:45 GMT
last-modified: Mon, 28 Nov 2022 15:47:03 GMT
etag: W/"6384d7f7-5dc71"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: yElBXK3zjbh83uaxFdI0z4qSzLP-5fgx5Nhz8imredqEAp_G0Dfyvw==
age: 552222
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/_next/static/chunks/7e0f675c-7628088f2378fdb4.js

54.230.245.158

200 OK

0 B

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/7e0f675c-7628088f2378fdb4.js
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/7e0f675c-7628088f2378fdb4.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Tue, 27 Sep 2022 13:45:30 GMT
etag: W/"6332fe7a-cabd"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: DWB9yXtpjkikkQiSqbfEGkL0GN0qoU80PNgETx8R4N30n2lDzEvnuA==
age: 1683444
X-Firefox-Spdy: h2

d2jtzd336hs8un.cloudfront.net/_next/static/chunks/659-a75792a0129c3b75.js

54.230.245.158

200 OK

0 B

URL HTTP/2
d2jtzd336hs8un.cloudfront.net/_next/static/chunks/659-a75792a0129c3b75.js
IP
54.230.245.158:0
ASN
#16509 AMAZON-02

File type

Size
0 B (0 bytes)
Hash

HTTP Headers

GET /_next/static/chunks/659-a75792a0129c3b75.js HTTP/1.1
Host: d2jtzd336hs8un.cloudfront.net
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:105.0) Gecko/20100101 Firefox/105.0
Accept: */*
Accept-Language: en-US,en;q=0.5
Accept-Encoding: gzip, deflate, br
Connection: keep-alive
Referer: https://booking.hotelsparerhof.it/
Sec-Fetch-Dest: script
Sec-Fetch-Mode: no-cors
Sec-Fetch-Site: cross-site
TE: trailers

HTTP/2 200 OK
content-type: application/javascript
date: Tue, 15 Nov 2022 13:34:03 GMT
last-modified: Mon, 14 Nov 2022 12:48:39 GMT
etag: W/"63723927-42543"
access-control-allow-origin: *
cache-control: public, max-age=31536000, immutable
strict-transport-security: max-age=31536000
content-encoding: gzip
vary: Accept-Encoding,Accept-Encoding
x-cache: Hit from cloudfront
via: 1.1 07d5d44815808d5d5a6f43984a987698.cloudfront.net (CloudFront)
x-amz-cf-pop: OSL50-P1
x-amz-cf-id: j8xisypakwC2Urn98fnudMkGZo75Ike8HsClWQWI10tCQ9JrHhkbCw==
age: 1683444
X-Firefox-Spdy: h2

Report Overview

Submitted URL

IP

ASN

Submitted

Access

Website Title

Final URL

Tags

urlquery detections

Detections

urlquery

Network Intrusion Detection

Threat Detection Systems

Domain Summary

Related reports

Network Intrusion Detection Systems

Suricata /w Emerging Threats Pro

Threat Detection Systems

OpenPhish

PhishTank

Fortinet's Web Filter

mnemonic secure dns

Quad9 DNS

JavaScript (43)

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations

Hash

URL

IP

ASN

Introduced by

Embedded in HTML

Observations